Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/ca3b5f-0221-43ad-8abd-1c13206a8123/1/I3MDgaIPk5rQhFYqlKJ88u7QcKA.roa
File: I3MDgaIPk5rQhFYqlKJ88u7QcKA.roa (raw, json)
Hash identifier: 9W6ILnGR89GeCDK+0ZtMLah7T+7H4VrTikrakuva5SY=
Subject key identifier: 23:73:03:81:A2:0F:93:9A:D0:84:56:2A:94:A2:7C:F2:EE:D0:70:A0
Certificate issuer: /CN=893afecd711705c476b785d0c86ef54c2124354c
Certificate serial: 019425218138917658DF6A2ABA4CEC602E2A
Authority key identifier: 89:3A:FE:CD:71:17:05:C4:76:B7:85:D0:C8:6E:F5:4C:21:24:35:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iTr-zXEXBcR2t4XQyG71TCEkNUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/ca3b5f-0221-43ad-8abd-1c13206a8123/1/I3MDgaIPk5rQhFYqlKJ88u7QcKA.roa
Signing time: Thu 02 Jan 2025 03:49:00 +0000
ROA not before: Thu 02 Jan 2025 03:49:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8767
IP address blocks: 2a01:4800::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/ca3b5f-0221-43ad-8abd-1c13206a8123/1/iTr-zXEXBcR2t4XQyG71TCEkNUw.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/ca3b5f-0221-43ad-8abd-1c13206a8123/1/iTr-zXEXBcR2t4XQyG71TCEkNUw.mft
rsync://rpki.ripe.net/repository/DEFAULT/iTr-zXEXBcR2t4XQyG71TCEkNUw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:81:38:91:76:58:df:6a:2a:ba:4c:ec:60:2e:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=893afecd711705c476b785d0c86ef54c2124354c
Validity
Not Before: Jan 2 03:49:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=23730381a20f939ad084562a94a27cf2eed070a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:c0:8a:56:fc:50:47:e3:0f:8b:ad:9f:42:c7:
bd:95:54:fe:02:5d:40:41:78:d3:4a:ef:fa:1d:23:
b5:49:6d:9e:53:a6:04:7f:a7:eb:8d:17:dc:26:8c:
0b:ef:e6:95:6e:6e:82:9d:68:ba:f5:87:8d:55:77:
03:92:df:89:e9:f0:8f:72:e4:ee:40:55:51:f0:da:
4b:b9:27:37:c4:df:68:7b:94:20:d7:fa:a7:10:aa:
c9:fa:cd:1f:fc:5e:19:79:50:6c:a2:c3:1b:e0:38:
bc:42:90:2e:4d:5f:a0:0c:2b:ef:2d:a3:a4:87:1f:
32:39:a3:b8:f0:96:2d:5b:54:89:52:1d:48:58:27:
9d:a6:2d:b5:a6:ac:7e:df:1f:b3:28:71:a0:0f:ff:
04:75:28:7f:cc:5c:53:75:a4:a0:af:df:e9:e4:6c:
f8:e4:af:87:13:d0:cb:b4:a0:ea:c7:8f:85:53:28:
a8:46:18:8d:95:fa:61:be:25:6c:83:66:5f:46:ca:
78:32:d7:df:cd:be:c7:ad:ad:1f:10:43:c3:dd:d7:
29:2a:46:14:1b:fb:0e:5a:81:80:12:15:39:fc:51:
9b:5c:c6:46:8b:0f:c9:4e:72:5a:3d:b1:b7:85:b8:
71:9b:ee:ff:a5:74:ca:db:64:93:b3:d9:5f:aa:1d:
ad:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:73:03:81:A2:0F:93:9A:D0:84:56:2A:94:A2:7C:F2:EE:D0:70:A0
X509v3 Authority Key Identifier:
keyid:89:3A:FE:CD:71:17:05:C4:76:B7:85:D0:C8:6E:F5:4C:21:24:35:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iTr-zXEXBcR2t4XQyG71TCEkNUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/ca3b5f-0221-43ad-8abd-1c13206a8123/1/I3MDgaIPk5rQhFYqlKJ88u7QcKA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/ca3b5f-0221-43ad-8abd-1c13206a8123/1/iTr-zXEXBcR2t4XQyG71TCEkNUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:4800::/32
