Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/740c1e-1a4c-4ca2-bd53-537b1b49dfe7/1/alNy-myxrA734TUoeZ1JVeikh6c.roa
File: alNy-myxrA734TUoeZ1JVeikh6c.roa (raw, json)
Hash identifier: OCkDLXElKJB9eMUhsdq5dMT5WhX6caAwH3DuhC8oZvM=
Subject key identifier: 6A:53:72:FA:6C:B1:AC:0E:F7:E1:35:28:79:9D:49:55:E8:A4:87:A7
Certificate issuer: /CN=8aab4c0cf21c1a3d6ea41068cbe908be388e450a
Certificate serial: 019420684D9B39E8E8E99EFA1F27BF914240
Authority key identifier: 8A:AB:4C:0C:F2:1C:1A:3D:6E:A4:10:68:CB:E9:08:BE:38:8E:45:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iqtMDPIcGj1upBBoy-kIvjiORQo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/740c1e-1a4c-4ca2-bd53-537b1b49dfe7/1/alNy-myxrA734TUoeZ1JVeikh6c.roa
Signing time: Wed 01 Jan 2025 05:48:14 +0000
ROA not before: Wed 01 Jan 2025 05:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211691
IP address blocks: 2a07:7940:42::/48 maxlen: 48
2a07:7940:44::/48 maxlen: 48
2a07:7940:fffd::/48 maxlen: 48
2a07:7940:fffe::/48 maxlen: 48
2a07:7947:ff00::/44 maxlen: 44
2a07:7947:ff80::/44 maxlen: 44
2a07:7947:ffc0::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/740c1e-1a4c-4ca2-bd53-537b1b49dfe7/1/iqtMDPIcGj1upBBoy-kIvjiORQo.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/740c1e-1a4c-4ca2-bd53-537b1b49dfe7/1/iqtMDPIcGj1upBBoy-kIvjiORQo.mft
rsync://rpki.ripe.net/repository/DEFAULT/iqtMDPIcGj1upBBoy-kIvjiORQo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 18:01:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:4d:9b:39:e8:e8:e9:9e:fa:1f:27:bf:91:42:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8aab4c0cf21c1a3d6ea41068cbe908be388e450a
Validity
Not Before: Jan 1 05:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6a5372fa6cb1ac0ef7e13528799d4955e8a487a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:98:4d:eb:65:b1:f1:80:a0:f6:3d:2e:e3:14:
cf:e6:c8:c0:1f:5a:6c:02:ed:7b:ba:24:15:90:34:
ec:a0:17:bc:7c:09:d6:cc:ac:a1:b8:9e:29:62:de:
5a:7f:8b:26:a9:eb:d6:37:79:5d:66:9d:af:d4:9b:
c4:34:dd:13:71:27:a9:90:70:d7:73:80:60:ce:1f:
be:31:3f:9c:19:ec:d1:37:1d:e7:0c:b1:f7:d2:14:
b7:1d:97:b2:b3:c1:54:3c:97:20:50:2f:1a:b0:61:
43:72:15:2b:7b:a5:3d:83:84:47:59:a6:4a:49:98:
06:d1:bf:0c:6e:0b:da:93:f8:90:97:d5:e8:18:06:
a6:0e:34:9a:7e:33:d8:e7:2c:ed:d4:d0:99:b9:bc:
ca:f2:d4:10:f3:d8:f0:93:f9:ab:d3:d2:11:0a:7e:
9a:5e:5f:b2:c6:06:f3:78:1c:2d:ce:08:9e:97:68:
0a:35:1b:b3:4b:b6:70:42:e8:13:8e:c7:65:c4:ff:
fc:c1:16:34:f5:e2:14:03:2a:00:c2:6c:a4:67:e8:
8b:92:80:4a:27:d7:f0:bd:8e:71:db:e7:d6:7f:a0:
62:cb:0d:fb:38:92:cf:e1:9d:9d:40:1f:ca:ed:4f:
4c:0d:cb:58:54:b5:47:2c:2a:84:15:9a:69:30:07:
24:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:53:72:FA:6C:B1:AC:0E:F7:E1:35:28:79:9D:49:55:E8:A4:87:A7
X509v3 Authority Key Identifier:
keyid:8A:AB:4C:0C:F2:1C:1A:3D:6E:A4:10:68:CB:E9:08:BE:38:8E:45:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iqtMDPIcGj1upBBoy-kIvjiORQo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/740c1e-1a4c-4ca2-bd53-537b1b49dfe7/1/alNy-myxrA734TUoeZ1JVeikh6c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/740c1e-1a4c-4ca2-bd53-537b1b49dfe7/1/iqtMDPIcGj1upBBoy-kIvjiORQo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:7940:42::/48
