Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/bbb30b-2688-4a6e-b2a2-1399a282227a/1/Ja52sUHZmNxWRgmcFqK35S3gf4U.roa
File: Ja52sUHZmNxWRgmcFqK35S3gf4U.roa (raw, json)
Hash identifier: gzJdIYNLI5m1VhTa8D7lky18Y5IJWwZN4llDEnmcK1o=
Subject key identifier: 25:AE:76:B1:41:D9:98:DC:56:46:09:9C:16:A2:B7:E5:2D:E0:7F:85
Certificate issuer: /CN=9a5550e908a9b9688c29aac9895353dea836c45a
Certificate serial: 019421B1E2EFFDFE9C6286CDB5D012CC349F
Authority key identifier: 9A:55:50:E9:08:A9:B9:68:8C:29:AA:C9:89:53:53:DE:A8:36:C4:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mlVQ6QipuWiMKarJiVNT3qg2xFo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/bbb30b-2688-4a6e-b2a2-1399a282227a/1/Ja52sUHZmNxWRgmcFqK35S3gf4U.roa
Signing time: Wed 01 Jan 2025 11:48:13 +0000
ROA not before: Wed 01 Jan 2025 11:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62571
IP address blocks: 2a02:e980:1e::/48 maxlen: 48
2a02:e980:25::/48 maxlen: 48
2a02:e982:1e::/48 maxlen: 48
2a02:e982:31::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/bbb30b-2688-4a6e-b2a2-1399a282227a/1/mlVQ6QipuWiMKarJiVNT3qg2xFo.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/bbb30b-2688-4a6e-b2a2-1399a282227a/1/mlVQ6QipuWiMKarJiVNT3qg2xFo.mft
rsync://rpki.ripe.net/repository/DEFAULT/mlVQ6QipuWiMKarJiVNT3qg2xFo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 22:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:e2:ef:fd:fe:9c:62:86:cd:b5:d0:12:cc:34:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a5550e908a9b9688c29aac9895353dea836c45a
Validity
Not Before: Jan 1 11:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=25ae76b141d998dc5646099c16a2b7e52de07f85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:26:2a:66:3c:65:6c:98:b0:1b:c0:a3:9b:68:
3d:cf:49:13:a5:bb:97:b5:34:27:e4:0a:0d:4d:a5:
89:53:b9:2d:88:2c:dd:c4:a9:fb:db:18:51:d7:71:
82:61:60:d6:c3:3c:02:75:06:d4:5a:10:ba:75:0c:
3d:0e:96:67:7c:04:e2:d5:5b:b9:e8:0f:5a:3e:85:
13:39:0d:e8:4c:be:d9:59:a9:39:63:e3:11:8e:c4:
5e:fd:cb:9f:6f:3a:e2:f7:4b:80:34:c1:ca:38:45:
37:d9:eb:36:8f:52:af:82:59:39:ea:26:27:c4:c1:
eb:dc:5e:26:0f:72:90:56:31:14:a6:c4:92:80:c5:
1c:e5:20:88:a9:51:6b:1a:99:34:db:94:75:8e:97:
39:60:0a:27:37:6d:79:b7:59:1b:ba:1a:54:87:99:
e1:7c:07:b8:a5:c8:05:79:5e:97:be:40:90:d5:3c:
1b:7d:79:bb:61:d8:0a:b2:a9:46:d0:2f:0c:d1:ec:
9b:d8:5b:d2:8f:78:0c:8a:cf:f4:c8:01:c5:ab:1e:
43:25:96:60:f0:6c:1a:ca:a5:1f:62:2f:e4:6a:10:
57:77:b7:a7:ab:ab:cd:1e:8e:82:6a:d7:0f:a0:5d:
34:85:a3:54:4b:1a:3d:96:b3:91:18:a2:c0:a4:72:
9a:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:AE:76:B1:41:D9:98:DC:56:46:09:9C:16:A2:B7:E5:2D:E0:7F:85
X509v3 Authority Key Identifier:
keyid:9A:55:50:E9:08:A9:B9:68:8C:29:AA:C9:89:53:53:DE:A8:36:C4:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mlVQ6QipuWiMKarJiVNT3qg2xFo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/bbb30b-2688-4a6e-b2a2-1399a282227a/1/Ja52sUHZmNxWRgmcFqK35S3gf4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/bbb30b-2688-4a6e-b2a2-1399a282227a/1/mlVQ6QipuWiMKarJiVNT3qg2xFo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:e980:1e::/48
2a02:e980:25::/48
2a02:e982:1e::/48
2a02:e982:31::/48
Signature Algorithm: sha256WithRSAEncryption
2d:a6:c1:6e:51:b5:06:28:33:5d:94:0b:03:d3:d7:8f:d2:87:
c7:65:41:4c:a0:75:91:33:d8:cf:75:9b:f8:3e:09:06:24:40:
0b:f4:3f:b2:28:d1:eb:6b:cd:c8:77:c5:38:1d:a1:dc:03:df:
62:12:ed:a2:d5:c0:d7:c4:ec:31:b0:e4:af:0a:c9:28:cb:46:
b1:a5:6d:c2:bc:4c:dd:80:af:37:0b:93:c9:57:37:9c:95:2c:
ee:f6:2c:ac:42:d6:e1:96:0a:6f:65:be:e3:70:22:b4:7f:7c:
f4:97:f8:3a:b5:78:7f:42:a5:b0:11:59:ff:ab:a6:95:8e:01:
d4:d2:11:fc:57:ee:d9:88:60:3d:b5:cc:50:6e:71:56:90:95:
5d:8e:c0:7a:18:af:33:fa:86:79:4e:f5:14:07:f4:98:40:87:
4b:89:28:d2:da:60:f7:f2:39:e4:28:3b:18:d9:ff:96:ce:ea:
86:30:bb:70:06:b0:72:ad:a0:01:ae:7a:d3:f1:16:c0:fe:dd:
bc:85:5a:fd:14:23:be:00:82:3e:d6:66:53:f5:c1:b1:76:6f:
41:f8:a3:0f:dd:bc:92:56:ca:83:02:6c:c6:fb:01:13:af:b9:
c9:c4:0b:99:57:e3:c2:7b:f1:6a:58:55:70:b4:c0:aa:8a:78:
ef:8e:76:59
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQhseLv/f6cYobNtdASzDSfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhNTU1MGU5MDhhOWI5Njg4YzI5YWFjOTg5NTM1M2RlYTgz
NmM0NWEwHhcNMjUwMTAxMTE0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWFlNzZiMTQxZDk5OGRjNTY0NjA5OWMxNmEyYjdlNTJkZTA3Zjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyyYqZjxlbJiwG8Cjm2g9z0kTpbuX
tTQn5AoNTaWJU7ktiCzdxKn72xhR13GCYWDWwzwCdQbUWhC6dQw9DpZnfATi1Vu5
6A9aPoUTOQ3oTL7ZWak5Y+MRjsRe/cufbzri90uANMHKOEU32es2j1Kvglk56iYn
xMHr3F4mD3KQVjEUpsSSgMUc5SCIqVFrGpk025R1jpc5YAonN215t1kbuhpUh5nh
fAe4pcgFeV6XvkCQ1TwbfXm7YdgKsqlG0C8M0eyb2FvSj3gMis/0yAHFqx5DJZZg
8GwayqUfYi/kahBXd7enq6vNHo6CatcPoF00haNUSxo9lrORGKLApHKa2wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFCWudrFB2ZjcVkYJnBait+Ut4H+FMB8GA1UdIwQY
MBaAFJpVUOkIqblojCmqyYlTU96oNsRaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWxWUTZRaXB1V2lNS2FySmlWTlQzcWcyeEZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iYmIzMGItMjY4OC00YTZlLWIyYTIt
MTM5OWEyODIyMjdhLzEvSmE1MnNVSFptTnhXUmdtY0ZxSzM1UzNnZjRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iYmIzMGItMjY4OC00YTZlLWIyYTItMTM5OWEyODIyMjdh
LzEvbWxWUTZRaXB1V2lNS2FySmlWTlQzcWcyeEZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcAKgLpgAAe
AwcAKgLpgAAlAwcAKgLpggAeAwcAKgLpggAxMA0GCSqGSIb3DQEBCwUAA4IBAQAt
psFuUbUGKDNdlAsD09eP0ofHZUFMoHWRM9jPdZv4PgkGJEAL9D+yKNHra83Id8U4
HaHcA99iEu2i1cDXxOwxsOSvCskoy0axpW3CvEzdgK83C5PJVzeclSzu9iysQtbh
lgpvZb7jcCK0f3z0l/g6tXh/QqWwEVn/q6aVjgHU0hH8V+7ZiGA9tcxQbnFWkJVd
jsB6GK8z+oZ5TvUUB/SYQIdLiSjS2mD38jnkKDsY2f+WzuqGMLtwBrByraABrnrT
8RbA/t28hVr9FCO+AII+1mZT9cGxdm9B+KMP3bySVsqDAmzG+wETr7nJxAuZV+PC
e/FqWFVwtMCqinjvjnZZ
-----END CERTIFICATE-----
Generated at Sun Apr 6 06:07:27 2025 by rpki-client