Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/044350-8cc9-486d-87c9-572c4e129d32/1/ylPOOnSs52DARSEahPLXBl4_KnA.roa
File: ylPOOnSs52DARSEahPLXBl4_KnA.roa (raw, json)
Hash identifier: lVDEfOqJ+hS5o1tAWzlyu4ZG8E1RuFvF7CBIziXEhTM=
Subject key identifier: CA:53:CE:3A:74:AC:E7:60:C0:45:21:1A:84:F2:D7:06:5E:3F:2A:70
Certificate issuer: /CN=bc995d15502780acdf7b6e6a1865edb5a0e7dc4b
Certificate serial: 01941FFA1D9F8ED8D7329E2A9E62DF8C5833
Authority key identifier: BC:99:5D:15:50:27:80:AC:DF:7B:6E:6A:18:65:ED:B5:A0:E7:DC:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vJldFVAngKzfe25qGGXttaDn3Es.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/044350-8cc9-486d-87c9-572c4e129d32/1/ylPOOnSs52DARSEahPLXBl4_KnA.roa
Signing time: Wed 01 Jan 2025 03:47:52 +0000
ROA not before: Wed 01 Jan 2025 03:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209242
IP address blocks: 2a14:71c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/044350-8cc9-486d-87c9-572c4e129d32/1/vJldFVAngKzfe25qGGXttaDn3Es.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/044350-8cc9-486d-87c9-572c4e129d32/1/vJldFVAngKzfe25qGGXttaDn3Es.mft
rsync://rpki.ripe.net/repository/DEFAULT/vJldFVAngKzfe25qGGXttaDn3Es.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:1d:9f:8e:d8:d7:32:9e:2a:9e:62:df:8c:58:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc995d15502780acdf7b6e6a1865edb5a0e7dc4b
Validity
Not Before: Jan 1 03:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ca53ce3a74ace760c045211a84f2d7065e3f2a70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:fb:b4:bb:08:30:a6:b4:68:1f:94:7e:c7:a4:
60:ff:09:3c:76:06:2f:e7:ab:85:e6:56:18:11:c9:
43:9a:3e:96:96:f9:02:1f:63:51:0d:c4:f8:f8:0c:
f3:08:a7:c0:06:b0:71:b7:d9:cb:97:bb:cc:5f:e4:
4d:c3:4b:e0:97:a3:7a:54:a0:50:ab:40:65:13:72:
bb:4f:20:0b:61:ed:3c:56:bd:3c:42:5b:05:ad:c0:
62:94:92:3d:b5:13:f7:3d:4d:0d:71:65:1e:84:60:
e9:27:c3:5d:b6:e7:ca:d4:90:d1:7f:b4:80:97:e0:
a0:68:6a:ad:44:f7:e1:dd:14:c0:62:d5:0a:15:5b:
97:89:74:f1:cc:d8:34:86:08:40:65:32:ca:2c:7d:
8d:72:02:89:63:10:e6:89:49:a5:b7:df:4b:0a:06:
6c:db:eb:d6:72:79:58:05:d3:4a:af:d6:cf:6a:66:
a3:2a:06:bc:bb:1d:bf:a9:f4:ed:5a:84:09:62:78:
5b:0a:9f:89:cc:51:f3:0a:c3:3b:03:58:5f:d4:f3:
8e:23:f2:28:9a:21:b3:34:45:ae:04:0b:a0:a1:d0:
b5:f8:94:dc:2f:64:d0:10:1c:65:24:0d:81:10:1b:
93:94:ad:38:f7:81:a8:29:eb:1f:8b:7e:e6:d3:af:
b5:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:53:CE:3A:74:AC:E7:60:C0:45:21:1A:84:F2:D7:06:5E:3F:2A:70
X509v3 Authority Key Identifier:
keyid:BC:99:5D:15:50:27:80:AC:DF:7B:6E:6A:18:65:ED:B5:A0:E7:DC:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vJldFVAngKzfe25qGGXttaDn3Es.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/044350-8cc9-486d-87c9-572c4e129d32/1/ylPOOnSs52DARSEahPLXBl4_KnA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/044350-8cc9-486d-87c9-572c4e129d32/1/vJldFVAngKzfe25qGGXttaDn3Es.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:71c0::/32
