Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/3XEw1a0VIGOUldtHJOnVTpj3-lU.roa
File: 3XEw1a0VIGOUldtHJOnVTpj3-lU.roa (raw, json)
Hash identifier: rhunUduYeoKNMBGxgcc1Pv2nqQWWoReqDrDhZwUbjcw=
Subject key identifier: DD:71:30:D5:AD:15:20:63:94:95:DB:47:24:E9:D5:4E:98:F7:FA:55
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 019421B2355A9F612BC44F159A3B20D65C99
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/3XEw1a0VIGOUldtHJOnVTpj3-lU.roa
Signing time: Wed 01 Jan 2025 11:48:34 +0000
ROA not before: Wed 01 Jan 2025 11:48:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34775
IP address blocks: 2a06:ba00::/48 maxlen: 48
2a09:12c0::/48 maxlen: 48
2a09:50c0::/48 maxlen: 48
2a09:5140::/48 maxlen: 48
2a09:5240::/48 maxlen: 48
2a09:97c0::/48 maxlen: 48
2a09:9840::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:35:5a:9f:61:2b:c4:4f:15:9a:3b:20:d6:5c:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Jan 1 11:48:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dd7130d5ad1520639495db4724e9d54e98f7fa55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:38:5a:7f:24:32:27:9e:8f:4e:91:1f:2a:08:
ab:d9:61:a1:25:f9:08:4a:5c:7e:2c:3b:59:53:78:
3a:6b:37:66:a8:5c:1c:5e:aa:50:0d:ec:75:ac:d7:
b7:0c:ce:8f:67:7c:07:40:b3:cd:aa:ba:b5:2b:de:
4c:96:d4:9e:ee:c1:eb:55:ec:42:48:e3:55:e7:66:
68:01:ed:34:32:10:87:3d:26:f9:42:ff:c8:32:e9:
75:af:1b:c7:cf:f1:ad:38:87:27:59:10:a4:53:46:
d7:51:68:4b:aa:4f:f2:04:50:ab:ef:60:78:b6:da:
88:04:d9:29:5b:08:30:50:05:dd:33:0e:61:7b:5e:
7e:88:2b:4f:b8:b9:3a:6d:b2:c1:fe:93:af:9b:4f:
bf:f4:85:82:51:65:02:75:e1:b7:01:f8:1c:bd:73:
66:38:4d:64:ef:a7:21:97:91:2b:1a:14:fb:e5:16:
eb:68:2a:5c:1e:6e:9c:7e:a0:1c:14:f2:53:15:ba:
b8:65:3c:c8:da:28:7a:0b:50:48:fa:37:7c:bc:ed:
45:cc:15:eb:a5:b6:10:37:cd:08:96:b3:fe:9b:17:
b6:bb:91:5b:86:ab:6f:64:6a:82:a9:79:17:ae:6f:
8b:b3:0f:55:e6:20:ef:b3:8e:7e:5f:e8:3d:e5:7e:
0d:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:71:30:D5:AD:15:20:63:94:95:DB:47:24:E9:D5:4E:98:F7:FA:55
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/3XEw1a0VIGOUldtHJOnVTpj3-lU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:ba00::/48
2a09:12c0::/48
2a09:50c0::/48
2a09:5140::/48
2a09:5240::/48
2a09:97c0::/48
2a09:9840::/48
Signature Algorithm: sha256WithRSAEncryption
36:ec:13:ae:39:e6:0e:a8:f0:08:84:8b:53:1e:03:c9:e4:85:
7c:98:d5:d7:07:77:4f:25:dd:6d:9e:9c:b5:bd:3f:d7:be:82:
e2:57:04:a9:d7:19:7c:6a:cd:e2:f2:df:8d:2d:1c:ef:58:a3:
ce:9a:33:93:96:89:aa:3a:49:19:d2:0b:b1:e6:ff:c3:90:f3:
90:4c:44:c3:38:4c:58:bd:78:5a:64:3d:51:bc:30:ed:24:a9:
aa:3c:fa:1d:77:dd:80:5c:e2:c5:7c:66:92:98:10:ae:7c:9a:
01:67:96:ae:36:e4:8c:01:df:9e:f5:87:cf:71:c8:f0:eb:97:
69:60:aa:57:28:33:4b:cb:df:0a:2f:f1:72:b0:62:0a:a6:c3:
12:91:69:15:b3:1c:a1:ea:99:71:6f:cb:f5:7d:83:ba:f5:c3:
10:e5:b0:ce:f8:32:ac:64:7a:bf:5f:2e:15:2a:cb:c2:f0:cb:
d5:b4:47:23:36:20:62:c8:6c:11:4f:67:96:7b:d7:f0:86:15:
44:a3:11:cd:4b:fa:37:66:12:53:a4:20:c1:cb:c6:ea:c2:70:
23:05:70:dc:49:a3:77:3a:86:58:75:76:71:b1:3a:19:15:c2:
ca:93:2f:63:ca:ed:2a:ef:31:55:b5:24:f4:7d:9f:e0:67:7e:
15:6b:1f:c8
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZQhsjVan2ErxE8Vmjsg1lyZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjUwMTAxMTE0ODM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDcxMzBkNWFkMTUyMDYzOTQ5NWRiNDcyNGU5ZDU0ZTk4ZjdmYTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjhafyQyJ56PTpEfKgir2WGhJfkI
Slx+LDtZU3g6azdmqFwcXqpQDex1rNe3DM6PZ3wHQLPNqrq1K95MltSe7sHrVexC
SONV52ZoAe00MhCHPSb5Qv/IMul1rxvHz/GtOIcnWRCkU0bXUWhLqk/yBFCr72B4
ttqIBNkpWwgwUAXdMw5he15+iCtPuLk6bbLB/pOvm0+/9IWCUWUCdeG3AfgcvXNm
OE1k76chl5ErGhT75RbraCpcHm6cfqAcFPJTFbq4ZTzI2ih6C1BI+jd8vO1FzBXr
pbYQN80IlrP+mxe2u5FbhqtvZGqCqXkXrm+Lsw9V5iDvs45+X+g95X4N+QIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFN1xMNWtFSBjlJXbRyTp1U6Y9/pVMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvM1hFdzFhMFZJR09VbGR0SEpPblZUcGozLWxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzBFBAIAAjA/AwcAKga6AAAA
AwcAKgkSwAAAAwcAKglQwAAAAwcAKglRQAAAAwcAKglSQAAAAwcAKgmXwAAAAwcA
KgmYQAAAMA0GCSqGSIb3DQEBCwUAA4IBAQA27BOuOeYOqPAIhItTHgPJ5IV8mNXX
B3dPJd1tnpy1vT/XvoLiVwSp1xl8as3i8t+NLRzvWKPOmjOTlomqOkkZ0gux5v/D
kPOQTETDOExYvXhaZD1RvDDtJKmqPPodd92AXOLFfGaSmBCufJoBZ5auNuSMAd+e
9YfPccjw65dpYKpXKDNLy98KL/FysGIKpsMSkWkVsxyh6plxb8v1fYO69cMQ5bDO
+DKsZHq/Xy4VKsvC8MvVtEcjNiBiyGwRT2eWe9fwhhVEoxHNS/o3ZhJTpCDBy8bq
wnAjBXDcSaN3OoZYdXZxsToZFcLKky9jyu0q7zFVtST0fZ/gZ34Vax/I
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:41:20 2025 by rpki-client