Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/G30z7M5c4rrxGxWuOJQmL42Si48.roa
File: G30z7M5c4rrxGxWuOJQmL42Si48.roa (raw, json)
Hash identifier: hmzXMuEDfOwPoB5x9W8L6HV83ysYtcNDEIZTLWQUAPE=
Subject key identifier: 1B:7D:33:EC:CE:5C:E2:BA:F1:1B:15:AE:38:94:26:2F:8D:92:8B:8F
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0195B978004ED0707F68956513C406CD90E7
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/G30z7M5c4rrxGxWuOJQmL42Si48.roa
Signing time: Fri 21 Mar 2025 16:10:04 +0000
ROA not before: Fri 21 Mar 2025 16:10:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6079
IP address blocks: 2a06:35c1::/32 maxlen: 32
2a0e:1a86::/32 maxlen: 32
2a0f:2100::/29 maxlen: 29
2a0f:31c0::/32 maxlen: 32
2a0f:dac0::/29 maxlen: 29
2a0f:e0c0::/29 maxlen: 29
2a13:3380::/29 maxlen: 29
2a13:8100::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:b9:78:00:4e:d0:70:7f:68:95:65:13:c4:06:cd:90:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Mar 21 16:10:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1b7d33ecce5ce2baf11b15ae3894262f8d928b8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:cb:ca:b2:9f:7b:da:d6:32:54:ab:13:e0:04:
14:59:fe:04:61:19:5e:93:c7:9a:45:26:5d:4a:6c:
41:9b:aa:1e:9d:2b:47:32:c7:dd:f6:59:cf:cf:36:
1f:9e:49:1b:12:e4:0d:8f:9a:c4:71:98:58:97:bf:
1c:5a:29:48:1a:92:ae:90:05:aa:15:33:21:72:ec:
51:73:02:89:ae:9b:c7:57:3e:d4:b2:94:02:35:c0:
2e:2b:1d:0f:a5:18:ae:be:32:d1:ed:15:04:21:7a:
2a:73:bc:ac:cd:4c:71:98:f7:c9:5b:86:9c:69:de:
c9:9c:4d:ed:e3:2d:f6:a4:53:5c:23:b6:f1:d9:03:
94:95:93:3c:e1:95:19:c3:b3:ed:e3:6f:5c:16:6d:
b1:6a:cb:dc:bd:41:3d:12:ea:39:be:b0:23:b1:57:
80:cb:1d:73:bf:48:b4:aa:0d:c7:4a:94:31:1a:ac:
ae:97:2c:83:d2:dc:94:ca:cc:bc:38:29:03:78:57:
63:41:b1:31:a6:34:eb:8a:f7:45:8f:e7:25:8c:a3:
d4:f2:13:e2:82:c4:b7:b2:06:de:8b:f5:6c:94:88:
99:97:98:08:74:3e:22:b3:83:b1:0e:25:fc:ed:64:
e1:cc:65:fe:6a:ea:07:0a:4b:13:c1:2b:8c:eb:29:
08:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:7D:33:EC:CE:5C:E2:BA:F1:1B:15:AE:38:94:26:2F:8D:92:8B:8F
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/G30z7M5c4rrxGxWuOJQmL42Si48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:35c1::/32
2a0e:1a86::/32
2a0f:2100::/29
2a0f:31c0::/32
2a0f:dac0::/29
2a0f:e0c0::/29
2a13:3380::/29
2a13:8100::/29
Signature Algorithm: sha256WithRSAEncryption
c5:a4:7e:4a:eb:50:45:44:fc:d5:57:3e:9a:dc:22:79:77:0e:
43:91:f5:be:4e:28:17:1c:5e:5f:35:f1:c8:bd:bd:b1:b1:87:
13:06:5b:f4:a9:a7:db:bf:a1:4c:33:09:db:8a:d9:11:ab:67:
ab:38:6a:50:ba:5e:ee:e9:8d:09:84:f7:62:d4:76:51:27:a4:
dc:c6:0e:3e:bb:f0:c9:73:4f:04:44:73:c2:92:8a:fa:99:05:
aa:17:10:42:3b:6c:92:07:5c:92:23:5b:4d:ed:ad:e6:ce:86:
d8:f6:8e:8d:57:e7:88:c4:a6:54:5d:70:5b:c8:53:83:24:6f:
a4:22:89:43:5b:c4:0a:f2:d1:03:a5:0b:ad:5e:56:61:bf:28:
bd:b7:63:12:cf:05:63:65:7f:c3:88:b5:c7:08:85:c1:48:5c:
26:f7:90:9d:77:43:9a:39:b9:85:50:d3:a5:f7:52:54:f1:3e:
80:44:e4:88:51:30:e0:fd:6e:2b:21:6e:15:1f:48:96:99:10:
95:bc:93:a6:8d:1e:e2:72:ce:b1:19:b4:06:3c:5e:29:25:da:
8c:a6:ee:c3:4a:42:3c:c5:17:da:c2:6b:b3:db:ca:55:ed:4e:
c1:77:1e:0f:f4:20:c2:88:d9:98:89:e5:71:87:3b:83:ad:81:
6b:c3:e4:66
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZW5eABO0HB/aJVlE8QGzZDnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwMzIxMTYxMDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjdkMzNlY2NlNWNlMmJhZjExYjE1YWUzODk0MjYyZjhkOTI4YjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMvKsp972tYyVKsT4AQUWf4EYRle
k8eaRSZdSmxBm6oenStHMsfd9lnPzzYfnkkbEuQNj5rEcZhYl78cWilIGpKukAWq
FTMhcuxRcwKJrpvHVz7UspQCNcAuKx0PpRiuvjLR7RUEIXoqc7yszUxxmPfJW4ac
ad7JnE3t4y32pFNcI7bx2QOUlZM84ZUZw7Pt429cFm2xasvcvUE9Euo5vrAjsVeA
yx1zv0i0qg3HSpQxGqyulyyD0tyUysy8OCkDeFdjQbExpjTrivdFj+cljKPU8hPi
gsS3sgbei/VslIiZl5gIdD4is4OxDiX87WThzGX+auoHCksTwSuM6ykI/wIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFBt9M+zOXOK68RsVrjiUJi+NkouPMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvRzMwejdNNWM0cnJ4R3hXdU9KUW1MNDJTaTQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAAjA4AwUAKgY1wQMF
ACoOGoYDBQMqDyEAAwUAKg8xwAMFAyoP2sADBQMqD+DAAwUDKhMzgAMFAyoTgQAw
DQYJKoZIhvcNAQELBQADggEBAMWkfkrrUEVE/NVXPprcInl3DkOR9b5OKBccXl81
8ci9vbGxhxMGW/Spp9u/oUwzCduK2RGrZ6s4alC6Xu7pjQmE92LUdlEnpNzGDj67
8MlzTwREc8KSivqZBaoXEEI7bJIHXJIjW03trebOhtj2jo1X54jEplRdcFvIU4Mk
b6QiiUNbxAry0QOlC61eVmG/KL23YxLPBWNlf8OItccIhcFIXCb3kJ13Q5o5uYVQ
06X3UlTxPoBE5IhRMOD9bishbhUfSJaZEJW8k6aNHuJyzrEZtAY8Xikl2oym7sNK
QjzFF9rCa7PbylXtTsF3Hg/0IMKI2ZiJ5XGHO4OtgWvD5GY=
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:22:14 2025 by rpki-client