Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/2406ab-3bcb-41bc-a942-368608385883/1/2nyycqBL-rAzEQltLGtAfMtGQLM.roa
File: 2nyycqBL-rAzEQltLGtAfMtGQLM.roa (raw, json)
Hash identifier: MBIXdHvXsLvgHf885v+F1wgnsNoLNTld5Y4auopwyqw=
Subject key identifier: DA:7C:B2:72:A0:4B:FA:B0:33:11:09:6D:2C:6B:40:7C:CB:46:40:B3
Certificate issuer: /CN=c0747fbe26c9cdd7628adfedb57b78be8de75e29
Certificate serial: 019423D72C3A26F664745CBC51B41ACEDE7F
Authority key identifier: C0:74:7F:BE:26:C9:CD:D7:62:8A:DF:ED:B5:7B:78:BE:8D:E7:5E:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wHR_vibJzddiit_ttXt4vo3nXik.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/2406ab-3bcb-41bc-a942-368608385883/1/2nyycqBL-rAzEQltLGtAfMtGQLM.roa
Signing time: Wed 01 Jan 2025 21:48:11 +0000
ROA not before: Wed 01 Jan 2025 21:48:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 36411
IP address blocks: 2a00:79e1:820::/45 maxlen: 45
2a00:79e1:820::/47 maxlen: 47
2a00:79e1:821::/48 maxlen: 48
2a00:79e1:822::/47 maxlen: 47
2a00:79e1:823::/48 maxlen: 48
2a00:79e1:824::/48 maxlen: 48
2a00:79e1:825::/48 maxlen: 48
2a00:79e1:826::/48 maxlen: 48
2a00:79e1:827::/48 maxlen: 48
2a00:79e1:840::/48 maxlen: 48
2a00:79e1:841::/48 maxlen: 48
2a00:79e1:2000::/35 maxlen: 35
2a00:79e1:2000::/38 maxlen: 38
2a00:79e1:2200::/39 maxlen: 39
2a00:79e1:2400::/39 maxlen: 39
2a00:79e1:2600::/39 maxlen: 39
2a00:79e1:2800::/38 maxlen: 38
2a00:79e1:2a00::/39 maxlen: 39
2a00:79e1:2c00::/39 maxlen: 39
2a00:79e1:2e00::/39 maxlen: 39
2a00:79e1:3000::/38 maxlen: 38
2a00:79e1:3200::/39 maxlen: 39
2a00:79e1:3400::/39 maxlen: 39
2a00:79e1:3600::/39 maxlen: 39
2a00:79e1:3800::/38 maxlen: 38
2a00:79e1:3a00::/39 maxlen: 39
2a00:79e1:3c00::/39 maxlen: 39
2a00:79e1:3e00::/39 maxlen: 39
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9d/2406ab-3bcb-41bc-a942-368608385883/1/wHR_vibJzddiit_ttXt4vo3nXik.crl
rsync://rpki.ripe.net/repository/DEFAULT/9d/2406ab-3bcb-41bc-a942-368608385883/1/wHR_vibJzddiit_ttXt4vo3nXik.mft
rsync://rpki.ripe.net/repository/DEFAULT/wHR_vibJzddiit_ttXt4vo3nXik.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 06:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:2c:3a:26:f6:64:74:5c:bc:51:b4:1a:ce:de:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0747fbe26c9cdd7628adfedb57b78be8de75e29
Validity
Not Before: Jan 1 21:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=da7cb272a04bfab03311096d2c6b407ccb4640b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b4:51:66:50:04:ea:60:f9:70:42:30:4e:fe:
de:a0:cf:a5:17:f7:a2:d8:d3:37:2c:6c:e9:cb:a9:
1b:0b:ca:50:e9:33:14:b9:07:de:a2:77:c1:fd:f0:
76:48:bc:28:04:82:41:2a:ba:f8:f6:51:71:14:21:
67:ce:32:8b:7d:ba:b6:ec:7c:14:af:37:87:c8:98:
a6:74:ec:1a:b4:00:f7:66:01:26:92:8c:58:9e:e2:
20:e0:91:23:96:fa:3c:e4:8f:a9:f6:70:65:0b:8e:
b1:c1:bc:01:16:dc:2b:08:61:ff:62:ba:c6:cc:4b:
ed:b7:5d:1a:a7:b0:dc:9b:99:1c:a0:5a:2e:7f:79:
70:ab:d7:32:57:eb:93:da:9a:d4:6e:f7:65:8e:d9:
2c:54:9b:7f:7e:d0:c2:a4:03:ab:99:68:56:ad:1f:
75:a2:18:b0:f5:03:9c:3b:8a:6f:40:42:25:12:f2:
01:f2:ad:37:dc:9d:61:26:51:bf:34:ab:4a:95:10:
7f:8e:cf:39:c4:45:ba:c8:9e:08:0f:67:b9:6f:4e:
46:56:3a:39:3f:38:2a:7a:b2:b8:e6:58:17:54:84:
33:75:0a:02:4d:1c:53:a4:72:18:1b:a7:ee:92:d7:
09:51:0c:e2:69:d4:32:ff:ed:2d:b5:0e:b6:3f:05:
00:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:7C:B2:72:A0:4B:FA:B0:33:11:09:6D:2C:6B:40:7C:CB:46:40:B3
X509v3 Authority Key Identifier:
keyid:C0:74:7F:BE:26:C9:CD:D7:62:8A:DF:ED:B5:7B:78:BE:8D:E7:5E:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wHR_vibJzddiit_ttXt4vo3nXik.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/2406ab-3bcb-41bc-a942-368608385883/1/2nyycqBL-rAzEQltLGtAfMtGQLM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/2406ab-3bcb-41bc-a942-368608385883/1/wHR_vibJzddiit_ttXt4vo3nXik.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:79e1:820::/45
2a00:79e1:840::/47
2a00:79e1:2000::/35
Signature Algorithm: sha256WithRSAEncryption
22:a4:08:49:7c:c4:c7:67:62:6d:5a:38:7f:92:a5:76:f2:e5:
a5:8b:d7:07:fb:47:20:83:5e:67:30:45:48:f0:f7:6f:e5:ab:
31:a3:ce:eb:fc:23:ad:e7:c2:f6:66:fb:9c:01:27:30:1d:1e:
3e:0a:78:e5:88:b9:7e:67:2a:4f:03:87:14:b3:58:71:46:a1:
e8:04:c1:40:36:74:f2:ee:7b:99:3b:55:27:cd:a3:bd:f9:65:
07:4f:4e:3d:6c:35:ac:4b:0a:6c:9a:da:07:dc:8d:26:e1:41:
fa:57:be:f5:e1:2f:17:4e:d7:83:7d:b7:13:f7:3d:9c:b5:03:
f9:d5:3a:e0:b2:8f:a9:be:31:3c:7f:96:ec:db:e0:8a:5e:27:
7a:6e:06:c3:13:12:59:44:f5:c9:a8:57:64:ed:1b:9d:44:76:
ec:61:2b:9f:57:4c:2f:83:f6:f2:a4:04:9f:cd:6b:37:7c:60:
17:aa:df:03:a0:67:d2:59:53:66:21:3e:8f:a8:88:96:24:05:
41:70:2d:91:a1:a5:5c:a7:5c:55:a1:ec:ab:63:ed:3f:19:1d:
3d:23:a6:4b:3d:5e:f3:d6:b8:34:60:81:fc:b1:56:db:bb:87:
78:5a:58:d7:3e:09:02:f1:ff:eb:58:45:ec:45:b6:53:f8:8d:
e4:0b:6f:d4
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQj1yw6JvZkdFy8UbQazt5/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwNzQ3ZmJlMjZjOWNkZDc2MjhhZGZlZGI1N2I3OGJlOGRl
NzVlMjkwHhcNMjUwMTAxMjE0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTdjYjI3MmEwNGJmYWIwMzMxMTA5NmQyYzZiNDA3Y2NiNDY0MGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbRRZlAE6mD5cEIwTv7eoM+lF/ei
2NM3LGzpy6kbC8pQ6TMUuQfeonfB/fB2SLwoBIJBKrr49lFxFCFnzjKLfbq27HwU
rzeHyJimdOwatAD3ZgEmkoxYnuIg4JEjlvo85I+p9nBlC46xwbwBFtwrCGH/YrrG
zEvtt10ap7Dcm5kcoFouf3lwq9cyV+uT2prUbvdljtksVJt/ftDCpAOrmWhWrR91
ohiw9QOcO4pvQEIlEvIB8q033J1hJlG/NKtKlRB/js85xEW6yJ4ID2e5b05GVjo5
PzgqerK45lgXVIQzdQoCTRxTpHIYG6fuktcJUQziadQy/+0ttQ62PwUA/QIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFNp8snKgS/qwMxEJbSxrQHzLRkCzMB8GA1UdIwQY
MBaAFMB0f74myc3XYorf7bV7eL6N514pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0hSX3ZpYkp6ZGRpaXRfdHRYdDR2bzNuWGlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC8yNDA2YWItM2JjYi00MWJjLWE5NDIt
MzY4NjA4Mzg1ODgzLzEvMm55eWNxQkwtckF6RVFsdExHdEFmTXRHUUxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC8yNDA2YWItM2JjYi00MWJjLWE5NDItMzY4NjA4Mzg1ODgz
LzEvd0hSX3ZpYkp6ZGRpaXRfdHRYdDR2bzNuWGlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAAjAaAwcDKgB54Qgg
AwcBKgB54QhAAwYFKgB54SAwDQYJKoZIhvcNAQELBQADggEBACKkCEl8xMdnYm1a
OH+SpXby5aWL1wf7RyCDXmcwRUjw92/lqzGjzuv8I63nwvZm+5wBJzAdHj4KeOWI
uX5nKk8DhxSzWHFGoegEwUA2dPLue5k7VSfNo735ZQdPTj1sNaxLCmya2gfcjSbh
QfpXvvXhLxdO14N9txP3PZy1A/nVOuCyj6m+MTx/luzb4IpeJ3puBsMTEllE9cmo
V2TtG51EduxhK59XTC+D9vKkBJ/Nazd8YBeq3wOgZ9JZU2YhPo+oiJYkBUFwLZGh
pVynXFWh7Ktj7T8ZHT0jpks9XvPWuDRggfyxVtu7h3haWNc+CQLx/+tYRexFtlP4
jeQLb9Q=
-----END CERTIFICATE-----
Generated at Fri Apr 11 17:35:30 2025 by rpki-client