Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Jgu3pUUZG6ktIukNIC029mBnyo8.roa
File: Jgu3pUUZG6ktIukNIC029mBnyo8.roa (raw, json)
Hash identifier: CTgWuujqUe1dK/QSq4wBtOrziqPWN9SUPr0o4krOxsI=
Subject key identifier: 26:0B:B7:A5:45:19:1B:A9:2D:22:E9:0D:20:2D:36:F6:60:67:CA:8F
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0195C2F4AD927F9CC737D1A48EF6A4365AC4
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Jgu3pUUZG6ktIukNIC029mBnyo8.roa
Signing time: Sun 23 Mar 2025 12:22:49 +0000
ROA not before: Sun 23 Mar 2025 12:22:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212477
IP address blocks: 2a0c:4880::/29 maxlen: 29
2a0e:2440::/29 maxlen: 29
2a0e:e980::/29 maxlen: 29
2a0f:a00::/29 maxlen: 29
2a0f:1440::/29 maxlen: 29
2a0f:14c0::/29 maxlen: 29
2a0f:17c0::/29 maxlen: 29
2a0f:1840::/29 maxlen: 29
2a0f:1ac0::/29 maxlen: 29
2a0f:1f80::/29 maxlen: 29
2a0f:1fc0::/29 maxlen: 29
2a0f:29c0::/29 maxlen: 29
2a0f:2a40::/29 maxlen: 29
2a0f:2dc0::/29 maxlen: 29
2a0f:2ec0::/29 maxlen: 29
2a0f:2f80::/29 maxlen: 29
2a0f:30c0::/29 maxlen: 29
2a0f:3140::/29 maxlen: 29
2a0f:3540::/29 maxlen: 29
2a0f:35c0::/29 maxlen: 29
2a0f:36c0::/29 maxlen: 29
2a0f:9b00::/29 maxlen: 29
2a0f:a200::/29 maxlen: 29
2a0f:c400::/29 maxlen: 29
2a0f:de40::/29 maxlen: 29
2a0f:e140::/29 maxlen: 29
2a0f:e5c0::/29 maxlen: 29
2a13:2e40::/29 maxlen: 29
2a13:d100::/29 maxlen: 29
2a13:fa00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 16:01:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:c2:f4:ad:92:7f:9c:c7:37:d1:a4:8e:f6:a4:36:5a:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Mar 23 12:22:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=260bb7a545191ba92d22e90d202d36f66067ca8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:8d:4d:2c:5e:43:48:8e:64:08:19:6e:be:1d:
0b:50:77:93:1b:34:18:78:fc:82:41:f6:f5:be:6e:
52:39:9e:89:1d:d9:ec:17:da:bf:72:f2:da:90:77:
19:b2:72:88:a6:a3:ba:54:d2:2c:cd:37:f9:18:ed:
0b:f7:3b:93:2a:96:0c:c7:25:34:dc:2b:29:2f:fb:
17:af:65:31:d1:4c:5a:39:6f:53:ae:64:f6:94:05:
33:fc:c8:4d:ce:2c:b7:35:46:d6:cf:3c:7e:03:ae:
a3:3b:9b:be:3d:a8:45:10:25:c4:f2:68:68:0c:6a:
a3:44:01:5b:6c:56:e0:c3:1b:a7:b6:c0:b8:8f:d7:
e3:d6:b7:ff:2a:74:74:ee:ff:27:d7:c3:7b:1f:f3:
e9:a6:82:6f:6d:55:8e:08:ef:56:d7:22:4c:cb:71:
79:bc:9b:6a:21:ad:45:41:90:41:3b:54:fe:aa:3d:
f7:16:0d:de:45:95:7b:3b:f0:83:73:ce:e1:b4:8c:
ef:ab:f4:81:4b:ee:af:cb:65:d3:65:11:8c:08:85:
30:24:b5:8c:4e:47:d6:df:3d:76:ff:5a:2d:63:0b:
2a:53:73:43:46:8c:3e:42:57:4d:74:32:f5:e2:6c:
a3:01:79:09:de:bc:14:8f:fe:db:cf:98:f6:da:8b:
fb:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:0B:B7:A5:45:19:1B:A9:2D:22:E9:0D:20:2D:36:F6:60:67:CA:8F
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Jgu3pUUZG6ktIukNIC029mBnyo8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:4880::/29
2a0e:2440::/29
2a0e:e980::/29
2a0f:a00::/29
