Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/REJlO5RDgGg8KHSZHn8vGUTMF7E.roa
File: REJlO5RDgGg8KHSZHn8vGUTMF7E.roa (raw, json)
Hash identifier: qp6IBgSlDMfFvmUxqyeIHZgSQ5M/3Vlus1RH7Mg0+Rw=
Subject key identifier: 44:42:65:3B:94:43:80:68:3C:28:74:99:1E:7F:2F:19:44:CC:17:B1
Certificate issuer: /CN=58ad60da52671e9083cf39864eca2aa23241be9e
Certificate serial: 0195D40852BE419AC33A28E0B40D48E66D22
Authority key identifier: 58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/REJlO5RDgGg8KHSZHn8vGUTMF7E.roa
Signing time: Wed 26 Mar 2025 19:57:50 +0000
ROA not before: Wed 26 Mar 2025 19:57:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212477
IP address blocks: 2a0f:e3c0::/29 maxlen: 29
2a13:d1c0::/29 maxlen: 29
2a13:dcc0::/29 maxlen: 29
2a13:dd40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.mft
rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 19:01:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:d4:08:52:be:41:9a:c3:3a:28:e0:b4:0d:48:e6:6d:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ad60da52671e9083cf39864eca2aa23241be9e
Validity
Not Before: Mar 26 19:57:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4442653b944380683c2874991e7f2f1944cc17b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:14:51:53:bc:55:6e:11:c0:1f:37:27:fa:cb:
db:a1:16:11:ad:b6:c8:4c:4f:53:ff:e8:33:c7:bb:
55:06:0e:b4:4e:de:78:5b:c1:f1:fd:af:90:14:5f:
b8:52:49:b5:82:98:cd:0d:b5:aa:db:23:1e:4c:36:
fb:54:4a:fd:56:d5:f2:2e:61:29:3a:7f:b2:2a:cf:
ff:76:4a:2d:42:fc:43:94:f0:2d:46:20:8c:b1:25:
6e:7f:a2:db:71:93:e2:38:e3:84:8e:cf:67:a0:02:
a0:79:d9:4b:2c:d0:8c:3b:31:fb:d0:6b:51:c3:53:
0e:9a:d8:a0:31:22:c1:a9:c3:82:22:0b:83:53:2a:
7d:3a:87:f5:71:ab:77:11:15:fe:d8:02:1b:17:d1:
0e:c2:2b:ca:da:bd:d6:a9:e5:52:07:58:9d:22:ba:
18:7b:b0:48:b5:af:11:6f:93:fe:f8:05:45:2d:a7:
2c:a3:6d:f4:ae:0f:08:79:bf:b6:0b:e4:9a:39:9c:
b3:bd:da:61:54:78:a6:52:6e:bd:7e:ea:e0:24:e7:
47:a9:dd:92:de:b7:57:ae:e1:3d:59:1f:cd:e0:d3:
28:f6:26:3b:53:ce:06:ec:12:32:ad:09:0a:55:e1:
e1:a2:66:3f:10:94:3e:eb:79:6a:94:bd:3f:ee:a8:
d9:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:42:65:3B:94:43:80:68:3C:28:74:99:1E:7F:2F:19:44:CC:17:B1
X509v3 Authority Key Identifier:
keyid:58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/REJlO5RDgGg8KHSZHn8vGUTMF7E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:e3c0::/29
2a13:d1c0::/29
2a13:dcc0::/29
2a13:dd40::/29
