Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/nMaAIa9aCK4NygPlVIsk-lM-qhA.roa
File: nMaAIa9aCK4NygPlVIsk-lM-qhA.roa (raw, json)
Hash identifier: I9KHryt0stckym+t9HaTnrDjgZHYR+acQxElcB6opd8=
Subject key identifier: 9C:C6:80:21:AF:5A:08:AE:0D:CA:03:E5:54:8B:24:FA:53:3E:AA:10
Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial: 019425FDBD213E27D61F7B7D9C47A4108499
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/nMaAIa9aCK4NygPlVIsk-lM-qhA.roa
Signing time: Thu 02 Jan 2025 07:49:33 +0000
ROA not before: Thu 02 Jan 2025 07:49:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 38915
IP address blocks: 2a07:3500:1200::/48 maxlen: 48
2a07:3500:1998::/48 maxlen: 48
2a07:3500:19a0::/48 maxlen: 48
2a07:3500:19a8::/48 maxlen: 48
2a07:3500:19b0::/48 maxlen: 48
2a07:3500:19d8::/48 maxlen: 48
2a07:3500:19e0::/48 maxlen: 48
2a07:3500:19e8::/48 maxlen: 48
2a07:3500:19f0::/48 maxlen: 48
2a07:3500:19f8::/48 maxlen: 48
2a07:3500:1a00::/48 maxlen: 48
2a07:3502:1040::/48 maxlen: 48
2a07:3502:1070::/48 maxlen: 48
2a07:3502:1090::/48 maxlen: 48
2a07:3502:11d0::/48 maxlen: 48
2a07:3502:11e0::/48 maxlen: 48
2a07:3502:11f0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.mft
rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:bd:21:3e:27:d6:1f:7b:7d:9c:47:a4:10:84:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
Validity
Not Before: Jan 2 07:49:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9cc68021af5a08ae0dca03e5548b24fa533eaa10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:28:be:c9:fd:98:f4:12:04:21:9c:93:8c:88:
72:78:ef:39:81:dd:f4:9e:f5:67:22:db:48:b0:65:
f4:0e:d8:39:8e:1d:ba:d4:ba:68:51:80:34:61:f7:
0d:c8:ca:ba:0a:fb:b0:56:d0:be:f5:e3:79:be:9f:
49:6b:55:66:54:35:d5:05:4a:63:80:02:63:3a:30:
66:81:ee:08:0d:4c:c2:a1:ca:80:45:a7:38:20:c6:
74:80:49:1c:72:c2:a0:ac:26:ed:1b:e9:1d:90:1a:
9d:82:f5:5a:36:af:dc:14:74:d5:b1:e4:c6:fc:18:
f1:cb:eb:11:cf:62:67:32:39:16:e9:6b:77:fc:08:
8f:8b:19:ca:65:72:3d:22:fe:bc:1c:cc:1f:fe:fb:
45:c7:f7:95:92:22:5a:60:fc:c1:c4:27:88:53:45:
b9:a3:76:82:73:57:c2:a6:10:f9:39:94:10:97:5f:
8e:67:c3:78:86:1b:73:a8:5f:19:4e:e2:91:d5:61:
34:8b:1d:26:50:16:eb:09:b3:8b:47:68:5d:08:44:
c3:a5:fc:70:0e:35:aa:2d:63:1c:1d:10:00:ea:23:
b4:26:5c:29:91:1e:36:b3:37:a1:e8:68:45:bc:0d:
f5:7a:03:c3:ea:9f:42:73:f5:aa:23:f7:de:c0:99:
54:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:C6:80:21:AF:5A:08:AE:0D:CA:03:E5:54:8B:24:FA:53:3E:AA:10
X509v3 Authority Key Identifier:
keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/nMaAIa9aCK4NygPlVIsk-lM-qhA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:3500:1200::/48
2a07:3500:1998::/48
2a07:3500:19a0::/48
2a07:3500:19a8::/48
2a07:3500:19b0::/48
2a07:3500:19d8::/48
2a07:3500:19e0::/48
2a07:3500:19e8::/48
2a07:3500:19f0::/48
