Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/3cKiOm3cqL9AuF9PS6f53tN4Gdg.roa
File: 3cKiOm3cqL9AuF9PS6f53tN4Gdg.roa (raw, json)
Hash identifier: HiF4cbbVkgMNvvCZGg36cGuMWinu6Z8X1/cmYfYlH0w=
Subject key identifier: DD:C2:A2:3A:6D:DC:A8:BF:40:B8:5F:4F:4B:A7:F9:DE:D3:78:19:D8
Certificate issuer: /CN=c531b63d11a6cc2d1ce69e1311c87ac1a6a70733
Certificate serial: 019422FC2CB3F2D3338449CB7FDF6BAEF196
Authority key identifier: C5:31:B6:3D:11:A6:CC:2D:1C:E6:9E:13:11:C8:7A:C1:A6:A7:07:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xTG2PRGmzC0c5p4TEch6waanBzM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/3cKiOm3cqL9AuF9PS6f53tN4Gdg.roa
Signing time: Wed 01 Jan 2025 17:48:59 +0000
ROA not before: Wed 01 Jan 2025 17:48:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210825
IP address blocks: 2001:67c:80c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/xTG2PRGmzC0c5p4TEch6waanBzM.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/xTG2PRGmzC0c5p4TEch6waanBzM.mft
rsync://rpki.ripe.net/repository/DEFAULT/xTG2PRGmzC0c5p4TEch6waanBzM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 11:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:2c:b3:f2:d3:33:84:49:cb:7f:df:6b:ae:f1:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c531b63d11a6cc2d1ce69e1311c87ac1a6a70733
Validity
Not Before: Jan 1 17:48:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ddc2a23a6ddca8bf40b85f4f4ba7f9ded37819d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:10:e8:ba:13:9f:a7:33:8d:43:cd:74:41:03:
76:75:7b:3c:c3:38:9a:0b:ad:d9:f4:4f:0f:be:86:
1a:d9:5f:5b:15:37:5e:5f:0b:31:2d:5f:4a:17:14:
90:66:66:56:9e:96:ef:b8:11:11:21:bc:68:20:c0:
62:99:08:0b:78:fa:94:6f:fb:68:55:03:24:3d:37:
04:c4:45:e2:b5:84:e6:24:b8:4f:b2:90:8e:d5:ed:
64:b3:ae:4f:cf:f0:c5:41:4c:ab:07:0d:2e:25:97:
e9:9d:b9:85:79:40:dd:7d:c3:49:82:47:26:e4:9e:
bc:ef:45:21:8a:f6:86:30:8f:e4:a5:ae:28:fb:62:
3f:08:90:c2:bd:f1:dd:46:7c:df:52:4b:c8:c8:ff:
9e:6c:d5:e5:bf:9f:f0:fb:d0:14:f3:13:36:a4:1c:
15:99:60:3f:11:3c:1c:0c:d0:bf:90:28:d0:f9:3f:
47:a1:3c:22:85:10:f2:79:08:73:91:f0:7a:39:8d:
3a:0b:13:b0:95:93:be:4d:96:41:41:1c:61:c9:18:
f2:f8:b5:4d:cb:b7:3e:22:17:ae:3a:be:26:19:64:
df:8c:23:b7:dd:d6:1a:6d:fc:3d:79:ab:36:6d:32:
42:09:60:04:83:fe:34:4e:16:42:92:a7:1b:ac:00:
7e:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:C2:A2:3A:6D:DC:A8:BF:40:B8:5F:4F:4B:A7:F9:DE:D3:78:19:D8
X509v3 Authority Key Identifier:
keyid:C5:31:B6:3D:11:A6:CC:2D:1C:E6:9E:13:11:C8:7A:C1:A6:A7:07:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xTG2PRGmzC0c5p4TEch6waanBzM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/3cKiOm3cqL9AuF9PS6f53tN4Gdg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/xTG2PRGmzC0c5p4TEch6waanBzM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:80c::/48