Signature Algorithm: sha256WithRSAEncryption
97:31:2f:a5:0b:e4:6a:a3:49:22:eb:3f:f0:9d:d3:c1:d6:a8:
a4:1d:38:d2:15:e7:b0:e0:3f:89:78:e3:23:b5:d9:15:f4:82:
8d:71:9e:d8:55:01:ab:ae:b3:57:98:9a:a5:44:aa:fd:3e:39:
38:83:a2:f8:f7:22:f6:73:5c:3b:4c:a9:cb:ff:e2:07:4f:51:
d6:bd:bd:31:31:28:e6:a3:d5:6d:8b:16:02:f0:90:1a:5e:d2:
0f:46:1c:0d:c9:e7:51:11:d9:3d:ae:a2:08:f8:c5:61:3d:04:
a1:13:7a:d3:46:e6:6d:55:9c:57:a1:d7:3e:05:a6:9f:72:d4:
5e:9d:53:fc:57:aa:0d:13:a5:01:cc:26:90:86:ee:2d:73:6e:
51:20:59:4b:e4:b6:9d:6b:a0:ef:26:64:c0:bc:f6:f8:80:a8:
bf:ca:93:67:1b:66:36:99:3b:b3:c7:da:14:e7:90:34:7c:6a:
b1:a9:8f:bc:c5:82:fa:94:ff:ea:71:60:99:9a:ed:31:77:06:
67:55:12:cb:e4:d9:70:43:cf:59:86:73:e8:8e:41:e4:3f:e2:
f0:a4:21:7c:c0:4d:b6:14:79:8e:2d:0f:b9:14:21:12:66:22:
0a:55:3b:ba:48:c3:c8:27:c0:55:7a:90:1a:bd:65:4c:f9:0b:
f0:86:8a:2e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQf+h2fjtjXMp4qnmLfjFgzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjOTk1ZDE1NTAyNzgwYWNkZjdiNmU2YTE4NjVlZGI1YTBl
N2RjNGIwHhcNMjUwMTAxMDM0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTUzY2UzYTc0YWNlNzYwYzA0NTIxMWE4NGYyZDcwNjVlM2YyYTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6/u0uwgwprRoH5R+x6Rg/wk8dgYv
56uF5lYYEclDmj6WlvkCH2NRDcT4+AzzCKfABrBxt9nLl7vMX+RNw0vgl6N6VKBQ
q0BlE3K7TyALYe08Vr08QlsFrcBilJI9tRP3PU0NcWUehGDpJ8NdtufK1JDRf7SA
l+CgaGqtRPfh3RTAYtUKFVuXiXTxzNg0hghAZTLKLH2NcgKJYxDmiUmlt99LCgZs
2+vWcnlYBdNKr9bPamajKga8ux2/qfTtWoQJYnhbCp+JzFHzCsM7A1hf1POOI/Io
miGzNEWuBAugodC1+JTcL2TQEBxlJA2BEBuTlK0494GoKesfi37m06+1JQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFMpTzjp0rOdgwEUhGoTy1wZePypwMB8GA1UdIwQY
MBaAFLyZXRVQJ4Cs33tuahhl7bWg59xLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkpsZEZWQW5nS3pmZTI1cUdHWHR0YURuM0VzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS8wNDQzNTAtOGNjOS00ODZkLTg3Yzkt
NTcyYzRlMTI5ZDMyLzEveWxQT09uU3M1MkRBUlNFYWhQTFhCbDRfS25BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS8wNDQzNTAtOGNjOS00ODZkLTg3YzktNTcyYzRlMTI5ZDMy
LzEvdkpsZEZWQW5nS3pmZTI1cUdHWHR0YURuM0VzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhRxwDAN
BgkqhkiG9w0BAQsFAAOCAQEAlzEvpQvkaqNJIus/8J3TwdaopB040hXnsOA/iXjj
I7XZFfSCjXGe2FUBq66zV5iapUSq/T45OIOi+Pci9nNcO0ypy//iB09R1r29MTEo
5qPVbYsWAvCQGl7SD0YcDcnnURHZPa6iCPjFYT0EoRN600bmbVWcV6HXPgWmn3LU
Xp1T/FeqDROlAcwmkIbuLXNuUSBZS+S2nWug7yZkwLz2+ICov8qTZxtmNpk7s8fa
FOeQNHxqsamPvMWC+pT/6nFgmZrtMXcGZ1USy+TZcEPPWYZz6I5B5D/i8KQhfMBN
thR5ji0PuRQhEmYiClU7ukjDyCfAVXqQGr1lTPkL8IaKLg==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:44:01 2025 by rpki-client