Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/psc_ywy6TZ747FNOHPMe32Hx8iI.roa
File: psc_ywy6TZ747FNOHPMe32Hx8iI.roa (raw, json)
Hash identifier: vHB0wd32WV7ZITwLek6pYwZXU7Uo3wbJIhnSnt1L0qo=
Subject key identifier: A6:C7:3F:CB:0C:BA:4D:9E:F8:EC:53:4E:1C:F3:1E:DF:61:F1:F2:22
Certificate issuer: /CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Certificate serial: 019498FC1CC2314F966E375D42C63EC75E0E
Authority key identifier: B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/psc_ywy6TZ747FNOHPMe32Hx8iI.roa
Signing time: Fri 24 Jan 2025 15:44:06 +0000
ROA not before: Fri 24 Jan 2025 15:44:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214976
IP address blocks: 2a0a:79c7:f400::/38 maxlen: 48
2a0a:79c7:f600::/40 maxlen: 40
2a0a:79c7:f7c0::/44 maxlen: 48
2a0a:79c7:f801::/48 maxlen: 48
2a0a:79c7:f802::/48 maxlen: 48
2a0a:79c7:f900::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 01:01:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:98:fc:1c:c2:31:4f:96:6e:37:5d:42:c6:3e:c7:5e:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Validity
Not Before: Jan 24 15:44:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a6c73fcb0cba4d9ef8ec534e1cf31edf61f1f222
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:3e:d1:25:dd:7b:e8:68:1c:7a:ac:42:91:3f:
ba:88:f4:37:0b:83:b4:0c:2e:da:7c:b9:2a:80:63:
11:d2:86:e5:72:a3:97:82:eb:26:6b:21:5c:f0:dd:
c4:a6:b6:f3:2c:0b:58:2f:3d:ea:dc:fd:ef:b8:ed:
09:4c:c3:91:59:6c:ca:e8:21:19:57:dd:8a:d6:97:
11:25:7d:6b:b3:10:41:31:be:49:62:f9:cd:ad:3a:
20:a3:a6:d2:fd:af:c3:b0:f5:59:51:87:81:35:c3:
82:96:21:6d:80:25:48:b2:9a:7b:ef:35:f8:58:ee:
2f:58:d3:00:6e:78:a9:5d:ef:1f:25:72:1a:56:e7:
bc:5f:2c:91:fe:40:4a:1e:64:1e:9f:55:ce:fc:d1:
b2:34:d7:dd:91:75:46:98:50:99:38:d4:e4:2d:9a:
3a:41:c9:8f:13:30:59:53:b6:b0:61:e1:4d:b1:60:
2f:51:2d:f7:c8:ce:d1:5f:ce:91:43:12:17:9f:f4:
bc:e4:6f:82:21:c1:a0:48:f4:eb:92:0c:b4:4e:7b:
75:54:ec:6a:15:cb:28:30:8a:50:9d:8c:89:e7:e1:
5f:8c:b9:a6:cd:b2:de:1e:7d:c2:96:e3:bd:42:cc:
ac:0b:85:82:2c:9a:d3:f0:ce:b3:24:6b:23:33:1b:
5a:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:C7:3F:CB:0C:BA:4D:9E:F8:EC:53:4E:1C:F3:1E:DF:61:F1:F2:22
X509v3 Authority Key Identifier:
keyid:B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/psc_ywy6TZ747FNOHPMe32Hx8iI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:79c7:f400::/38
2a0a:79c7:f801::-2a0a:79c7:f802:ffff:ffff:ffff:ffff:ffff
2a0a:79c7:f900::/40
