Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/bff758-4b83-473d-b072-a2ce1cc8b87f/1/DVy9xxsaVAJcUU0BRfhNabOqMzk.roa
File: DVy9xxsaVAJcUU0BRfhNabOqMzk.roa (raw, json)
Hash identifier: C4OGc3b2gsAM2Wvi4DJ3HoKaAiDyltSi4czoAQFuPLg=
Subject key identifier: 0D:5C:BD:C7:1B:1A:54:02:5C:51:4D:01:45:F8:4D:69:B3:AA:33:39
Certificate issuer: /CN=5bcd40d10b56f3b532fa0dfd01d817ef93da1a34
Certificate serial: 019420D661C0C6EF642C47A6E500C9165414
Authority key identifier: 5B:CD:40:D1:0B:56:F3:B5:32:FA:0D:FD:01:D8:17:EF:93:DA:1A:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W81A0QtW87Uy-g39AdgX75PaGjQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/bff758-4b83-473d-b072-a2ce1cc8b87f/1/DVy9xxsaVAJcUU0BRfhNabOqMzk.roa
Signing time: Wed 01 Jan 2025 07:48:28 +0000
ROA not before: Wed 01 Jan 2025 07:48:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212149
IP address blocks: 2a0f:8640:b00b::/48 maxlen: 48
2a0f:8641:b00b::/48 maxlen: 48
2a0f:8642:b00b::/48 maxlen: 48
2a0f:8643:b00b::/48 maxlen: 48
2a0f:8644:b00b::/48 maxlen: 48
2a0f:8645:b00b::/48 maxlen: 48
2a0f:8646:b00b::/48 maxlen: 48
2a0f:8647:b00b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/bff758-4b83-473d-b072-a2ce1cc8b87f/1/W81A0QtW87Uy-g39AdgX75PaGjQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/bff758-4b83-473d-b072-a2ce1cc8b87f/1/W81A0QtW87Uy-g39AdgX75PaGjQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/W81A0QtW87Uy-g39AdgX75PaGjQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 13:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:61:c0:c6:ef:64:2c:47:a6:e5:00:c9:16:54:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bcd40d10b56f3b532fa0dfd01d817ef93da1a34
Validity
Not Before: Jan 1 07:48:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0d5cbdc71b1a54025c514d0145f84d69b3aa3339
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:32:2c:cd:e5:60:0c:b9:3b:23:69:bf:1c:49:
b5:9b:ec:3f:14:b9:3f:d9:b7:c0:c8:1c:1d:1b:d8:
d2:da:22:5f:3f:85:8d:7d:e2:05:bb:49:10:9d:36:
77:00:71:29:53:b1:db:7d:0c:f6:a7:bc:d2:6b:00:
ea:f3:0c:59:01:d8:9d:1b:33:6c:1c:30:53:bc:6e:
e3:20:f1:c9:c6:b8:d9:82:f9:cd:15:ec:bb:29:61:
e6:dd:30:32:23:35:e4:16:05:c6:49:6a:fc:21:c8:
a9:e1:50:dd:c0:16:9f:96:67:a3:4b:8a:71:eb:5a:
d2:b0:01:23:49:68:29:ac:b7:01:90:d0:8c:e1:98:
86:34:58:8d:0f:a3:e2:75:e0:87:2e:dc:1a:09:9e:
73:2d:ec:9f:d1:d2:1e:d5:1c:4b:ee:fa:39:17:24:
c3:73:8c:17:4b:72:80:e0:93:23:16:ed:a1:d1:2c:
ee:26:26:0e:ca:67:33:7d:e2:b1:e0:26:fa:43:2e:
1a:8d:d0:77:26:8d:fe:e7:23:dc:ae:c4:71:a4:e4:
78:08:5d:f6:fc:ce:01:f7:db:ba:52:c3:6b:90:4f:
23:4c:d7:07:42:b3:48:1f:f2:51:61:79:bb:2f:4b:
bd:e2:9c:5d:49:77:fb:c3:b4:ec:ec:e1:0a:8c:bc:
dd:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:5C:BD:C7:1B:1A:54:02:5C:51:4D:01:45:F8:4D:69:B3:AA:33:39
X509v3 Authority Key Identifier:
keyid:5B:CD:40:D1:0B:56:F3:B5:32:FA:0D:FD:01:D8:17:EF:93:DA:1A:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W81A0QtW87Uy-g39AdgX75PaGjQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/bff758-4b83-473d-b072-a2ce1cc8b87f/1/DVy9xxsaVAJcUU0BRfhNabOqMzk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/bff758-4b83-473d-b072-a2ce1cc8b87f/1/W81A0QtW87Uy-g39AdgX75PaGjQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:8640:b00b::/48
2a0f:8641:b00b::/48
2a0f:8642:b00b::/48
2a0f:8643:b00b::/48
2a0f:8644:b00b::/48
2a0f:8645:b00b::/48
2a0f:8646:b00b::/48
2a0f:8647:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
63:7f:c6:c2:73:7d:4a:b5:e9:da:66:50:6f:11:44:c9:36:bc:
b0:2a:5f:6f:2b:8d:4c:2c:95:06:85:52:a3:66:12:63:fd:c6:
97:01:4c:6d:b0:b3:8c:2b:e6:ab:79:1f:1a:44:fa:ca:aa:af:
45:54:05:45:91:5c:83:ec:dd:c1:5c:6b:8d:f9:53:3f:dd:83:
a8:d2:a8:e3:7d:8e:5c:39:05:b4:1d:a7:6f:b1:07:96:82:89:
11:d5:15:1b:a6:ea:c1:b0:c7:a3:ef:19:52:6d:06:67:11:eb:
12:03:39:58:04:f5:c4:4a:c7:52:4e:46:21:f2:81:9d:1c:0b:
5a:51:f1:9c:2d:f1:0e:ec:e7:ba:c1:73:9b:53:86:30:d3:e3:
62:aa:c1:6e:69:47:72:cc:30:09:ac:c7:40:f8:83:7e:19:a6:
42:ee:97:89:11:9c:d9:58:3a:de:fd:e2:30:94:fa:00:16:ed:
ff:ed:cc:19:e4:03:58:c1:02:f4:bd:09:b3:1c:98:46:59:ac:
47:46:c5:15:74:34:d9:2e:a7:36:10:2f:36:3e:fc:dd:e7:85:
b4:89:a6:f9:94:96:ef:20:66:58:6a:b9:4f:74:48:eb:64:31:
8b:c4:b1:db:33:bf:e4:52:29:4f:9a:2e:11:cb:21:83:07:39:
e0:d0:da:fe
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZQg1mHAxu9kLEem5QDJFlQUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViY2Q0MGQxMGI1NmYzYjUzMmZhMGRmZDAxZDgxN2VmOTNk
YTFhMzQwHhcNMjUwMTAxMDc0ODI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDVjYmRjNzFiMWE1NDAyNWM1MTRkMDE0NWY4NGQ2OWIzYWEzMzM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jIszeVgDLk7I2m/HEm1m+w/FLk/
2bfAyBwdG9jS2iJfP4WNfeIFu0kQnTZ3AHEpU7HbfQz2p7zSawDq8wxZAdidGzNs
HDBTvG7jIPHJxrjZgvnNFey7KWHm3TAyIzXkFgXGSWr8Icip4VDdwBaflmejS4px
61rSsAEjSWgprLcBkNCM4ZiGNFiND6PideCHLtwaCZ5zLeyf0dIe1RxL7vo5FyTD
c4wXS3KA4JMjFu2h0SzuJiYOymczfeKx4Cb6Qy4ajdB3Jo3+5yPcrsRxpOR4CF32
/M4B99u6UsNrkE8jTNcHQrNIH/JRYXm7L0u94pxdSXf7w7Ts7OEKjLzdKQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFA1cvccbGlQCXFFNAUX4TWmzqjM5MB8GA1UdIwQY
MBaAFFvNQNELVvO1MvoN/QHYF++T2ho0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzgxQTBRdFc4N1V5LWczOUFkZ1g3NVBhR2pRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9iZmY3NTgtNGI4My00NzNkLWIwNzIt
YTJjZTFjYzhiODdmLzEvRFZ5OXh4c2FWQUpjVVUwQlJmaE5hYk9xTXprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy9iZmY3NTgtNGI4My00NzNkLWIwNzItYTJjZTFjYzhiODdm
LzEvVzgxQTBRdFc4N1V5LWczOUFkZ1g3NVBhR2pRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAAjBIAwcAKg+GQLAL
AwcAKg+GQbALAwcAKg+GQrALAwcAKg+GQ7ALAwcAKg+GRLALAwcAKg+GRbALAwcA
Kg+GRrALAwcAKg+GR7ALMA0GCSqGSIb3DQEBCwUAA4IBAQBjf8bCc31KtenaZlBv
EUTJNrywKl9vK41MLJUGhVKjZhJj/caXAUxtsLOMK+areR8aRPrKqq9FVAVFkVyD
7N3BXGuN+VM/3YOo0qjjfY5cOQW0HadvsQeWgokR1RUbpurBsMej7xlSbQZnEesS
AzlYBPXESsdSTkYh8oGdHAtaUfGcLfEO7Oe6wXObU4Yw0+NiqsFuaUdyzDAJrMdA
+IN+GaZC7peJEZzZWDre/eIwlPoAFu3/7cwZ5ANYwQL0vQmzHJhGWaxHRsUVdDTZ
Lqc2EC82Pvzd54W0iab5lJbvIGZYarlPdEjrZDGLxLHbM7/kUilPmi4RyyGDBzng
0Nr+
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:43:42 2025 by rpki-client