Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Df0-HAx60v1tCUaz6rE-xrFKN7I.roa
File: Df0-HAx60v1tCUaz6rE-xrFKN7I.roa (raw, json)
Hash identifier: Y0AAdf1SkVuWaGmnSYYYxY5TQh0OY077y7ms13BtKBQ=
Subject key identifier: 0D:FD:3E:1C:0C:7A:D2:FD:6D:09:46:B3:EA:B1:3E:C6:B1:4A:37:B2
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0195FC0300B51BEA9466000CD08265A4DD48
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Df0-HAx60v1tCUaz6rE-xrFKN7I.roa
Signing time: Thu 03 Apr 2025 14:16:49 +0000
ROA not before: Thu 03 Apr 2025 14:16:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14576
IP address blocks: 2a0f:2840::/29 maxlen: 29
2a0f:9e00::/29 maxlen: 29
2a10:7f00::/29 maxlen: 29
2a11:4800::/29 maxlen: 32
2a11:5c80::/29 maxlen: 29
2a12:2c80::/29 maxlen: 29
2a12:4b00::/29 maxlen: 29
2a12:5e00::/29 maxlen: 29
2a12:d5c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 10:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:fc:03:00:b5:1b:ea:94:66:00:0c:d0:82:65:a4:dd:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Apr 3 14:16:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0dfd3e1c0c7ad2fd6d0946b3eab13ec6b14a37b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:26:fe:e6:4c:5b:db:21:3f:e9:f4:9d:6a:1c:
0c:87:b5:65:3d:14:8f:e7:98:cc:2f:d3:ec:ba:92:
f0:4c:f6:0e:d8:27:2b:9f:34:b9:4c:1e:6f:ff:c5:
29:dd:2c:c8:16:8c:7b:d4:fc:01:0d:f2:9d:55:bd:
95:fb:4a:2e:76:b6:89:01:20:e9:58:b7:73:73:0c:
85:33:14:fb:1a:22:5b:83:c8:2e:9d:79:1f:d5:a5:
17:de:35:a5:ad:52:ba:87:71:b7:ba:d1:40:79:d2:
b0:7e:36:39:e9:4c:fa:4a:4b:09:51:f4:2f:5a:0a:
68:cc:73:77:d0:1b:d4:59:a7:cb:c5:c2:3e:98:89:
c8:52:e2:fe:da:0d:70:91:09:32:87:78:57:8c:0b:
62:52:78:39:0b:b9:0e:99:de:c7:10:c3:9e:77:0a:
49:cf:22:2a:25:af:f6:70:75:7d:50:6c:da:a6:46:
47:4a:29:13:19:c7:d2:e0:c8:43:24:50:2c:6f:de:
02:70:3a:6d:e8:bf:84:9b:1a:8d:71:27:77:f9:be:
72:85:47:42:6e:3f:6f:e8:6f:62:04:0e:3a:b5:3a:
b9:b0:99:c4:7f:00:c8:80:03:36:60:80:bf:ff:02:
5c:b9:33:7b:95:3d:04:0c:bf:df:c2:ff:ef:27:2c:
f0:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:FD:3E:1C:0C:7A:D2:FD:6D:09:46:B3:EA:B1:3E:C6:B1:4A:37:B2
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Df0-HAx60v1tCUaz6rE-xrFKN7I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:2840::/29
2a0f:9e00::/29
2a10:7f00::/29
2a11:4800::/29
2a11:5c80::/29
