Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/ca641f-db3a-4f64-a25b-cfa6a91481e2/1/jODSDZiB_9CDcQXiT4tsxNlR8Ac.roa
File: jODSDZiB_9CDcQXiT4tsxNlR8Ac.roa (raw, json)
Hash identifier: JEMeTXjwzca2z04dyMlf/bVf4aF3EAXQNY7E1cjOdx4=
Subject key identifier: 8C:E0:D2:0D:98:81:FF:D0:83:71:05:E2:4F:8B:6C:C4:D9:51:F0:07
Certificate issuer: /CN=97d23ae28cd860c8edfd618356f8b31f5e4dc928
Certificate serial: 019509E42AF30A5A58CE0805852C95E1F594
Authority key identifier: 97:D2:3A:E2:8C:D8:60:C8:ED:FD:61:83:56:F8:B3:1F:5E:4D:C9:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l9I64ozYYMjt_WGDVvizH15NySg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/ca641f-db3a-4f64-a25b-cfa6a91481e2/1/jODSDZiB_9CDcQXiT4tsxNlR8Ac.roa
Signing time: Sat 15 Feb 2025 13:55:02 +0000
ROA not before: Sat 15 Feb 2025 13:55:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201409
IP address blocks: 2a13:29c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/ca641f-db3a-4f64-a25b-cfa6a91481e2/1/l9I64ozYYMjt_WGDVvizH15NySg.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/ca641f-db3a-4f64-a25b-cfa6a91481e2/1/l9I64ozYYMjt_WGDVvizH15NySg.mft
rsync://rpki.ripe.net/repository/DEFAULT/l9I64ozYYMjt_WGDVvizH15NySg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 16:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:09:e4:2a:f3:0a:5a:58:ce:08:05:85:2c:95:e1:f5:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97d23ae28cd860c8edfd618356f8b31f5e4dc928
Validity
Not Before: Feb 15 13:55:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8ce0d20d9881ffd0837105e24f8b6cc4d951f007
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:0e:0d:95:06:a6:63:7d:04:57:08:fe:b0:a7:
9b:4a:72:e9:5b:c6:6c:62:a5:05:bf:74:f2:4d:09:
e3:00:d2:0d:68:50:7e:b4:08:a7:8b:46:e7:26:b1:
3e:ce:7b:55:c3:c6:f7:8b:8b:89:8a:60:b2:c9:eb:
14:a4:dc:b7:38:ab:4f:36:44:6a:e4:18:74:16:b0:
f5:cd:80:b0:da:47:85:93:ab:57:47:3d:d8:25:08:
90:3d:be:6e:3e:6b:79:c0:a0:c2:bc:3f:af:0d:3d:
0e:c7:72:7e:bc:8b:07:e1:4b:1e:30:89:e4:2a:b0:
13:cd:1b:37:42:82:37:7e:a4:f5:4b:00:20:2f:f8:
b4:b7:f9:94:60:cc:a8:88:0c:03:27:eb:19:7d:35:
e5:55:64:f3:ee:09:3f:e8:cc:fc:78:11:59:0a:28:
97:b1:75:8a:30:9d:37:95:68:d5:d9:74:0a:03:86:
e2:b7:dc:de:28:aa:de:54:ff:4f:48:d3:fa:a5:5c:
22:0b:49:59:81:85:57:8e:d1:02:9c:be:6a:ed:20:
f6:4c:8c:d3:c0:73:9b:5f:a6:4e:99:bd:f5:cf:5f:
fe:ec:6e:b7:68:10:48:9d:1c:91:0d:3e:3f:21:d0:
c4:4d:4a:9d:13:9b:f2:30:54:9f:31:4d:c9:41:dc:
a8:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:E0:D2:0D:98:81:FF:D0:83:71:05:E2:4F:8B:6C:C4:D9:51:F0:07
X509v3 Authority Key Identifier:
