Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/4N-Njm1J1iDr_qnqv5uxxN3cwwY.roa
File: 4N-Njm1J1iDr_qnqv5uxxN3cwwY.roa (raw, json)
Hash identifier: R+6ZcCUfbb5i58g5PfGyWO7gZjN9w7IAgo0li+N+j2A=
Subject key identifier: E0:DF:8D:8E:6D:49:D6:20:EB:FE:A9:EA:BF:9B:B1:C4:DD:DC:C3:06
Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial: 019425FDB5F42FADB5DE4E91DF7BA228E6B3
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/4N-Njm1J1iDr_qnqv5uxxN3cwwY.roa
Signing time: Thu 02 Jan 2025 07:49:31 +0000
ROA not before: Thu 02 Jan 2025 07:49:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1136
IP address blocks: 2a04:9a00:1200::/48 maxlen: 48
2a07:3500:1020::/48 maxlen: 48
2a07:3500:11a0::/48 maxlen: 48
2a07:3500:1ac0::/48 maxlen: 48
2a07:3500:1b30::/48 maxlen: 48
2a07:3500:1b48::/48 maxlen: 48
2a07:3500:1bc0::/48 maxlen: 48
2a07:3500:1c00::/48 maxlen: 48
2a07:3500:1da8::/48 maxlen: 48
2a07:3501:1010::/48 maxlen: 48
2a07:3502:10e0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.mft
rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:b5:f4:2f:ad:b5:de:4e:91:df:7b:a2:28:e6:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
Validity
Not Before: Jan 2 07:49:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e0df8d8e6d49d620ebfea9eabf9bb1c4dddcc306
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:68:0c:02:5d:2c:94:dc:90:4d:29:e0:a7:b6:
09:8f:8d:e1:0c:01:c6:06:08:9a:54:42:18:34:73:
b9:98:f9:a6:41:f8:87:c6:8f:27:d0:a5:58:b1:39:
43:b5:7f:98:2c:ac:cf:c5:a1:06:aa:25:b8:d3:8d:
9b:5a:36:f1:a6:fd:4e:85:f6:42:c2:ee:c4:41:3e:
fd:cc:6b:31:9e:a2:36:22:c4:09:d8:3f:b9:e4:56:
56:5f:9e:0b:55:a3:05:f0:2d:ec:80:e3:21:a2:32:
99:95:e5:fd:5f:34:10:7c:3e:8b:ce:b0:4e:76:78:
c2:32:ec:fc:21:0f:56:46:ee:3f:f7:5a:9d:d1:54:
ac:fc:e3:91:8e:99:1c:58:20:b6:01:96:65:b5:ff:
e8:93:18:e8:3e:df:3d:0b:7e:19:61:90:00:6e:63:
2d:d0:92:e2:a8:59:55:f1:da:7b:2a:6e:74:bd:5e:
5f:18:78:ba:3e:df:06:f7:6c:e8:0a:a6:ae:10:15:
f8:b9:58:e3:23:90:55:a8:10:96:37:aa:13:5d:a5:
03:0a:4c:dc:50:d2:92:9d:32:7a:de:19:01:23:ea:
d8:16:5d:e4:97:09:9a:13:94:f4:7a:db:ba:1e:a0:
ea:ab:38:a0:64:2d:ee:8b:9d:3d:60:00:d2:96:67:
5a:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:DF:8D:8E:6D:49:D6:20:EB:FE:A9:EA:BF:9B:B1:C4:DD:DC:C3:06
X509v3 Authority Key Identifier:
keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/4N-Njm1J1iDr_qnqv5uxxN3cwwY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:9a00:1200::/48
2a07:3500:1020::/48
2a07:3500:11a0::/48
2a07:3500:1ac0::/48
2a07:3500:1b30::/48
2a07:3500:1b48::/48
2a07:3500:1bc0::/48
2a07:3500:1c00::/48
