Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/205d24-009f-486a-976f-2ecda11de153/1/L5lOWtMXwmLYho3Arxcpd76R5sw.roa
File: L5lOWtMXwmLYho3Arxcpd76R5sw.roa (raw, json)
Hash identifier: XM0Za1PmkukhwAWipMkx42usukTFibdWlbabSAWWgH4=
Subject key identifier: 2F:99:4E:5A:D3:17:C2:62:D8:86:8D:C0:AF:17:29:77:BE:91:E6:CC
Certificate issuer: /CN=025f2a93db10f2dd5f6a55bb2a440f67486cd1a3
Certificate serial: 019421446B6B2A8D02C9A76629A97E3A5076
Authority key identifier: 02:5F:2A:93:DB:10:F2:DD:5F:6A:55:BB:2A:44:0F:67:48:6C:D1:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Al8qk9sQ8t1falW7KkQPZ0hs0aM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/205d24-009f-486a-976f-2ecda11de153/1/L5lOWtMXwmLYho3Arxcpd76R5sw.roa
Signing time: Wed 01 Jan 2025 09:48:39 +0000
ROA not before: Wed 01 Jan 2025 09:48:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208911
IP address blocks: 2a11:8280::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/205d24-009f-486a-976f-2ecda11de153/1/Al8qk9sQ8t1falW7KkQPZ0hs0aM.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/205d24-009f-486a-976f-2ecda11de153/1/Al8qk9sQ8t1falW7KkQPZ0hs0aM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Al8qk9sQ8t1falW7KkQPZ0hs0aM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 13:43:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:6b:6b:2a:8d:02:c9:a7:66:29:a9:7e:3a:50:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=025f2a93db10f2dd5f6a55bb2a440f67486cd1a3
Validity
Not Before: Jan 1 09:48:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2f994e5ad317c262d8868dc0af172977be91e6cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:6a:4f:0b:50:57:a5:d9:3b:7a:72:0d:73:eb:
f8:0c:cd:a5:be:66:ae:d5:35:6e:87:78:57:e5:13:
7e:77:e4:dc:9a:dd:09:13:4a:98:75:ca:f4:7d:72:
36:64:0a:01:08:42:d6:fc:46:f4:04:53:ce:c2:0d:
64:1a:df:59:30:1c:b2:0b:8a:27:dd:23:eb:e4:95:
85:3c:0c:ee:1f:35:59:2c:f5:9b:2f:dc:0c:c6:05:
e4:ac:3f:c9:09:d0:4a:25:e0:c5:04:b1:2a:af:25:
4e:b8:57:2a:57:31:75:5d:77:3a:09:c4:eb:b5:d6:
3e:09:60:6e:a1:a3:0a:bc:8b:ca:b1:fe:f3:1a:06:
2b:0e:13:fb:ff:42:3e:c9:9f:e9:ce:8e:19:f1:4b:
c4:79:0b:96:36:21:64:a0:98:ad:22:39:e3:58:2b:
f4:2c:e2:61:42:5a:9d:c9:0f:6d:0d:ba:c4:6a:55:
da:67:20:e9:f6:e8:02:ea:c5:d1:36:5d:f4:3b:37:
29:2e:c9:99:3a:ef:39:07:fb:7b:b8:c4:dd:7d:26:
18:2e:7d:5d:97:3b:63:29:3c:e4:4b:8f:8c:08:c3:
9f:d8:d8:5d:7a:78:df:ba:ad:54:f6:08:aa:27:b1:
1e:3d:95:bd:16:67:45:fe:ad:4d:0c:f5:2c:d3:fc:
d8:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:99:4E:5A:D3:17:C2:62:D8:86:8D:C0:AF:17:29:77:BE:91:E6:CC
X509v3 Authority Key Identifier:
keyid:02:5F:2A:93:DB:10:F2:DD:5F:6A:55:BB:2A:44:0F:67:48:6C:D1:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Al8qk9sQ8t1falW7KkQPZ0hs0aM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/205d24-009f-486a-976f-2ecda11de153/1/L5lOWtMXwmLYho3Arxcpd76R5sw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/205d24-009f-486a-976f-2ecda11de153/1/Al8qk9sQ8t1falW7KkQPZ0hs0aM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:8280::/29
Signature Algorithm: sha256WithRSAEncryption
77:eb:05:3f:60:fa:e2:a8:33:e6:17:25:a8:ee:f6:c0:de:5f:
be:65:57:30:dc:82:9f:3a:bf:73:a3:93:05:f5:0d:7a:2f:5b:
f0:cd:cd:29:cb:32:7f:30:48:1d:c0:02:ac:25:9e:f9:14:aa:
90:d4:00:01:79:ca:6e:7e:e6:bd:a1:6b:71:df:86:ac:8a:5a:
8e:57:88:8f:07:46:ed:02:6d:3f:f9:3a:92:79:e3:56:18:52:
9c:f3:61:22:68:53:24:97:34:ee:b5:d0:84:4e:d8:16:10:d1:
41:28:70:5c:34:ac:15:07:72:93:0b:bf:2a:8b:2b:81:a0:89:
ea:02:65:6e:af:71:02:6a:00:71:46:a0:53:8d:a3:0b:70:dd:
b5:b8:7b:de:dd:8e:0c:06:89:74:d4:e6:55:45:ad:3c:ec:13:
29:ca:fd:26:84:7c:8a:49:86:8f:a6:ec:ef:62:5b:cc:68:d5:
b2:66:96:38:26:3f:b4:68:97:54:0c:8d:67:3f:5a:39:0e:a8:
9d:06:7e:95:ea:42:4d:c6:cf:ca:fe:27:f7:5e:d9:89:00:a8:
2f:a9:62:cc:09:de:fa:50:ef:b0:3f:4a:a0:c2:dc:29:ca:04:
12:7d:6f:1d:08:a2:8b:27:3a:ac:85:45:cc:25:67:c5:95:b1:
b7:5f:de:70
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQhRGtrKo0CyadmKal+OlB2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyNWYyYTkzZGIxMGYyZGQ1ZjZhNTViYjJhNDQwZjY3NDg2
Y2QxYTMwHhcNMjUwMTAxMDk0ODM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjk5NGU1YWQzMTdjMjYyZDg4NjhkYzBhZjE3Mjk3N2JlOTFlNmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2GpPC1BXpdk7enINc+v4DM2lvmau
1TVuh3hX5RN+d+Tcmt0JE0qYdcr0fXI2ZAoBCELW/Eb0BFPOwg1kGt9ZMByyC4on
3SPr5JWFPAzuHzVZLPWbL9wMxgXkrD/JCdBKJeDFBLEqryVOuFcqVzF1XXc6CcTr
tdY+CWBuoaMKvIvKsf7zGgYrDhP7/0I+yZ/pzo4Z8UvEeQuWNiFkoJitIjnjWCv0
LOJhQlqdyQ9tDbrEalXaZyDp9ugC6sXRNl30OzcpLsmZOu85B/t7uMTdfSYYLn1d
lztjKTzkS4+MCMOf2Nhdenjfuq1U9giqJ7EePZW9FmdF/q1NDPUs0/zYmQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFC+ZTlrTF8Ji2IaNwK8XKXe+kebMMB8GA1UdIwQY
MBaAFAJfKpPbEPLdX2pVuypED2dIbNGjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWw4cWs5c1E4dDFmYWxXN0trUVBaMGhzMGFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8yMDVkMjQtMDA5Zi00ODZhLTk3NmYt
MmVjZGExMWRlMTUzLzEvTDVsT1d0TVh3bUxZaG8zQXJ4Y3BkNzZSNXN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8yMDVkMjQtMDA5Zi00ODZhLTk3NmYtMmVjZGExMWRlMTUz
LzEvQWw4cWs5c1E4dDFmYWxXN0trUVBaMGhzMGFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhGCgDAN
BgkqhkiG9w0BAQsFAAOCAQEAd+sFP2D64qgz5hclqO72wN5fvmVXMNyCnzq/c6OT
BfUNei9b8M3NKcsyfzBIHcACrCWe+RSqkNQAAXnKbn7mvaFrcd+GrIpajleIjwdG
7QJtP/k6knnjVhhSnPNhImhTJJc07rXQhE7YFhDRQShwXDSsFQdykwu/KosrgaCJ
6gJlbq9xAmoAcUagU42jC3Ddtbh73t2ODAaJdNTmVUWtPOwTKcr9JoR8ikmGj6bs
72JbzGjVsmaWOCY/tGiXVAyNZz9aOQ6onQZ+lepCTcbPyv4n917ZiQCoL6lizAne
+lDvsD9KoMLcKcoEEn1vHQiiiyc6rIVFzCVnxZWxt1/ecA==
-----END CERTIFICATE-----
Generated at Tue Apr 8 19:59:38 2025 by rpki-client