2a07:7940:44::/48
2a07:7940:fffd::-2a07:7940:fffe:ffff:ffff:ffff:ffff:ffff
2a07:7947:ff00::/44
2a07:7947:ff80::/44
2a07:7947:ffc0::/44
Signature Algorithm: sha256WithRSAEncryption
37:27:d9:66:fb:e5:2c:cb:25:3c:f6:df:b3:0b:ed:46:bf:d7:
8c:1f:41:30:48:dd:9c:e7:f8:5d:5a:24:7c:bb:dd:6a:9f:b6:
05:3f:c6:9b:45:0b:54:00:ac:9d:da:f7:29:c3:a0:3c:04:e8:
09:9f:28:64:61:79:05:d2:8b:cc:a6:f7:27:79:65:9b:ed:83:
b0:47:e3:03:37:83:6d:ac:1f:38:77:f8:33:75:3d:96:51:28:
8e:62:ff:64:7b:91:97:d5:14:8a:85:39:f3:e3:5c:5f:1c:f6:
4f:04:ed:ef:c0:69:9e:96:29:fa:94:59:42:a5:f4:e8:22:5e:
5a:5e:f1:88:d5:7c:2b:e4:8e:55:8d:46:7e:da:64:ed:c5:67:
20:72:48:dc:a9:7f:dc:41:fb:70:f7:fd:d1:f9:2b:c7:bd:97:
62:3c:a2:ac:cf:83:b3:1f:b3:f8:e5:d5:ce:ce:3f:65:df:db:
99:d5:d9:d2:e8:23:90:7f:79:14:2e:26:48:ce:e6:1d:dd:91:
54:5f:eb:d8:a4:3f:d5:c9:61:27:c4:f8:4f:25:2b:fe:85:25:
f6:f8:40:4d:fa:b8:66:7b:fc:31:8c:9d:13:36:e8:36:90:57:
6e:70:72:66:ca:ca:e0:f2:88:9a:0b:a6:e8:60:fc:4b:31:cf:
87:53:5b:c2
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAZQgaE2bOejo6Z76Hye/kUJAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhYWI0YzBjZjIxYzFhM2Q2ZWE0MTA2OGNiZTkwOGJlMzg4
ZTQ1MGEwHhcNMjUwMTAxMDU0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTUzNzJmYTZjYjFhYzBlZjdlMTM1Mjg3OTlkNDk1NWU4YTQ4N2E3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+JhN62Wx8YCg9j0u4xTP5sjAH1ps
Au17uiQVkDTsoBe8fAnWzKyhuJ4pYt5af4smqevWN3ldZp2v1JvENN0TcSepkHDX
c4Bgzh++MT+cGezRNx3nDLH30hS3HZeys8FUPJcgUC8asGFDchUre6U9g4RHWaZK
SZgG0b8Mbgvak/iQl9XoGAamDjSafjPY5yzt1NCZubzK8tQQ89jwk/mr09IRCn6a
Xl+yxgbzeBwtzgiel2gKNRuzS7ZwQugTjsdlxP/8wRY09eIUAyoAwmykZ+iLkoBK
J9fwvY5x2+fWf6Biyw37OJLP4Z2dQB/K7U9MDctYVLVHLCqEFZppMAckdQIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFGpTcvpssawO9+E1KHmdSVXopIenMB8GA1UdIwQY
MBaAFIqrTAzyHBo9bqQQaMvpCL44jkUKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXF0TURQSWNHajF1cEJCb3kta0l2amlPUlFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NDBjMWUtMWE0Yy00Y2EyLWJkNTMt
NTM3YjFiNDlkZmU3LzEvYWxOeS1teXhyQTczNFRVb2VaMUpWZWlraDZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83NDBjMWUtMWE0Yy00Y2EyLWJkNTMtNTM3YjFiNDlkZmU3
LzEvaXF0TURQSWNHajF1cEJCb3kta0l2amlPUlFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTBHBAIAAjBBAwcAKgd5QABC
AwcAKgd5QABEMBIDBwAqB3lA//0DBwAqB3lA//4DBwQqB3lH/wADBwQqB3lH/4AD
BwQqB3lH/8AwDQYJKoZIhvcNAQELBQADggEBADcn2Wb75SzLJTz237ML7Ua/14wf
QTBI3Zzn+F1aJHy73WqftgU/xptFC1QArJ3a9ynDoDwE6AmfKGRheQXSi8ym9yd5
ZZvtg7BH4wM3g22sHzh3+DN1PZZRKI5i/2R7kZfVFIqFOfPjXF8c9k8E7e/AaZ6W
KfqUWUKl9OgiXlpe8YjVfCvkjlWNRn7aZO3FZyBySNypf9xB+3D3/dH5K8e9l2I8
oqzPg7Mfs/jl1c7OP2Xf25nV2dLoI5B/eRQuJkjO5h3dkVRf69ikP9XJYSfE+E8l
K/6FJfb4QE36uGZ7/DGMnRM26DaQV25wcmbKyuDyiJoLpuhg/Esxz4dTW8I=
-----END CERTIFICATE-----
Generated at Sun Apr 13 02:51:17 2025 by rpki-client