keyid:97:D2:3A:E2:8C:D8:60:C8:ED:FD:61:83:56:F8:B3:1F:5E:4D:C9:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l9I64ozYYMjt_WGDVvizH15NySg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/ca641f-db3a-4f64-a25b-cfa6a91481e2/1/jODSDZiB_9CDcQXiT4tsxNlR8Ac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/ca641f-db3a-4f64-a25b-cfa6a91481e2/1/l9I64ozYYMjt_WGDVvizH15NySg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:29c0::/29
Signature Algorithm: sha256WithRSAEncryption
00:50:56:2a:95:6d:8a:fa:32:80:81:19:2f:4e:40:5b:26:4d:
04:76:47:89:3e:9d:ad:1e:8e:25:c9:c5:1b:ba:35:2c:82:19:
1d:8a:74:90:9b:75:90:b1:bf:9d:e5:41:c4:02:67:7a:69:43:
ef:01:3c:34:75:c9:6d:92:98:bf:f3:e8:0a:8a:bf:91:9a:fb:
80:cc:0e:7c:c0:2b:8c:32:98:e2:fa:ce:81:9f:57:58:27:e4:
0d:e0:57:c9:1b:69:69:83:9e:0f:7a:61:83:94:f0:63:c1:77:
66:72:82:10:57:0d:6a:b0:e3:5a:7c:da:e6:24:cb:74:bc:b8:
cb:ea:b4:6f:bc:3c:cb:60:92:65:ad:04:87:e7:19:4e:af:f0:
c8:1a:6f:00:d3:59:b6:d5:a9:2a:c4:50:c3:7f:4d:2d:43:d5:
64:1f:95:fd:e7:ea:86:65:2f:e7:84:cf:18:c3:8e:22:e8:17:
4b:ca:6e:b1:16:e7:e9:1f:d8:8e:f5:85:03:83:89:89:fc:a9:
cf:20:94:db:3f:ae:d7:d3:5a:c4:14:38:c3:54:1e:67:d2:70:
72:6f:28:1b:f5:e4:25:16:ab:83:d5:36:1e:29:f1:5a:a7:25:
ee:53:8c:2c:b2:b1:18:09:6a:af:56:f7:9d:14:6b:0a:f0:1b:
f4:ea:ce:4a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZUJ5CrzClpYzggFhSyV4fWUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3ZDIzYWUyOGNkODYwYzhlZGZkNjE4MzU2ZjhiMzFmNWU0
ZGM5MjgwHhcNMjUwMjE1MTM1NTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2UwZDIwZDk4ODFmZmQwODM3MTA1ZTI0ZjhiNmNjNGQ5NTFmMDA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzg4NlQamY30EVwj+sKebSnLpW8Zs
YqUFv3TyTQnjANINaFB+tAini0bnJrE+zntVw8b3i4uJimCyyesUpNy3OKtPNkRq
5Bh0FrD1zYCw2keFk6tXRz3YJQiQPb5uPmt5wKDCvD+vDT0Ox3J+vIsH4UseMInk
KrATzRs3QoI3fqT1SwAgL/i0t/mUYMyoiAwDJ+sZfTXlVWTz7gk/6Mz8eBFZCiiX
sXWKMJ03lWjV2XQKA4bit9zeKKreVP9PSNP6pVwiC0lZgYVXjtECnL5q7SD2TIzT
wHObX6ZOmb31z1/+7G63aBBInRyRDT4/IdDETUqdE5vyMFSfMU3JQdyoGQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIzg0g2Ygf/Qg3EF4k+LbMTZUfAHMB8GA1UdIwQY
MBaAFJfSOuKM2GDI7f1hg1b4sx9eTckoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDlJNjRvellZTWp0X1dHRFZ2aXpIMTVOeVNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9jYTY0MWYtZGIzYS00ZjY0LWEyNWIt
Y2ZhNmE5MTQ4MWUyLzEvak9EU0RaaUJfOUNEY1FYaVQ0dHN4TmxSOEFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9jYTY0MWYtZGIzYS00ZjY0LWEyNWItY2ZhNmE5MTQ4MWUy
LzEvbDlJNjRvellZTWp0X1dHRFZ2aXpIMTVOeVNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhMpwDAN
BgkqhkiG9w0BAQsFAAOCAQEAAFBWKpVtivoygIEZL05AWyZNBHZHiT6drR6OJcnF
G7o1LIIZHYp0kJt1kLG/neVBxAJnemlD7wE8NHXJbZKYv/PoCoq/kZr7gMwOfMAr
jDKY4vrOgZ9XWCfkDeBXyRtpaYOeD3phg5TwY8F3ZnKCEFcNarDjWnza5iTLdLy4
y+q0b7w8y2CSZa0Eh+cZTq/wyBpvANNZttWpKsRQw39NLUPVZB+V/efqhmUv54TP
GMOOIugXS8pusRbn6R/YjvWFA4OJifypzyCU2z+u19NaxBQ4w1QeZ9Jwcm8oG/Xk
JRarg9U2HinxWqcl7lOMLLKxGAlqr1b3nRRrCvAb9OrOSg==
-----END CERTIFICATE-----
Generated at Sun Apr 6 21:23:51 2025 by rpki-client