Signature Algorithm: sha256WithRSAEncryption
7e:36:e0:ac:5b:a2:ce:be:dc:77:d0:03:e5:8c:a9:89:bd:0f:
26:d9:d8:e2:fe:97:99:bd:17:59:34:c7:50:a5:d1:4b:5b:cb:
8a:2e:d5:8f:c5:e2:59:a4:4c:23:88:75:a5:6f:92:39:24:e5:
26:33:64:0e:f6:e6:c8:72:a9:31:37:2d:dc:dc:d5:ae:39:d4:
82:f2:28:53:42:06:dc:22:b4:a7:68:6b:46:92:8a:b6:cd:1f:
0d:54:58:ea:b5:c2:d3:13:c6:6a:d1:a9:af:8b:a4:c5:00:b4:
89:26:c8:9e:27:96:a3:97:99:8f:c5:ad:9d:0b:4f:03:6b:54:
c8:a0:ab:24:72:eb:6f:4a:bc:44:54:c0:05:70:8a:0f:c2:8e:
50:ea:db:fb:f5:4e:d8:47:ba:90:a3:14:63:34:92:32:09:d1:
5a:7a:f2:c7:88:41:bf:f4:4d:8c:ea:69:bb:4e:68:43:fa:43:
44:ea:79:2c:ec:1a:45:f9:c4:b0:84:b3:25:8b:0c:8d:5e:f6:
0a:f8:2e:14:c7:4c:61:a0:61:88:28:c9:de:6b:c3:fa:93:47:
2a:ed:10:cc:c1:7c:d4:b9:fc:c7:af:99:ce:a7:07:90:37:cd:
37:78:df:c9:24:ed:7a:13:31:9d:53:17:da:bc:bf:02:62:89:
c1:0b:d6:fd
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZXUCFK+QZrDOijgtA1I5m0iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YWQ2MGRhNTI2NzFlOTA4M2NmMzk4NjRlY2EyYWEyMzI0
MWJlOWUwHhcNMjUwMzI2MTk1NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDQyNjUzYjk0NDM4MDY4M2MyODc0OTkxZTdmMmYxOTQ0Y2MxN2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRRRU7xVbhHAHzcn+svboRYRrbbI
TE9T/+gzx7tVBg60Tt54W8Hx/a+QFF+4Ukm1gpjNDbWq2yMeTDb7VEr9VtXyLmEp
On+yKs//dkotQvxDlPAtRiCMsSVuf6LbcZPiOOOEjs9noAKgedlLLNCMOzH70GtR
w1MOmtigMSLBqcOCIguDUyp9Oof1cat3ERX+2AIbF9EOwivK2r3WqeVSB1idIroY
e7BIta8Rb5P++AVFLacso230rg8Ieb+2C+SaOZyzvdphVHimUm69furgJOdHqd2S
3rdXruE9WR/N4NMo9iY7U84G7BIyrQkKVeHhomY/EJQ+63lqlL0/7qjZSwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFERCZTuUQ4BoPCh0mR5/LxlEzBexMB8GA1UdIwQY
MBaAFFitYNpSZx6Qg885hk7KKqIyQb6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDct
MTFiM2NmM2ZkNGUxLzEvUkVKbE81UkRnR2c4S0hTWkhuOHZHVVRNRjdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDctMTFiM2NmM2ZkNGUx
LzEvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKg/jwAMF
AyoT0cADBQMqE9zAAwUDKhPdQDANBgkqhkiG9w0BAQsFAAOCAQEAfjbgrFuizr7c
d9AD5Yypib0PJtnY4v6Xmb0XWTTHUKXRS1vLii7Vj8XiWaRMI4h1pW+SOSTlJjNk
DvbmyHKpMTct3NzVrjnUgvIoU0IG3CK0p2hrRpKKts0fDVRY6rXC0xPGatGpr4uk
xQC0iSbInieWo5eZj8WtnQtPA2tUyKCrJHLrb0q8RFTABXCKD8KOUOrb+/VO2Ee6
kKMUYzSSMgnRWnryx4hBv/RNjOppu05oQ/pDROp5LOwaRfnEsISzJYsMjV72Cvgu
FMdMYaBhiCjJ3mvD+pNHKu0QzMF81Ln8x6+ZzqcHkDfNN3jfySTtehMxnVMX2ry/
AmKJwQvW/Q==
-----END CERTIFICATE-----
Generated at Sun Apr 6 05:31:51 2025 by rpki-client