2a12:2c80::/29
2a12:4b00::/29
2a12:5e00::/29
2a12:d5c0::/29
Signature Algorithm: sha256WithRSAEncryption
99:cd:b1:46:2f:a4:85:88:fc:c7:04:ae:59:ba:c8:17:33:fb:
6f:18:49:78:8f:40:35:76:95:79:f6:81:30:f6:48:eb:01:5b:
ca:06:92:09:13:80:5a:0c:11:1a:50:b1:95:74:84:45:67:a4:
65:aa:cb:75:ab:b5:dc:2a:00:34:ac:fa:f9:9b:88:a2:f6:b4:
e9:5f:ef:b5:cd:e2:d0:bf:a9:cc:58:e8:21:1b:bd:ce:70:b1:
b4:ff:b3:24:26:17:d1:10:6b:d7:18:fd:29:26:4e:d5:ad:a3:
7c:ee:95:f8:1e:d5:54:ef:e4:f2:1c:8c:a9:a1:8f:99:59:af:
c6:b3:ac:69:ed:2d:5f:06:7b:39:74:11:e3:e3:d6:00:b9:56:
78:2b:c3:39:7c:fb:e3:12:33:ef:0f:6b:3b:5a:fc:3e:b6:cd:
4a:e7:fb:e7:a1:7c:ef:b2:dd:66:93:9e:09:fa:3d:0a:22:ed:
54:24:67:e3:1f:69:67:8f:4d:b2:93:be:8a:86:95:ec:d7:a1:
d3:85:25:92:d9:39:a9:3e:06:aa:fa:be:a5:a0:50:2e:3e:20:
03:c6:02:d6:bd:fc:ab:ea:fe:c8:60:50:37:2b:8b:55:d7:38:
19:9d:e4:5c:72:4f:48:54:8f:57:f3:3a:3a:c1:61:51:27:bf:
94:7e:72:fb
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZX8AwC1G+qUZgAM0IJlpN1IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwNDAzMTQxNjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGZkM2UxYzBjN2FkMmZkNmQwOTQ2YjNlYWIxM2VjNmIxNGEzN2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmCb+5kxb2yE/6fSdahwMh7VlPRSP
55jML9PsupLwTPYO2CcrnzS5TB5v/8Up3SzIFox71PwBDfKdVb2V+0oudraJASDp
WLdzcwyFMxT7GiJbg8gunXkf1aUX3jWlrVK6h3G3utFAedKwfjY56Uz6SksJUfQv
WgpozHN30BvUWafLxcI+mInIUuL+2g1wkQkyh3hXjAtiUng5C7kOmd7HEMOedwpJ
zyIqJa/2cHV9UGzapkZHSikTGcfS4MhDJFAsb94CcDpt6L+EmxqNcSd3+b5yhUdC
bj9v6G9iBA46tTq5sJnEfwDIgAM2YIC//wJcuTN7lT0EDL/fwv/vJyzwQQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFA39PhwMetL9bQlGs+qxPsaxSjeyMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvRGYwLUhBeDYwdjF0Q1VhejZyRS14ckZLTjdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzBFBAIAAjA/AwUDKg8oQAMF
AyoPngADBQMqEH8AAwUDKhFIAAMFAyoRXIADBQMqEiyAAwUDKhJLAAMFAyoSXgAD
BQMqEtXAMA0GCSqGSIb3DQEBCwUAA4IBAQCZzbFGL6SFiPzHBK5ZusgXM/tvGEl4
j0A1dpV59oEw9kjrAVvKBpIJE4BaDBEaULGVdIRFZ6Rlqst1q7XcKgA0rPr5m4ii
9rTpX++1zeLQv6nMWOghG73OcLG0/7MkJhfREGvXGP0pJk7VraN87pX4HtVU7+Ty
HIypoY+ZWa/Gs6xp7S1fBns5dBHj49YAuVZ4K8M5fPvjEjPvD2s7Wvw+ts1K5/vn
oXzvst1mk54J+j0KIu1UJGfjH2lnj02yk76KhpXs16HThSWS2TmpPgaq+r6loFAu
PiADxgLWvfyr6v7IYFA3K4tV1zgZneRcck9IVI9X8zo6wWFRJ7+UfnL7
-----END CERTIFICATE-----
Generated at Sun Apr 6 19:23:33 2025 by rpki-client