Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/6dbc2f-0f0b-4a2f-b149-b75983122455/1/0npgtCw2cniYZRSczr6L1wq2NDE.roa
File: 0npgtCw2cniYZRSczr6L1wq2NDE.roa (raw, json)
Hash identifier: 7qLMTW4Hb0+zjkcR3VjQ/z+HhWTfAgpVarVUL4CErX4=
Subject key identifier: D2:7A:60:B4:2C:36:72:78:98:65:14:9C:CE:BE:8B:D7:0A:B6:34:31
Certificate issuer: /CN=faf7066da09a56224260e46ea26dc9cb1dba8e37
Certificate serial: 019423D711E93C6548EA8D995292A94EFB93
Authority key identifier: FA:F7:06:6D:A0:9A:56:22:42:60:E4:6E:A2:6D:C9:CB:1D:BA:8E:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-vcGbaCaViJCYORuom3Jyx26jjc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/6dbc2f-0f0b-4a2f-b149-b75983122455/1/0npgtCw2cniYZRSczr6L1wq2NDE.roa
Signing time: Wed 01 Jan 2025 21:48:04 +0000
ROA not before: Wed 01 Jan 2025 21:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57081
IP address blocks: 185.132.112.0/22 maxlen: 22
2a06:e180::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/6dbc2f-0f0b-4a2f-b149-b75983122455/1/1-vcGbaCaViJCYORuom3Jyx26jjc.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/6dbc2f-0f0b-4a2f-b149-b75983122455/1/1-vcGbaCaViJCYORuom3Jyx26jjc.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-vcGbaCaViJCYORuom3Jyx26jjc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:11:e9:3c:65:48:ea:8d:99:52:92:a9:4e:fb:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=faf7066da09a56224260e46ea26dc9cb1dba8e37
Validity
Not Before: Jan 1 21:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d27a60b42c3672789865149ccebe8bd70ab63431
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:93:b6:72:18:25:9e:e2:9a:51:10:a8:88:db:
0b:8a:0f:ac:9e:1d:20:dd:1a:5b:08:99:48:70:12:
63:27:13:d8:37:81:36:3b:e4:d1:f4:d4:df:68:49:
17:4b:a7:30:e7:f5:2f:61:06:2a:c3:86:fe:19:c9:
1f:58:ff:84:7b:ce:13:e0:de:08:55:64:ce:fa:6f:
0b:61:9e:8e:73:5c:47:13:ff:4a:5d:51:ae:56:c0:
4c:47:7c:9b:a5:ef:2c:89:4b:43:9a:53:0c:35:8c:
45:92:60:7f:60:0a:57:68:7c:05:a8:ba:13:7d:7c:
dc:1e:06:96:17:00:2e:02:83:23:2e:b0:f5:d9:2a:
67:b0:70:1e:e4:a9:61:2b:fe:bc:b2:bd:a0:6c:6d:
42:0b:0a:27:9e:56:eb:b4:65:77:3a:7c:4f:20:2a:
7d:dc:bb:ff:00:f1:f8:79:6a:d9:ea:2b:c5:f0:15:
8b:3a:89:ad:ba:98:6e:88:52:4c:79:73:7a:bb:e9:
13:d2:4a:d1:bb:37:c8:f9:bf:34:30:c0:dc:c3:3f:
04:e9:e1:d2:92:37:e5:e1:8a:4f:7d:70:12:cc:f4:
26:f3:d8:a3:88:ef:3a:42:b2:bf:2c:b8:d1:a0:2e:
f5:14:f8:2c:eb:a1:08:88:1f:96:16:1d:a8:94:8c:
6e:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:7A:60:B4:2C:36:72:78:98:65:14:9C:CE:BE:8B:D7:0A:B6:34:31
X509v3 Authority Key Identifier:
keyid:FA:F7:06:6D:A0:9A:56:22:42:60:E4:6E:A2:6D:C9:CB:1D:BA:8E:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-vcGbaCaViJCYORuom3Jyx26jjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/6dbc2f-0f0b-4a2f-b149-b75983122455/1/0npgtCw2cniYZRSczr6L1wq2NDE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/6dbc2f-0f0b-4a2f-b149-b75983122455/1/1-vcGbaCaViJCYORuom3Jyx26jjc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.132.112.0/22
