Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/l7MxEkJ2KEk8ireOQAln9Sw3syc.roa
File: l7MxEkJ2KEk8ireOQAln9Sw3syc.roa (raw, json)
Hash identifier: FpG0yMZ6WA50Z3ibc321gDBhWMLxsjaAd07+m0J2svM=
Subject key identifier: 97:B3:31:12:42:76:28:49:3C:8A:B7:8E:40:09:67:F5:2C:37:B3:27
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019427482694AF1D48E4D5E55EFA4D543FE2
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/l7MxEkJ2KEk8ireOQAln9Sw3syc.roa
Signing time: Thu 02 Jan 2025 13:50:27 +0000
ROA not before: Thu 02 Jan 2025 13:50:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 63023
IP address blocks: 103.114.41.0/24 maxlen: 24
103.114.42.0/24 maxlen: 24
2a13:1480::/29 maxlen: 29
2a13:18c2::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:26:94:af:1d:48:e4:d5:e5:5e:fa:4d:54:3f:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 2 13:50:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=97b33112427628493c8ab78e400967f52c37b327
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:1f:66:4a:e9:6b:8e:0f:ec:a0:04:9d:a1:82:
09:37:bb:26:f8:ec:2a:62:7b:7c:5f:bc:1c:c2:28:
9f:ff:b5:72:60:ef:eb:c6:f8:f1:b3:5d:39:94:71:
39:48:56:b2:30:16:d7:c3:a4:52:6a:f6:fc:ef:4f:
52:d4:73:7e:e5:48:72:25:52:d5:0a:29:28:53:9e:
bc:2d:0a:a4:76:e8:de:3d:f0:17:9e:0e:18:24:aa:
e3:9c:95:bc:26:dc:a3:e1:46:8a:ca:6e:b2:26:ed:
c3:6f:57:b7:18:88:48:b3:a0:d7:57:72:8f:6e:6a:
ab:1c:3c:41:8f:62:c3:59:44:76:64:1a:b5:75:44:
26:56:e3:ec:66:d1:c2:75:1d:6f:d2:98:aa:fc:d1:
5b:91:03:6a:75:01:cc:45:26:2b:dc:e5:b0:75:8e:
14:e5:77:52:db:96:a6:79:0d:e5:f5:92:bb:b4:24:
e0:e7:e6:15:a0:70:11:a8:12:b6:32:01:67:2c:48:
56:41:5a:48:48:d7:2c:ef:4e:de:a4:ab:50:f5:c9:
1a:83:0b:c9:2f:a6:6b:57:4a:46:94:78:c3:33:b0:
e4:5c:0c:2a:2e:4c:ab:a3:d9:39:80:1a:e5:47:3c:
de:bf:1b:2a:48:67:b8:d9:2d:83:84:54:70:23:de:
ad:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:B3:31:12:42:76:28:49:3C:8A:B7:8E:40:09:67:F5:2C:37:B3:27
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/l7MxEkJ2KEk8ireOQAln9Sw3syc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.114.41.0-103.114.42.255
IPv6:
2a13:1480::/29
2a13:18c2::/32
Signature Algorithm: sha256WithRSAEncryption
56:5a:b4:3d:99:44:98:85:0f:19:cb:a3:fb:b9:88:09:b9:a4:
52:a8:2a:80:d0:14:f4:c7:24:c8:cf:65:4c:39:77:e7:bd:8e:
e2:06:06:18:1a:86:a4:5e:1b:77:0f:d4:81:ef:3f:38:01:ca:
3d:48:6b:a7:f0:cf:b0:d5:22:4f:3e:c5:87:62:1a:14:0f:5c:
d9:bf:2c:4f:de:f4:5f:88:65:b0:e6:e1:e6:86:3a:e9:6e:ef:
ef:14:97:a8:8f:34:e2:08:45:0d:f0:fc:7b:fa:57:7f:0b:51:
3a:91:6b:7d:f8:f3:4c:15:83:be:32:82:95:5b:69:b5:c9:43:
00:eb:aa:6a:85:96:39:92:e9:23:94:ad:42:75:d9:82:34:cc:
5e:06:3b:e3:0d:24:af:f4:06:83:a4:fc:1e:b5:1d:02:df:5c:
3e:b3:47:77:5d:e9:ab:33:d1:ee:27:91:d2:11:3d:0d:af:c7:
f8:cf:9c:49:fb:37:d1:75:61:d8:80:b0:eb:b0:71:85:31:67:
a7:6e:38:27:da:bf:b5:e2:25:24:da:1d:ce:5e:1a:81:fb:bd:
e7:07:f5:0f:91:99:67:0f:60:35:1b:09:85:1a:28:cb:d6:02:
9d:ad:23:19:92:2c:2d:13:07:1a:e5:1c:09:db:51:66:91:a8:
12:d4:3b:21
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQnSCaUrx1I5NXlXvpNVD/iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwMTAyMTM1MDI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2IzMzExMjQyNzYyODQ5M2M4YWI3OGU0MDA5NjdmNTJjMzdiMzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjh9mSulrjg/soASdoYIJN7sm+Owq
Ynt8X7wcwiif/7VyYO/rxvjxs105lHE5SFayMBbXw6RSavb8709S1HN+5UhyJVLV
CikoU568LQqkdujePfAXng4YJKrjnJW8Jtyj4UaKym6yJu3Db1e3GIhIs6DXV3KP
bmqrHDxBj2LDWUR2ZBq1dUQmVuPsZtHCdR1v0piq/NFbkQNqdQHMRSYr3OWwdY4U
5XdS25ameQ3l9ZK7tCTg5+YVoHARqBK2MgFnLEhWQVpISNcs707epKtQ9ckagwvJ
L6ZrV0pGlHjDM7DkXAwqLkyro9k5gBrlRzzevxsqSGe42S2DhFRwI96tkwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJezMRJCdihJPIq3jkAJZ/UsN7MnMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvbDdNeEVrSjJLRWs4aXJlT1FBbG45U3czc3ljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAUBAIAATAOMAwDBABncikD
BABnciowFAQCAAIwDgMFAyoTFIADBQAqExjCMA0GCSqGSIb3DQEBCwUAA4IBAQBW
WrQ9mUSYhQ8Zy6P7uYgJuaRSqCqA0BT0xyTIz2VMOXfnvY7iBgYYGoakXht3D9SB
7z84Aco9SGun8M+w1SJPPsWHYhoUD1zZvyxP3vRfiGWw5uHmhjrpbu/vFJeojzTi
CEUN8Px7+ld/C1E6kWt9+PNMFYO+MoKVW2m1yUMA66pqhZY5kukjlK1CddmCNMxe
BjvjDSSv9AaDpPwetR0C31w+s0d3XemrM9HuJ5HSET0Nr8f4z5xJ+zfRdWHYgLDr
sHGFMWenbjgn2r+14iUk2h3OXhqB+73nB/UPkZlnD2A1GwmFGijL1gKdrSMZkiwt
Ewca5RwJ21FmkagS1Dsh
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:24:58 2025 by rpki-client