Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/RWq3qfHPjOZ2jHDy6vXPMPpjVhw.roa
File: RWq3qfHPjOZ2jHDy6vXPMPpjVhw.roa (raw, json)
Hash identifier: STGfb4NKoffBcN86pHhj3xDY/s0B4apYNcixRHQ3knI=
Subject key identifier: 45:6A:B7:A9:F1:CF:8C:E6:76:8C:70:F2:EA:F5:CF:30:FA:63:56:1C
Certificate issuer: /CN=8b37183341a2ab6df3c59ec827ed71200b5a6244
Certificate serial: 01942067BBC4C7CEE0B0DDBA1DDC21AB7C0E
Authority key identifier: 8B:37:18:33:41:A2:AB:6D:F3:C5:9E:C8:27:ED:71:20:0B:5A:62:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/RWq3qfHPjOZ2jHDy6vXPMPpjVhw.roa
Signing time: Wed 01 Jan 2025 05:47:36 +0000
ROA not before: Wed 01 Jan 2025 05:47:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 4785
IP address blocks: 2a06:5040:5::/48 maxlen: 48
2a06:5040:10::/48 maxlen: 48
2a06:5040:11::/48 maxlen: 48
2a06:5040:12::/48 maxlen: 48
2a06:5040:13::/48 maxlen: 48
2a06:5040:14::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:bb:c4:c7:ce:e0:b0:dd:ba:1d:dc:21:ab:7c:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b37183341a2ab6df3c59ec827ed71200b5a6244
Validity
Not Before: Jan 1 05:47:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=456ab7a9f1cf8ce6768c70f2eaf5cf30fa63561c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:37:36:0c:12:af:cc:80:6f:0f:c8:5a:f2:8a:
ab:3a:8a:39:25:05:56:62:af:f4:76:9d:26:2f:85:
aa:8a:17:b1:81:fb:cd:07:8a:ca:47:f8:4e:01:7e:
1a:58:0a:15:9f:41:1e:fc:69:25:2d:66:58:8a:0f:
a8:6f:9d:95:1b:4c:f9:ff:40:e3:09:fc:44:f0:d0:
a7:7b:5a:2a:3d:da:f8:b2:2e:7d:ab:8d:34:6f:5a:
b1:7e:48:07:88:b3:16:79:0e:97:ed:dc:8b:e0:3d:
19:aa:16:24:65:1a:a8:ff:cd:5b:2c:a3:b0:34:d8:
6c:95:a1:f8:16:e8:a7:c3:90:af:55:86:d5:25:fa:
d4:72:e0:8d:c2:e8:1b:8a:a1:7c:fd:ff:81:a6:fa:
91:c8:4d:af:7a:a1:d2:5c:eb:46:c6:3a:0f:e4:57:
eb:09:53:ba:16:b1:e2:e4:02:23:05:d3:e4:bb:62:
51:e0:e1:11:6c:a4:a1:d1:a3:28:0e:d7:94:a1:2d:
9a:a3:3d:ba:86:1a:33:b8:ff:88:bb:99:d9:b5:2a:
46:a3:5d:4e:24:bd:6d:80:69:da:50:8c:b0:9b:57:
55:71:a3:a2:02:b0:24:08:03:6f:94:9d:47:07:73:
25:11:1a:79:0f:28:56:53:6b:e6:be:ed:63:9f:13:
d0:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:6A:B7:A9:F1:CF:8C:E6:76:8C:70:F2:EA:F5:CF:30:FA:63:56:1C
X509v3 Authority Key Identifier:
keyid:8B:37:18:33:41:A2:AB:6D:F3:C5:9E:C8:27:ED:71:20:0B:5A:62:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/RWq3qfHPjOZ2jHDy6vXPMPpjVhw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:5040:5::/48
2a06:5040:10::-2a06:5040:14:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
4d:49:0f:0e:66:cc:8e:3a:61:c8:7b:e2:9b:da:5d:35:70:9d:
ee:d8:c8:90:40:b8:78:cb:85:de:bc:12:c9:ce:9e:04:1d:c8:
08:63:d2:7c:b9:b1:d0:64:ff:95:43:29:28:b0:c1:ea:ac:f4:
55:e1:68:e2:1a:69:b0:13:2f:fb:58:2a:57:a0:d4:82:26:66:
7c:a4:4e:20:54:10:00:25:13:04:e8:7b:10:1e:92:25:02:de:
ca:b3:c0:d1:b3:d4:2e:39:8a:e5:be:55:54:a8:29:6a:bc:63:
4c:27:b1:f9:01:18:92:3b:d4:35:2e:08:4d:f6:a5:59:33:65:
35:6c:da:ac:7a:6b:3c:bd:0f:4c:85:4d:1c:41:b9:e7:58:cc:
04:ad:43:3e:40:01:f0:f0:3d:29:ae:c3:4f:31:fc:f4:8b:91:
e6:f8:e1:6f:e4:cb:48:6c:26:b9:46:b8:13:f6:43:af:93:fa:
c7:22:5f:6f:e6:c0:6c:48:d6:af:77:b9:f3:20:00:cb:29:7d:
45:ed:93:c8:c1:88:e7:ef:ea:e8:5b:02:d6:a0:ae:fc:49:e8:
fc:30:aa:ec:b1:11:4b:38:ef:22:42:33:78:af:2b:57:8e:61:
30:46:e1:1c:38:5a:47:65:da:69:c3:5e:5f:7f:55:c6:a8:81:
b1:cb:04:29
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQgZ7vEx87gsN26Hdwhq3wOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiMzcxODMzNDFhMmFiNmRmM2M1OWVjODI3ZWQ3MTIwMGI1
YTYyNDQwHhcNMjUwMTAxMDU0NzM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTZhYjdhOWYxY2Y4Y2U2NzY4YzcwZjJlYWY1Y2YzMGZhNjM1NjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxjc2DBKvzIBvD8ha8oqrOoo5JQVW
Yq/0dp0mL4WqihexgfvNB4rKR/hOAX4aWAoVn0Ee/GklLWZYig+ob52VG0z5/0Dj
CfxE8NCne1oqPdr4si59q400b1qxfkgHiLMWeQ6X7dyL4D0ZqhYkZRqo/81bLKOw
NNhslaH4Fuinw5CvVYbVJfrUcuCNwugbiqF8/f+BpvqRyE2veqHSXOtGxjoP5Ffr
CVO6FrHi5AIjBdPku2JR4OERbKSh0aMoDteUoS2aoz26hhozuP+Iu5nZtSpGo11O
JL1tgGnaUIywm1dVcaOiArAkCANvlJ1HB3MlERp5DyhWU2vmvu1jnxPQdQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFEVqt6nxz4zmdoxw8ur1zzD6Y1YcMB8GA1UdIwQY
MBaAFIs3GDNBoqtt88WeyCftcSALWmJEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXpjWU0wR2lxMjN6eFo3SUotMXhJQXRhWWtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8xYzc4ZTMtNjdkNi00ZTkwLWFlYjUt
MDg1MmNiMzUzMjkzLzEvUldxM3FmSFBqT1oyakhEeTZ2WFBNUHBqVmh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi8xYzc4ZTMtNjdkNi00ZTkwLWFlYjUtMDg1MmNiMzUzMjkz
LzEvaXpjWU0wR2lxMjN6eFo3SUotMXhJQXRhWWtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAAjAdAwcAKgZQQAAF
MBIDBwQqBlBAABADBwAqBlBAABQwDQYJKoZIhvcNAQELBQADggEBAE1JDw5mzI46
Ych74pvaXTVwne7YyJBAuHjLhd68EsnOngQdyAhj0ny5sdBk/5VDKSiwweqs9FXh
aOIaabATL/tYKleg1IImZnykTiBUEAAlEwToexAekiUC3sqzwNGz1C45iuW+VVSo
KWq8Y0wnsfkBGJI71DUuCE32pVkzZTVs2qx6azy9D0yFTRxBuedYzAStQz5AAfDw
PSmuw08x/PSLkeb44W/ky0hsJrlGuBP2Q6+T+sciX2/mwGxI1q93ufMgAMspfUXt
k8jBiOfv6uhbAtagrvxJ6PwwquyxEUs47yJCM3ivK1eOYTBG4Rw4Wkdl2mnDXl9/
VcaogbHLBCk=
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:05:17 2025 by rpki-client