Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/P1PPxJKJvcVWj4wZUdazuOzBw4Q.roa
File: P1PPxJKJvcVWj4wZUdazuOzBw4Q.roa (raw, json)
Hash identifier: HnwzMbfg3535mDnah1e/JlAfCR0Kk2ea4N+rWTnPdJY=
Subject key identifier: 3F:53:CF:C4:92:89:BD:C5:56:8F:8C:19:51:D6:B3:B8:EC:C1:C3:84
Certificate issuer: /CN=d673d849b7d5047376d57e6f796f0018b70b4506
Certificate serial: 019423698C92951C01F512AFC0FAF0EC8A0C
Authority key identifier: D6:73:D8:49:B7:D5:04:73:76:D5:7E:6F:79:6F:00:18:B7:0B:45:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1nPYSbfVBHN21X5veW8AGLcLRQY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/P1PPxJKJvcVWj4wZUdazuOzBw4Q.roa
Signing time: Wed 01 Jan 2025 19:48:27 +0000
ROA not before: Wed 01 Jan 2025 19:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216441
IP address blocks: 2a04:9307::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/1nPYSbfVBHN21X5veW8AGLcLRQY.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/1nPYSbfVBHN21X5veW8AGLcLRQY.mft
rsync://rpki.ripe.net/repository/DEFAULT/1nPYSbfVBHN21X5veW8AGLcLRQY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 07:01:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:8c:92:95:1c:01:f5:12:af:c0:fa:f0:ec:8a:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d673d849b7d5047376d57e6f796f0018b70b4506
Validity
Not Before: Jan 1 19:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3f53cfc49289bdc5568f8c1951d6b3b8ecc1c384
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:b3:21:fa:4b:70:fd:91:32:49:7c:6a:b2:48:
1d:83:6b:df:ec:a2:ac:7c:ba:ad:dd:3e:94:47:e7:
dc:0a:9d:a6:9a:e0:5b:5a:cf:4b:ec:e8:22:2a:59:
3c:26:bc:b1:ec:d4:4c:7a:13:a3:d3:3d:93:63:b4:
72:25:ce:33:d2:69:51:ba:19:96:35:27:1a:1c:ee:
f5:cc:2b:a7:22:34:d5:02:40:02:2e:b2:3f:3a:4e:
aa:28:65:d1:49:d8:8f:ff:e6:eb:55:bd:71:5e:da:
a1:73:b5:d7:c6:e7:ed:95:29:a1:f9:3c:bc:e3:a1:
6c:8a:a9:38:be:b5:b0:a6:09:fc:0b:4e:39:f9:00:
99:b2:9d:8d:40:f9:27:d4:21:a5:f8:7f:42:39:36:
1e:ea:fd:6d:a3:ae:5a:a0:6f:ea:5a:29:28:a0:e8:
ba:f6:22:6e:67:29:a0:66:c6:19:db:d3:80:02:7e:
2d:61:70:91:2c:b2:02:3b:22:83:b4:a5:2a:12:e0:
c0:6a:b2:f3:f1:42:99:06:96:f0:db:9a:23:ef:1a:
4e:f1:4e:c4:44:e1:08:eb:6b:22:06:e4:50:89:69:
17:9f:54:c4:35:56:5f:7a:98:41:9d:1f:5c:95:56:
c4:d8:39:3f:f3:ce:43:89:40:6d:df:40:b5:af:f8:
7c:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:53:CF:C4:92:89:BD:C5:56:8F:8C:19:51:D6:B3:B8:EC:C1:C3:84
X509v3 Authority Key Identifier:
keyid:D6:73:D8:49:B7:D5:04:73:76:D5:7E:6F:79:6F:00:18:B7:0B:45:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1nPYSbfVBHN21X5veW8AGLcLRQY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/P1PPxJKJvcVWj4wZUdazuOzBw4Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/1nPYSbfVBHN21X5veW8AGLcLRQY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:9307::/44
