Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/7dlaDlkKgi4dAirWDUWBZGBGqcU.roa
File: 7dlaDlkKgi4dAirWDUWBZGBGqcU.roa (raw, json)
Hash identifier: p1fbv33BP/4U3m5pS2Ws4rI2vfUa3r6QuSWQWQR+Iw4=
Subject key identifier: ED:D9:5A:0E:59:0A:82:2E:1D:02:2A:D6:0D:45:81:64:60:46:A9:C5
Certificate issuer: /CN=c531b63d11a6cc2d1ce69e1311c87ac1a6a70733
Certificate serial: 01952E2E06906FF8AAE29A873754346FC75E
Authority key identifier: C5:31:B6:3D:11:A6:CC:2D:1C:E6:9E:13:11:C8:7A:C1:A6:A7:07:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xTG2PRGmzC0c5p4TEch6waanBzM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/7dlaDlkKgi4dAirWDUWBZGBGqcU.roa
Signing time: Sat 22 Feb 2025 15:02:03 +0000
ROA not before: Sat 22 Feb 2025 15:02:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212895
IP address blocks: 2001:67c:80c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/xTG2PRGmzC0c5p4TEch6waanBzM.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/xTG2PRGmzC0c5p4TEch6waanBzM.mft
rsync://rpki.ripe.net/repository/DEFAULT/xTG2PRGmzC0c5p4TEch6waanBzM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 22:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:2e:2e:06:90:6f:f8:aa:e2:9a:87:37:54:34:6f:c7:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c531b63d11a6cc2d1ce69e1311c87ac1a6a70733
Validity
Not Before: Feb 22 15:02:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=edd95a0e590a822e1d022ad60d4581646046a9c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:2a:c2:93:8f:bb:ee:cc:9a:86:f1:0b:66:5d:
6a:69:56:46:fd:73:e1:be:dd:80:98:aa:a5:87:72:
b2:73:0b:10:9d:b6:56:e0:e6:eb:b1:88:69:58:2d:
c1:79:ba:29:3b:bf:39:a1:f6:cc:23:e4:9f:62:05:
46:fb:a4:7a:ac:19:9c:a6:9a:90:d4:ff:2a:fe:de:
39:1b:fd:a0:59:30:94:7e:fc:5b:51:c1:7c:76:4a:
a5:5c:b9:98:d0:18:0a:a2:8a:20:7e:be:cc:5d:c7:
f7:68:c1:f4:48:aa:4d:f5:f0:c7:90:c9:a8:50:86:
85:13:3b:6d:89:ea:27:41:0a:ec:0a:b5:5f:9e:2b:
5f:37:b7:57:a0:aa:2e:0a:35:98:ce:43:5c:32:96:
b3:4c:ec:12:6f:c7:d9:76:84:2c:c3:8d:b7:c2:e8:
5a:e0:a8:20:77:bd:51:37:7d:0f:c3:a4:c2:23:7b:
25:0d:62:64:bb:2b:1b:88:d5:6f:aa:d0:23:67:47:
2a:e3:50:0d:48:64:f0:a9:21:dc:ba:19:5b:ff:2c:
47:98:0f:b4:66:a6:83:9d:1b:38:d8:bd:10:9a:d1:
22:0b:4a:87:88:ef:79:e9:9d:f8:82:97:67:8f:f9:
04:9e:fe:83:d8:eb:6f:50:10:58:41:bd:3e:54:cf:
dd:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:D9:5A:0E:59:0A:82:2E:1D:02:2A:D6:0D:45:81:64:60:46:A9:C5
X509v3 Authority Key Identifier:
keyid:C5:31:B6:3D:11:A6:CC:2D:1C:E6:9E:13:11:C8:7A:C1:A6:A7:07:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xTG2PRGmzC0c5p4TEch6waanBzM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/7dlaDlkKgi4dAirWDUWBZGBGqcU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/xTG2PRGmzC0c5p4TEch6waanBzM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:80c::/48
