Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/LeYuHL4HXiMHB4J2QkHtwOxCyBk.roa
File: LeYuHL4HXiMHB4J2QkHtwOxCyBk.roa (raw, json)
Hash identifier: BLeEsqQK/ttNzFg58/7KftSGLiWgdbOMCF3IrpZJVZU=
Subject key identifier: 2D:E6:2E:1C:BE:07:5E:23:07:07:82:76:42:41:ED:C0:EC:42:C8:19
Certificate issuer: /CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Certificate serial: 01942369DAB130294043FDA5A33DD57B01C7
Authority key identifier: EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/LeYuHL4HXiMHB4J2QkHtwOxCyBk.roa
Signing time: Wed 01 Jan 2025 19:48:47 +0000
ROA not before: Wed 01 Jan 2025 19:48:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213220
IP address blocks: 2a13:f080::/32 maxlen: 32
2a13:f081::/32 maxlen: 32
2a13:f082::/32 maxlen: 32
2a13:f083::/32 maxlen: 32
2a13:f084::/32 maxlen: 32
2a13:f085::/32 maxlen: 32
2a13:f086::/32 maxlen: 32
2a13:f087::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.mft
rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 12:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:da:b1:30:29:40:43:fd:a5:a3:3d:d5:7b:01:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Validity
Not Before: Jan 1 19:48:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2de62e1cbe075e23070782764241edc0ec42c819
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:b8:83:e9:d5:a2:ff:3d:61:2c:f1:76:ed:44:
8d:b2:13:8a:f0:49:20:66:22:26:01:13:f1:a3:6d:
fa:b0:ff:1b:58:27:a9:b3:40:40:74:25:58:2b:38:
8e:97:24:3e:41:58:bc:84:25:38:40:51:54:65:c1:
8a:7f:a1:79:2f:96:92:31:02:43:ec:b8:ce:26:0b:
1a:8f:1d:37:81:e1:6e:56:87:e5:a0:e6:6f:28:30:
a2:05:91:25:d5:08:15:ab:f6:cd:22:d5:1c:e8:da:
10:a0:9b:8b:d4:1e:51:09:88:7c:75:e2:fe:7a:a2:
c1:39:c9:31:58:49:aa:01:b7:93:3b:87:96:8e:79:
c5:06:de:86:31:02:4b:6f:db:61:8e:fa:bd:ab:9c:
6e:5f:a5:4c:b4:bf:97:69:e2:7b:af:f1:fc:b5:60:
c9:3f:db:d9:84:21:e9:36:25:2b:1b:b7:00:06:a9:
13:e5:85:7f:72:7a:f3:f4:09:64:ae:21:55:cb:84:
42:fc:c4:47:ea:a6:6d:41:57:f9:31:b4:02:56:c4:
05:a8:5d:83:17:b9:51:4f:4b:b4:ea:19:7e:4c:d9:
c3:9b:44:92:40:82:fe:0e:3e:b1:86:9c:30:e7:d3:
16:a4:86:ff:e0:f6:98:72:b0:bc:9c:9a:82:bb:90:
d6:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:E6:2E:1C:BE:07:5E:23:07:07:82:76:42:41:ED:C0:EC:42:C8:19
X509v3 Authority Key Identifier:
keyid:EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/LeYuHL4HXiMHB4J2QkHtwOxCyBk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:f080::/29
Signature Algorithm: sha256WithRSAEncryption
48:ed:49:b0:76:11:4f:b1:9f:42:c0:6b:42:d2:5c:cc:b4:04:
2b:b6:76:89:e8:25:90:73:98:f9:d7:5d:7a:56:9b:ec:12:06:
14:ba:92:75:11:a4:2f:0c:d3:b5:e8:68:d6:73:b8:af:74:f0:
8c:73:19:28:a7:69:88:91:18:f4:92:0b:f7:fb:e4:bf:7d:0e:
bf:2d:06:ad:1b:bc:1b:bd:a8:fb:d3:34:d9:53:f1:0d:77:36:
e1:f9:6b:9f:c6:13:bb:2b:29:59:ed:a2:44:3f:90:71:f8:83:
e3:65:81:70:21:a9:2b:10:f6:17:2c:aa:58:07:be:a9:72:8d:
83:d8:f4:12:86:87:d1:df:21:95:5a:06:bb:0c:d9:0a:31:0e:
cd:76:9e:63:d5:71:31:c8:fe:98:1b:19:8a:46:58:82:2b:50:
9b:08:13:03:f7:da:7d:89:dd:cc:52:d3:90:6c:c6:29:54:ad:
ba:19:f5:10:7e:30:ad:88:22:59:19:13:a7:f1:b8:15:d5:80:
35:11:1f:da:3b:5e:1f:a8:fa:bf:74:be:cd:01:e4:7b:44:56:
ae:ce:d7:c5:a0:37:3f:a2:ad:2e:41:03:1c:2b:34:36:7f:c5:
76:b1:40:5a:19:e8:9a:69:3c:b5:4f:32:a8:4e:b1:ca:55:78:
a8:d6:17:0f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQjadqxMClAQ/2loz3VewHHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYmJmMzE3ZTVmYWY1ZWYwMmM5Y2NlNzk1MjdkNWU3NGI4
YWJjYzUwHhcNMjUwMTAxMTk0ODQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGU2MmUxY2JlMDc1ZTIzMDcwNzgyNzY0MjQxZWRjMGVjNDJjODE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt7iD6dWi/z1hLPF27USNshOK8Ekg
ZiImARPxo236sP8bWCeps0BAdCVYKziOlyQ+QVi8hCU4QFFUZcGKf6F5L5aSMQJD
7LjOJgsajx03geFuVofloOZvKDCiBZEl1QgVq/bNItUc6NoQoJuL1B5RCYh8deL+
eqLBOckxWEmqAbeTO4eWjnnFBt6GMQJLb9thjvq9q5xuX6VMtL+XaeJ7r/H8tWDJ
P9vZhCHpNiUrG7cABqkT5YV/cnrz9AlkriFVy4RC/MRH6qZtQVf5MbQCVsQFqF2D
F7lRT0u06hl+TNnDm0SSQIL+Dj6xhpww59MWpIb/4PaYcrC8nJqCu5DW7QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFC3mLhy+B14jBweCdkJB7cDsQsgZMB8GA1UdIwQY
MBaAFO678xfl+vXvAsnM55Un1edLirzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMt
NmZlOWJmNjA1NjFjLzEvTGVZdUhMNEhYaU1IQjRKMlFrSHR3T3hDeUJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMtNmZlOWJmNjA1NjFj
LzEvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhPwgDAN
BgkqhkiG9w0BAQsFAAOCAQEASO1JsHYRT7GfQsBrQtJczLQEK7Z2ieglkHOY+ddd
elab7BIGFLqSdRGkLwzTteho1nO4r3TwjHMZKKdpiJEY9JIL9/vkv30Ovy0GrRu8
G72o+9M02VPxDXc24flrn8YTuyspWe2iRD+QcfiD42WBcCGpKxD2FyyqWAe+qXKN
g9j0EoaH0d8hlVoGuwzZCjEOzXaeY9VxMcj+mBsZikZYgitQmwgTA/fafYndzFLT
kGzGKVStuhn1EH4wrYgiWRkTp/G4FdWANREf2jteH6j6v3S+zQHke0RWrs7XxaA3
P6KtLkEDHCs0Nn/FdrFAWhnommk8tU8yqE6xylV4qNYXDw==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:12:06 2025 by rpki-client