2a07:3500:19f8::/48
2a07:3500:1a00::/48
2a07:3502:1040::/48
2a07:3502:1070::/48
2a07:3502:1090::/48
2a07:3502:11d0::/48
2a07:3502:11e0::/48
2a07:3502:11f0::/48
Signature Algorithm: sha256WithRSAEncryption
a7:b4:e3:e4:29:7d:40:01:77:c2:0f:53:48:c8:ce:dc:8c:0f:
2f:51:ad:7d:7b:2e:3c:71:65:8c:e2:cf:55:d9:c0:a6:73:24:
d4:87:29:a9:80:b1:46:81:a1:fd:53:b6:6e:f2:04:ac:0d:31:
01:af:e0:8c:9f:0f:dc:0c:1f:57:da:21:a5:c8:ee:b6:a4:1d:
c5:aa:a3:c4:a5:6b:44:4e:27:7c:53:63:f8:ce:06:5a:76:13:
46:fc:0d:1e:ed:e9:04:1c:af:f3:a7:50:cd:fe:6f:3c:66:e0:
30:d9:93:d6:69:39:22:8c:a2:1c:d2:c1:50:6e:10:c0:70:e5:
41:37:df:81:d2:78:fb:9a:79:c3:26:ba:eb:2e:63:9d:05:3c:
06:b5:cb:2a:dd:f9:d9:36:58:cf:ae:d5:db:73:82:cd:c8:32:
d5:b5:e1:0f:51:0a:c3:5b:70:a1:b8:01:95:4d:fa:25:34:70:
b5:7c:03:29:e5:c5:2d:77:0b:da:c0:93:ad:f7:ed:66:7e:88:
2f:21:1a:ec:d3:af:c7:30:65:e8:e5:7a:b6:a3:1f:47:13:44:
93:8d:b6:33:d1:0c:c1:c7:bc:60:79:ca:d1:7f:bd:a6:c1:0e:
e1:63:db:b2:dc:08:07:62:24:f2:fc:c3:9f:94:19:4e:9b:64:
8c:e6:1e:58
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgISAZQl/b0hPifWH3t9nEekEISZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNWQyOGQxNjYyNmJjNWRjYWJmMmU5MTU0MzU3ODJiOTZl
MTQwNzEwHhcNMjUwMTAyMDc0OTMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2M2ODAyMWFmNWEwOGFlMGRjYTAzZTU1NDhiMjRmYTUzM2VhYTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Ci+yf2Y9BIEIZyTjIhyeO85gd30
nvVnIttIsGX0Dtg5jh261LpoUYA0YfcNyMq6CvuwVtC+9eN5vp9Ja1VmVDXVBUpj
gAJjOjBmge4IDUzCocqARac4IMZ0gEkccsKgrCbtG+kdkBqdgvVaNq/cFHTVseTG
/Bjxy+sRz2JnMjkW6Wt3/AiPixnKZXI9Iv68HMwf/vtFx/eVkiJaYPzBxCeIU0W5
o3aCc1fCphD5OZQQl1+OZ8N4hhtzqF8ZTuKR1WE0ix0mUBbrCbOLR2hdCETDpfxw
DjWqLWMcHRAA6iO0JlwpkR42szeh6GhFvA31egPD6p9Cc/WqI/fewJlUJQIDAQAB
o4ICoTCCAp0wHQYDVR0OBBYEFJzGgCGvWgiuDcoD5VSLJPpTPqoQMB8GA1UdIwQY
MBaAFLBdKNFmJrxdyr8ukVQ1eCuW4UBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEt
YWQ1NzU1MjJiMzY1LzEvbk1hQUlhOWFDSzROeWdQbFZJc2stbE0tcWhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEtYWQ1NzU1MjJiMzY1
LzEvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG2BggrBgEFBQcBBwEB/wSBpjCBozCBoAQCAAIwgZkDBwAq
BzUAEgADBwAqBzUAGZgDBwAqBzUAGaADBwAqBzUAGagDBwAqBzUAGbADBwAqBzUA
GdgDBwAqBzUAGeADBwAqBzUAGegDBwAqBzUAGfADBwAqBzUAGfgDBwAqBzUAGgAD
BwAqBzUCEEADBwAqBzUCEHADBwAqBzUCEJADBwAqBzUCEdADBwAqBzUCEeADBwAq
BzUCEfAwDQYJKoZIhvcNAQELBQADggEBAKe04+QpfUABd8IPU0jIztyMDy9RrX17
LjxxZYziz1XZwKZzJNSHKamAsUaBof1Ttm7yBKwNMQGv4IyfD9wMH1faIaXI7rak
HcWqo8Sla0ROJ3xTY/jOBlp2E0b8DR7t6QQcr/OnUM3+bzxm4DDZk9ZpOSKMohzS
wVBuEMBw5UE334HSePuaecMmuusuY50FPAa1yyrd+dk2WM+u1dtzgs3IMtW14Q9R
CsNbcKG4AZVN+iU0cLV8AynlxS13C9rAk6337WZ+iC8hGuzTr8cwZejlerajH0cT
RJONtjPRDMHHvGB5ytF/vabBDuFj27LcCAdiJPL8w5+UGU6bZIzmHlg=
-----END CERTIFICATE-----
Generated at Sun Feb 2 16:02:03 2025 by rpki-client