Signature Algorithm: sha256WithRSAEncryption
4e:a3:0b:a7:e2:ac:34:bc:c9:dc:f0:0b:b9:c2:37:25:30:7d:
6f:6e:14:c1:3f:92:90:51:7f:1b:36:01:f5:cd:1b:a4:f7:da:
82:ba:f5:70:57:7f:89:3c:4d:6f:9b:6e:0f:b6:56:4d:b9:16:
63:44:e7:0e:47:8f:9a:ab:a7:ec:cd:9f:12:1b:3f:7d:ca:ff:
7f:32:1b:ce:ff:32:ef:b6:73:1b:be:db:41:87:8c:22:35:31:
1f:2d:1d:07:5f:08:50:bc:f1:5d:7a:9d:64:c4:5e:64:b2:99:
97:86:1d:78:5d:43:1d:18:67:81:86:37:2d:4c:3d:2a:3a:d9:
40:ab:49:06:1d:a5:70:99:c8:1a:3c:b0:4e:8e:b6:77:c8:00:
d7:67:d9:52:53:27:b5:e9:1d:c6:4c:8c:e9:7f:cd:2a:e1:a3:
b1:0b:0f:77:9f:93:81:cb:c1:da:ce:3f:0e:bc:e0:50:9e:bd:
b7:74:11:69:93:62:05:19:6d:cc:de:9a:b2:9f:a4:49:cb:9e:
e9:e1:92:f0:5f:55:49:bc:c9:22:80:f6:b7:39:87:c4:de:e8:
5f:ea:a8:35:98:d5:4e:6b:24:d0:6e:d9:29:17:c2:39:6d:b9:
ee:41:16:a8:b0:7b:12:98:69:37:2a:7f:db:6e:be:b5:d5:3d:
81:63:cb:78
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZUuLgaQb/iq4pqHN1Q0b8deMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1MzFiNjNkMTFhNmNjMmQxY2U2OWUxMzExYzg3YWMxYTZh
NzA3MzMwHhcNMjUwMjIyMTUwMjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZGQ5NWEwZTU5MGE4MjJlMWQwMjJhZDYwZDQ1ODE2NDYwNDZhOWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuSrCk4+77syahvELZl1qaVZG/XPh
vt2AmKqlh3KycwsQnbZW4ObrsYhpWC3BebopO785ofbMI+SfYgVG+6R6rBmcppqQ
1P8q/t45G/2gWTCUfvxbUcF8dkqlXLmY0BgKooogfr7MXcf3aMH0SKpN9fDHkMmo
UIaFEzttieonQQrsCrVfnitfN7dXoKouCjWYzkNcMpazTOwSb8fZdoQsw423wuha
4Kggd71RN30Pw6TCI3slDWJkuysbiNVvqtAjZ0cq41ANSGTwqSHcuhlb/yxHmA+0
ZqaDnRs42L0QmtEiC0qHiO956Z34gpdnj/kEnv6D2OtvUBBYQb0+VM/dswIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFO3ZWg5ZCoIuHQIq1g1FgWRgRqnFMB8GA1UdIwQY
MBaAFMUxtj0RpswtHOaeExHIesGmpwczMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFRHMlBSR216QzBjNXA0VEVjaDZ3YWFuQnpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC84Njg5OGUtZTZlNi00Yjg4LTg4MTEt
ZGI4Y2FiY2VlMjFlLzEvN2RsYURsa0tnaTRkQWlyV0RVV0JaR0JHcWNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC84Njg5OGUtZTZlNi00Yjg4LTg4MTEtZGI4Y2FiY2VlMjFl
LzEveFRHMlBSR216QzBjNXA0VEVjaDZ3YWFuQnpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAgM
MA0GCSqGSIb3DQEBCwUAA4IBAQBOowun4qw0vMnc8Au5wjclMH1vbhTBP5KQUX8b
NgH1zRuk99qCuvVwV3+JPE1vm24PtlZNuRZjROcOR4+aq6fszZ8SGz99yv9/MhvO
/zLvtnMbvttBh4wiNTEfLR0HXwhQvPFdep1kxF5kspmXhh14XUMdGGeBhjctTD0q
OtlAq0kGHaVwmcgaPLBOjrZ3yADXZ9lSUye16R3GTIzpf80q4aOxCw93n5OBy8Ha
zj8OvOBQnr23dBFpk2IFGW3M3pqyn6RJy57p4ZLwX1VJvMkigPa3OYfE3uhf6qg1
mNVOayTQbtkpF8I5bbnuQRaosHsSmGk3Kn/bbr611T2BY8t4
-----END CERTIFICATE-----
Generated at Sun Apr 6 05:16:39 2025 by rpki-client