Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/oDqQEagIQFa31cOBAlD4y_TvlPc.roa
File: oDqQEagIQFa31cOBAlD4y_TvlPc.roa (raw, json)
Hash identifier: ooBY4R11jNEUxjSe5bhGHynfrwKEbfV0wSg1AOAVFs4=
Subject key identifier: A0:3A:90:11:A8:08:40:56:B7:D5:C3:81:02:50:F8:CB:F4:EF:94:F7
Certificate issuer: /CN=58ad60da52671e9083cf39864eca2aa23241be9e
Certificate serial: 0195106EAA3BA84EBE776873EBD916C0C0F7
Authority key identifier: 58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/oDqQEagIQFa31cOBAlD4y_TvlPc.roa
Signing time: Sun 16 Feb 2025 20:24:02 +0000
ROA not before: Sun 16 Feb 2025 20:24:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396362
IP address blocks: 2a0b:a4c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.mft
rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:10:6e:aa:3b:a8:4e:be:77:68:73:eb:d9:16:c0:c0:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ad60da52671e9083cf39864eca2aa23241be9e
Validity
Not Before: Feb 16 20:24:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a03a9011a8084056b7d5c3810250f8cbf4ef94f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:dd:21:1e:51:25:bf:69:3a:85:c6:b0:55:cc:
ff:a4:0d:3d:e9:79:23:a0:80:87:f2:c5:22:2e:69:
34:5c:4f:d9:5a:ed:d7:80:da:e2:77:e5:8a:ec:1f:
7b:75:c6:42:11:ac:9b:ad:35:e0:21:87:cd:60:8f:
63:ea:4c:9d:f2:17:56:da:c5:44:78:90:3a:05:4c:
1c:3c:77:6d:d0:a5:bb:c5:6b:a5:f5:3e:2d:b1:cc:
f5:30:43:7e:17:f6:f3:9a:57:08:e4:00:99:d6:f4:
9e:23:20:88:a3:2f:a2:07:fc:85:61:25:3f:86:6f:
f0:f3:02:85:d3:13:01:0a:0d:56:88:fc:4d:5d:48:
d5:73:ca:12:b6:b6:ee:12:2f:2a:70:3a:8e:ce:dc:
af:ef:67:15:aa:5d:b2:d5:30:89:cc:91:4f:bf:5f:
dd:47:8e:1f:56:20:ea:52:60:2d:db:4e:f1:22:30:
91:dc:12:33:1c:8f:bf:0d:d6:65:db:78:6d:7a:be:
fa:f6:a6:32:a1:54:2c:ee:3f:63:f9:df:b9:00:85:
28:5a:9b:79:37:cd:65:55:f1:72:29:9f:45:ff:06:
1f:84:bd:07:78:04:47:d8:4e:50:9e:3d:a0:35:05:
85:a2:15:ff:4d:a4:4a:65:12:50:8d:f8:fc:d7:02:
1f:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:3A:90:11:A8:08:40:56:B7:D5:C3:81:02:50:F8:CB:F4:EF:94:F7
X509v3 Authority Key Identifier:
keyid:58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/oDqQEagIQFa31cOBAlD4y_TvlPc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:a4c0::/29
Signature Algorithm: sha256WithRSAEncryption
c4:e1:a8:20:02:e9:06:7f:3d:eb:0f:c4:08:07:4a:7d:6b:6a:
f0:ed:05:ce:3b:b6:a0:5c:52:2c:ed:4c:d5:33:dd:45:6e:73:
4a:09:05:11:3d:e1:18:76:71:8d:a5:a4:ee:4c:f7:c5:12:2b:
47:0d:e4:d9:20:81:c6:11:91:04:d2:89:ad:57:0f:12:bd:36:
fb:a6:fc:64:8e:b9:61:5a:37:d6:c2:39:6e:ef:bc:0c:b2:8a:
7b:9d:44:65:35:27:ff:f9:4f:f6:15:36:9c:00:9b:d9:69:a9:
54:72:07:8d:6c:47:98:31:84:ca:5d:d0:98:b3:82:a0:41:d8:
89:8f:e6:49:ed:87:ad:7b:43:cb:7b:a1:fe:be:2d:19:5e:e4:
dd:bc:8f:c9:a0:23:4a:c7:17:f8:5a:f8:b5:bb:53:99:a5:2b:
ad:8e:06:60:c4:1a:1f:73:4f:13:c5:fe:3e:09:9b:34:b2:9c:
ca:c7:c5:35:d8:20:b9:c2:1e:e0:21:60:a3:27:55:53:f9:03:
69:8d:c4:13:d2:9a:24:f3:1a:db:e7:be:17:a9:11:92:07:7e:
b7:c1:04:6e:51:93:41:0a:fc:46:65:0c:2f:c0:0c:e3:fc:b2:
f8:9b:6b:5e:bd:72:b6:f3:4c:9d:9f:2b:bc:28:79:7c:34:74:
58:80:fa:da
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZUQbqo7qE6+d2hz69kWwMD3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YWQ2MGRhNTI2NzFlOTA4M2NmMzk4NjRlY2EyYWEyMzI0
MWJlOWUwHhcNMjUwMjE2MjAyNDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDNhOTAxMWE4MDg0MDU2YjdkNWMzODEwMjUwZjhjYmY0ZWY5NGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm90hHlElv2k6hcawVcz/pA096Xkj
oICH8sUiLmk0XE/ZWu3XgNrid+WK7B97dcZCEaybrTXgIYfNYI9j6kyd8hdW2sVE
eJA6BUwcPHdt0KW7xWul9T4tscz1MEN+F/bzmlcI5ACZ1vSeIyCIoy+iB/yFYSU/
hm/w8wKF0xMBCg1WiPxNXUjVc8oStrbuEi8qcDqOztyv72cVql2y1TCJzJFPv1/d
R44fViDqUmAt207xIjCR3BIzHI+/DdZl23hter769qYyoVQs7j9j+d+5AIUoWpt5
N81lVfFyKZ9F/wYfhL0HeARH2E5Qnj2gNQWFohX/TaRKZRJQjfj81wIfIwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKA6kBGoCEBWt9XDgQJQ+Mv075T3MB8GA1UdIwQY
MBaAFFitYNpSZx6Qg885hk7KKqIyQb6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDct
MTFiM2NmM2ZkNGUxLzEvb0RxUUVhZ0lRRmEzMWNPQkFsRDR5X1R2bFBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDctMTFiM2NmM2ZkNGUx
LzEvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgukwDAN
BgkqhkiG9w0BAQsFAAOCAQEAxOGoIALpBn896w/ECAdKfWtq8O0Fzju2oFxSLO1M
1TPdRW5zSgkFET3hGHZxjaWk7kz3xRIrRw3k2SCBxhGRBNKJrVcPEr02+6b8ZI65
YVo31sI5bu+8DLKKe51EZTUn//lP9hU2nACb2WmpVHIHjWxHmDGEyl3QmLOCoEHY
iY/mSe2HrXtDy3uh/r4tGV7k3byPyaAjSscX+Fr4tbtTmaUrrY4GYMQaH3NPE8X+
PgmbNLKcysfFNdggucIe4CFgoydVU/kDaY3EE9KaJPMa2+e+F6kRkgd+t8EEblGT
QQr8RmUML8AM4/yy+JtrXr1ytvNMnZ8rvCh5fDR0WID62g==
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:17:25 2025 by rpki-client