Signature Algorithm: sha256WithRSAEncryption
d2:ed:12:32:02:5e:4d:17:a5:92:ad:6c:09:0c:83:d4:ec:1e:
a9:f5:4c:a5:f0:c7:11:82:a4:56:b0:07:4c:cf:19:77:78:23:
95:10:ba:6d:15:cb:dc:6f:5a:43:a9:0e:ac:3a:d7:2d:e5:c9:
33:41:41:ed:20:58:b0:06:31:0c:28:c9:30:86:f3:c3:38:b3:
b6:e2:5e:96:4e:51:f6:15:9d:2c:9f:c7:09:65:6b:2e:11:9b:
1a:6c:07:b1:74:26:64:81:bd:e6:39:06:0f:34:4d:93:53:9b:
83:c9:98:e3:8d:d4:54:b9:6d:51:b7:86:5d:71:03:41:71:a6:
91:ba:4c:71:65:51:ec:1c:fb:c3:6a:15:4a:0a:3a:e5:02:da:
ee:1b:3d:28:00:ec:e3:2c:6b:4f:d4:3a:60:b1:94:cc:a7:90:
b2:7d:07:74:64:44:74:17:1e:74:5c:e9:d4:af:cf:41:64:19:
c6:b5:bf:e4:75:bc:ae:69:ad:33:a5:2b:6b:45:d9:97:13:e5:
02:f4:99:66:03:cb:66:5c:1a:1c:67:fc:96:9a:73:77:96:39:
96:4f:d9:04:09:43:ea:88:96:97:fe:6d:32:23:13:cb:2d:89:
4e:cf:3b:c2:69:40:a1:d6:03:47:80:15:47:ca:15:e5:90:d3:
c6:bd:2c:dd
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZSY/BzCMU+WbjddQsY+x14OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MDc0YjQxOWVhZDRjZWZlYTJmMmFkMmMyNTlkOTc4YzVl
ZDc5NTQwHhcNMjUwMTI0MTU0NDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmM3M2ZjYjBjYmE0ZDllZjhlYzUzNGUxY2YzMWVkZjYxZjFmMjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmD7RJd176GgceqxCkT+6iPQ3C4O0
DC7afLkqgGMR0oblcqOXgusmayFc8N3EprbzLAtYLz3q3P3vuO0JTMORWWzK6CEZ
V92K1pcRJX1rsxBBMb5JYvnNrTogo6bS/a/DsPVZUYeBNcOCliFtgCVIspp77zX4
WO4vWNMAbnipXe8fJXIaVue8XyyR/kBKHmQen1XO/NGyNNfdkXVGmFCZONTkLZo6
QcmPEzBZU7awYeFNsWAvUS33yM7RX86RQxIXn/S85G+CIcGgSPTrkgy0Tnt1VOxq
FcsoMIpQnYyJ5+FfjLmmzbLeHn3CluO9QsysC4WCLJrT8M6zJGsjMxtaUwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKbHP8sMuk2e+OxTThzzHt9h8fIiMB8GA1UdIwQY
MBaAFLgHS0GerUzv6i8q0sJZ2XjF7XlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYt
M2Q5MWVkZTViMmIxLzEvcHNjX3l3eTZUWjc0N0ZOT0hQTWUzMkh4OGlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYtM2Q5MWVkZTViMmIx
LzEvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwYCKgp5x/Qw
EgMHACoKecf4AQMHACoKecf4AgMGACoKecf5MA0GCSqGSIb3DQEBCwUAA4IBAQDS
7RIyAl5NF6WSrWwJDIPU7B6p9Uyl8McRgqRWsAdMzxl3eCOVELptFcvcb1pDqQ6s
Otct5ckzQUHtIFiwBjEMKMkwhvPDOLO24l6WTlH2FZ0sn8cJZWsuEZsabAexdCZk
gb3mOQYPNE2TU5uDyZjjjdRUuW1Rt4ZdcQNBcaaRukxxZVHsHPvDahVKCjrlAtru
Gz0oAOzjLGtP1DpgsZTMp5CyfQd0ZER0Fx50XOnUr89BZBnGtb/kdbyuaa0zpStr
RdmXE+UC9JlmA8tmXBocZ/yWmnN3ljmWT9kECUPqiJaX/m0yIxPLLYlOzzvCaUCh
1gNHgBVHyhXlkNPGvSzd
-----END CERTIFICATE-----
Generated at Sun Apr 6 09:50:38 2025 by rpki-client