Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/f0f70c-06e7-41ac-a2b8-858dce57fcdb/1/cnlKi9qLrI6JaYoaIugGIbnBwcA.roa
File: cnlKi9qLrI6JaYoaIugGIbnBwcA.roa (raw, json)
Hash identifier: 5e0bB/hsZW7gYeqd0QyUdWIzUtk88cRCCy3/L5Xpu54=
Subject key identifier: 72:79:4A:8B:DA:8B:AC:8E:89:69:8A:1A:22:E8:06:21:B9:C1:C1:C0
Certificate issuer: /CN=370e5450d1486780aba54f045ec4802f19f0b4f7
Certificate serial: 019428271E0E63C952032B0AE1E15FD64A5C
Authority key identifier: 37:0E:54:50:D1:48:67:80:AB:A5:4F:04:5E:C4:80:2F:19:F0:B4:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nw5UUNFIZ4CrpU8EXsSALxnwtPc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/f0f70c-06e7-41ac-a2b8-858dce57fcdb/1/cnlKi9qLrI6JaYoaIugGIbnBwcA.roa
Signing time: Thu 02 Jan 2025 17:53:59 +0000
ROA not before: Thu 02 Jan 2025 17:53:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216126
IP address blocks: 2a0e:46c4:2200::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9f/f0f70c-06e7-41ac-a2b8-858dce57fcdb/1/Nw5UUNFIZ4CrpU8EXsSALxnwtPc.crl
rsync://rpki.ripe.net/repository/DEFAULT/9f/f0f70c-06e7-41ac-a2b8-858dce57fcdb/1/Nw5UUNFIZ4CrpU8EXsSALxnwtPc.mft
rsync://rpki.ripe.net/repository/DEFAULT/Nw5UUNFIZ4CrpU8EXsSALxnwtPc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:1e:0e:63:c9:52:03:2b:0a:e1:e1:5f:d6:4a:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=370e5450d1486780aba54f045ec4802f19f0b4f7
Validity
Not Before: Jan 2 17:53:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=72794a8bda8bac8e89698a1a22e80621b9c1c1c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:1d:a0:9c:5d:ec:8d:5b:56:82:9b:33:32:cd:
33:0b:68:5d:de:af:d4:01:cb:0f:7d:4d:b6:5b:ba:
e9:59:c1:69:18:7e:d6:9b:7b:5f:62:ec:0a:86:a0:
a9:3f:3a:7c:06:54:df:b5:d4:a0:35:9c:cf:25:dd:
ab:7e:6c:8d:47:47:2e:cf:ca:7c:64:47:ff:8f:0d:
31:0f:54:5f:8a:49:76:a9:08:91:9b:ee:8e:e1:2d:
2f:d1:ee:b0:c0:11:c7:e5:c9:11:fe:07:ec:db:36:
13:4c:1b:84:3e:34:e9:91:e1:db:ba:47:5b:d5:9e:
dd:a2:1f:98:5b:f1:9e:5b:3c:e3:7e:5e:e9:b7:ea:
54:30:80:09:c6:53:6b:e5:c6:cb:0e:c8:52:e9:a9:
ed:b3:b7:00:da:e3:54:d6:25:a2:f4:54:e2:4b:6e:
e1:2b:43:2a:bf:71:f2:5c:35:bf:05:b5:da:1f:4e:
5b:ab:58:e7:00:da:64:0c:dc:e8:c1:67:c8:c6:e0:
07:31:55:9e:39:95:53:d8:19:32:2c:0a:ce:25:4c:
2a:2b:9a:bf:24:3a:90:ce:b6:81:99:c4:8b:6b:7a:
60:dc:fb:f1:05:02:23:43:84:a9:96:ad:a5:48:35:
37:69:16:82:26:8a:0b:50:03:7c:07:53:05:f9:4a:
86:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:79:4A:8B:DA:8B:AC:8E:89:69:8A:1A:22:E8:06:21:B9:C1:C1:C0
X509v3 Authority Key Identifier:
keyid:37:0E:54:50:D1:48:67:80:AB:A5:4F:04:5E:C4:80:2F:19:F0:B4:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nw5UUNFIZ4CrpU8EXsSALxnwtPc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/f0f70c-06e7-41ac-a2b8-858dce57fcdb/1/cnlKi9qLrI6JaYoaIugGIbnBwcA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/f0f70c-06e7-41ac-a2b8-858dce57fcdb/1/Nw5UUNFIZ4CrpU8EXsSALxnwtPc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:46c4:2200::/40
