Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/kpCN2dBOho5F3lNdwonEBf6sV68.roa
File: kpCN2dBOho5F3lNdwonEBf6sV68.roa (raw, json)
Hash identifier: wlERU651N1n4sxKO/yhNQIGcAdcq99zOsbGEr3eXkxg=
Subject key identifier: 92:90:8D:D9:D0:4E:86:8E:45:DE:53:5D:C2:89:C4:05:FE:AC:57:AF
Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial: 019523E2375B2B48B4A1FCB97E179EE29F54
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/kpCN2dBOho5F3lNdwonEBf6sV68.roa
Signing time: Thu 20 Feb 2025 15:03:02 +0000
ROA not before: Thu 20 Feb 2025 15:03:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1136
IP address blocks: 2a04:9a00:1200::/42 maxlen: 48
2a07:3500:1020::/48 maxlen: 48
2a07:3500:11a0::/48 maxlen: 48
2a07:3500:1ac0::/48 maxlen: 48
2a07:3500:1b30::/48 maxlen: 48
2a07:3500:1b48::/48 maxlen: 48
2a07:3500:1bc0::/48 maxlen: 48
2a07:3500:1c00::/48 maxlen: 48
2a07:3500:1da8::/48 maxlen: 48
2a07:3501:1010::/48 maxlen: 48
2a07:3502:10e0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.mft
rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 09:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:23:e2:37:5b:2b:48:b4:a1:fc:b9:7e:17:9e:e2:9f:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
Validity
Not Before: Feb 20 15:03:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=92908dd9d04e868e45de535dc289c405feac57af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:be:ef:2d:78:b8:c2:91:73:54:91:ea:12:c5:
ca:2e:e7:ba:c4:f0:2a:f3:06:4b:e2:78:8d:24:e9:
df:ea:f3:48:94:25:13:0b:ef:9b:dc:8a:b2:8d:5b:
fc:54:24:d5:e9:26:75:7d:f2:bc:f6:7e:89:78:b5:
ab:e0:cc:f3:48:5b:8e:94:35:db:c7:dc:5c:95:66:
74:3b:2e:89:ee:af:52:9e:13:71:31:88:24:6d:3f:
0e:6a:ce:2f:9b:2b:a6:d7:aa:c5:0b:c2:17:a9:92:
ce:42:46:ef:7b:5b:42:d5:a5:98:cf:d3:34:50:d9:
9b:07:4c:5f:fa:21:64:c5:ff:7a:91:93:e3:63:69:
2e:af:38:63:9f:d7:c8:2f:f9:9c:df:95:7c:b7:4b:
e2:26:4c:6b:19:bf:fc:a0:fb:26:e7:8e:36:c0:41:
c7:45:cc:5d:c9:a6:87:dc:40:31:53:00:84:ac:05:
11:d6:ca:ed:2c:34:0a:c7:bb:99:ff:dd:30:3e:40:
09:7b:54:a8:49:d6:69:b5:c3:6a:1c:5b:f1:7f:77:
cd:5d:4e:7c:7d:1b:7e:8a:d0:49:a9:b2:e2:73:1d:
6b:87:b8:c5:0e:0b:a9:a6:dd:db:a4:73:45:6c:69:
b5:0e:ea:4b:c8:53:23:8f:0f:e6:09:44:74:b1:f5:
1a:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:90:8D:D9:D0:4E:86:8E:45:DE:53:5D:C2:89:C4:05:FE:AC:57:AF
X509v3 Authority Key Identifier:
keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/kpCN2dBOho5F3lNdwonEBf6sV68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:9a00:1200::/42
2a07:3500:1020::/48
2a07:3500:11a0::/48
2a07:3500:1ac0::/48
2a07:3500:1b30::/48
2a07:3500:1b48::/48
