Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/NBAGDYPUnvorO2q1yfBImzh7D6w.roa
File: NBAGDYPUnvorO2q1yfBImzh7D6w.roa (raw, json)
Hash identifier: QnH1bhgeIDfkHQTP+dUysIWRvONxxhMwrYv0/dcYFz0=
Subject key identifier: 34:10:06:0D:83:D4:9E:FA:2B:3B:6A:B5:C9:F0:48:9B:38:7B:0F:AC
Certificate issuer: /CN=4a644c1156851803f37adeec0876ccf989d5aef0
Certificate serial: 0194266BDF1B7ABA1242635231F9B6BA8294
Authority key identifier: 4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/NBAGDYPUnvorO2q1yfBImzh7D6w.roa
Signing time: Thu 02 Jan 2025 09:49:51 +0000
ROA not before: Thu 02 Jan 2025 09:49:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6369
IP address blocks: 2a0f:5707:ae00::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/SmRMEVaFGAPzet7sCHbM-YnVrvA.crl
rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/SmRMEVaFGAPzet7sCHbM-YnVrvA.mft
rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 10:07:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:df:1b:7a:ba:12:42:63:52:31:f9:b6:ba:82:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a644c1156851803f37adeec0876ccf989d5aef0
Validity
Not Before: Jan 2 09:49:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3410060d83d49efa2b3b6ab5c9f0489b387b0fac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:32:94:4f:4d:15:71:96:fd:21:22:1a:a3:44:
f6:98:9d:22:25:1d:e8:24:91:17:6b:22:7f:99:b5:
11:3b:e7:28:a5:21:49:6e:f1:e6:e3:d0:68:21:8f:
57:d9:d5:cc:07:ab:b9:34:9d:37:02:a9:a9:57:8b:
c5:f3:db:19:ff:f2:2c:c0:3b:d3:6d:b0:67:bf:dc:
46:fb:60:96:d7:24:87:a2:17:1e:3c:88:36:bc:0c:
e1:a1:08:c3:da:aa:90:82:a9:a7:d2:d0:17:d1:eb:
09:68:bc:18:5f:22:d0:36:02:73:d5:62:c2:93:a6:
81:08:a6:8a:d3:5b:e7:f5:55:92:f4:a1:89:c9:43:
3a:58:40:ef:70:1e:17:73:fc:82:a2:55:19:63:33:
50:60:d1:e6:0b:29:75:dd:24:ee:70:15:57:6a:5d:
e0:2d:92:0f:a6:87:8c:41:00:b2:01:0a:f2:85:37:
21:9a:1f:51:a8:4d:cc:e2:5f:b3:cf:12:15:1b:59:
01:a8:5b:e8:ed:0b:fd:14:a1:46:ff:12:33:90:3c:
e7:e6:17:fc:5f:5f:fe:b1:89:06:34:80:73:1c:80:
cb:91:f1:6a:19:28:38:32:f0:54:7e:f9:b5:10:28:
d3:7a:4d:b1:04:28:63:0a:58:ed:1a:44:cf:8f:bd:
b8:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:10:06:0D:83:D4:9E:FA:2B:3B:6A:B5:C9:F0:48:9B:38:7B:0F:AC
X509v3 Authority Key Identifier:
keyid:4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/NBAGDYPUnvorO2q1yfBImzh7D6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/SmRMEVaFGAPzet7sCHbM-YnVrvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:5707:ae00::/44
Signature Algorithm: sha256WithRSAEncryption
2e:31:14:72:99:0b:f4:19:0b:26:45:92:73:01:b2:2c:23:ea:
9f:3e:bb:8f:48:c2:8a:83:19:ab:7e:18:71:4f:cc:49:76:8e:
7f:95:4a:7f:92:b7:88:c5:b9:58:4d:21:14:2d:00:5d:56:7f:
b6:df:82:2d:70:a6:85:68:d3:8f:5d:eb:93:87:01:fc:f2:90:
fc:c6:ab:ef:a4:96:76:33:a9:b4:13:56:7a:eb:7e:9d:80:12:
4e:09:7a:f6:b5:78:f8:eb:af:e6:34:e8:8f:a2:59:0b:c8:78:
ec:e2:54:bd:56:dd:37:41:be:c1:23:5a:41:2c:57:4c:f6:47:
a3:d1:80:86:76:6c:37:b9:13:d5:73:89:b5:cc:79:ce:eb:54:
1c:95:39:e9:2a:83:e0:cf:47:91:2d:14:6d:bb:53:6b:c5:fe:
fb:b3:a4:38:5b:8b:e9:e9:56:98:b1:e7:17:27:e9:71:44:61:
8b:c9:e0:50:33:e2:0a:94:82:77:5a:d5:c1:e7:ca:be:5d:f0:
cf:9c:93:dd:73:16:e4:3f:63:96:9e:0b:6f:6a:50:26:f4:cd:
3e:d4:78:8f:71:49:26:76:d5:3d:23:9d:0b:87:7b:bb:fa:3b:
02:3e:40:aa:a9:0a:d2:c6:18:fc:b5:52:78:0f:24:da:f2:8e:
3a:0a:6c:19
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQma98beroSQmNSMfm2uoKUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNjQ0YzExNTY4NTE4MDNmMzdhZGVlYzA4NzZjY2Y5ODlk
NWFlZjAwHhcNMjUwMTAyMDk0OTUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDEwMDYwZDgzZDQ5ZWZhMmIzYjZhYjVjOWYwNDg5YjM4N2IwZmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwjKUT00VcZb9ISIao0T2mJ0iJR3o
JJEXayJ/mbURO+copSFJbvHm49BoIY9X2dXMB6u5NJ03AqmpV4vF89sZ//IswDvT
bbBnv9xG+2CW1ySHohcePIg2vAzhoQjD2qqQgqmn0tAX0esJaLwYXyLQNgJz1WLC
k6aBCKaK01vn9VWS9KGJyUM6WEDvcB4Xc/yColUZYzNQYNHmCyl13STucBVXal3g
LZIPpoeMQQCyAQryhTchmh9RqE3M4l+zzxIVG1kBqFvo7Qv9FKFG/xIzkDzn5hf8
X1/+sYkGNIBzHIDLkfFqGSg4MvBUfvm1ECjTek2xBChjCljtGkTPj724AwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDQQBg2D1J76KztqtcnwSJs4ew+sMB8GA1UdIwQY
MBaAFEpkTBFWhRgD83re7Ah2zPmJ1a7wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3Mzkt
Y2MxYzliNWY2NjQwLzEvTkJBR0RZUFVudm9yTzJxMXlmQkltemg3RDZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3MzktY2MxYzliNWY2NjQw
LzEvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg9XB64A
MA0GCSqGSIb3DQEBCwUAA4IBAQAuMRRymQv0GQsmRZJzAbIsI+qfPruPSMKKgxmr
fhhxT8xJdo5/lUp/kreIxblYTSEULQBdVn+234ItcKaFaNOPXeuThwH88pD8xqvv
pJZ2M6m0E1Z6636dgBJOCXr2tXj466/mNOiPolkLyHjs4lS9Vt03Qb7BI1pBLFdM
9kej0YCGdmw3uRPVc4m1zHnO61QclTnpKoPgz0eRLRRtu1Nrxf77s6Q4W4vp6VaY
secXJ+lxRGGLyeBQM+IKlIJ3WtXB58q+XfDPnJPdcxbkP2OWngtvalAm9M0+1HiP
cUkmdtU9I50Lh3u7+jsCPkCqqQrSxhj8tVJ4DyTa8o46CmwZ
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:48:06 2025 by rpki-client