Signature Algorithm: sha256WithRSAEncryption
df:91:7f:bc:e8:c2:25:e5:d3:f7:be:85:ea:58:a3:21:b7:e2:
64:07:67:53:b9:69:11:a0:64:d9:ea:0d:15:84:c7:38:02:0d:
6b:db:40:ea:88:54:90:62:66:5d:92:b1:56:80:b9:8a:10:2c:
ca:23:9a:90:b8:1e:44:1e:5f:e9:98:10:1f:64:1e:51:64:5a:
e0:c5:bf:e3:3e:15:00:e4:27:f4:3c:41:b5:ea:b5:c0:05:53:
8b:6f:79:78:8f:ab:93:cb:80:7b:4e:a0:63:ba:d2:7c:2e:ec:
43:48:4a:2a:c1:cb:59:46:7c:ea:22:71:2f:fd:f5:f3:3c:cc:
33:3c:5b:5a:fa:c9:2f:98:77:3f:06:ca:9b:ed:95:9d:0c:0c:
61:87:92:e9:36:19:fc:10:7d:9b:a5:bb:1e:8d:4e:f8:8f:8a:
fa:68:f7:98:da:c0:63:a2:86:08:11:c8:87:eb:52:e8:26:3b:
a6:a3:27:28:a3:82:1c:eb:2b:23:0a:3c:f6:a9:9e:a6:c1:7e:
e5:4b:4e:03:9c:ad:eb:bb:56:63:24:38:d5:20:0a:d2:6b:15:
87:62:38:d2:7a:3a:70:9b:6c:7f:c1:db:9b:13:26:e2:fa:8c:
e9:1d:a4:85:db:e4:93:3e:0b:1f:94:0c:4b:0e:b2:fe:a3:d9:
87:66:37:1e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQjaYySlRwB9RKvwPrw7IoMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2NzNkODQ5YjdkNTA0NzM3NmQ1N2U2Zjc5NmYwMDE4Yjcw
YjQ1MDYwHhcNMjUwMTAxMTk0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjUzY2ZjNDkyODliZGM1NTY4ZjhjMTk1MWQ2YjNiOGVjYzFjMzg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLMh+ktw/ZEySXxqskgdg2vf7KKs
fLqt3T6UR+fcCp2mmuBbWs9L7OgiKlk8Jryx7NRMehOj0z2TY7RyJc4z0mlRuhmW
NScaHO71zCunIjTVAkACLrI/Ok6qKGXRSdiP/+brVb1xXtqhc7XXxuftlSmh+Ty8
46Fsiqk4vrWwpgn8C045+QCZsp2NQPkn1CGl+H9COTYe6v1to65aoG/qWikooOi6
9iJuZymgZsYZ29OAAn4tYXCRLLICOyKDtKUqEuDAarLz8UKZBpbw25oj7xpO8U7E
ROEI62siBuRQiWkXn1TENVZfephBnR9clVbE2Dk/885DiUBt30C1r/h8mwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFD9Tz8SSib3FVo+MGVHWs7jswcOEMB8GA1UdIwQY
MBaAFNZz2Em31QRzdtV+b3lvABi3C0UGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMW5QWVNiZlZCSE4yMVg1dmVXOEFHTGNMUlFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8yZWNlNjItMWQ4Yy00NTBjLTkxZTgt
OGVlYjc1N2NmNTQ1LzEvUDFQUHhKS0p2Y1ZXajR3WlVkYXp1T3pCdzRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8yZWNlNjItMWQ4Yy00NTBjLTkxZTgtOGVlYjc1N2NmNTQ1
LzEvMW5QWVNiZlZCSE4yMVg1dmVXOEFHTGNMUlFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgSTBwAA
MA0GCSqGSIb3DQEBCwUAA4IBAQDfkX+86MIl5dP3voXqWKMht+JkB2dTuWkRoGTZ
6g0VhMc4Ag1r20DqiFSQYmZdkrFWgLmKECzKI5qQuB5EHl/pmBAfZB5RZFrgxb/j
PhUA5Cf0PEG16rXABVOLb3l4j6uTy4B7TqBjutJ8LuxDSEoqwctZRnzqInEv/fXz
PMwzPFta+skvmHc/Bsqb7ZWdDAxhh5LpNhn8EH2bpbsejU74j4r6aPeY2sBjooYI
EciH61LoJjumoycoo4Ic6ysjCjz2qZ6mwX7lS04DnK3ru1ZjJDjVIArSaxWHYjjS
ejpwm2x/wdubEybi+ozpHaSF2+STPgsflAxLDrL+o9mHZjce
-----END CERTIFICATE-----
Generated at Sun Feb 2 16:06:16 2025 by rpki-client