Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/kchdqAvrYtBqhZtEx_cp0fWe3h8.roa
File: kchdqAvrYtBqhZtEx_cp0fWe3h8.roa (raw, json)
Hash identifier: ow9NltT/0nYo1gJRfP0JFtnaIA4gW6pZa8MYDijSwnM=
Subject key identifier: 91:C8:5D:A8:0B:EB:62:D0:6A:85:9B:44:C7:F7:29:D1:F5:9E:DE:1F
Certificate issuer: /CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Certificate serial: 01942143EC1EB69071D940ACEABCBB714D38
Authority key identifier: 7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/kchdqAvrYtBqhZtEx_cp0fWe3h8.roa
Signing time: Wed 01 Jan 2025 09:48:06 +0000
ROA not before: Wed 01 Jan 2025 09:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214515
IP address blocks: 2a05:9080:6::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.mft
rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:ec:1e:b6:90:71:d9:40:ac:ea:bc:bb:71:4d:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Validity
Not Before: Jan 1 09:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=91c85da80beb62d06a859b44c7f729d1f59ede1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:cc:b9:bb:22:c5:ff:eb:90:21:e8:12:06:0f:
1f:b5:67:a2:bd:95:d0:e3:4f:b7:66:f3:26:2e:25:
49:e1:25:3b:f1:da:fe:a1:dd:b7:d6:75:bb:f3:57:
f8:ea:97:e0:af:cb:7c:79:ec:d9:7a:ee:26:1a:a1:
e2:0c:d2:33:b2:c5:a2:c3:34:92:8d:8e:b7:37:51:
6f:e5:06:4e:74:13:5b:dc:a7:08:0b:4d:d7:eb:e5:
3f:82:31:31:d8:9f:19:ae:13:9d:a9:84:62:2e:fb:
c8:b2:95:04:a7:6c:03:7f:27:49:26:09:73:03:c7:
58:c1:ee:d2:5e:13:89:a8:f7:e5:cd:85:94:4b:96:
96:7a:bb:e7:29:93:55:cf:cc:78:06:59:8f:a0:61:
ba:c6:21:92:1c:01:0f:69:8d:6c:4a:7d:5c:48:f7:
4a:09:b2:71:34:5d:74:44:83:80:47:16:68:31:fa:
ad:59:c3:34:8d:cd:3b:25:77:a2:12:96:52:f7:fa:
39:57:99:be:12:90:97:29:8a:c0:06:7b:2b:03:3f:
3b:29:a4:4a:a9:e1:5a:7f:68:34:27:d7:7b:84:e4:
ee:a6:5f:20:16:c5:dc:87:2e:61:3d:33:55:b3:6a:
83:cf:7a:23:5e:66:b5:de:05:c1:5e:4d:37:71:f6:
ff:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:C8:5D:A8:0B:EB:62:D0:6A:85:9B:44:C7:F7:29:D1:F5:9E:DE:1F
X509v3 Authority Key Identifier:
keyid:7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/kchdqAvrYtBqhZtEx_cp0fWe3h8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:9080:6::/48
Signature Algorithm: sha256WithRSAEncryption
2b:17:2b:43:53:39:6d:49:3a:f0:37:80:17:19:5a:3d:4b:e3:
08:3e:91:7a:04:41:63:cd:47:f2:3b:31:7d:6f:9d:ab:cd:cc:
a0:24:0b:31:29:67:87:4e:38:cf:04:94:46:63:66:6f:f2:d3:
75:a7:c7:c8:bd:ba:42:b7:a7:a7:6d:44:f3:69:1c:5b:df:6e:
14:29:f5:c0:32:3d:7b:3c:91:74:08:71:69:2c:e2:fd:d0:3d:
34:b4:05:e9:48:e6:cc:31:5c:ef:52:4f:dc:ac:9f:c9:0a:64:
36:ba:fa:2b:4c:a8:df:cc:51:df:9f:e7:0b:a1:4d:01:43:a9:
1d:be:aa:66:40:cb:31:05:ff:c0:4c:9c:76:c7:22:e8:bc:1a:
8a:46:76:7b:63:f4:cd:fd:60:2d:7b:91:22:02:22:f0:f6:80:
ca:8e:ef:10:5b:e9:da:42:b4:ac:0e:ca:d5:d7:7a:c2:57:72:
3b:69:35:5f:48:51:ed:7d:3e:86:bc:15:fc:32:d4:3b:aa:e4:
f8:c7:9a:4d:2b:8b:18:74:2d:ba:29:60:fb:f1:74:09:be:a0:
16:42:35:d5:83:58:df:1c:92:88:4f:af:0d:9a:4d:ad:0e:55:
5b:6e:11:7b:84:3b:6d:e9:01:60:4a:c3:9f:90:c2:fe:b7:98:
f0:c3:9c:b0
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQhQ+wetpBx2UCs6ry7cU04MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2QwMjJhMjQwY2U3MWUwYTZlMWU5YWFlMDExMmRhODQw
Y2MzNGIwHhcNMjUwMTAxMDk0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWM4NWRhODBiZWI2MmQwNmE4NTliNDRjN2Y3MjlkMWY1OWVkZTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7cy5uyLF/+uQIegSBg8ftWeivZXQ
40+3ZvMmLiVJ4SU78dr+od231nW781f46pfgr8t8eezZeu4mGqHiDNIzssWiwzSS
jY63N1Fv5QZOdBNb3KcIC03X6+U/gjEx2J8ZrhOdqYRiLvvIspUEp2wDfydJJglz
A8dYwe7SXhOJqPflzYWUS5aWervnKZNVz8x4BlmPoGG6xiGSHAEPaY1sSn1cSPdK
CbJxNF10RIOARxZoMfqtWcM0jc07JXeiEpZS9/o5V5m+EpCXKYrABnsrAz87KaRK
qeFaf2g0J9d7hOTupl8gFsXchy5hPTNVs2qDz3ojXma13gXBXk03cfb/GwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJHIXagL62LQaoWbRMf3KdH1nt4fMB8GA1UdIwQY
MBaAFHw9AiokDOceCm4emq4BEtqEDMNLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYt
MDk0ODk4OWU2ZDU1LzEva2NoZHFBdnJZdEJxaFp0RXhfY3AwZldlM2g4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYtMDk0ODk4OWU2ZDU1
LzEvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgWQgAAG
MA0GCSqGSIb3DQEBCwUAA4IBAQArFytDUzltSTrwN4AXGVo9S+MIPpF6BEFjzUfy
OzF9b52rzcygJAsxKWeHTjjPBJRGY2Zv8tN1p8fIvbpCt6enbUTzaRxb324UKfXA
Mj17PJF0CHFpLOL90D00tAXpSObMMVzvUk/crJ/JCmQ2uvorTKjfzFHfn+cLoU0B
Q6kdvqpmQMsxBf/ATJx2xyLovBqKRnZ7Y/TN/WAte5EiAiLw9oDKju8QW+naQrSs
DsrV13rCV3I7aTVfSFHtfT6GvBX8MtQ7quT4x5pNK4sYdC26KWD78XQJvqAWQjXV
g1jfHJKIT68Nmk2tDlVbbhF7hDtt6QFgSsOfkML+t5jww5yw
-----END CERTIFICATE-----
Generated at Wed Feb 5 08:52:54 2025 by rpki-client