Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/f6f5c3-6146-48ca-affa-3d8584cf53fe/1/g-0mYXlZCCbY8bUpprXLVbOiC9A.roa
File: g-0mYXlZCCbY8bUpprXLVbOiC9A.roa (raw, json)
Hash identifier: hFmcyS+hXU9/y3wiy+mf+wC/haCuFA1o+qKC1n/PUV4=
Subject key identifier: 83:ED:26:61:79:59:08:26:D8:F1:B5:29:A6:B5:CB:55:B3:A2:0B:D0
Certificate issuer: /CN=429c54be1da7e738e3c96ffb41f1ea3900a67be8
Certificate serial: 019423D6B73B583144D51552E727B9EE2344
Authority key identifier: 42:9C:54:BE:1D:A7:E7:38:E3:C9:6F:FB:41:F1:EA:39:00:A6:7B:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QpxUvh2n5zjjyW_7QfHqOQCme-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/f6f5c3-6146-48ca-affa-3d8584cf53fe/1/g-0mYXlZCCbY8bUpprXLVbOiC9A.roa
Signing time: Wed 01 Jan 2025 21:47:41 +0000
ROA not before: Wed 01 Jan 2025 21:47:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209432
IP address blocks: 2a0e:cc0::/29 maxlen: 29
2a0e:cc0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/f6f5c3-6146-48ca-affa-3d8584cf53fe/1/QpxUvh2n5zjjyW_7QfHqOQCme-g.crl
rsync://rpki.ripe.net/repository/DEFAULT/d7/f6f5c3-6146-48ca-affa-3d8584cf53fe/1/QpxUvh2n5zjjyW_7QfHqOQCme-g.mft
rsync://rpki.ripe.net/repository/DEFAULT/QpxUvh2n5zjjyW_7QfHqOQCme-g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:b7:3b:58:31:44:d5:15:52:e7:27:b9:ee:23:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=429c54be1da7e738e3c96ffb41f1ea3900a67be8
Validity
Not Before: Jan 1 21:47:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=83ed266179590826d8f1b529a6b5cb55b3a20bd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:6d:9b:3c:1b:4f:6d:55:f1:23:d1:ce:43:a2:
57:2d:94:34:88:cb:2d:fb:29:ab:f1:95:1f:1b:24:
b0:d7:40:54:fe:97:5b:6b:8e:62:16:5d:80:e1:1b:
d1:a5:08:f2:e7:cf:04:68:3b:84:06:93:e9:92:10:
34:1e:31:8c:58:41:9f:39:8b:c1:82:a0:e8:9b:27:
f9:9c:fc:3d:a4:9a:78:4f:4a:9e:57:29:2f:0b:a2:
b9:d9:20:6f:f1:72:7a:ea:d9:a3:bb:a7:cf:9d:cb:
16:03:74:8a:ce:31:b4:06:d9:6b:f4:c3:8c:f6:fb:
d6:1e:5b:51:dd:c4:e8:8e:ee:be:aa:59:ff:4e:e0:
c4:28:f2:e9:f0:07:61:b0:5e:e1:d2:cb:71:3e:b2:
da:ee:fe:d4:7d:be:38:f7:f1:f0:a6:82:20:52:3f:
e3:47:c4:54:4f:50:e5:40:43:aa:91:22:55:ee:71:
c7:7b:67:dd:0c:b2:be:2b:fb:31:a5:85:6a:e8:b1:
cf:53:42:9a:56:c9:dd:bc:85:43:f7:09:50:b7:66:
81:10:2d:d4:92:52:7b:07:b2:3b:2b:e5:ee:c0:e5:
9a:6a:4d:16:9f:1c:57:7f:f6:64:04:10:1b:22:72:
7e:67:71:26:87:22:28:f6:d5:8a:70:35:95:32:21:
02:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:ED:26:61:79:59:08:26:D8:F1:B5:29:A6:B5:CB:55:B3:A2:0B:D0
X509v3 Authority Key Identifier:
keyid:42:9C:54:BE:1D:A7:E7:38:E3:C9:6F:FB:41:F1:EA:39:00:A6:7B:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QpxUvh2n5zjjyW_7QfHqOQCme-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/f6f5c3-6146-48ca-affa-3d8584cf53fe/1/g-0mYXlZCCbY8bUpprXLVbOiC9A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/f6f5c3-6146-48ca-affa-3d8584cf53fe/1/QpxUvh2n5zjjyW_7QfHqOQCme-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:cc0::/29
