Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/_3sIjV0NzBRBUXOfv_g2UXCkao8.roa
File: _3sIjV0NzBRBUXOfv_g2UXCkao8.roa (raw, json)
Hash identifier: cQ3AbgfUz8fqilC4hhCtVaH0mIMtsn/x+ig6JhvdshA=
Subject key identifier: FF:7B:08:8D:5D:0D:CC:14:41:51:73:9F:BF:F8:36:51:70:A4:6A:8F
Certificate issuer: /CN=9a24b27d9f3df6e14ebc79e146e8be32754bf800
Certificate serial: 019600ABEE349EF04E16A0B22055F1875790
Authority key identifier: 9A:24:B2:7D:9F:3D:F6:E1:4E:BC:79:E1:46:E8:BE:32:75:4B:F8:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/miSyfZ899uFOvHnhRui-MnVL-AA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/_3sIjV0NzBRBUXOfv_g2UXCkao8.roa
Signing time: Fri 04 Apr 2025 11:59:49 +0000
ROA not before: Fri 04 Apr 2025 11:59:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25369
IP address blocks: 2a09:a702::/46 maxlen: 48
2a09:a702:6::/48 maxlen: 48
2a09:a702:7::/48 maxlen: 48
2a09:a702:8::/48 maxlen: 48
2a09:a702:9::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/miSyfZ899uFOvHnhRui-MnVL-AA.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/miSyfZ899uFOvHnhRui-MnVL-AA.mft
rsync://rpki.ripe.net/repository/DEFAULT/miSyfZ899uFOvHnhRui-MnVL-AA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 11 Apr 2025 11:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:00:ab:ee:34:9e:f0:4e:16:a0:b2:20:55:f1:87:57:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a24b27d9f3df6e14ebc79e146e8be32754bf800
Validity
Not Before: Apr 4 11:59:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ff7b088d5d0dcc144151739fbff8365170a46a8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:b9:8d:13:37:b6:0f:fe:7e:da:99:fa:4f:cc:
53:08:c1:5d:c2:c4:89:e5:b9:8e:59:8b:2f:36:32:
ef:59:60:bf:1a:45:00:98:62:48:6b:fa:4c:4e:12:
48:ab:fa:f4:02:4f:70:28:02:29:0d:fd:ea:d3:86:
92:eb:f1:c1:fe:fe:cf:79:44:56:ff:1b:d3:10:b7:
5a:25:cd:6c:a5:a7:bf:c4:d9:ae:6a:bd:86:ef:7c:
65:60:cd:3b:98:0d:b3:12:e8:40:b1:c6:dc:33:fb:
25:7c:60:61:57:33:35:59:f2:5e:ff:1a:9d:47:e7:
74:95:5e:43:fe:fc:c1:74:1f:8d:02:10:f1:8e:d0:
17:23:27:0c:78:a4:88:80:ed:ed:e3:0c:91:c0:35:
c2:31:b2:d1:18:5b:8e:13:f4:50:5e:ca:59:e3:97:
59:12:6d:8b:f8:78:e2:93:3e:89:73:57:94:1a:af:
22:c5:38:b6:86:c3:0b:13:1d:2e:05:3b:9b:b2:23:
95:29:fd:08:79:66:5b:87:63:50:67:a4:3f:31:94:
0d:9e:b8:e4:19:e4:c4:a9:7a:49:a2:06:64:26:ce:
fe:4f:1f:9a:a5:9e:cf:49:f2:6f:0b:0e:44:e7:91:
f0:09:17:f5:0b:13:30:12:4e:22:a1:7b:d8:fc:5f:
3c:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:7B:08:8D:5D:0D:CC:14:41:51:73:9F:BF:F8:36:51:70:A4:6A:8F
X509v3 Authority Key Identifier:
keyid:9A:24:B2:7D:9F:3D:F6:E1:4E:BC:79:E1:46:E8:BE:32:75:4B:F8:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/miSyfZ899uFOvHnhRui-MnVL-AA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/_3sIjV0NzBRBUXOfv_g2UXCkao8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/miSyfZ899uFOvHnhRui-MnVL-AA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:a702::/46