2a07:3500:1da8::/48
2a07:3501:1010::/48
2a07:3502:10e0::/48
Signature Algorithm: sha256WithRSAEncryption
23:7c:60:08:b9:58:1a:dc:b8:f4:fe:8c:d5:d0:ae:0b:f4:4a:
e5:d4:f7:7c:88:63:6d:e0:56:94:3d:07:82:e0:22:33:93:5b:
5e:49:51:d6:95:b1:b1:62:b6:41:69:31:d4:66:2f:f7:1f:73:
97:f4:20:f5:09:bc:f2:e3:b0:3a:d8:53:1e:03:aa:9d:07:f8:
0d:6f:4b:e5:6e:c4:e6:6c:9f:03:85:5e:99:fc:b8:a7:61:64:
03:f6:4f:39:3a:7e:93:89:41:cf:16:82:29:45:b2:f5:c6:10:
59:42:4e:51:f8:4e:9c:45:1b:4b:3e:70:3b:6c:ec:d9:ad:8f:
90:ce:7c:d9:d2:17:6e:8b:b3:ed:1b:43:1b:df:7d:30:b3:b8:
c1:a1:2f:81:75:0b:ba:01:29:f2:e0:fd:3f:f9:3b:fa:d9:7d:
79:b6:1b:88:1f:1f:d7:79:7d:84:75:26:e9:b2:28:10:89:51:
f2:02:9e:b3:40:d2:1e:1f:b8:c8:0a:22:29:4a:45:9e:4c:0a:
01:d7:30:48:35:5e:f8:ba:24:0b:16:c8:00:dc:a1:d3:15:63:
6b:30:59:ca:85:70:d9:a6:7d:74:60:f2:1e:f2:0e:ac:35:99:
b1:b8:51:6d:56:2c:68:e1:46:a9:eb:23:49:fe:1e:99:7e:70:
79:71:d5:64
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgISAZQl/bX0L6213k6R33uiKOazMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNWQyOGQxNjYyNmJjNWRjYWJmMmU5MTU0MzU3ODJiOTZl
MTQwNzEwHhcNMjUwMTAyMDc0OTMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGRmOGQ4ZTZkNDlkNjIwZWJmZWE5ZWFiZjliYjFjNGRkZGNjMzA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGgMAl0slNyQTSngp7YJj43hDAHG
BgiaVEIYNHO5mPmmQfiHxo8n0KVYsTlDtX+YLKzPxaEGqiW4042bWjbxpv1OhfZC
wu7EQT79zGsxnqI2IsQJ2D+55FZWX54LVaMF8C3sgOMhojKZleX9XzQQfD6LzrBO
dnjCMuz8IQ9WRu4/91qd0VSs/OORjpkcWCC2AZZltf/okxjoPt89C34ZYZAAbmMt
0JLiqFlV8dp7Km50vV5fGHi6Pt8G92zoCqauEBX4uVjjI5BVqBCWN6oTXaUDCkzc
UNKSnTJ63hkBI+rYFl3klwmaE5T0etu6HqDqqzigZC3ui509YADSlmdaaQIDAQAB
o4ICZjCCAmIwHQYDVR0OBBYEFODfjY5tSdYg6/6p6r+bscTd3MMGMB8GA1UdIwQY
MBaAFLBdKNFmJrxdyr8ukVQ1eCuW4UBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEt
YWQ1NzU1MjJiMzY1LzEvNE4tTmptMUoxaURyX3FucXY1dXh4TjNjd3dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEtYWQ1NzU1MjJiMzY1
LzEvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazBpBAIAAjBjAwcAKgSaABIA
AwcAKgc1ABAgAwcAKgc1ABGgAwcAKgc1ABrAAwcAKgc1ABswAwcAKgc1ABtIAwcA
Kgc1ABvAAwcAKgc1ABwAAwcAKgc1AB2oAwcAKgc1ARAQAwcAKgc1AhDgMA0GCSqG
SIb3DQEBCwUAA4IBAQAjfGAIuVga3Lj0/ozV0K4L9Erl1Pd8iGNt4FaUPQeC4CIz
k1teSVHWlbGxYrZBaTHUZi/3H3OX9CD1Cbzy47A62FMeA6qdB/gNb0vlbsTmbJ8D
hV6Z/LinYWQD9k85On6TiUHPFoIpRbL1xhBZQk5R+E6cRRtLPnA7bOzZrY+QznzZ
0hdui7PtG0Mb330ws7jBoS+BdQu6ASny4P0/+Tv62X15thuIHx/XeX2EdSbpsigQ
iVHyAp6zQNIeH7jICiIpSkWeTAoB1zBINV74uiQLFsgA3KHTFWNrMFnKhXDZpn10
YPIe8g6sNZmxuFFtVixo4Uap6yNJ/h6ZfnB5cdVk
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:42:00 2025 by rpki-client