2a0f:1440::/29
2a0f:14c0::/29
2a0f:17c0::/29
2a0f:1840::/29
2a0f:1ac0::/29
2a0f:1f80::/29
2a0f:1fc0::/29
2a0f:29c0::/29
2a0f:2a40::/29
2a0f:2dc0::/29
2a0f:2ec0::/29
2a0f:2f80::/29
2a0f:30c0::/29
2a0f:3140::/29
2a0f:3540::/29
2a0f:35c0::/29
2a0f:36c0::/29
2a0f:9b00::/29
2a0f:a200::/29
2a0f:c400::/29
2a0f:de40::/29
2a0f:e140::/29
2a0f:e5c0::/29
2a13:2e40::/29
2a13:d100::/29
2a13:fa00::/29
Signature Algorithm: sha256WithRSAEncryption
5a:47:dd:06:03:17:ca:17:3d:0a:d9:a4:87:03:53:a9:1b:0e:
3a:98:d3:75:3b:9a:f1:ab:f1:f6:66:60:f9:c9:68:a6:74:c4:
de:1c:da:c7:e9:54:f5:11:bd:ce:c8:cb:62:7b:9f:97:98:ce:
b7:9a:68:0e:6b:04:22:1e:b1:62:e3:4f:89:97:5d:7c:cf:5f:
6f:e1:1c:90:b0:b7:69:23:8f:d1:20:ba:45:0f:7e:ca:a6:71:
cd:c1:38:f3:6c:b6:cf:10:d7:d4:43:6c:3c:1a:22:3a:83:ec:
bf:8c:ad:a9:d0:e7:cb:7d:d1:29:f4:61:61:ed:35:cc:96:a3:
8e:87:84:ea:83:61:88:be:6f:4a:c4:e0:ea:47:76:6d:1a:c3:
e7:b9:b5:87:26:b0:b2:c1:38:a2:c7:13:d2:74:96:7b:3e:ef:
45:b4:7b:d1:57:c4:46:f7:84:20:ec:0a:55:c3:a5:c5:8b:c6:
93:fe:52:0d:78:cd:d3:a7:21:55:f9:c4:6c:fc:04:c6:96:56:
bb:0f:89:7f:1b:cb:a9:83:3a:3e:ca:ac:fe:98:70:88:18:7d:
a0:21:9d:e0:0b:fc:97:0c:22:32:ba:97:6d:33:42:0f:5f:91:
f8:19:1c:3e:ed:97:42:09:98:f6:82:1f:97:14:7f:94:89:47:
34:c6:18:03
-----BEGIN CERTIFICATE-----
MIIFzjCCBLagAwIBAgISAZXC9K2Sf5zHN9GkjvakNlrEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwMzIzMTIyMjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjBiYjdhNTQ1MTkxYmE5MmQyMmU5MGQyMDJkMzZmNjYwNjdjYThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Y1NLF5DSI5kCBluvh0LUHeTGzQY
ePyCQfb1vm5SOZ6JHdnsF9q/cvLakHcZsnKIpqO6VNIszTf5GO0L9zuTKpYMxyU0
3CspL/sXr2Ux0UxaOW9TrmT2lAUz/MhNziy3NUbWzzx+A66jO5u+PahFECXE8mho
DGqjRAFbbFbgwxuntsC4j9fj1rf/KnR07v8n18N7H/PppoJvbVWOCO9W1yJMy3F5
vJtqIa1FQZBBO1T+qj33Fg3eRZV7O/CDc87htIzvq/SBS+6vy2XTZRGMCIUwJLWM
TkfW3z12/1otYwsqU3NDRow+QldNdDL14myjAXkJ3rwUj/7bz5j22ov7RwIDAQAB
o4IC2jCCAtYwHQYDVR0OBBYEFCYLt6VFGRupLSLpDSAtNvZgZ8qPMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvSmd1M3BVVVpHNmt0SXVrTklDMDI5bUJueW84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHvBggrBgEFBQcBBwEB/wSB3zCB3DCB2QQCAAIwgdIDBQMq
DEiAAwUDKg4kQAMFAyoO6YADBQMqDwoAAwUDKg8UQAMFAyoPFMADBQMqDxfAAwUD
Kg8YQAMFAyoPGsADBQMqDx+AAwUDKg8fwAMFAyoPKcADBQMqDypAAwUDKg8twAMF
AyoPLsADBQMqDy+AAwUDKg8wwAMFAyoPMUADBQMqDzVAAwUDKg81wAMFAyoPNsAD
BQMqD5sAAwUDKg+iAAMFAyoPxAADBQMqD95AAwUDKg/hQAMFAyoP5cADBQMqEy5A
AwUDKhPRAAMFAyoT+gAwDQYJKoZIhvcNAQELBQADggEBAFpH3QYDF8oXPQrZpIcD
U6kbDjqY03U7mvGr8fZmYPnJaKZ0xN4c2sfpVPURvc7Iy2J7n5eYzreaaA5rBCIe
sWLjT4mXXXzPX2/hHJCwt2kjj9EgukUPfsqmcc3BOPNsts8Q19RDbDwaIjqD7L+M
ranQ58t90Sn0YWHtNcyWo46HhOqDYYi+b0rE4OpHdm0aw+e5tYcmsLLBOKLHE9J0
lns+70W0e9FXxEb3hCDsClXDpcWLxpP+Ug14zdOnIVX5xGz8BMaWVrsPiX8by6mD
Oj7KrP6YcIgYfaAhneAL/JcMIjK6l20zQg9fkfgZHD7tl0IJmPaCH5cUf5SJRzTG
GAM=
-----END CERTIFICATE-----
Generated at Sun Apr 6 01:21:15 2025 by rpki-client