2a07:3500:1bc0::/48
2a07:3500:1c00::/48
2a07:3500:1da8::/48
2a07:3501:1010::/48
2a07:3502:10e0::/48
Signature Algorithm: sha256WithRSAEncryption
26:73:bc:5b:84:28:c3:0f:d5:96:fe:c2:95:dd:77:93:03:ff:
93:b1:37:c5:26:b2:57:64:c5:bf:ec:4c:d4:bf:59:eb:99:0a:
de:c5:a3:3e:02:b1:a3:56:e0:65:b0:89:bc:39:b1:d9:d7:f6:
ea:54:3b:bb:00:e9:0d:90:07:d7:14:12:3f:9b:14:69:29:45:
09:d9:ca:7f:f7:06:5d:fa:49:ce:f5:9f:a3:2c:1e:ae:a6:16:
82:5d:88:e9:64:85:c8:d8:34:9d:95:e9:17:6a:48:f8:23:ae:
e2:a3:48:43:57:65:0f:50:27:d9:b6:18:a3:fd:3c:8e:61:ed:
cc:61:40:a5:7f:e9:ed:91:3a:09:69:9e:d6:aa:5e:20:96:3d:
35:af:18:7d:66:0d:e7:2f:5d:3e:d4:cf:b4:ff:a1:b9:4a:c5:
e9:2c:1c:b1:2f:9e:88:ef:74:7e:68:a5:e6:41:a9:ba:7d:d0:
85:6d:24:ce:87:17:6a:86:82:b0:d1:f7:02:2a:46:2c:73:eb:
60:ad:80:ae:45:99:16:67:67:99:9e:f0:28:80:ad:5b:7a:5a:
f2:d4:03:a8:86:8c:5d:fb:6c:36:44:5e:b5:db:83:00:d7:b9:
86:70:31:61:d2:42:6f:b2:d2:32:36:33:02:58:30:42:84:c1:
61:5b:a0:73
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgISAZUj4jdbK0i0ofy5fhee4p9UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNWQyOGQxNjYyNmJjNWRjYWJmMmU5MTU0MzU3ODJiOTZl
MTQwNzEwHhcNMjUwMjIwMTUwMzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjkwOGRkOWQwNGU4NjhlNDVkZTUzNWRjMjg5YzQwNWZlYWM1N2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx77vLXi4wpFzVJHqEsXKLue6xPAq
8wZL4niNJOnf6vNIlCUTC++b3IqyjVv8VCTV6SZ1ffK89n6JeLWr4MzzSFuOlDXb
x9xclWZ0Oy6J7q9SnhNxMYgkbT8Oas4vmyum16rFC8IXqZLOQkbve1tC1aWYz9M0
UNmbB0xf+iFkxf96kZPjY2kurzhjn9fIL/mc35V8t0viJkxrGb/8oPsm5442wEHH
RcxdyaaH3EAxUwCErAUR1srtLDQKx7uZ/90wPkAJe1SoSdZptcNqHFvxf3fNXU58
fRt+itBJqbLicx1rh7jFDguppt3bpHNFbGm1DupLyFMjjw/mCUR0sfUaGwIDAQAB
o4ICZjCCAmIwHQYDVR0OBBYEFJKQjdnQToaORd5TXcKJxAX+rFevMB8GA1UdIwQY
MBaAFLBdKNFmJrxdyr8ukVQ1eCuW4UBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEt
YWQ1NzU1MjJiMzY1LzEva3BDTjJkQk9obzVGM2xOZHdvbkVCZjZzVjY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEtYWQ1NzU1MjJiMzY1
LzEvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazBpBAIAAjBjAwcGKgSaABIA
AwcAKgc1ABAgAwcAKgc1ABGgAwcAKgc1ABrAAwcAKgc1ABswAwcAKgc1ABtIAwcA
Kgc1ABvAAwcAKgc1ABwAAwcAKgc1AB2oAwcAKgc1ARAQAwcAKgc1AhDgMA0GCSqG
SIb3DQEBCwUAA4IBAQAmc7xbhCjDD9WW/sKV3XeTA/+TsTfFJrJXZMW/7EzUv1nr
mQrexaM+ArGjVuBlsIm8ObHZ1/bqVDu7AOkNkAfXFBI/mxRpKUUJ2cp/9wZd+knO
9Z+jLB6uphaCXYjpZIXI2DSdlekXakj4I67io0hDV2UPUCfZthij/TyOYe3MYUCl
f+ntkToJaZ7Wql4glj01rxh9Zg3nL10+1M+0/6G5SsXpLByxL56I73R+aKXmQam6
fdCFbSTOhxdqhoKw0fcCKkYsc+tgrYCuRZkWZ2eZnvAogK1belry1AOohoxd+2w2
RF6124MA17mGcDFh0kJvstIyNjMCWDBChMFhW6Bz
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:01:12 2025 by rpki-client