Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/yDDPfOYkq9TvDo49z4rJ89YrUS8.roa
File: yDDPfOYkq9TvDo49z4rJ89YrUS8.roa (raw, json)
Hash identifier: h90+S4fhQ3iqdh42EvmGUJBw540N3+LmJjYWM7l7haw=
Subject key identifier: C8:30:CF:7C:E6:24:AB:D4:EF:0E:8E:3D:CF:8A:C9:F3:D6:2B:51:2F
Certificate issuer: /CN=b2e448b4a08f0e4c58a283d80735a8a803e10d4e
Certificate serial: 01942143E2F5B922A20EFB2ACC409B5433CE
Authority key identifier: B2:E4:48:B4:A0:8F:0E:4C:58:A2:83:D8:07:35:A8:A8:03:E1:0D:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/suRItKCPDkxYooPYBzWoqAPhDU4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/yDDPfOYkq9TvDo49z4rJ89YrUS8.roa
Signing time: Wed 01 Jan 2025 09:48:04 +0000
ROA not before: Wed 01 Jan 2025 09:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205365
IP address blocks: 2a00:1908:fffa::/48 maxlen: 48
2a00:1908:fffb::/48 maxlen: 48
2a00:1908:fffc::/48 maxlen: 48
2a00:1908:fffd::/48 maxlen: 48
2a00:1908:fffe::/48 maxlen: 48
2a00:1908:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/suRItKCPDkxYooPYBzWoqAPhDU4.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/suRItKCPDkxYooPYBzWoqAPhDU4.mft
rsync://rpki.ripe.net/repository/DEFAULT/suRItKCPDkxYooPYBzWoqAPhDU4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 21:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:e2:f5:b9:22:a2:0e:fb:2a:cc:40:9b:54:33:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2e448b4a08f0e4c58a283d80735a8a803e10d4e
Validity
Not Before: Jan 1 09:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c830cf7ce624abd4ef0e8e3dcf8ac9f3d62b512f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:8d:96:7f:d6:59:83:dd:c1:34:30:54:3d:f0:
85:cb:4f:fd:9e:c0:cf:76:34:3b:1b:e2:0a:97:57:
d3:b0:2b:a7:39:cb:41:eb:d8:6b:f6:4b:19:40:d5:
76:96:e4:7d:40:ba:d4:2b:4f:e1:30:01:fe:fb:e3:
b5:81:2b:ae:95:02:c6:6f:a2:88:e0:b2:20:9f:27:
6b:cd:01:14:dc:0e:d1:71:6a:c2:e3:af:f8:f5:ce:
60:39:eb:5c:f0:be:ae:e4:b3:a5:19:36:8e:00:3e:
62:ac:63:10:19:5a:c1:fb:0f:92:9e:f3:1c:b9:33:
5b:b2:14:70:4b:39:a3:7f:d8:77:78:22:4d:2d:dc:
7c:f4:3d:06:b1:36:61:4a:97:8a:9e:ef:b2:b2:42:
aa:3a:79:17:6e:cb:61:75:04:fd:b8:51:f9:e3:76:
0c:99:8e:36:a8:ba:52:68:9a:71:8e:be:f9:86:06:
9f:3e:c9:6b:c7:46:cd:4f:54:33:8d:6d:dc:58:49:
cc:68:ac:db:bf:6a:48:b1:bb:90:6a:2d:04:76:32:
ef:50:68:2f:20:6b:48:ca:64:23:e9:5e:cd:b7:1d:
e5:6a:f6:ad:a3:c6:ff:12:dd:02:cb:d2:ab:a0:e1:
5e:17:a5:ca:e6:08:d2:73:ab:4f:37:7c:af:17:6c:
59:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:30:CF:7C:E6:24:AB:D4:EF:0E:8E:3D:CF:8A:C9:F3:D6:2B:51:2F
X509v3 Authority Key Identifier:
keyid:B2:E4:48:B4:A0:8F:0E:4C:58:A2:83:D8:07:35:A8:A8:03:E1:0D:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/suRItKCPDkxYooPYBzWoqAPhDU4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/yDDPfOYkq9TvDo49z4rJ89YrUS8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/suRItKCPDkxYooPYBzWoqAPhDU4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:1908:fffa::-2a00:1908:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
af:a9:55:16:a9:49:5b:ca:80:32:9a:05:c9:df:ba:9d:b0:6e:
99:72:68:47:f2:07:26:02:d5:81:14:09:46:70:c2:49:04:8c:
1a:63:b4:1e:e5:1e:31:4e:94:fa:0c:e0:58:4e:77:ee:81:98:
2a:79:73:df:ac:4e:be:e8:8e:d6:b8:cd:3e:1d:06:cc:98:4c:
f6:00:69:7a:af:59:d9:30:e4:52:d9:57:8b:7c:db:a5:66:86:
88:6b:5f:84:4c:62:22:d7:8d:18:91:04:7d:67:11:39:84:a8:
67:34:12:f6:c7:e9:52:4e:b7:a2:4b:aa:43:04:c8:f8:2d:c9:
5e:3b:a1:a8:30:93:7f:f2:3e:da:12:18:f8:ed:34:53:26:ee:
c8:70:c5:72:1c:bf:d9:33:d9:e7:aa:6f:42:f1:62:6f:9b:53:
32:c1:50:a8:2a:fd:e5:d5:0e:91:f3:63:17:a5:cb:48:c9:e8:
ce:40:4c:3c:01:b2:3c:95:60:ef:c1:09:42:ce:b5:28:c5:3f:
b0:92:65:0d:32:91:49:2b:f9:61:94:6e:16:e1:2d:86:00:5a:
d0:1d:62:e2:28:9d:90:7d:9f:33:33:68:ac:bc:aa:7d:64:24:
f3:b9:98:6c:89:57:15:ef:64:8e:e0:88:30:16:2a:32:6c:3b:
79:69:b9:a2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQhQ+L1uSKiDvsqzECbVDPOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyZTQ0OGI0YTA4ZjBlNGM1OGEyODNkODA3MzVhOGE4MDNl
MTBkNGUwHhcNMjUwMTAxMDk0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODMwY2Y3Y2U2MjRhYmQ0ZWYwZThlM2RjZjhhYzlmM2Q2MmI1MTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA342Wf9ZZg93BNDBUPfCFy0/9nsDP
djQ7G+IKl1fTsCunOctB69hr9ksZQNV2luR9QLrUK0/hMAH+++O1gSuulQLGb6KI
4LIgnydrzQEU3A7RcWrC46/49c5gOetc8L6u5LOlGTaOAD5irGMQGVrB+w+SnvMc
uTNbshRwSzmjf9h3eCJNLdx89D0GsTZhSpeKnu+yskKqOnkXbsthdQT9uFH543YM
mY42qLpSaJpxjr75hgafPslrx0bNT1QzjW3cWEnMaKzbv2pIsbuQai0EdjLvUGgv
IGtIymQj6V7Ntx3lavato8b/Et0Cy9KroOFeF6XK5gjSc6tPN3yvF2xZcwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMgwz3zmJKvU7w6OPc+KyfPWK1EvMB8GA1UdIwQY
MBaAFLLkSLSgjw5MWKKD2Ac1qKgD4Q1OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3VSSXRLQ1BEa3hZb29QWUJ6V29xQVBoRFU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9hNzA2OGEtOTJiYS00MmVhLTk5NjYt
MjA1NGQ0ZTkwM2JjLzEveUREUGZPWWtxOVR2RG80OXo0cko4OVlyVVM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9hNzA2OGEtOTJiYS00MmVhLTk5NjYtMjA1NGQ0ZTkwM2Jj
LzEvc3VSSXRLQ1BEa3hZb29QWUJ6V29xQVBoRFU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASMBADBwEqABkI
//oDBQAqABkIMA0GCSqGSIb3DQEBCwUAA4IBAQCvqVUWqUlbyoAymgXJ37qdsG6Z
cmhH8gcmAtWBFAlGcMJJBIwaY7Qe5R4xTpT6DOBYTnfugZgqeXPfrE6+6I7WuM0+
HQbMmEz2AGl6r1nZMORS2VeLfNulZoaIa1+ETGIi140YkQR9ZxE5hKhnNBL2x+lS
TreiS6pDBMj4LcleO6GoMJN/8j7aEhj47TRTJu7IcMVyHL/ZM9nnqm9C8WJvm1My
wVCoKv3l1Q6R82MXpctIyejOQEw8AbI8lWDvwQlCzrUoxT+wkmUNMpFJK/lhlG4W
4S2GAFrQHWLiKJ2QfZ8zM2isvKp9ZCTzuZhsiVcV72SO4IgwFioybDt5abmi
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:49:15 2025 by rpki-client