Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/00314c-9660-4558-908b-399c10b3aac5/1/YwPa7fIjOxU3w2nMuyLflIyituY.roa
File: YwPa7fIjOxU3w2nMuyLflIyituY.roa (raw, json)
Hash identifier: bzaGLCEsglB24IqcrTEilteAr5hqEsn8c1gGVkcmknA=
Subject key identifier: 63:03:DA:ED:F2:23:3B:15:37:C3:69:CC:BB:22:DF:94:8C:A2:B6:E6
Certificate issuer: /CN=c000da36c5842ce130fd068912ebfc0c69e76606
Certificate serial: 0194221FDDABA50460ACE7EDD318A5EC375C
Authority key identifier: C0:00:DA:36:C5:84:2C:E1:30:FD:06:89:12:EB:FC:0C:69:E7:66:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wADaNsWELOEw_QaJEuv8DGnnZgY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/00314c-9660-4558-908b-399c10b3aac5/1/YwPa7fIjOxU3w2nMuyLflIyituY.roa
Signing time: Wed 01 Jan 2025 13:48:21 +0000
ROA not before: Wed 01 Jan 2025 13:48:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29086
IP address blocks: 217.64.0.0/20 maxlen: 20
217.64.0.0/22 maxlen: 22
217.64.4.0/22 maxlen: 22
217.64.8.0/22 maxlen: 22
217.64.12.0/22 maxlen: 22
2a03:bc00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/00314c-9660-4558-908b-399c10b3aac5/1/wADaNsWELOEw_QaJEuv8DGnnZgY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/00314c-9660-4558-908b-399c10b3aac5/1/wADaNsWELOEw_QaJEuv8DGnnZgY.mft
rsync://rpki.ripe.net/repository/DEFAULT/wADaNsWELOEw_QaJEuv8DGnnZgY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:dd:ab:a5:04:60:ac:e7:ed:d3:18:a5:ec:37:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c000da36c5842ce130fd068912ebfc0c69e76606
Validity
Not Before: Jan 1 13:48:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6303daedf2233b1537c369ccbb22df948ca2b6e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:38:88:66:f7:fe:0c:3e:70:2d:2a:39:a2:4e:
6a:39:c6:96:03:77:bc:0c:98:9f:4e:ea:a3:05:63:
e9:92:20:f6:ea:16:41:20:56:54:c3:09:0b:b3:9d:
46:33:d7:9e:97:95:d2:88:f9:6c:fe:6e:c0:3a:a0:
05:33:3d:d3:ba:76:12:81:f4:00:fc:33:17:c8:6a:
7d:f2:3e:0f:19:96:f4:1e:1c:3e:dc:4e:82:ef:fa:
d2:4a:2a:c4:ec:04:1c:11:34:d6:42:74:7d:1f:01:
83:cf:7b:98:07:ae:94:68:98:91:22:0e:4c:92:7c:
ac:71:06:0d:c4:89:2a:00:2e:26:a4:fc:65:9c:b5:
40:54:0a:4f:d7:dc:31:99:09:9d:cb:a0:1e:50:bf:
36:48:74:7c:b1:54:b3:45:1f:3f:d0:fa:b8:3d:52:
98:bb:2a:cb:82:24:b4:e0:cb:df:8d:78:45:9f:c2:
20:1a:98:07:f9:7e:3c:59:6a:94:d8:02:95:d4:fa:
2b:f5:d0:96:41:da:c2:6c:08:00:d5:8f:2c:45:9c:
0c:91:1c:57:b6:04:5b:af:64:95:22:e3:b2:41:76:
ef:7f:61:a8:e1:57:c9:c4:fa:49:c7:81:a0:b8:21:
51:16:76:fb:bb:f9:98:44:06:75:24:a6:5b:74:29:
9c:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:03:DA:ED:F2:23:3B:15:37:C3:69:CC:BB:22:DF:94:8C:A2:B6:E6
X509v3 Authority Key Identifier:
keyid:C0:00:DA:36:C5:84:2C:E1:30:FD:06:89:12:EB:FC:0C:69:E7:66:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wADaNsWELOEw_QaJEuv8DGnnZgY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/00314c-9660-4558-908b-399c10b3aac5/1/YwPa7fIjOxU3w2nMuyLflIyituY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/00314c-9660-4558-908b-399c10b3aac5/1/wADaNsWELOEw_QaJEuv8DGnnZgY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.64.0.0/20
IPv6:
2a03:bc00::/32
Signature Algorithm: sha256WithRSAEncryption
6a:47:45:d7:c9:5f:24:35:c2:a5:b7:f3:4b:0c:53:29:97:93:
5d:39:5c:3a:ee:2a:78:93:cc:9a:14:c5:a7:13:46:c1:cd:b6:
ed:53:0b:b0:3a:91:2d:ef:44:a0:ff:cc:bc:a5:e9:19:7e:cd:
3c:6b:ad:63:d9:0c:fe:31:aa:b2:3e:ab:2f:46:6d:ac:0a:04:
d0:70:53:14:ed:32:39:1a:7f:1a:50:8b:0e:e4:55:12:54:4e:
80:d0:ee:fa:2d:56:20:97:1e:e8:b2:e7:eb:c5:1f:97:c9:c8:
38:07:d6:eb:36:4a:7c:88:ee:a7:d4:5c:16:57:f0:86:0e:6c:
e5:54:74:db:38:60:d1:ac:0b:2e:bd:bd:dd:e5:42:86:cf:08:
b1:07:e6:25:c3:40:5e:8c:1d:0d:c6:bd:fe:b0:9f:03:1f:dc:
2b:94:57:14:b9:32:b9:f1:cc:62:3c:80:85:bf:2e:9c:22:84:
ac:4b:49:e8:48:0a:70:4f:23:01:0d:7a:21:a4:12:a5:11:38:
f4:ac:ac:fe:13:08:60:22:5b:d2:4c:c2:4c:20:67:85:64:c8:
0a:63:0e:94:c0:c6:9c:50:ed:28:e1:ee:8a:ce:ca:88:df:49:
47:9a:72:7a:49:81:7c:43:1a:89:9e:54:89:0c:62:09:b3:73:
20:73:f2:52
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQiH92rpQRgrOft0xil7DdcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwMDBkYTM2YzU4NDJjZTEzMGZkMDY4OTEyZWJmYzBjNjll
NzY2MDYwHhcNMjUwMTAxMTM0ODIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzAzZGFlZGYyMjMzYjE1MzdjMzY5Y2NiYjIyZGY5NDhjYTJiNmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqTiIZvf+DD5wLSo5ok5qOcaWA3e8
DJifTuqjBWPpkiD26hZBIFZUwwkLs51GM9eel5XSiPls/m7AOqAFMz3TunYSgfQA
/DMXyGp98j4PGZb0Hhw+3E6C7/rSSirE7AQcETTWQnR9HwGDz3uYB66UaJiRIg5M
knyscQYNxIkqAC4mpPxlnLVAVApP19wxmQmdy6AeUL82SHR8sVSzRR8/0Pq4PVKY
uyrLgiS04MvfjXhFn8IgGpgH+X48WWqU2AKV1Por9dCWQdrCbAgA1Y8sRZwMkRxX
tgRbr2SVIuOyQXbvf2Go4VfJxPpJx4GguCFRFnb7u/mYRAZ1JKZbdCmcCQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGMD2u3yIzsVN8NpzLsi35SMorbmMB8GA1UdIwQY
MBaAFMAA2jbFhCzhMP0GiRLr/Axp52YGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0FEYU5zV0VMT0V3X1FhSkV1djhER25uWmdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8wMDMxNGMtOTY2MC00NTU4LTkwOGIt
Mzk5YzEwYjNhYWM1LzEvWXdQYTdmSWpPeFUzdzJuTXV5TGZsSXlpdHVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8wMDMxNGMtOTY2MC00NTU4LTkwOGItMzk5YzEwYjNhYWM1
LzEvd0FEYU5zV0VMT0V3X1FhSkV1djhER25uWmdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQE2UAAMA0E
AgACMAcDBQAqA7wAMA0GCSqGSIb3DQEBCwUAA4IBAQBqR0XXyV8kNcKlt/NLDFMp
l5NdOVw67ip4k8yaFMWnE0bBzbbtUwuwOpEt70Sg/8y8pekZfs08a61j2Qz+Maqy
PqsvRm2sCgTQcFMU7TI5Gn8aUIsO5FUSVE6A0O76LVYglx7osufrxR+Xycg4B9br
Nkp8iO6n1FwWV/CGDmzlVHTbOGDRrAsuvb3d5UKGzwixB+Ylw0BejB0Nxr3+sJ8D
H9wrlFcUuTK58cxiPICFvy6cIoSsS0noSApwTyMBDXohpBKlETj0rKz+EwhgIlvS
TMJMIGeFZMgKYw6UwMacUO0o4e6KzsqI30lHmnJ6SYF8QxqJnlSJDGIJs3Mgc/JS
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:37:09 2025 by rpki-client