Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/0d8be8-b4b4-436e-86e2-ba4c56d8c0ce/1/a66Wq_cz1-opkUh3xxWdvnCXHIE.roa
File: a66Wq_cz1-opkUh3xxWdvnCXHIE.roa (raw, json)
Hash identifier: RBd7B7hKzSBV9gC+hmCCrVD1uw4jr8IoDZkTqDG8H1A=
Subject key identifier: 6B:AE:96:AB:F7:33:D7:EA:29:91:48:77:C7:15:9D:BE:70:97:1C:81
Certificate issuer: /CN=e1b9a3ce0f593910819c3271e1e8d0bd1371a6be
Certificate serial: 019427B479595E7C16F95B790C2062D745A8
Authority key identifier: E1:B9:A3:CE:0F:59:39:10:81:9C:32:71:E1:E8:D0:BD:13:71:A6:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4bmjzg9ZORCBnDJx4ejQvRNxpr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/0d8be8-b4b4-436e-86e2-ba4c56d8c0ce/1/a66Wq_cz1-opkUh3xxWdvnCXHIE.roa
Signing time: Thu 02 Jan 2025 15:48:46 +0000
ROA not before: Thu 02 Jan 2025 15:48:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197706
IP address blocks: 2a0d:1dc0::/29 maxlen: 48
2a0d:4940::/29 maxlen: 48
2a0d:4941::/32 maxlen: 48
2a0d:4942::/32 maxlen: 48
2a0d:4943::/32 maxlen: 48
2a0d:4944::/32 maxlen: 48
2a0d:4945::/32 maxlen: 48
2a0d:4946::/32 maxlen: 48
2a0d:4947::/32 maxlen: 48
2a0e:abc0::/29 maxlen: 48
2a0e:abc1::/32 maxlen: 32
2a0f:4780::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/0d8be8-b4b4-436e-86e2-ba4c56d8c0ce/1/4bmjzg9ZORCBnDJx4ejQvRNxpr4.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/0d8be8-b4b4-436e-86e2-ba4c56d8c0ce/1/4bmjzg9ZORCBnDJx4ejQvRNxpr4.mft
rsync://rpki.ripe.net/repository/DEFAULT/4bmjzg9ZORCBnDJx4ejQvRNxpr4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 16:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b4:79:59:5e:7c:16:f9:5b:79:0c:20:62:d7:45:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1b9a3ce0f593910819c3271e1e8d0bd1371a6be
Validity
Not Before: Jan 2 15:48:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6bae96abf733d7ea29914877c7159dbe70971c81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:5b:93:1b:73:c9:00:b0:e2:0a:cf:6e:d4:5e:
cf:a4:8c:92:b4:b3:8e:a7:51:8e:ad:6f:39:5c:a0:
75:57:83:e7:62:12:72:da:2d:3a:e1:18:da:2c:96:
28:47:a2:01:9b:cd:c8:ab:f3:bc:aa:d2:54:e9:29:
3e:ee:c5:18:95:ac:13:25:43:12:6d:6a:b4:13:4d:
21:45:bd:f6:17:51:d4:86:16:64:f2:53:ce:12:c3:
93:0c:5e:2c:17:cd:d8:be:08:f4:93:77:d4:34:df:
be:85:47:93:3e:1c:9a:e8:4a:91:8b:2b:1d:4c:d3:
d4:1f:69:e8:8e:f1:a8:c8:1a:f3:2e:e9:17:03:6c:
a6:ca:53:7f:57:2c:22:76:7a:fa:00:61:8f:9c:2b:
d5:02:53:5c:02:8b:93:3e:be:3a:1f:5b:5a:50:4e:
30:dc:22:9a:0f:e1:05:8b:bc:b3:55:3e:1b:1f:87:
5f:93:97:62:2b:b0:8b:f8:48:2b:07:e8:8b:e3:d2:
40:2f:04:98:91:d8:a6:a7:23:e5:90:a6:51:4a:f7:
1f:27:f6:65:5a:b9:63:23:2d:53:53:c2:47:d2:7a:
b1:38:6c:35:b4:e9:f3:0d:c7:83:f6:0c:df:8c:95:
c1:c6:fc:fc:89:ee:4c:dc:6b:7e:49:a5:85:38:98:
32:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:AE:96:AB:F7:33:D7:EA:29:91:48:77:C7:15:9D:BE:70:97:1C:81
X509v3 Authority Key Identifier:
keyid:E1:B9:A3:CE:0F:59:39:10:81:9C:32:71:E1:E8:D0:BD:13:71:A6:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4bmjzg9ZORCBnDJx4ejQvRNxpr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/0d8be8-b4b4-436e-86e2-ba4c56d8c0ce/1/a66Wq_cz1-opkUh3xxWdvnCXHIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/0d8be8-b4b4-436e-86e2-ba4c56d8c0ce/1/4bmjzg9ZORCBnDJx4ejQvRNxpr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:1dc0::/29
2a0d:4940::/29
2a0e:abc0::/29
2a0f:4780::/29
Signature Algorithm: sha256WithRSAEncryption
43:89:44:0a:1c:92:df:35:1a:b2:b7:14:d7:8f:d3:07:3d:4c:
28:42:2d:f7:72:c4:77:63:01:15:b3:3a:6c:7f:36:9f:2b:dd:
60:6a:9c:dd:0c:ff:c2:dc:da:c2:1a:66:f2:38:1f:f7:e1:63:
3b:ad:3a:4b:4a:20:81:6c:0f:43:9a:b2:f1:fd:3e:1b:d2:b5:
0e:54:fc:2f:a9:71:dc:3a:6d:fc:ce:55:46:4f:bd:35:e6:a8:
7c:db:b8:c9:ac:b7:6d:da:d9:5e:dd:e9:96:fb:61:14:ab:00:
9b:d7:f1:22:f5:9d:55:59:97:3c:1f:66:2c:fb:6c:27:a9:36:
29:cb:6d:83:d6:ab:f1:29:b1:64:10:49:72:7a:5f:e1:59:e9:
86:a9:f1:b1:5e:b6:70:33:7e:a0:c9:fc:82:29:29:14:89:50:
68:f4:28:68:ad:e3:f8:5c:5c:0c:88:32:88:75:33:64:85:fd:
33:8e:42:55:6a:33:d9:b8:f4:45:1c:cb:93:0d:39:ad:c8:ed:
d5:37:e5:f2:b2:d2:4d:dc:21:d5:ba:bf:54:ea:27:1d:4d:c8:
84:03:39:13:7d:c9:2a:3b:54:4e:e9:60:35:ca:f0:34:ce:47:
ad:3a:30:a7:2a:16:1b:f3:e7:9f:f5:15:27:fa:3a:54:ba:b9:
91:a3:4a:5c
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZQntHlZXnwW+Vt5DCBi10WoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxYjlhM2NlMGY1OTM5MTA4MTljMzI3MWUxZThkMGJkMTM3
MWE2YmUwHhcNMjUwMTAyMTU0ODQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmFlOTZhYmY3MzNkN2VhMjk5MTQ4NzdjNzE1OWRiZTcwOTcxYzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyVuTG3PJALDiCs9u1F7PpIyStLOO
p1GOrW85XKB1V4PnYhJy2i064RjaLJYoR6IBm83Iq/O8qtJU6Sk+7sUYlawTJUMS
bWq0E00hRb32F1HUhhZk8lPOEsOTDF4sF83Yvgj0k3fUNN++hUeTPhya6EqRiysd
TNPUH2nojvGoyBrzLukXA2ymylN/Vywidnr6AGGPnCvVAlNcAouTPr46H1taUE4w
3CKaD+EFi7yzVT4bH4dfk5diK7CL+EgrB+iL49JALwSYkdimpyPlkKZRSvcfJ/Zl
WrljIy1TU8JH0nqxOGw1tOnzDceD9gzfjJXBxvz8ie5M3Gt+SaWFOJgyVQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFGuulqv3M9fqKZFId8cVnb5wlxyBMB8GA1UdIwQY
MBaAFOG5o84PWTkQgZwyceHo0L0Tcaa+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGJtanpnOVpPUkNCbkRKeDRlalF2Uk54cHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC8wZDhiZTgtYjRiNC00MzZlLTg2ZTIt
YmE0YzU2ZDhjMGNlLzEvYTY2V3FfY3oxLW9wa1VoM3h4V2R2bkNYSElFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC8wZDhiZTgtYjRiNC00MzZlLTg2ZTItYmE0YzU2ZDhjMGNl
LzEvNGJtanpnOVpPUkNCbkRKeDRlalF2Uk54cHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKg0dwAMF
AyoNSUADBQMqDqvAAwUDKg9HgDANBgkqhkiG9w0BAQsFAAOCAQEAQ4lEChyS3zUa
srcU14/TBz1MKEIt93LEd2MBFbM6bH82nyvdYGqc3Qz/wtzawhpm8jgf9+FjO606
S0oggWwPQ5qy8f0+G9K1DlT8L6lx3Dpt/M5VRk+9NeaofNu4yay3bdrZXt3plvth
FKsAm9fxIvWdVVmXPB9mLPtsJ6k2Kcttg9ar8SmxZBBJcnpf4VnphqnxsV62cDN+
oMn8gikpFIlQaPQoaK3j+FxcDIgyiHUzZIX9M45CVWoz2bj0RRzLkw05rcjt1Tfl
8rLSTdwh1bq/VOonHU3IhAM5E33JKjtUTulgNcrwNM5HrTowpyoWG/Pnn/UVJ/o6
VLq5kaNKXA==
-----END CERTIFICATE-----
Generated at Mon Apr 7 02:34:45 2025 by rpki-client