Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/O-M6ClslSexC7lJWfGS_7TapPrE.roa
File: O-M6ClslSexC7lJWfGS_7TapPrE.roa (raw, json)
Hash identifier: UbEzBYKAmAJYWF+q7Haf+alEggZqfOCWZlk+YUeZlWE=
Subject key identifier: 3B:E3:3A:0A:5B:25:49:EC:42:EE:52:56:7C:64:BF:ED:36:A9:3E:B1
Certificate issuer: /CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Certificate serial: 019425FDD8C0A70DAEFF3D6884C67D26E146
Authority key identifier: B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/O-M6ClslSexC7lJWfGS_7TapPrE.roa
Signing time: Thu 02 Jan 2025 07:49:40 +0000
ROA not before: Thu 02 Jan 2025 07:49:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 36832
IP address blocks: 2a0a:79c7:fc00::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:d8:c0:a7:0d:ae:ff:3d:68:84:c6:7d:26:e1:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Validity
Not Before: Jan 2 07:49:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3be33a0a5b2549ec42ee52567c64bfed36a93eb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:1c:03:22:8b:c3:80:1f:7b:80:9f:1c:21:26:
08:42:e6:51:65:80:07:30:f7:21:85:4a:e6:44:10:
13:ce:f1:58:19:21:37:99:05:88:f8:75:9f:e9:8d:
c0:af:51:8c:e8:4b:78:f8:a6:a0:4c:d1:f9:c9:f2:
c2:1a:a6:4d:ea:36:6d:55:21:55:cb:63:bd:87:35:
5c:1e:b8:90:41:94:c4:a6:5d:86:4a:f7:60:df:fc:
1a:5d:cf:37:27:24:f3:57:08:0b:0c:72:60:e1:29:
47:ec:ae:98:7a:6e:c8:91:61:af:ad:3b:ef:93:fa:
5f:9d:d7:46:f1:fb:0f:a6:f6:ae:3e:ed:ce:74:68:
54:bf:45:0f:1b:27:75:84:b7:b8:66:7a:9f:25:25:
f2:a4:cf:35:39:55:63:01:73:52:e2:1a:bb:2d:db:
c2:d1:82:df:44:89:e8:dc:c1:1b:bc:12:6e:0c:9b:
7c:37:45:dd:49:4b:65:7f:9c:0a:44:88:50:ca:5d:
88:2b:01:4b:8a:02:da:06:b7:23:0a:c0:53:6a:9a:
9f:9c:09:e1:c7:de:3c:8f:5b:ad:bf:a3:16:11:72:
18:07:9f:2a:30:f4:f4:d6:e8:46:57:6d:9a:a1:78:
ef:5a:04:66:d8:6c:17:6f:d0:4e:87:b7:f8:c3:d6:
16:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:E3:3A:0A:5B:25:49:EC:42:EE:52:56:7C:64:BF:ED:36:A9:3E:B1
X509v3 Authority Key Identifier:
keyid:B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/O-M6ClslSexC7lJWfGS_7TapPrE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:79c7:fc00::/40
Signature Algorithm: sha256WithRSAEncryption
28:05:72:cd:15:51:2b:09:83:36:2a:71:2e:60:12:df:90:7e:
ee:77:9e:55:a4:f8:b2:24:7b:ff:28:d3:29:8d:b3:cc:5a:e2:
ec:1b:88:78:ea:54:b9:72:49:d8:42:34:bb:1b:0d:75:46:70:
a0:75:aa:97:32:94:b5:61:bd:11:82:68:46:c1:89:50:e9:66:
43:b5:1f:7a:09:7b:fc:b5:da:2d:6e:58:bb:3f:f7:30:03:57:
fc:90:ec:55:e3:a8:fa:3d:6b:41:7b:cc:27:f4:4e:88:c1:85:
8e:fa:38:ad:9a:46:fc:0e:da:12:30:5a:89:a3:52:f2:49:fe:
0b:bd:3d:37:e1:01:19:5a:fc:e5:95:24:9e:1b:86:cc:2d:8a:
08:a3:48:b2:42:40:b4:e6:19:27:84:76:d1:ca:a8:ce:72:23:
98:e8:c4:ee:62:a8:e7:52:07:1c:91:3f:2e:e3:c9:6a:46:c4:
a0:4d:07:f5:2c:5f:f1:01:93:7f:4b:80:5b:97:f7:4e:1c:2c:
3e:cb:60:f0:57:b7:59:c4:d6:15:ed:9b:7e:9b:43:b6:64:3b:
1c:a9:78:c0:ce:6f:15:8c:b2:18:51:54:74:e2:33:da:19:90:
72:c2:33:70:a5:47:87:6a:0e:47:1f:8b:ba:0e:f9:12:d6:e1:
0d:a7:69:b6
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQl/djApw2u/z1ohMZ9JuFGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MDc0YjQxOWVhZDRjZWZlYTJmMmFkMmMyNTlkOTc4YzVl
ZDc5NTQwHhcNMjUwMTAyMDc0OTQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmUzM2EwYTViMjU0OWVjNDJlZTUyNTY3YzY0YmZlZDM2YTkzZWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqhwDIovDgB97gJ8cISYIQuZRZYAH
MPchhUrmRBATzvFYGSE3mQWI+HWf6Y3Ar1GM6Et4+KagTNH5yfLCGqZN6jZtVSFV
y2O9hzVcHriQQZTEpl2GSvdg3/waXc83JyTzVwgLDHJg4SlH7K6Yem7IkWGvrTvv
k/pfnddG8fsPpvauPu3OdGhUv0UPGyd1hLe4ZnqfJSXypM81OVVjAXNS4hq7LdvC
0YLfRIno3MEbvBJuDJt8N0XdSUtlf5wKRIhQyl2IKwFLigLaBrcjCsBTapqfnAnh
x948j1utv6MWEXIYB58qMPT01uhGV22aoXjvWgRm2GwXb9BOh7f4w9YWEQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFDvjOgpbJUnsQu5SVnxkv+02qT6xMB8GA1UdIwQY
MBaAFLgHS0GerUzv6i8q0sJZ2XjF7XlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYt
M2Q5MWVkZTViMmIxLzEvTy1NNkNsc2xTZXhDN2xKV2ZHU183VGFwUHJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYtM2Q5MWVkZTViMmIx
LzEvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgp5x/ww
DQYJKoZIhvcNAQELBQADggEBACgFcs0VUSsJgzYqcS5gEt+Qfu53nlWk+LIke/8o
0ymNs8xa4uwbiHjqVLlySdhCNLsbDXVGcKB1qpcylLVhvRGCaEbBiVDpZkO1H3oJ
e/y12i1uWLs/9zADV/yQ7FXjqPo9a0F7zCf0TojBhY76OK2aRvwO2hIwWomjUvJJ
/gu9PTfhARla/OWVJJ4bhswtigijSLJCQLTmGSeEdtHKqM5yI5joxO5iqOdSBxyR
Py7jyWpGxKBNB/UsX/EBk39LgFuX904cLD7LYPBXt1nE1hXtm36bQ7ZkOxypeMDO
bxWMshhRVHTiM9oZkHLCM3ClR4dqDkcfi7oO+RLW4Q2nabY=
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:46:47 2025 by rpki-client