Signature Algorithm: sha256WithRSAEncryption
77:0b:a9:d3:58:ef:73:9b:35:7f:30:64:52:da:40:35:10:b6:
d0:39:be:b1:f7:7e:3d:5a:49:2c:3c:93:1d:e5:d4:5c:aa:47:
f3:cc:e2:f0:54:94:fe:97:8e:59:57:3c:4e:b3:92:4e:90:b1:
b5:05:0d:97:3d:7c:df:45:91:fa:de:db:15:62:83:6c:30:84:
b5:5c:93:ab:d9:a5:60:b2:f3:af:5e:b7:82:be:d4:79:5d:b2:
42:29:17:a6:c6:f1:1e:66:5b:1b:dc:96:b2:71:e4:bc:c5:9e:
de:0a:af:7d:40:33:0f:7f:7e:9e:ba:47:94:0a:96:5d:9a:c6:
c5:89:59:5a:48:36:e4:e4:e9:9d:c3:2f:13:27:cb:19:68:05:
53:82:30:4c:99:e4:29:2e:6a:8d:9b:5b:7b:e7:52:8b:c8:45:
ef:41:b6:17:c4:fd:81:74:63:fd:26:83:35:5e:1d:65:d6:2f:
5e:1c:3e:9a:b7:08:52:b4:3f:ad:c9:dc:7a:a8:74:63:7c:28:
90:87:5d:00:df:46:63:e3:e9:2c:2d:fd:c8:de:84:e2:c7:7e:
ec:89:1b:4d:bf:7b:54:29:12:b5:eb:a2:d9:68:1a:01:7f:80:
af:7b:7c:68:21:23:fe:bd:2d:26:08:02:90:bc:16:8a:78:13:
a2:fa:2a:5a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQlIYE4kXZY32oqukzsYC4qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5M2FmZWNkNzExNzA1YzQ3NmI3ODVkMGM4NmVmNTRjMjEy
NDM1NGMwHhcNMjUwMTAyMDM0OTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzczMDM4MWEyMGY5MzlhZDA4NDU2MmE5NGEyN2NmMmVlZDA3MGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxsCKVvxQR+MPi62fQse9lVT+Al1A
QXjTSu/6HSO1SW2eU6YEf6frjRfcJowL7+aVbm6CnWi69YeNVXcDkt+J6fCPcuTu
QFVR8NpLuSc3xN9oe5Qg1/qnEKrJ+s0f/F4ZeVBsosMb4Di8QpAuTV+gDCvvLaOk
hx8yOaO48JYtW1SJUh1IWCedpi21pqx+3x+zKHGgD/8EdSh/zFxTdaSgr9/p5Gz4
5K+HE9DLtKDqx4+FUyioRhiNlfphviVsg2ZfRsp4Mtffzb7Hra0fEEPD3dcpKkYU
G/sOWoGAEhU5/FGbXMZGiw/JTnJaPbG3hbhxm+7/pXTK22STs9lfqh2tCQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFCNzA4GiD5Oa0IRWKpSifPLu0HCgMB8GA1UdIwQY
MBaAFIk6/s1xFwXEdreF0Mhu9UwhJDVMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVRyLXpYRVhCY1IydDRYUXlHNzFUQ0VrTlV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9jYTNiNWYtMDIyMS00M2FkLThhYmQt
MWMxMzIwNmE4MTIzLzEvSTNNRGdhSVBrNXJRaEZZcWxLSjg4dTdRY0tBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9jYTNiNWYtMDIyMS00M2FkLThhYmQtMWMxMzIwNmE4MTIz
LzEvaVRyLXpYRVhCY1IydDRYUXlHNzFUQ0VrTlV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgFIADAN
BgkqhkiG9w0BAQsFAAOCAQEAdwup01jvc5s1fzBkUtpANRC20Dm+sfd+PVpJLDyT
HeXUXKpH88zi8FSU/peOWVc8TrOSTpCxtQUNlz1830WR+t7bFWKDbDCEtVyTq9ml
YLLzr163gr7UeV2yQikXpsbxHmZbG9yWsnHkvMWe3gqvfUAzD39+nrpHlAqWXZrG
xYlZWkg25OTpncMvEyfLGWgFU4IwTJnkKS5qjZtbe+dSi8hF70G2F8T9gXRj/SaD
NV4dZdYvXhw+mrcIUrQ/rcnceqh0Y3wokIddAN9GY+PpLC39yN6E4sd+7IkbTb97
VCkSteui2WgaAX+Ar3t8aCEj/r0tJggCkLwWingTovoqWg==
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:59:21 2025 by rpki-client