Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/YeWW1PCTf3K6IXfWsiPqRL1xngw.roa
File: YeWW1PCTf3K6IXfWsiPqRL1xngw.roa (raw, json)
Hash identifier: eB/pknTzW+YV8hh7dZBIuVdC4d8+EHVKJgeJu2HkTYg=
Subject key identifier: 61:E5:96:D4:F0:93:7F:72:BA:21:77:D6:B2:23:EA:44:BD:71:9E:0C
Certificate issuer: /CN=2968b4e0ef8106f0e12ab8e501d2aa4e36b783c2
Certificate serial: 0194221F7E0810410BE41C528A0BB530579F
Authority key identifier: 29:68:B4:E0:EF:81:06:F0:E1:2A:B8:E5:01:D2:AA:4E:36:B7:83:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/YeWW1PCTf3K6IXfWsiPqRL1xngw.roa
Signing time: Wed 01 Jan 2025 13:47:56 +0000
ROA not before: Wed 01 Jan 2025 13:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208850
IP address blocks: 2a01:e901:10a::/48 maxlen: 48
2a01:e901:11a::/48 maxlen: 48
2a01:e901:12a::/48 maxlen: 48
2a01:e901:13a::/48 maxlen: 48
2a01:e901:14a::/48 maxlen: 48
2a01:e901:15a::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.mft
rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 01:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:7e:08:10:41:0b:e4:1c:52:8a:0b:b5:30:57:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2968b4e0ef8106f0e12ab8e501d2aa4e36b783c2
Validity
Not Before: Jan 1 13:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=61e596d4f0937f72ba2177d6b223ea44bd719e0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:c8:5c:76:d6:54:78:d4:7f:f4:d1:cd:7a:10:
e1:b9:1b:dc:a0:2a:4d:4a:73:80:3c:d8:1e:5d:64:
d5:d8:79:22:63:c0:61:64:1c:f6:ae:89:df:4d:f1:
c3:8c:a3:7f:73:f1:2d:0f:e7:41:62:5c:f9:b2:39:
c6:a1:d9:8b:30:bc:9e:93:47:3e:c7:eb:f4:b5:a0:
86:ab:01:1f:4e:b7:6d:e7:f6:52:b1:73:14:1b:57:
02:5c:87:d6:8d:54:c8:d9:9f:65:fa:5b:2c:b2:e0:
a9:58:f1:8b:5e:a4:bb:36:32:4c:57:15:87:71:bf:
9e:2f:de:c3:41:b5:9c:f3:a1:5c:7e:30:9d:75:e4:
15:4f:f8:8f:24:37:cf:66:bf:13:b2:10:92:69:27:
de:85:ba:8b:10:15:8f:8c:00:bf:92:96:cb:96:0f:
95:a3:21:f7:bd:41:88:bb:67:49:a1:d4:4d:c4:2e:
e8:d3:59:ef:a4:a3:7c:82:76:0e:a9:14:d5:d5:ed:
9f:3a:13:c9:41:d7:b4:6c:c6:70:90:1f:ad:a9:74:
5a:dc:47:a2:21:47:51:28:4f:47:d8:7e:ab:04:3a:
8d:a6:59:10:ef:6f:0a:c6:0d:4b:cd:00:2f:d9:bf:
a6:c9:92:3e:06:26:d2:56:8d:a0:f2:03:d2:28:78:
01:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:E5:96:D4:F0:93:7F:72:BA:21:77:D6:B2:23:EA:44:BD:71:9E:0C
X509v3 Authority Key Identifier:
keyid:29:68:B4:E0:EF:81:06:F0:E1:2A:B8:E5:01:D2:AA:4E:36:B7:83:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/YeWW1PCTf3K6IXfWsiPqRL1xngw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:e901:10a::/48
2a01:e901:11a::/48
2a01:e901:12a::/48
2a01:e901:13a::/48
2a01:e901:14a::/48
2a01:e901:15a::/48