IPv6:
2a06:e180::/29
Signature Algorithm: sha256WithRSAEncryption
19:e3:63:57:56:af:7e:1b:57:e4:3c:34:a5:1c:3e:4c:46:89:
af:e0:52:70:fb:ff:66:03:8c:c8:8c:1b:80:97:61:51:d5:01:
52:84:40:67:3e:eb:d9:7c:99:e5:8a:c8:00:60:57:be:47:e6:
d8:04:f5:f6:77:8c:92:2b:45:1c:18:e7:86:14:16:0a:2a:a7:
68:e0:9f:a2:df:17:36:b6:20:c6:b6:c2:11:01:e1:e2:f7:9e:
d0:f6:78:70:6f:ec:e0:9c:eb:d9:53:9e:0e:33:9d:0e:9f:3d:
39:97:3e:29:2a:5d:d8:9e:35:ea:5a:8e:ee:04:8f:51:93:62:
0d:39:f3:46:e4:b0:a5:34:b0:54:f5:3a:79:77:62:1e:c4:12:
8c:cd:c7:78:13:ba:3c:9c:7d:6b:f6:ee:db:95:6e:20:9d:f1:
0d:f3:ae:49:62:d1:37:e2:8f:70:10:6a:a2:7b:b3:ce:6a:7b:
19:09:b5:60:cd:81:60:9d:07:be:3a:6a:cf:00:f5:42:f5:90:
d6:eb:60:b9:22:30:a6:66:fb:d4:54:0e:0f:74:b1:da:62:1b:
e6:ef:34:56:87:23:8a:39:d1:85:23:71:f3:d8:7a:63:1a:c1:
b4:a0:23:97:8c:bd:a0:79:cb:2c:a6:30:2c:25:2c:08:31:db:
ff:4b:3b:80
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQj1xHpPGVI6o2ZUpKpTvuTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhZjcwNjZkYTA5YTU2MjI0MjYwZTQ2ZWEyNmRjOWNiMWRi
YThlMzcwHhcNMjUwMTAxMjE0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjdhNjBiNDJjMzY3Mjc4OTg2NTE0OWNjZWJlOGJkNzBhYjYzNDMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZO2chglnuKaURCoiNsLig+snh0g
3RpbCJlIcBJjJxPYN4E2O+TR9NTfaEkXS6cw5/UvYQYqw4b+GckfWP+Ee84T4N4I
VWTO+m8LYZ6Oc1xHE/9KXVGuVsBMR3ybpe8siUtDmlMMNYxFkmB/YApXaHwFqLoT
fXzcHgaWFwAuAoMjLrD12SpnsHAe5KlhK/68sr2gbG1CCwonnlbrtGV3OnxPICp9
3Lv/APH4eWrZ6ivF8BWLOomtuphuiFJMeXN6u+kT0krRuzfI+b80MMDcwz8E6eHS
kjfl4YpPfXASzPQm89ijiO86QrK/LLjRoC71FPgs66EIiB+WFh2olIxuowIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNJ6YLQsNnJ4mGUUnM6+i9cKtjQxMB8GA1UdIwQY
MBaAFPr3Bm2gmlYiQmDkbqJtycsduo43MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS12Y0diYUNhVmlKQ1lPUnVvbTNKeXgyNmpqYy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTMvNmRiYzJmLTBmMGItNGEyZi1iMTQ5
LWI3NTk4MzEyMjQ1NS8xLzBucGd0Q3cyY25pWVpSU2N6cjZMMXdxMk5ERS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTMvNmRiYzJmLTBmMGItNGEyZi1iMTQ5LWI3NTk4MzEyMjQ1
NS8xLzEtdmNHYmFDYVZpSkNZT1J1b20zSnl4MjZqamMuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAK5hHAw
DQQCAAIwBwMFAyoG4YAwDQYJKoZIhvcNAQELBQADggEBABnjY1dWr34bV+Q8NKUc
PkxGia/gUnD7/2YDjMiMG4CXYVHVAVKEQGc+69l8meWKyABgV75H5tgE9fZ3jJIr
RRwY54YUFgoqp2jgn6LfFza2IMa2whEB4eL3ntD2eHBv7OCc69lTng4znQ6fPTmX
PikqXdieNepaju4Ej1GTYg0580bksKU0sFT1Onl3Yh7EEozNx3gTujycfWv27tuV
biCd8Q3zrkli0Tfij3AQaqJ7s85qexkJtWDNgWCdB746as8A9UL1kNbrYLkiMKZm
+9RUDg90sdpiG+bvNFaHI4o50YUjcfPYemMawbSgI5eMvaB5yyymMCwlLAgx2/9L
O4A=
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:39:10 2025 by rpki-client