Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/2c0cbf-11f7-4b6d-b88e-79f7b6ea7c14/1/X6A7ZOxQkF-N5TBF6hNZ0D-sPxQ.roa
File: X6A7ZOxQkF-N5TBF6hNZ0D-sPxQ.roa (raw, json)
Hash identifier: sOJamuYIhYJWJLrvAE1wd1xA2gh7NgXmer7n43KBLdc=
Subject key identifier: 5F:A0:3B:64:EC:50:90:5F:8D:E5:30:45:EA:13:59:D0:3F:AC:3F:14
Certificate issuer: /CN=29fa7dd63f2e2d87b5f7850093c743bbfbe14e44
Certificate serial: 019600E0576FDE5967A0F4FD779B51E9922D
Authority key identifier: 29:FA:7D:D6:3F:2E:2D:87:B5:F7:85:00:93:C7:43:BB:FB:E1:4E:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Kfp91j8uLYe194UAk8dDu_vhTkQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/2c0cbf-11f7-4b6d-b88e-79f7b6ea7c14/1/X6A7ZOxQkF-N5TBF6hNZ0D-sPxQ.roa
Signing time: Fri 04 Apr 2025 12:57:04 +0000
ROA not before: Fri 04 Apr 2025 12:57:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216349
IP address blocks: 2a14:c885:8000::/33 maxlen: 33
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/2c0cbf-11f7-4b6d-b88e-79f7b6ea7c14/1/Kfp91j8uLYe194UAk8dDu_vhTkQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/2c0cbf-11f7-4b6d-b88e-79f7b6ea7c14/1/Kfp91j8uLYe194UAk8dDu_vhTkQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Kfp91j8uLYe194UAk8dDu_vhTkQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 08:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:00:e0:57:6f:de:59:67:a0:f4:fd:77:9b:51:e9:92:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29fa7dd63f2e2d87b5f7850093c743bbfbe14e44
Validity
Not Before: Apr 4 12:57:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5fa03b64ec50905f8de53045ea1359d03fac3f14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:4c:b8:8a:9a:ad:d4:57:a0:cc:83:aa:65:9e:
3e:03:90:ec:4f:02:e4:d9:0a:bc:9b:a6:27:b9:b2:
36:70:d7:c5:b2:74:e4:46:b6:b9:7e:b7:13:6d:be:
a5:16:94:26:22:38:f0:ea:f6:fd:5f:99:c0:24:53:
fc:80:ea:38:0b:1b:2d:16:7b:be:30:d7:0a:bc:c3:
de:e2:e7:fe:84:5d:cb:9f:b1:0d:3a:78:7a:5e:36:
88:1f:d1:96:42:15:9b:5b:9e:a4:80:0c:4b:b7:94:
d2:d1:14:3e:2c:9d:1b:f0:d6:a4:7f:9b:eb:6e:93:
63:49:24:f0:fc:42:fe:86:54:60:f4:f2:7b:ba:30:
d1:2a:e0:23:fc:8d:a5:7c:cc:bc:5f:7a:e3:b5:ee:
a6:5f:50:47:4e:7b:e0:4f:b4:23:1a:35:89:30:2a:
d0:e2:fd:b5:45:ca:39:f8:fd:56:5b:b6:e0:e5:95:
c3:e6:d4:36:dc:23:c7:82:d3:c5:e9:49:4a:a1:e6:
8f:d4:9e:2a:9d:8d:03:11:00:ef:7f:43:f3:5c:ab:
9e:7a:55:5a:44:3f:b6:6d:0e:30:31:d2:4e:08:aa:
00:57:fd:29:18:6e:81:07:c3:c0:6e:ae:c0:59:98:
b6:03:71:f1:d0:93:4a:ab:7f:32:9c:f1:e7:e0:5b:
e7:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:A0:3B:64:EC:50:90:5F:8D:E5:30:45:EA:13:59:D0:3F:AC:3F:14
X509v3 Authority Key Identifier:
keyid:29:FA:7D:D6:3F:2E:2D:87:B5:F7:85:00:93:C7:43:BB:FB:E1:4E:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kfp91j8uLYe194UAk8dDu_vhTkQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/2c0cbf-11f7-4b6d-b88e-79f7b6ea7c14/1/X6A7ZOxQkF-N5TBF6hNZ0D-sPxQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/2c0cbf-11f7-4b6d-b88e-79f7b6ea7c14/1/Kfp91j8uLYe194UAk8dDu_vhTkQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:c885:8000::/33
Signature Algorithm: sha256WithRSAEncryption
1f:5f:9f:23:af:d7:53:44:36:ca:97:24:c0:7b:a4:f8:36:dc:
70:54:a2:ba:56:97:5f:d1:1a:56:15:5b:ad:e3:82:a6:ea:73:
84:8f:31:3d:1b:4e:41:dd:13:9a:78:7a:6c:a0:e3:b1:72:ea:
89:80:78:39:f9:cb:00:af:0a:1e:c9:e3:1a:39:f0:cc:f9:55:
95:b2:8c:9e:66:46:c0:30:20:ee:ad:8c:d1:e8:95:c9:25:cc:
38:1b:a7:52:81:26:cd:95:7b:62:18:41:b8:63:b6:90:20:14:
7f:95:99:bc:03:71:2c:fe:57:c9:a3:aa:88:9a:33:c8:2c:a5:
cd:8f:ed:a5:e5:42:61:c2:c7:8a:48:43:d9:81:ce:a6:6b:59:
4c:f5:dd:ce:9f:a8:a4:8b:f0:d4:a5:7a:64:c4:36:e8:e3:4f:
41:4a:21:2d:fa:6b:f4:35:8c:63:a3:e0:cc:67:d0:5d:c5:26:
bc:1e:1e:ba:3f:f2:a2:85:51:3f:ef:30:d7:fc:90:fd:e7:3e:
d0:cb:1e:c1:fb:23:11:0d:c5:94:44:2d:1a:bd:0a:d7:b0:7c:
fe:67:a3:a9:06:af:d9:a4:af:e4:0e:6c:07:79:9c:05:db:77:
0e:94:12:7f:03:ba:89:e0:de:b6:fe:31:8a:16:b9:82:69:23:
84:59:af:f0
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZYA4Fdv3llnoPT9d5tR6ZItMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZmE3ZGQ2M2YyZTJkODdiNWY3ODUwMDkzYzc0M2JiZmJl
MTRlNDQwHhcNMjUwNDA0MTI1NzA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmEwM2I2NGVjNTA5MDVmOGRlNTMwNDVlYTEzNTlkMDNmYWMzZjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm0y4ipqt1FegzIOqZZ4+A5DsTwLk
2Qq8m6YnubI2cNfFsnTkRra5frcTbb6lFpQmIjjw6vb9X5nAJFP8gOo4CxstFnu+
MNcKvMPe4uf+hF3Ln7ENOnh6XjaIH9GWQhWbW56kgAxLt5TS0RQ+LJ0b8Nakf5vr
bpNjSSTw/EL+hlRg9PJ7ujDRKuAj/I2lfMy8X3rjte6mX1BHTnvgT7QjGjWJMCrQ
4v21Rco5+P1WW7bg5ZXD5tQ23CPHgtPF6UlKoeaP1J4qnY0DEQDvf0PzXKueelVa
RD+2bQ4wMdJOCKoAV/0pGG6BB8PAbq7AWZi2A3Hx0JNKq38ynPHn4Fvn8wIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFF+gO2TsUJBfjeUwReoTWdA/rD8UMB8GA1UdIwQY
MBaAFCn6fdY/Li2HtfeFAJPHQ7v74U5EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2ZwOTFqOHVMWWUxOTRVQWs4ZER1X3ZoVGtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8yYzBjYmYtMTFmNy00YjZkLWI4OGUt
NzlmN2I2ZWE3YzE0LzEvWDZBN1pPeFFrRi1ONVRCRjZoTlowRC1zUHhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8yYzBjYmYtMTFmNy00YjZkLWI4OGUtNzlmN2I2ZWE3YzE0
LzEvS2ZwOTFqOHVMWWUxOTRVQWs4ZER1X3ZoVGtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYHKhTIhYAw
DQYJKoZIhvcNAQELBQADggEBAB9fnyOv11NENsqXJMB7pPg23HBUorpWl1/RGlYV
W63jgqbqc4SPMT0bTkHdE5p4emyg47Fy6omAeDn5ywCvCh7J4xo58Mz5VZWyjJ5m
RsAwIO6tjNHolcklzDgbp1KBJs2Ve2IYQbhjtpAgFH+VmbwDcSz+V8mjqoiaM8gs
pc2P7aXlQmHCx4pIQ9mBzqZrWUz13c6fqKSL8NSlemTENujjT0FKIS36a/Q1jGOj
4Mxn0F3FJrweHro/8qKFUT/vMNf8kP3nPtDLHsH7IxENxZRELRq9CtewfP5no6kG
r9mkr+QObAd5nAXbdw6UEn8Duong3rb+MYoWuYJpI4RZr/A=
-----END CERTIFICATE-----
Generated at Tue Apr 15 12:48:16 2025 by rpki-client