Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/g9BBfDc_1PLnz7Bt9VifF-7KO2o.roa
File: g9BBfDc_1PLnz7Bt9VifF-7KO2o.roa (raw, json)
Hash identifier: egth43kB7TA1PASJjKkxy/iH4S+KR37qtj3zbkktKes=
Subject key identifier: 83:D0:41:7C:37:3F:D4:F2:E7:CF:B0:6D:F5:58:9F:17:EE:CA:3B:6A
Certificate issuer: /CN=3ba5b1c09aa31f6713c61b32e558109e47966d42
Certificate serial: 019424B2794A5B5DA7330EF63556169BC876
Authority key identifier: 3B:A5:B1:C0:9A:A3:1F:67:13:C6:1B:32:E5:58:10:9E:47:96:6D:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O6WxwJqjH2cTxhsy5VgQnkeWbUI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/g9BBfDc_1PLnz7Bt9VifF-7KO2o.roa
Signing time: Thu 02 Jan 2025 01:47:43 +0000
ROA not before: Thu 02 Jan 2025 01:47:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1759
IP address blocks: 2001:2000:6000::/40 maxlen: 40
2001:2001:6000::/40 maxlen: 40
2001:2003::/32 maxlen: 32
2001:2060::/27 maxlen: 27
2001:2060::/32 maxlen: 32
2001:2061::/32 maxlen: 32
2001:2062::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/O6WxwJqjH2cTxhsy5VgQnkeWbUI.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/O6WxwJqjH2cTxhsy5VgQnkeWbUI.mft
rsync://rpki.ripe.net/repository/DEFAULT/O6WxwJqjH2cTxhsy5VgQnkeWbUI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 08:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:79:4a:5b:5d:a7:33:0e:f6:35:56:16:9b:c8:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ba5b1c09aa31f6713c61b32e558109e47966d42
Validity
Not Before: Jan 2 01:47:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=83d0417c373fd4f2e7cfb06df5589f17eeca3b6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:cb:a2:bd:fb:45:5b:71:a4:7a:0d:23:75:8a:
d0:25:79:8c:5b:cf:e4:18:71:c8:71:7b:f2:1d:3b:
ba:0d:f5:8b:8b:d0:2a:7e:ea:41:45:f9:08:21:4c:
7e:82:4f:7d:a6:35:d5:98:d1:ca:6c:9f:a0:81:d7:
1c:32:21:e8:27:f2:d6:3c:bb:49:4c:50:0b:1a:e5:
36:3c:71:ec:66:43:ab:d2:b1:62:d6:cf:09:b8:d8:
0e:2a:01:aa:db:11:1e:e6:3e:37:1e:0b:03:97:8e:
a9:d7:8e:f1:6e:28:cb:d9:58:82:2f:94:94:24:4e:
65:ca:18:0e:8a:1c:ed:e2:d0:df:e8:52:46:48:8d:
3a:05:87:5b:d6:0f:81:90:f7:60:4d:e1:49:79:4b:
19:17:71:4c:b9:0a:dc:06:c9:75:e0:1a:59:46:e0:
18:f3:d9:93:c9:75:c7:1d:28:99:23:f6:87:59:e1:
94:73:70:fc:03:9a:5e:23:8a:61:e0:f1:8a:36:e9:
9c:b8:69:51:17:e5:03:2d:19:87:5c:5d:4d:1a:04:
01:b5:ac:bb:ec:90:81:e7:b2:5d:00:c0:e7:c9:79:
1c:38:a9:6b:07:8b:29:2b:c6:54:fb:c3:b8:f6:cd:
a5:ab:69:6e:f3:47:e3:0f:8b:7d:63:f8:45:0f:61:
4b:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:D0:41:7C:37:3F:D4:F2:E7:CF:B0:6D:F5:58:9F:17:EE:CA:3B:6A
X509v3 Authority Key Identifier:
keyid:3B:A5:B1:C0:9A:A3:1F:67:13:C6:1B:32:E5:58:10:9E:47:96:6D:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O6WxwJqjH2cTxhsy5VgQnkeWbUI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/g9BBfDc_1PLnz7Bt9VifF-7KO2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/O6WxwJqjH2cTxhsy5VgQnkeWbUI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:2000:6000::/40