Signature Algorithm: sha256WithRSAEncryption
16:1e:cb:c1:f0:ea:7c:19:38:bd:bb:35:8c:dd:92:6a:2c:58:
0b:71:4c:3e:cd:7c:04:b9:3b:c6:3d:69:27:ed:29:a4:4d:2b:
65:e5:e1:01:df:44:18:d0:4b:c9:12:4f:1c:bd:65:3e:34:4a:
de:bd:ae:2e:63:1e:23:0b:54:7c:ce:ae:d7:c5:a5:63:ce:3b:
b6:44:60:8e:ce:41:13:5a:fc:7d:8d:86:75:26:99:50:23:d5:
5a:0d:9b:85:35:0b:fe:c4:38:0f:ad:45:6d:4b:af:e1:e5:03:
40:2b:f4:f9:7c:52:ee:95:14:f1:e6:5f:1d:4f:8b:2b:7a:04:
d9:fb:2d:7d:f7:24:78:88:50:e9:9c:ab:16:25:9d:52:85:9d:
32:8d:9c:62:08:e2:a4:98:2c:62:22:74:b2:bf:32:ec:dc:15:
47:1f:79:dc:b2:a8:9c:04:16:ed:e6:cc:7b:e8:31:bb:d9:fb:
6a:27:d8:df:5e:ee:cf:2e:b8:88:c3:da:53:7c:f1:40:e3:42:
6b:3a:b7:45:d7:5d:23:b8:82:e1:5b:a4:34:ac:d7:bf:65:59:
bc:f9:c4:8b:a6:24:8f:78:dc:5d:91:6a:7b:99:04:72:8b:8e:
0f:0f:ef:29:56:50:a2:5a:80:01:1a:21:79:79:76:7c:09:b0:
c1:8c:69:c4
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQoJx4OY8lSAysK4eFf1kpcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3MGU1NDUwZDE0ODY3ODBhYmE1NGYwNDVlYzQ4MDJmMTlm
MGI0ZjcwHhcNMjUwMTAyMTc1MzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Mjc5NGE4YmRhOGJhYzhlODk2OThhMWEyMmU4MDYyMWI5YzFjMWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApx2gnF3sjVtWgpszMs0zC2hd3q/U
AcsPfU22W7rpWcFpGH7Wm3tfYuwKhqCpPzp8BlTftdSgNZzPJd2rfmyNR0cuz8p8
ZEf/jw0xD1Rfikl2qQiRm+6O4S0v0e6wwBHH5ckR/gfs2zYTTBuEPjTpkeHbukdb
1Z7doh+YW/GeWzzjfl7pt+pUMIAJxlNr5cbLDshS6ants7cA2uNU1iWi9FTiS27h
K0Mqv3HyXDW/BbXaH05bq1jnANpkDNzowWfIxuAHMVWeOZVT2BkyLArOJUwqK5q/
JDqQzraBmcSLa3pg3PvxBQIjQ4Splq2lSDU3aRaCJooLUAN8B1MF+UqGhQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFHJ5Sovai6yOiWmKGiLoBiG5wcHAMB8GA1UdIwQY
MBaAFDcOVFDRSGeAq6VPBF7EgC8Z8LT3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnc1VVVORklaNENycFU4RVhzU0FMeG53dFBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9mMGY3MGMtMDZlNy00MWFjLWEyYjgt
ODU4ZGNlNTdmY2RiLzEvY25sS2k5cUxySTZKYVlvYUl1Z0dJYm5Cd2NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9mMGY3MGMtMDZlNy00MWFjLWEyYjgtODU4ZGNlNTdmY2Ri
LzEvTnc1VVVORklaNENycFU4RVhzU0FMeG53dFBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKg5GxCIw
DQYJKoZIhvcNAQELBQADggEBABYey8Hw6nwZOL27NYzdkmosWAtxTD7NfAS5O8Y9
aSftKaRNK2Xl4QHfRBjQS8kSTxy9ZT40St69ri5jHiMLVHzOrtfFpWPOO7ZEYI7O
QRNa/H2NhnUmmVAj1VoNm4U1C/7EOA+tRW1Lr+HlA0Ar9Pl8Uu6VFPHmXx1Piyt6
BNn7LX33JHiIUOmcqxYlnVKFnTKNnGII4qSYLGIidLK/MuzcFUcfedyyqJwEFu3m
zHvoMbvZ+2on2N9e7s8uuIjD2lN88UDjQms6t0XXXSO4guFbpDSs179lWbz5xIum
JI943F2RanuZBHKLjg8P7ylWUKJagAEaIXl5dnwJsMGMacQ=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:10:32 2025 by rpki-client