Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/sxNoWpD05QIoi_m8uc_lksfhDKU.roa
File: sxNoWpD05QIoi_m8uc_lksfhDKU.roa (raw, json)
Hash identifier: wKcDV3z8mFiezwypjA2UNeuoXxV0RwLF2Q6N6uhTmzY=
Subject key identifier: B3:13:68:5A:90:F4:E5:02:28:8B:F9:BC:B9:CF:E5:92:C7:E1:0C:A5
Certificate issuer: /CN=2968b4e0ef8106f0e12ab8e501d2aa4e36b783c2
Certificate serial: 0194221F81ED4F8931F67EFD76249BDB8AEC
Authority key identifier: 29:68:B4:E0:EF:81:06:F0:E1:2A:B8:E5:01:D2:AA:4E:36:B7:83:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/sxNoWpD05QIoi_m8uc_lksfhDKU.roa
Signing time: Wed 01 Jan 2025 13:47:57 +0000
ROA not before: Wed 01 Jan 2025 13:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214341
IP address blocks: 2a01:e901:10::/48 maxlen: 48
2a01:e901:20::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.mft
rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 22:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:81:ed:4f:89:31:f6:7e:fd:76:24:9b:db:8a:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2968b4e0ef8106f0e12ab8e501d2aa4e36b783c2
Validity
Not Before: Jan 1 13:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b313685a90f4e502288bf9bcb9cfe592c7e10ca5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:d2:64:84:38:69:f4:d9:00:15:89:a5:4a:8a:
9d:a4:3d:62:b8:e3:87:07:4e:e0:58:ac:2e:65:f6:
54:21:01:5d:5a:3d:4e:f6:89:4e:3c:8b:93:e4:90:
2e:45:2c:0a:a0:34:b5:b6:d8:43:d2:03:70:a6:07:
e8:f6:4d:6c:b7:8c:79:5b:79:0c:94:bc:85:8c:37:
55:ba:f0:e2:8e:83:74:0c:0b:78:ce:a9:4d:32:3f:
8b:4f:86:e8:e9:c8:e1:9d:c7:d5:d2:ba:67:d9:df:
01:aa:75:6f:40:37:40:e7:aa:2d:be:ba:f7:18:53:
ef:19:b0:78:13:a4:a4:60:5e:c3:4a:19:89:80:3e:
15:c9:2d:c5:14:fd:01:5e:1a:6a:04:b9:62:da:7b:
52:cf:1b:f2:58:1c:28:bf:14:ec:f5:c7:a9:e6:39:
c4:19:eb:26:46:3a:15:81:49:4d:99:ba:5e:0f:9d:
17:1d:a1:70:90:d6:56:cf:58:0a:ec:93:a2:50:24:
c1:91:00:03:77:fc:f1:2f:56:16:50:0d:09:18:65:
3a:4d:5e:c1:6a:db:b4:10:0c:8f:7b:82:f6:f4:b8:
71:e8:fb:c7:e9:66:a8:75:0f:c5:19:98:0f:07:33:
b9:db:ab:04:39:3b:86:d2:8e:22:ec:59:44:9f:22:
bf:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:13:68:5A:90:F4:E5:02:28:8B:F9:BC:B9:CF:E5:92:C7:E1:0C:A5
X509v3 Authority Key Identifier:
keyid:29:68:B4:E0:EF:81:06:F0:E1:2A:B8:E5:01:D2:AA:4E:36:B7:83:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/sxNoWpD05QIoi_m8uc_lksfhDKU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:e901:10::/48
2a01:e901:20::/44
Signature Algorithm: sha256WithRSAEncryption
