Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/5QsBZhifiwkFPIa13S5fzOw8sUQ.roa
File: 5QsBZhifiwkFPIa13S5fzOw8sUQ.roa (raw, json)
Hash identifier: 6kvdqJyHiH4FBD8qJcEiur6IL03/ZVjT1Z99hAl+xrM=
Subject key identifier: E5:0B:01:66:18:9F:8B:09:05:3C:86:B5:DD:2E:5F:CC:EC:3C:B1:44
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0195148A9DBE2DE8782E2033396B62455FA5
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/5QsBZhifiwkFPIa13S5fzOw8sUQ.roa
Signing time: Mon 17 Feb 2025 15:33:03 +0000
ROA not before: Mon 17 Feb 2025 15:33:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 32489
IP address blocks: 2a12:f5c0::/32 maxlen: 32
2a12:f5c1::/32 maxlen: 32
2a12:f5c2::/32 maxlen: 32
2a12:f5c3::/32 maxlen: 32
2a12:f5c4::/32 maxlen: 32
2a12:f5c5::/32 maxlen: 32
2a12:f5c6::/32 maxlen: 32
2a12:f5c7::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:14:8a:9d:be:2d:e8:78:2e:20:33:39:6b:62:45:5f:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Feb 17 15:33:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e50b0166189f8b09053c86b5dd2e5fccec3cb144
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:33:58:97:9d:bc:1a:b5:d8:50:bb:e6:a4:67:
03:ea:6f:01:2f:c0:1a:0e:30:8d:5e:e5:47:c9:b8:
6e:38:64:42:07:72:f7:7e:8e:74:60:bc:5a:93:d1:
29:a0:58:62:99:a4:3a:c9:b8:14:ca:a3:f6:44:27:
0d:b8:5c:10:90:27:23:6f:c5:5c:61:1d:c4:df:43:
44:f8:92:1a:e5:7b:ba:c8:0c:a4:c8:dd:ef:a1:37:
13:40:76:bf:30:c1:89:fe:af:f3:bf:f1:30:5e:ee:
46:1f:d3:1b:31:82:16:eb:4a:54:a2:b4:71:82:71:
b6:79:17:a4:23:fa:2b:1e:6f:c9:25:12:94:8c:02:
81:5b:5e:1e:98:3e:ed:90:2e:54:e8:5f:98:0b:da:
b5:03:d9:fc:b3:94:59:7d:cc:e7:cd:0f:6c:74:e1:
ae:a9:79:03:25:5e:46:81:56:b9:50:6c:27:4e:0f:
84:b2:3e:c9:33:2a:00:e1:16:8f:4a:c9:a1:52:76:
58:14:ff:2d:8f:1b:63:59:fc:fa:47:65:0a:4c:26:
c2:7a:0a:8a:cb:d2:10:39:50:ac:cb:a8:f6:21:b0:
be:8b:11:ad:d6:da:8c:e8:40:4f:8c:25:3f:d8:b7:
d1:f9:50:a3:d7:8a:3e:32:50:5c:1f:ff:0a:2d:c7:
61:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:0B:01:66:18:9F:8B:09:05:3C:86:B5:DD:2E:5F:CC:EC:3C:B1:44
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/5QsBZhifiwkFPIa13S5fzOw8sUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:f5c0::/29
Signature Algorithm: sha256WithRSAEncryption
23:30:0c:13:c1:81:6c:ab:0f:1a:47:d5:aa:a1:57:38:08:ed:
aa:ee:2e:a2:a1:0f:01:59:37:e2:5d:71:c4:a2:cc:c1:b5:72:
c2:1f:bf:94:4f:71:18:53:98:58:69:5f:fc:fc:cd:8b:74:9b:
06:2d:cf:47:eb:b1:80:df:dc:5f:12:0f:14:3f:dd:f6:59:51:
2f:4d:4b:0f:33:57:fe:24:91:4b:29:1a:05:55:5e:e4:17:3c:
0c:b5:1c:41:81:a6:9e:8f:cd:08:14:64:b8:f8:f1:bf:c5:e3:
f3:e8:6a:30:38:f8:8d:b3:0f:f9:18:e1:34:c7:f9:05:f2:75:
f9:9d:f9:17:a8:67:67:d6:e2:8f:48:b3:7b:f3:b5:4f:2a:09:
3d:c9:50:a3:19:04:30:8d:e8:d0:bf:62:be:91:0c:88:26:52:
0d:86:fb:d3:20:e0:c8:cb:5f:e6:07:5e:c3:05:69:d4:43:4f:
1a:ff:ad:8d:75:86:59:8e:4d:cf:fc:56:fc:a8:0a:a3:38:2d:
73:a6:fa:ad:67:e9:66:a0:ce:d1:de:6c:ba:71:0b:dd:8a:9f:
8e:22:a3:77:0f:fe:5f:a5:1a:8c:80:d4:f1:bf:b0:3a:9d:66:
42:95:01:3f:b5:c6:a5:87:39:6c:37:c8:77:03:c4:64:61:00:
71:18:dd:25
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZUUip2+Leh4LiAzOWtiRV+lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwMjE3MTUzMzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTBiMDE2NjE4OWY4YjA5MDUzYzg2YjVkZDJlNWZjY2VjM2NiMTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjNYl528GrXYULvmpGcD6m8BL8Aa
DjCNXuVHybhuOGRCB3L3fo50YLxak9EpoFhimaQ6ybgUyqP2RCcNuFwQkCcjb8Vc
YR3E30NE+JIa5Xu6yAykyN3voTcTQHa/MMGJ/q/zv/EwXu5GH9MbMYIW60pUorRx
gnG2eRekI/orHm/JJRKUjAKBW14emD7tkC5U6F+YC9q1A9n8s5RZfcznzQ9sdOGu
qXkDJV5GgVa5UGwnTg+Esj7JMyoA4RaPSsmhUnZYFP8tjxtjWfz6R2UKTCbCegqK
y9IQOVCsy6j2IbC+ixGt1tqM6EBPjCU/2LfR+VCj14o+MlBcH/8KLcdhPwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOULAWYYn4sJBTyGtd0uX8zsPLFEMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvNVFzQlpoaWZpd2tGUElhMTNTNWZ6T3c4c1VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhL1wDAN
BgkqhkiG9w0BAQsFAAOCAQEAIzAME8GBbKsPGkfVqqFXOAjtqu4uoqEPAVk34l1x
xKLMwbVywh+/lE9xGFOYWGlf/PzNi3SbBi3PR+uxgN/cXxIPFD/d9llRL01LDzNX
/iSRSykaBVVe5Bc8DLUcQYGmno/NCBRkuPjxv8Xj8+hqMDj4jbMP+RjhNMf5BfJ1
+Z35F6hnZ9bij0ize/O1TyoJPclQoxkEMI3o0L9ivpEMiCZSDYb70yDgyMtf5gde
wwVp1ENPGv+tjXWGWY5Nz/xW/KgKozgtc6b6rWfpZqDO0d5sunEL3YqfjiKjdw/+
X6UajIDU8b+wOp1mQpUBP7XGpYc5bDfIdwPEZGEAcRjdJQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 07:07:02 2025 by rpki-client