Signature Algorithm: sha256WithRSAEncryption
c4:a4:49:b1:79:03:ad:0e:90:3a:66:97:60:13:8a:b4:99:fb:
65:86:bc:40:7a:5c:07:91:15:88:5e:11:77:2d:53:e7:22:f6:
02:1e:fc:b8:c2:66:5b:9f:53:99:b7:0a:b5:d6:ce:67:3c:f2:
e9:c2:50:c0:21:f0:a7:2e:6d:c2:df:c9:fb:f4:1d:01:26:98:
24:c6:ac:2a:79:a0:33:40:f8:f1:06:08:e1:bd:fc:fd:c5:88:
d2:66:07:53:e9:2e:a1:5c:e2:d4:ef:6f:b5:e5:00:28:9d:f4:
6c:da:cd:f2:4f:35:4e:4d:8a:25:5c:d3:3c:5c:d1:1b:ee:fc:
49:25:00:5f:28:bd:ba:04:86:42:3d:b4:d3:cb:4c:7f:b0:84:
06:5c:24:84:15:94:a4:40:26:16:fd:8f:e6:0b:04:e9:ad:4b:
46:26:2e:f3:c9:e6:59:a4:46:53:13:27:de:25:65:88:5a:4c:
0f:57:ef:72:5e:7e:b1:3b:df:d4:2a:b2:7a:d7:0b:4c:ff:ff:
d5:c7:32:34:09:73:8d:b3:c8:c0:36:f5:59:c6:89:2a:d1:41:
8f:3c:bd:e8:bd:e7:74:1f:fb:66:fa:06:05:58:67:f0:3e:e6:
0d:1e:93:8c:b3:27:66:17:35:61:d1:ad:9d:f1:ad:d0:0b:88:
4f:a3:a1:67
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQj1rc7WDFE1RVS5ye57iNEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyOWM1NGJlMWRhN2U3MzhlM2M5NmZmYjQxZjFlYTM5MDBh
NjdiZTgwHhcNMjUwMTAxMjE0NzQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2VkMjY2MTc5NTkwODI2ZDhmMWI1MjlhNmI1Y2I1NWIzYTIwYmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv22bPBtPbVXxI9HOQ6JXLZQ0iMst
+ymr8ZUfGySw10BU/pdba45iFl2A4RvRpQjy588EaDuEBpPpkhA0HjGMWEGfOYvB
gqDomyf5nPw9pJp4T0qeVykvC6K52SBv8XJ66tmju6fPncsWA3SKzjG0Btlr9MOM
9vvWHltR3cToju6+qln/TuDEKPLp8AdhsF7h0stxPrLa7v7Ufb449/HwpoIgUj/j
R8RUT1DlQEOqkSJV7nHHe2fdDLK+K/sxpYVq6LHPU0KaVsndvIVD9wlQt2aBEC3U
klJ7B7I7K+XuwOWaak0WnxxXf/ZkBBAbInJ+Z3EmhyIo9tWKcDWVMiECswIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIPtJmF5WQgm2PG1Kaa1y1WzogvQMB8GA1UdIwQY
MBaAFEKcVL4dp+c448lv+0Hx6jkApnvoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXB4VXZoMm41empqeVdfN1FmSHFPUUNtZS1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9mNmY1YzMtNjE0Ni00OGNhLWFmZmEt
M2Q4NTg0Y2Y1M2ZlLzEvZy0wbVlYbFpDQ2JZOGJVcHByWExWYk9pQzlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9mNmY1YzMtNjE0Ni00OGNhLWFmZmEtM2Q4NTg0Y2Y1M2Zl
LzEvUXB4VXZoMm41empqeVdfN1FmSHFPUUNtZS1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg4MwDAN
BgkqhkiG9w0BAQsFAAOCAQEAxKRJsXkDrQ6QOmaXYBOKtJn7ZYa8QHpcB5EViF4R
dy1T5yL2Ah78uMJmW59TmbcKtdbOZzzy6cJQwCHwpy5twt/J+/QdASaYJMasKnmg
M0D48QYI4b38/cWI0mYHU+kuoVzi1O9vteUAKJ30bNrN8k81Tk2KJVzTPFzRG+78
SSUAXyi9ugSGQj2008tMf7CEBlwkhBWUpEAmFv2P5gsE6a1LRiYu88nmWaRGUxMn
3iVliFpMD1fvcl5+sTvf1CqyetcLTP//1ccyNAlzjbPIwDb1WcaJKtFBjzy96L3n
dB/7ZvoGBVhn8D7mDR6TjLMnZhc1YdGtnfGt0AuIT6OhZw==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:51:47 2025 by rpki-client