Signature Algorithm: sha256WithRSAEncryption
3b:f8:f6:7b:4d:ad:35:95:cd:9f:27:18:ef:5b:4a:66:67:04:
a6:18:85:8b:3d:a1:b5:a6:30:0a:f5:0a:2c:a9:63:22:83:27:
04:68:d0:c5:17:3e:06:4a:be:00:00:19:00:c2:82:5e:38:b4:
6b:af:e6:ea:c9:53:f8:07:ce:85:2f:b0:ae:dd:ac:db:46:e6:
81:ca:3d:e9:5f:29:e2:15:f1:24:57:57:30:18:7d:28:7f:4e:
40:82:c6:33:3d:c4:8c:af:50:20:b0:00:61:d1:e1:8c:a1:70:
da:27:85:04:69:e7:9d:d5:3f:e2:32:e0:4d:57:09:d6:97:38:
fa:2c:3c:c5:63:c5:52:9e:dd:2f:e5:ca:c4:1d:10:d8:c0:45:
67:ed:bd:9c:ee:5c:b7:b0:c5:b2:12:08:a2:f6:89:2c:c5:d9:
bd:57:6d:a6:47:1f:15:85:c2:20:90:c3:af:d5:3f:69:cf:d7:
44:b5:c6:ec:11:9c:1a:ca:81:6e:76:60:74:be:14:f2:1c:e7:
34:f9:11:05:7e:08:25:9f:4b:fb:3d:00:47:e7:c8:25:d3:9a:
da:54:fa:5b:a1:06:f8:c2:3a:2e:f4:f3:9e:f7:36:b0:47:85:
71:71:15:fc:c9:3c:5a:0a:23:a6:2c:aa:87:3c:ec:af:36:d6:
3f:6e:b1:3e
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZQiH34IEEEL5BxSigu1MFefMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjhiNGUwZWY4MTA2ZjBlMTJhYjhlNTAxZDJhYTRlMzZi
NzgzYzIwHhcNMjUwMTAxMTM0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWU1OTZkNGYwOTM3ZjcyYmEyMTc3ZDZiMjIzZWE0NGJkNzE5ZTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzchcdtZUeNR/9NHNehDhuRvcoCpN
SnOAPNgeXWTV2HkiY8BhZBz2ronfTfHDjKN/c/EtD+dBYlz5sjnGodmLMLyek0c+
x+v0taCGqwEfTrdt5/ZSsXMUG1cCXIfWjVTI2Z9l+lsssuCpWPGLXqS7NjJMVxWH
cb+eL97DQbWc86FcfjCddeQVT/iPJDfPZr8TshCSaSfehbqLEBWPjAC/kpbLlg+V
oyH3vUGIu2dJodRNxC7o01nvpKN8gnYOqRTV1e2fOhPJQde0bMZwkB+tqXRa3Eei
IUdRKE9H2H6rBDqNplkQ728Kxg1LzQAv2b+myZI+BibSVo2g8gPSKHgB7QIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFGHlltTwk39yuiF31rIj6kS9cZ4MMB8GA1UdIwQY
MBaAFClotODvgQbw4Sq45QHSqk42t4PCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dpMDRPLUJCdkRoS3JqbEFkS3FUamEzZzhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy80ODE2MzctNmMxYy00NWU4LThmYmQt
NDRmOGVkNWQ2MWQ3LzEvWWVXVzFQQ1RmM0s2SVhmV3NpUHFSTDF4bmd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy80ODE2MzctNmMxYy00NWU4LThmYmQtNDRmOGVkNWQ2MWQ3
LzEvS1dpMDRPLUJCdkRoS3JqbEFkS3FUamEzZzhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAAjA2AwcAKgHpAQEK
AwcAKgHpAQEaAwcAKgHpAQEqAwcAKgHpAQE6AwcAKgHpAQFKAwcAKgHpAQFaMA0G
CSqGSIb3DQEBCwUAA4IBAQA7+PZ7Ta01lc2fJxjvW0pmZwSmGIWLPaG1pjAK9Qos
qWMigycEaNDFFz4GSr4AABkAwoJeOLRrr+bqyVP4B86FL7Cu3azbRuaByj3pXyni
FfEkV1cwGH0of05AgsYzPcSMr1AgsABh0eGMoXDaJ4UEaeed1T/iMuBNVwnWlzj6
LDzFY8VSnt0v5crEHRDYwEVn7b2c7ly3sMWyEgii9oksxdm9V22mRx8VhcIgkMOv
1T9pz9dEtcbsEZwayoFudmB0vhTyHOc0+REFfggln0v7PQBH58gl05raVPpboQb4
wjou9POe9zawR4VxcRX8yTxaCiOmLKqHPOyvNtY/brE+
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:34:43 2025 by rpki-client