Signature Algorithm: sha256WithRSAEncryption
47:ef:a1:f7:4a:9c:7f:e0:eb:62:9e:0f:7e:03:93:0c:8e:94:
cd:ef:4f:8a:e4:04:c2:f2:b1:95:61:6b:47:c8:df:ae:03:e6:
0a:2c:fb:fd:fd:76:15:1c:23:37:ef:f7:e0:6e:d5:28:44:d8:
bd:8a:ae:9e:c6:b1:65:74:66:22:bc:12:2c:3f:15:b4:d5:62:
0e:7a:58:63:00:f7:5e:5c:3e:3f:8b:f6:44:92:0b:16:68:ac:
db:37:0d:f0:d5:52:fc:b0:6e:ed:99:0c:11:22:c8:8e:cb:bc:
f3:f9:56:fd:f4:3a:ac:da:0a:ee:e1:8a:cb:f4:5d:6c:03:c0:
83:a5:12:0d:f4:cc:c2:af:5b:4f:9f:d9:3d:aa:45:6e:fd:34:
5e:95:4a:92:a3:2f:08:2e:6c:32:ce:32:c2:3b:0f:6b:ed:9f:
c7:ad:4b:3c:b5:fb:c4:07:69:d9:39:49:9f:fb:57:9b:c8:b2:
1b:95:1c:c3:45:f2:1d:d2:3f:7c:a8:49:33:50:da:23:9c:18:
a8:01:5b:45:49:dd:96:45:75:d3:10:55:3b:89:52:14:fd:df:
e5:b8:de:39:08:72:eb:d6:9c:5c:ed:87:2e:11:07:9e:43:8c:
51:65:eb:be:72:85:0d:08:01:bc:64:ff:45:16:8e:81:2e:6d:
96:ce:bb:1a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQi/Cyz8tMzhEnLf99rrvGWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1MzFiNjNkMTFhNmNjMmQxY2U2OWUxMzExYzg3YWMxYTZh
NzA3MzMwHhcNMjUwMTAxMTc0ODU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGMyYTIzYTZkZGNhOGJmNDBiODVmNGY0YmE3ZjlkZWQzNzgxOWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0BDouhOfpzONQ810QQN2dXs8wzia
C63Z9E8PvoYa2V9bFTdeXwsxLV9KFxSQZmZWnpbvuBERIbxoIMBimQgLePqUb/to
VQMkPTcExEXitYTmJLhPspCO1e1ks65Pz/DFQUyrBw0uJZfpnbmFeUDdfcNJgkcm
5J6870UhivaGMI/kpa4o+2I/CJDCvfHdRnzfUkvIyP+ebNXlv5/w+9AU8xM2pBwV
mWA/ETwcDNC/kCjQ+T9HoTwihRDyeQhzkfB6OY06CxOwlZO+TZZBQRxhyRjy+LVN
y7c+IheuOr4mGWTfjCO33dYabfw9eas2bTJCCWAEg/40ThZCkqcbrAB+awIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFN3Cojpt3Ki/QLhfT0un+d7TeBnYMB8GA1UdIwQY
MBaAFMUxtj0RpswtHOaeExHIesGmpwczMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFRHMlBSR216QzBjNXA0VEVjaDZ3YWFuQnpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC84Njg5OGUtZTZlNi00Yjg4LTg4MTEt
ZGI4Y2FiY2VlMjFlLzEvM2NLaU9tM2NxTDlBdUY5UFM2ZjUzdE40R2RnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC84Njg5OGUtZTZlNi00Yjg4LTg4MTEtZGI4Y2FiY2VlMjFl
LzEveFRHMlBSR216QzBjNXA0VEVjaDZ3YWFuQnpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAgM
MA0GCSqGSIb3DQEBCwUAA4IBAQBH76H3Spx/4Oting9+A5MMjpTN70+K5ATC8rGV
YWtHyN+uA+YKLPv9/XYVHCM37/fgbtUoRNi9iq6exrFldGYivBIsPxW01WIOelhj
APdeXD4/i/ZEkgsWaKzbNw3w1VL8sG7tmQwRIsiOy7zz+Vb99Dqs2gru4YrL9F1s
A8CDpRIN9MzCr1tPn9k9qkVu/TRelUqSoy8ILmwyzjLCOw9r7Z/HrUs8tfvEB2nZ
OUmf+1ebyLIblRzDRfId0j98qEkzUNojnBioAVtFSd2WRXXTEFU7iVIU/d/luN45
CHLr1pxc7YcuEQeeQ4xRZeu+coUNCAG8ZP9FFo6BLm2Wzrsa
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:47:01 2025 by rpki-client