Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/1-kJ7dFfkbXY8GKTB51YoZp95upA.roa
File: 1-kJ7dFfkbXY8GKTB51YoZp95upA.roa (raw, json)
Hash identifier: dR9vYcvJGh1CzLQ01rVJBBjGJtG77A8jF4vNPyZgLsk=
Subject key identifier: FA:42:7B:74:57:E4:6D:76:3C:18:A4:C1:E7:56:28:66:9F:79:BA:90
Certificate issuer: /CN=3ba5b1c09aa31f6713c61b32e558109e47966d42
Certificate serial: 019560ABB1FDD1E687551E755B2718716A8E
Authority key identifier: 3B:A5:B1:C0:9A:A3:1F:67:13:C6:1B:32:E5:58:10:9E:47:96:6D:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O6WxwJqjH2cTxhsy5VgQnkeWbUI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/1-kJ7dFfkbXY8GKTB51YoZp95upA.roa
Signing time: Tue 04 Mar 2025 10:20:19 +0000
ROA not before: Tue 04 Mar 2025 10:20:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3301
IP address blocks: 2001:2000::/48 maxlen: 48
2001:2000:4000::/40 maxlen: 40
2001:2000:9000::/40 maxlen: 40
2001:2001:4000::/36 maxlen: 36
2001:2001:9000::/40 maxlen: 40
2001:2040::/27 maxlen: 27
2001:2040::/32 maxlen: 32
2001:2040:c010::/47 maxlen: 47
2001:2040:c010::/48 maxlen: 48
2001:2040:c011::/48 maxlen: 48
2001:2042::/31 maxlen: 31
2001:2044::/32 maxlen: 32
2001:2090::/31 maxlen: 31
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/O6WxwJqjH2cTxhsy5VgQnkeWbUI.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/O6WxwJqjH2cTxhsy5VgQnkeWbUI.mft
rsync://rpki.ripe.net/repository/DEFAULT/O6WxwJqjH2cTxhsy5VgQnkeWbUI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 17:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:60:ab:b1:fd:d1:e6:87:55:1e:75:5b:27:18:71:6a:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ba5b1c09aa31f6713c61b32e558109e47966d42
Validity
Not Before: Mar 4 10:20:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fa427b7457e46d763c18a4c1e75628669f79ba90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:94:5e:eb:fe:3a:53:5b:23:35:70:cf:7f:dc:
31:98:aa:d7:68:ac:35:c6:0e:a6:bb:48:05:6b:da:
28:50:b2:f7:61:ef:b1:cd:95:ee:cd:20:88:17:ae:
bc:e2:46:77:8b:2a:d3:de:55:58:78:bc:02:b0:10:
34:e8:66:a2:73:c6:72:db:db:27:d6:72:ca:5d:28:
37:b8:e1:c9:8e:24:89:e6:7c:b6:bc:c0:aa:f6:36:
a1:66:e2:c3:a6:9f:68:66:4c:76:03:74:7b:74:9e:
18:8e:55:57:06:a3:de:fd:f8:5b:19:4c:ce:ee:fe:
2e:2c:c1:da:e9:d6:2b:7d:13:bb:ca:b7:35:5d:e0:
be:bb:08:d3:d2:74:30:66:b6:48:88:55:9e:f5:6f:
08:cb:45:9b:56:ea:1f:6c:44:93:dd:1b:ce:9c:0e:
e4:18:17:26:07:a7:19:2e:8f:0d:bb:5f:0d:14:14:
2a:22:61:be:fc:e1:d0:25:af:ba:9f:28:fb:9c:89:
4d:87:b9:de:1e:cb:ab:90:9d:df:38:5a:0c:c2:99:
32:ec:7a:9f:06:71:f2:ce:65:64:27:26:6d:84:06:
c5:b4:c1:0d:3f:73:d2:69:97:49:aa:8c:77:db:d3:
aa:0a:03:88:cb:00:ec:03:f4:06:57:4a:3e:0c:29:
8c:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:42:7B:74:57:E4:6D:76:3C:18:A4:C1:E7:56:28:66:9F:79:BA:90
X509v3 Authority Key Identifier:
keyid:3B:A5:B1:C0:9A:A3:1F:67:13:C6:1B:32:E5:58:10:9E:47:96:6D:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O6WxwJqjH2cTxhsy5VgQnkeWbUI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/1-kJ7dFfkbXY8GKTB51YoZp95upA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/O6WxwJqjH2cTxhsy5VgQnkeWbUI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:2000::/48
2001:2000:4000::/40
2001:2000:9000::/40
2001:2001:4000::/36
2001:2001:9000::/40
2001:2040::/27
2001:2090::/31
Signature Algorithm: sha256WithRSAEncryption
85:6c:49:70:57:92:d7:df:a6:61:e7:ee:f3:ef:0d:0d:58:c5:
a3:e2:67:c1:c1:f9:08:47:39:f5:e9:1b:71:41:8d:13:fa:f4:
f8:92:6b:5e:47:5a:36:03:47:51:de:47:a2:f7:0c:5e:16:f3:
91:f1:50:8c:57:a6:ff:29:d2:0b:97:ca:4e:47:2f:19:eb:af:
62:53:66:9c:d2:3b:f7:60:de:a2:8e:5a:5f:25:f5:a9:49:0e:
3a:06:94:88:27:6b:0b:5b:e2:7f:e4:f7:28:3b:55:43:6a:6b:
0c:9a:41:ba:1d:5e:e9:d2:eb:f2:97:b2:d0:b1:40:19:16:a0:
40:e0:74:54:ae:d1:32:94:7f:40:24:de:6b:00:c5:56:c7:22:
72:ea:09:42:2c:f8:6a:dc:93:d1:e5:29:ee:d8:a1:53:80:89:
75:4b:c4:7b:2d:df:f9:a2:00:af:f7:84:7a:ce:f6:2a:c7:c5:
32:3d:28:20:af:85:ab:28:f2:ac:d5:e5:1e:74:0e:10:21:4f:
20:b6:36:97:1d:bd:0a:ba:92:cb:33:65:4e:2e:af:cb:75:cb:
cb:3c:7e:cb:db:c9:e1:b7:e9:3b:a6:99:17:41:29:91:5c:44:
39:98:dd:6f:34:5d:5a:97:a1:65:45:39:17:6d:6a:6a:58:36:
4c:05:11:cb
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZVgq7H90eaHVR51WycYcWqOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiYTViMWMwOWFhMzFmNjcxM2M2MWIzMmU1NTgxMDllNDc5
NjZkNDIwHhcNMjUwMzA0MTAyMDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTQyN2I3NDU3ZTQ2ZDc2M2MxOGE0YzFlNzU2Mjg2NjlmNzliYTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7ZRe6/46U1sjNXDPf9wxmKrXaKw1
xg6mu0gFa9ooULL3Ye+xzZXuzSCIF6684kZ3iyrT3lVYeLwCsBA06Gaic8Zy29sn
1nLKXSg3uOHJjiSJ5ny2vMCq9jahZuLDpp9oZkx2A3R7dJ4YjlVXBqPe/fhbGUzO
7v4uLMHa6dYrfRO7yrc1XeC+uwjT0nQwZrZIiFWe9W8Iy0WbVuofbEST3RvOnA7k
GBcmB6cZLo8Nu18NFBQqImG+/OHQJa+6nyj7nIlNh7neHsurkJ3fOFoMwpky7Hqf
BnHyzmVkJyZthAbFtMENP3PSaZdJqox329OqCgOIywDsA/QGV0o+DCmMgwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFPpCe3RX5G12PBikwedWKGafebqQMB8GA1UdIwQY
MBaAFDulscCaox9nE8YbMuVYEJ5Hlm1CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzZXeHdKcWpIMmNUeGhzeTVWZ1Fua2VXYlVJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8xM2JkNzctZDI5Ny00Njg5LWJlZTQt
NDY2ZTljYWI3ODY0LzEvMS1rSjdkRmZrYlhZOEdLVEI1MVlvWnA5NXVwQS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYjQvMTNiZDc3LWQyOTctNDY4OS1iZWU0LTQ2NmU5Y2FiNzg2
NC8xL082V3h3SnFqSDJjVHhoc3k1VmdRbmtlV2JVSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBQBggrBgEFBQcBBwEB/wRBMD8wPQQCAAIwNwMHACABIAAA
AAMGACABIABAAwYAIAEgAJADBgQgASABQAMGACABIAGQAwUFIAEgQAMFASABIJAw
DQYJKoZIhvcNAQELBQADggEBAIVsSXBXktffpmHn7vPvDQ1YxaPiZ8HB+QhHOfXp
G3FBjRP69PiSa15HWjYDR1HeR6L3DF4W85HxUIxXpv8p0guXyk5HLxnrr2JTZpzS
O/dg3qKOWl8l9alJDjoGlIgnawtb4n/k9yg7VUNqawyaQbodXunS6/KXstCxQBkW
oEDgdFSu0TKUf0Ak3msAxVbHInLqCUIs+Grck9HlKe7YoVOAiXVLxHst3/miAK/3
hHrO9irHxTI9KCCvhaso8qzV5R50DhAhTyC2NpcdvQq6ksszZU4ur8t1y8s8fsvb
yeG36TummRdBKZFcRDmY3W80XVqXoWVFORdtampYNkwFEcs=
-----END CERTIFICATE-----
Generated at Mon Apr 14 04:20:02 2025 by rpki-client