74:8d:88:db:ac:76:c0:b4:75:f3:41:02:64:80:53:b6:06:ac:
ed:f8:d3:48:ca:6f:40:25:18:01:41:7f:52:33:a5:af:3f:87:
4f:b3:ff:4a:0d:be:17:03:9f:bc:a7:04:8f:4a:13:34:22:94:
04:6a:a9:17:52:2b:62:af:95:61:d2:fe:a7:81:db:a7:b0:fb:
c3:bb:8e:97:71:65:74:c0:7e:2d:7d:6c:4d:81:6d:5d:98:1f:
db:f6:97:8f:4f:ed:f8:75:03:11:c5:3b:39:48:1e:a1:38:59:
91:19:76:8a:a7:af:cb:25:e7:65:94:e0:f5:ee:64:d6:e1:dc:
22:ff:9f:4c:77:ff:cd:b8:5f:27:9a:ab:5c:68:20:88:ab:dc:
76:e9:7c:3f:6a:db:8a:80:4d:5b:24:5e:70:22:78:31:78:fa:
18:a7:5b:b8:9e:b1:d8:c4:d8:d1:96:20:de:7e:43:d4:b4:fa:
17:71:f5:5f:3b:3e:4e:a2:ed:22:80:ce:64:ed:c5:d2:a8:cd:
b5:5f:31:f1:5e:27:c1:f4:e7:69:5d:96:61:c5:a9:8f:f8:c6:
48:95:83:8d:1a:8a:a7:46:70:ba:60:6f:65:6b:b1:0e:0b:5d:
56:0f:42:99:58:00:5a:e4:9f:22:0e:25:d0:e5:2e:4e:34:00:
8f:93:b3:29
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQiH4HtT4kx9n79diSb24rsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjhiNGUwZWY4MTA2ZjBlMTJhYjhlNTAxZDJhYTRlMzZi
NzgzYzIwHhcNMjUwMTAxMTM0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzEzNjg1YTkwZjRlNTAyMjg4YmY5YmNiOWNmZTU5MmM3ZTEwY2E1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAudJkhDhp9NkAFYmlSoqdpD1iuOOH
B07gWKwuZfZUIQFdWj1O9olOPIuT5JAuRSwKoDS1tthD0gNwpgfo9k1st4x5W3kM
lLyFjDdVuvDijoN0DAt4zqlNMj+LT4bo6cjhncfV0rpn2d8BqnVvQDdA56otvrr3
GFPvGbB4E6SkYF7DShmJgD4VyS3FFP0BXhpqBLli2ntSzxvyWBwovxTs9cep5jnE
GesmRjoVgUlNmbpeD50XHaFwkNZWz1gK7JOiUCTBkQADd/zxL1YWUA0JGGU6TV7B
atu0EAyPe4L29Lhx6PvH6WaodQ/FGZgPBzO526sEOTuG0o4i7FlEnyK/mQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLMTaFqQ9OUCKIv5vLnP5ZLH4QylMB8GA1UdIwQY
MBaAFClotODvgQbw4Sq45QHSqk42t4PCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dpMDRPLUJCdkRoS3JqbEFkS3FUamEzZzhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy80ODE2MzctNmMxYy00NWU4LThmYmQt
NDRmOGVkNWQ2MWQ3LzEvc3hOb1dwRDA1UUlvaV9tOHVjX2xrc2ZoREtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy80ODE2MzctNmMxYy00NWU4LThmYmQtNDRmOGVkNWQ2MWQ3
LzEvS1dpMDRPLUJCdkRoS3JqbEFkS3FUamEzZzhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgHpAQAQ
AwcEKgHpAQAgMA0GCSqGSIb3DQEBCwUAA4IBAQB0jYjbrHbAtHXzQQJkgFO2Bqzt
+NNIym9AJRgBQX9SM6WvP4dPs/9KDb4XA5+8pwSPShM0IpQEaqkXUitir5Vh0v6n
gdunsPvDu46XcWV0wH4tfWxNgW1dmB/b9pePT+34dQMRxTs5SB6hOFmRGXaKp6/L
JedllOD17mTW4dwi/59Md//NuF8nmqtcaCCIq9x26Xw/atuKgE1bJF5wIngxePoY
p1u4nrHYxNjRliDefkPUtPoXcfVfOz5Oou0igM5k7cXSqM21XzHxXifB9OdpXZZh
xamP+MZIlYONGoqnRnC6YG9la7EOC11WD0KZWABa5J8iDiXQ5S5ONACPk7Mp
-----END CERTIFICATE-----
Generated at Sun Apr 6 05:09:40 2025 by rpki-client