2a09:a702:6::-2a09:a702:9:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
3a:92:b1:8d:99:1f:75:58:0f:b4:8d:25:11:5f:0b:da:c4:37:
46:2b:0b:56:9c:89:5a:cb:b8:12:9d:4c:e4:79:c7:c2:44:5e:
98:69:01:92:66:32:bb:75:65:5f:01:a2:e2:c4:cf:dc:c5:66:
00:eb:ab:a5:20:95:9e:76:94:63:25:29:02:48:09:0f:ef:62:
dd:83:95:64:6d:3e:e8:1f:77:08:13:53:4f:03:15:8f:10:a0:
33:56:95:dd:e6:07:57:ce:ab:9c:f2:2a:66:45:a1:26:60:90:
d4:5e:30:81:83:07:2a:b6:24:d4:85:7f:bc:55:5a:6b:a5:6e:
ce:fc:a0:b5:31:f1:b2:06:90:e6:56:25:c4:a8:0a:ce:7a:cd:
8e:aa:48:ea:b2:22:b9:de:42:98:87:e1:6b:41:58:49:80:21:
56:48:3a:64:94:6f:b2:c9:6d:51:0b:00:16:8b:45:63:aa:07:
10:cf:b5:ed:f7:24:a8:a2:21:cb:ad:85:78:a5:38:35:1c:a3:
4c:eb:e8:a8:ef:be:e3:b1:0d:4b:2d:d4:54:1c:1b:2b:7c:5f:
56:66:ec:b5:84:1a:9b:a3:66:91:80:c4:0e:e0:34:c5:6c:e3:
bd:32:b6:ae:a5:f2:35:32:50:76:e2:33:bc:96:39:8b:c3:6a:
30:6b:47:f7
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZYAq+40nvBOFqCyIFXxh1eQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMjRiMjdkOWYzZGY2ZTE0ZWJjNzllMTQ2ZThiZTMyNzU0
YmY4MDAwHhcNMjUwNDA0MTE1OTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjdiMDg4ZDVkMGRjYzE0NDE1MTczOWZiZmY4MzY1MTcwYTQ2YThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3bmNEze2D/5+2pn6T8xTCMFdwsSJ
5bmOWYsvNjLvWWC/GkUAmGJIa/pMThJIq/r0Ak9wKAIpDf3q04aS6/HB/v7PeURW
/xvTELdaJc1spae/xNmuar2G73xlYM07mA2zEuhAscbcM/slfGBhVzM1WfJe/xqd
R+d0lV5D/vzBdB+NAhDxjtAXIycMeKSIgO3t4wyRwDXCMbLRGFuOE/RQXspZ45dZ
Em2L+Hjikz6Jc1eUGq8ixTi2hsMLEx0uBTubsiOVKf0IeWZbh2NQZ6Q/MZQNnrjk
GeTEqXpJogZkJs7+Tx+apZ7PSfJvCw5E55HwCRf1CxMwEk4ioXvY/F888wIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFP97CI1dDcwUQVFzn7/4NlFwpGqPMB8GA1UdIwQY
MBaAFJoksn2fPfbhTrx54UbovjJ1S/gAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWlTeWZaODk5dUZPdkhuaFJ1aS1NblZMLUFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8wMjUxZjItYTFiYi00NGZiLWI5MDgt
NDhkNWZmNGJhMjU1LzEvXzNzSWpWME56QlJCVVhPZnZfZzJVWENrYW84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8wMjUxZjItYTFiYi00NGZiLWI5MDgtNDhkNWZmNGJhMjU1
LzEvbWlTeWZaODk5dUZPdkhuaFJ1aS1NblZMLUFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAAjAdAwcCKgmnAgAA
MBIDBwEqCacCAAYDBwEqCacCAAgwDQYJKoZIhvcNAQELBQADggEBADqSsY2ZH3VY
D7SNJRFfC9rEN0YrC1aciVrLuBKdTOR5x8JEXphpAZJmMrt1ZV8BouLEz9zFZgDr
q6UglZ52lGMlKQJICQ/vYt2DlWRtPugfdwgTU08DFY8QoDNWld3mB1fOq5zyKmZF
oSZgkNReMIGDByq2JNSFf7xVWmulbs78oLUx8bIGkOZWJcSoCs56zY6qSOqyIrne
QpiH4WtBWEmAIVZIOmSUb7LJbVELABaLRWOqBxDPte33JKiiIcuthXilODUco0zr
6KjvvuOxDUst1FQcGyt8X1Zm7LWEGpujZpGAxA7gNMVs470ytq6l8jUyUHbiM7yW
OYvDajBrR/c=
-----END CERTIFICATE-----
Generated at Thu Apr 10 21:33:23 2025 by rpki-client