Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/66Xx5jDxNG0NmEQTOBPZWLsuDKU.roa
File: 66Xx5jDxNG0NmEQTOBPZWLsuDKU.roa (raw, json)
Hash identifier: YRP6vRA01LYM57+OEVE980SXFAryoZ4goaiztW4UpGM=
Subject key identifier: EB:A5:F1:E6:30:F1:34:6D:0D:98:44:13:38:13:D9:58:BB:2E:0C:A5
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 019427B637AE1FDAAEE8F62BA69353703D72
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/66Xx5jDxNG0NmEQTOBPZWLsuDKU.roa
Signing time: Thu 02 Jan 2025 15:50:40 +0000
ROA not before: Thu 02 Jan 2025 15:50:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3356
IP address blocks: 2a0e:1b40::/32 maxlen: 32
2a0e:1b41::/32 maxlen: 32
2a0e:1b42::/32 maxlen: 32
2a0e:1b43::/32 maxlen: 32
2a0e:1b44::/32 maxlen: 32
2a0e:1b45::/32 maxlen: 32
2a0e:1b46::/32 maxlen: 32
2a0e:1b47::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 14:35:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:37:ae:1f:da:ae:e8:f6:2b:a6:93:53:70:3d:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: Jan 2 15:50:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eba5f1e630f1346d0d9844133813d958bb2e0ca5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:0d:b4:99:67:15:fe:fb:ce:18:fa:75:95:7a:
1a:2e:32:f7:2d:98:8f:a8:f7:32:db:dc:1d:c1:2a:
05:67:dd:1f:49:bb:55:1a:82:92:de:bc:71:6c:08:
c2:b7:31:85:01:62:01:25:3d:42:6a:7d:a3:e9:ae:
ae:40:bf:af:e8:05:89:04:82:f9:9c:1e:ad:4f:86:
f8:7f:99:cb:4f:b4:f0:1b:82:d7:bb:d7:c6:26:5a:
9d:f9:22:67:7e:f2:d6:6f:30:52:d4:1b:be:79:47:
03:cc:58:8a:ad:5c:79:40:9d:71:a0:d5:24:a0:43:
1c:47:84:fc:88:c5:54:74:c1:0a:84:b2:7b:ee:8b:
ed:82:a8:73:8b:92:cc:17:fe:8e:9c:d5:ee:c5:56:
aa:70:53:f2:de:46:8e:f4:74:29:82:36:54:23:44:
19:ad:06:58:dd:c0:0b:ee:89:23:0f:fc:79:4e:0f:
91:a3:9a:bf:6f:a1:0b:b1:62:23:d1:b7:6e:07:8c:
2e:2f:42:9c:bd:99:07:3f:3a:cf:e9:4c:e7:96:a8:
4a:f6:39:ed:2b:ff:a5:fa:0a:06:6a:ce:c9:0d:f5:
f7:a8:13:2a:0b:a2:93:21:98:08:d9:be:fd:39:36:
15:bb:d6:f5:69:7b:63:94:08:62:f3:11:f4:55:92:
5b:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:A5:F1:E6:30:F1:34:6D:0D:98:44:13:38:13:D9:58:BB:2E:0C:A5
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/66Xx5jDxNG0NmEQTOBPZWLsuDKU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:1b40::/29
Signature Algorithm: sha256WithRSAEncryption
44:25:f8:f6:21:91:7e:a5:f0:67:8d:49:58:99:83:4d:e7:3e:
4a:a5:f0:a0:dd:17:64:43:41:0b:4b:a7:fe:7a:de:d1:eb:53:
28:6d:1a:67:87:c4:22:28:01:77:c1:e9:a0:b8:13:76:15:7d:
e6:8f:a7:ec:52:01:05:36:5b:3b:da:de:66:08:49:de:b0:ea:
e0:d7:ac:e6:81:54:66:1a:f1:23:b9:4f:81:46:cf:4f:49:8a:
bc:8e:a6:6d:f3:42:cb:97:02:da:2f:c5:a4:9b:24:a1:3d:60:
be:e3:86:ac:3d:76:de:3e:fa:ba:e1:a6:1f:15:48:78:ea:01:
93:b5:c3:50:11:a2:f4:7c:b4:bd:ec:d7:42:be:41:a8:de:33:
58:a7:01:91:98:20:14:3f:5c:2d:1c:c8:79:d5:eb:38:03:d1:
10:fa:64:ee:04:a8:d1:ad:9b:1f:25:59:f6:f5:9a:a4:11:12:
90:de:64:c5:40:36:9d:44:5d:2e:38:15:5b:aa:44:be:93:69:
0d:6a:f8:41:74:f6:8c:7b:c8:01:7e:dd:f3:f3:b8:6c:0d:58:
2f:b3:91:14:da:b4:34:1a:a3:6f:2e:72:5e:a3:5c:18:8f:63:
5f:cd:cc:67:ea:00:f2:fe:16:47:a9:a1:b0:6f:9a:8f:71:ae:
5c:30:17:47
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQntjeuH9qu6PYrppNTcD1yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNzYwM2E5M2JjYTMxYjAxOGY1MTFmNmQ0YjBiNzU0NmU5
NjMzNjIwHhcNMjUwMTAyMTU1MDQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmE1ZjFlNjMwZjEzNDZkMGQ5ODQ0MTMzODEzZDk1OGJiMmUwY2E1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2w20mWcV/vvOGPp1lXoaLjL3LZiP
qPcy29wdwSoFZ90fSbtVGoKS3rxxbAjCtzGFAWIBJT1Can2j6a6uQL+v6AWJBIL5
nB6tT4b4f5nLT7TwG4LXu9fGJlqd+SJnfvLWbzBS1Bu+eUcDzFiKrVx5QJ1xoNUk
oEMcR4T8iMVUdMEKhLJ77ovtgqhzi5LMF/6OnNXuxVaqcFPy3kaO9HQpgjZUI0QZ
rQZY3cAL7okjD/x5Tg+Ro5q/b6ELsWIj0bduB4wuL0KcvZkHPzrP6UznlqhK9jnt
K/+l+goGas7JDfX3qBMqC6KTIZgI2b79OTYVu9b1aXtjlAhi8xH0VZJbIwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOul8eYw8TRtDZhEEzgT2Vi7LgylMB8GA1UdIwQY
MBaAFIJ2A6k7yjGwGPUR9tSwt1RuljNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYt
YjE2Y2I0ZGZhZGQzLzEvNjZYeDVqRHhORzBObUVRVE9CUFpXTHN1REtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYtYjE2Y2I0ZGZhZGQz
LzEvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg4bQDAN
BgkqhkiG9w0BAQsFAAOCAQEARCX49iGRfqXwZ41JWJmDTec+SqXwoN0XZENBC0un
/nre0etTKG0aZ4fEIigBd8HpoLgTdhV95o+n7FIBBTZbO9reZghJ3rDq4Nes5oFU
ZhrxI7lPgUbPT0mKvI6mbfNCy5cC2i/FpJskoT1gvuOGrD123j76uuGmHxVIeOoB
k7XDUBGi9Hy0vezXQr5BqN4zWKcBkZggFD9cLRzIedXrOAPREPpk7gSo0a2bHyVZ
9vWapBESkN5kxUA2nURdLjgVW6pEvpNpDWr4QXT2jHvIAX7d8/O4bA1YL7ORFNq0
NBqjby5yXqNcGI9jX83MZ+oA8v4WR6mhsG+aj3GuXDAXRw==
-----END CERTIFICATE-----
Generated at Wed Feb 5 19:00:25 2025 by rpki-client