Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/hqbCZvBXzB77KHtqHXMD1fWA6kY.roa
File: hqbCZvBXzB77KHtqHXMD1fWA6kY.roa (raw, json)
Hash identifier: GUn5Uq/ONwTDRfgsRO2JjkxvZemRk4JP3fq+QqdcYLA=
Subject key identifier: 86:A6:C2:66:F0:57:CC:1E:FB:28:7B:6A:1D:73:03:D5:F5:80:EA:46
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 019427B638047A7006DF1F95C0981EB759CD
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/hqbCZvBXzB77KHtqHXMD1fWA6kY.roa
Signing time: Thu 02 Jan 2025 15:50:40 +0000
ROA not before: Thu 02 Jan 2025 15:50:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62240
IP address blocks: 2a07:6080::/32 maxlen: 32
2a07:6081::/32 maxlen: 32
2a07:6082::/32 maxlen: 32
2a07:6083::/32 maxlen: 32
2a07:6084::/32 maxlen: 32
2a07:6085::/32 maxlen: 32
2a07:6086::/32 maxlen: 32
2a07:6087::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:38:04:7a:70:06:df:1f:95:c0:98:1e:b7:59:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: Jan 2 15:50:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=86a6c266f057cc1efb287b6a1d7303d5f580ea46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:5b:0d:47:59:e2:d2:1e:a7:ec:13:69:c7:a1:
f3:d9:e1:62:67:f5:18:c9:90:ed:49:89:b0:57:54:
56:74:d0:55:ce:c4:11:00:9c:6b:05:30:01:18:5a:
db:d7:74:4d:f2:ce:08:aa:8a:5f:1b:f8:4c:67:c7:
88:14:33:7c:cd:ce:ae:03:4c:e2:8e:8f:ee:ca:3a:
da:fe:46:83:0a:3a:84:7b:f7:6c:df:f4:4b:b2:8a:
05:5d:89:5c:6f:29:12:0b:bf:a4:ec:4b:3f:57:e3:
de:f3:1e:df:3e:71:47:6c:ab:69:28:e7:b6:a8:60:
f7:f6:52:00:22:bf:b8:f9:8d:39:8d:ed:be:e1:1d:
00:04:a1:e1:5a:4e:84:67:c3:3e:93:92:ad:15:99:
89:16:1a:30:b1:a6:fb:c9:a9:82:85:f7:ea:00:28:
ed:42:86:b3:22:68:02:e0:75:55:31:9c:9a:68:4b:
0a:e3:c8:62:dd:e5:2c:dc:c2:49:88:0a:96:3a:c5:
d6:ed:08:f1:70:2f:bb:2b:ec:9a:8d:d5:3d:81:fc:
20:1c:6b:89:63:5a:51:85:c6:ac:3d:96:ae:6d:a0:
d0:72:c8:d9:ce:f5:e5:65:83:ea:99:60:43:cc:2b:
2b:af:ce:d6:49:57:14:f9:31:50:8a:03:06:a7:14:
a8:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:A6:C2:66:F0:57:CC:1E:FB:28:7B:6A:1D:73:03:D5:F5:80:EA:46
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/hqbCZvBXzB77KHtqHXMD1fWA6kY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:6080::/29
Signature Algorithm: sha256WithRSAEncryption
27:88:f2:f9:65:1f:59:06:54:86:3e:c5:b7:86:8e:91:00:a5:
77:08:c7:be:ed:d3:a6:f4:1d:33:17:73:16:43:62:57:26:1c:
11:3d:df:67:4c:a2:80:4c:e0:d9:f9:13:45:29:d9:da:c0:a8:
c7:37:0b:d5:0d:bc:7b:c9:5f:86:a4:6a:3b:56:52:ed:c6:f1:
46:03:b4:78:92:5a:c4:cd:fe:c4:2f:8a:3f:f5:d8:2b:78:9d:
8d:19:5b:01:47:48:61:d1:88:ad:ff:3a:88:43:eb:0f:fd:15:
d2:13:c4:93:7b:e2:aa:e2:e1:b1:28:16:28:5e:14:e0:53:45:
88:ec:c6:af:e6:c0:6c:b6:27:0f:6a:a5:d3:70:e3:08:f2:d2:
ab:e0:02:bb:a5:55:60:0f:58:2d:e1:45:f7:59:47:3f:89:5a:
6d:76:9d:aa:34:b5:c8:dd:2c:45:8b:e3:d1:10:86:cb:5f:12:
1f:53:0e:47:e0:a7:04:78:0a:a3:0f:77:14:6e:ef:b7:e7:21:
40:cd:51:d8:9f:c4:44:21:cf:46:3a:64:d0:1b:1f:a4:f3:a7:
ab:47:eb:d3:09:00:3f:53:ec:59:86:7c:29:71:9c:56:0c:d1:
a6:16:03:9d:37:f5:3a:07:c7:60:2c:35:3c:5b:a2:fe:2c:07:
cb:df:37:c5
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQntjgEenAG3x+VwJget1nNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNzYwM2E5M2JjYTMxYjAxOGY1MTFmNmQ0YjBiNzU0NmU5
NjMzNjIwHhcNMjUwMTAyMTU1MDQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmE2YzI2NmYwNTdjYzFlZmIyODdiNmExZDczMDNkNWY1ODBlYTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnFsNR1ni0h6n7BNpx6Hz2eFiZ/UY
yZDtSYmwV1RWdNBVzsQRAJxrBTABGFrb13RN8s4IqopfG/hMZ8eIFDN8zc6uA0zi
jo/uyjra/kaDCjqEe/ds3/RLsooFXYlcbykSC7+k7Es/V+Pe8x7fPnFHbKtpKOe2
qGD39lIAIr+4+Y05je2+4R0ABKHhWk6EZ8M+k5KtFZmJFhowsab7yamChffqACjt
QoazImgC4HVVMZyaaEsK48hi3eUs3MJJiAqWOsXW7QjxcC+7K+yajdU9gfwgHGuJ
Y1pRhcasPZaubaDQcsjZzvXlZYPqmWBDzCsrr87WSVcU+TFQigMGpxSorwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIamwmbwV8we+yh7ah1zA9X1gOpGMB8GA1UdIwQY
MBaAFIJ2A6k7yjGwGPUR9tSwt1RuljNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYt
YjE2Y2I0ZGZhZGQzLzEvaHFiQ1p2Qlh6Qjc3S0h0cUhYTUQxZldBNmtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYtYjE2Y2I0ZGZhZGQz
LzEvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgdggDAN
BgkqhkiG9w0BAQsFAAOCAQEAJ4jy+WUfWQZUhj7Ft4aOkQCldwjHvu3TpvQdMxdz
FkNiVyYcET3fZ0yigEzg2fkTRSnZ2sCoxzcL1Q28e8lfhqRqO1ZS7cbxRgO0eJJa
xM3+xC+KP/XYK3idjRlbAUdIYdGIrf86iEPrD/0V0hPEk3viquLhsSgWKF4U4FNF
iOzGr+bAbLYnD2ql03DjCPLSq+ACu6VVYA9YLeFF91lHP4labXadqjS1yN0sRYvj
0RCGy18SH1MOR+CnBHgKow93FG7vt+chQM1R2J/ERCHPRjpk0BsfpPOnq0fr0wkA
P1PsWYZ8KXGcVgzRphYDnTf1OgfHYCw1PFui/iwHy983xQ==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:29:57 2025 by rpki-client