2001:2001:6000::/40
2001:2003::/32
2001:2060::/27
Signature Algorithm: sha256WithRSAEncryption
61:dc:f7:48:d7:75:88:f9:dc:9b:39:dc:8a:b5:d9:9a:92:d5:
7e:92:15:5a:26:51:aa:49:f5:0e:57:88:fe:02:c5:1a:0f:0f:
0e:ac:10:cf:09:58:06:4e:37:6a:96:cf:1d:1a:cf:c9:07:59:
fa:91:95:df:72:5a:3a:19:e7:95:70:07:69:2a:0f:67:38:b4:
89:38:1e:3f:b4:b7:ee:e4:45:dc:a2:a5:db:16:65:41:e1:92:
83:8b:e4:70:69:c1:67:81:0c:5d:49:35:fe:76:31:af:f3:04:
58:d5:e6:4f:5f:c6:9c:bd:03:8c:24:a1:5d:49:c7:24:54:08:
90:cd:0b:d6:e2:c1:db:14:fa:b8:a0:9a:18:71:00:b5:33:ea:
94:13:24:d6:14:70:9a:45:ab:e3:64:7e:a5:40:59:9f:15:a3:
72:d1:28:4c:c5:ff:3e:5e:4a:ec:2c:70:e1:0e:92:19:67:1b:
81:19:a4:18:33:f5:4a:95:72:b5:02:40:cf:98:66:be:03:43:
54:8b:b0:22:07:89:d2:c1:1d:bb:d9:9d:d1:99:94:07:08:dd:
cb:2b:45:42:62:e1:85:48:51:1b:08:1c:33:d3:bd:ba:a7:41:
bb:f9:97:b2:99:8c:99:67:6f:c5:d3:aa:a4:0d:80:af:68:97:
b5:f1:a3:ac
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQksnlKW12nMw72NVYWm8h2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiYTViMWMwOWFhMzFmNjcxM2M2MWIzMmU1NTgxMDllNDc5
NjZkNDIwHhcNMjUwMTAyMDE0NzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2QwNDE3YzM3M2ZkNGYyZTdjZmIwNmRmNTU4OWYxN2VlY2EzYjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA38uivftFW3Gkeg0jdYrQJXmMW8/k
GHHIcXvyHTu6DfWLi9AqfupBRfkIIUx+gk99pjXVmNHKbJ+ggdccMiHoJ/LWPLtJ
TFALGuU2PHHsZkOr0rFi1s8JuNgOKgGq2xEe5j43HgsDl46p147xbijL2ViCL5SU
JE5lyhgOihzt4tDf6FJGSI06BYdb1g+BkPdgTeFJeUsZF3FMuQrcBsl14BpZRuAY
89mTyXXHHSiZI/aHWeGUc3D8A5peI4ph4PGKNumcuGlRF+UDLRmHXF1NGgQBtay7
7JCB57JdAMDnyXkcOKlrB4spK8ZU+8O49s2lq2lu80fjD4t9Y/hFD2FLTQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFIPQQXw3P9Ty58+wbfVYnxfuyjtqMB8GA1UdIwQY
MBaAFDulscCaox9nE8YbMuVYEJ5Hlm1CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzZXeHdKcWpIMmNUeGhzeTVWZ1Fua2VXYlVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8xM2JkNzctZDI5Ny00Njg5LWJlZTQt
NDY2ZTljYWI3ODY0LzEvZzlCQmZEY18xUExuejdCdDlWaWZGLTdLTzJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8xM2JkNzctZDI5Ny00Njg5LWJlZTQtNDY2ZTljYWI3ODY0
LzEvTzZXeHdKcWpIMmNUeGhzeTVWZ1Fua2VXYlVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAAjAeAwYAIAEgAGAD
BgAgASABYAMFACABIAMDBQUgASBgMA0GCSqGSIb3DQEBCwUAA4IBAQBh3PdI13WI
+dybOdyKtdmaktV+khVaJlGqSfUOV4j+AsUaDw8OrBDPCVgGTjdqls8dGs/JB1n6
kZXfclo6GeeVcAdpKg9nOLSJOB4/tLfu5EXcoqXbFmVB4ZKDi+RwacFngQxdSTX+
djGv8wRY1eZPX8acvQOMJKFdScckVAiQzQvW4sHbFPq4oJoYcQC1M+qUEyTWFHCa
RavjZH6lQFmfFaNy0ShMxf8+XkrsLHDhDpIZZxuBGaQYM/VKlXK1AkDPmGa+A0NU
i7AiB4nSwR272Z3RmZQHCN3LK0VCYuGFSFEbCBwz0726p0G7+ZeymYyZZ2/F06qk
DYCvaJe18aOs
-----END CERTIFICATE-----
Generated at Tue Apr 15 13:02:23 2025 by rpki-client