Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/a5728b-a36d-4fba-93aa-5f4bc900c03d/1/dMb0PjxW_FKRnnqCOxhUGiKYQfU.roa
File: dMb0PjxW_FKRnnqCOxhUGiKYQfU.roa (raw, json)
Hash identifier: SEn9C8PYQsCWBmkbIckjpQRAnohpBTNoR7109sqhxa8=
Subject key identifier: 74:C6:F4:3E:3C:56:FC:52:91:9E:7A:82:3B:18:54:1A:22:98:41:F5
Certificate issuer: /CN=a0df7f5b6618bda23c83bed11b442041f1fb456d
Certificate serial: 01942444ACADCA19A9F8E2090AF6E626FB24
Authority key identifier: A0:DF:7F:5B:66:18:BD:A2:3C:83:BE:D1:1B:44:20:41:F1:FB:45:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oN9_W2YYvaI8g77RG0QgQfH7RW0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/a5728b-a36d-4fba-93aa-5f4bc900c03d/1/dMb0PjxW_FKRnnqCOxhUGiKYQfU.roa
Signing time: Wed 01 Jan 2025 23:47:47 +0000
ROA not before: Wed 01 Jan 2025 23:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51847
IP address blocks: 2a12:e100:1::/48 maxlen: 48
2a12:e100:2::/48 maxlen: 48
2a12:e100:3::/48 maxlen: 48
2a12:e100:10::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e2/a5728b-a36d-4fba-93aa-5f4bc900c03d/1/oN9_W2YYvaI8g77RG0QgQfH7RW0.crl
rsync://rpki.ripe.net/repository/DEFAULT/e2/a5728b-a36d-4fba-93aa-5f4bc900c03d/1/oN9_W2YYvaI8g77RG0QgQfH7RW0.mft
rsync://rpki.ripe.net/repository/DEFAULT/oN9_W2YYvaI8g77RG0QgQfH7RW0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:ac:ad:ca:19:a9:f8:e2:09:0a:f6:e6:26:fb:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0df7f5b6618bda23c83bed11b442041f1fb456d
Validity
Not Before: Jan 1 23:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=74c6f43e3c56fc52919e7a823b18541a229841f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:39:c1:36:30:e8:6b:df:a7:d6:53:86:f2:60:
95:6f:28:4a:d4:15:61:aa:90:3c:bc:36:dc:cc:68:
50:a1:89:e7:19:e0:fa:8a:62:80:3a:a3:4b:99:17:
59:fd:23:35:29:ed:7e:56:99:e8:84:20:2a:c7:42:
78:64:bb:95:c2:27:4e:29:4a:7a:e5:2f:1b:7e:fb:
96:5a:07:ac:d1:11:82:bf:e4:62:5b:61:6b:e0:bf:
94:bd:c0:62:47:37:53:b4:3a:ca:34:de:a5:9d:66:
25:68:5f:47:a7:cc:07:be:87:f8:6e:e9:fe:46:bd:
e3:0f:16:5b:51:9b:6c:45:15:22:26:31:5d:80:60:
5a:e4:99:54:13:c1:bc:97:d5:74:05:70:78:a2:c1:
9c:3b:34:b3:ed:90:53:d6:40:ac:ce:b7:d9:11:e6:
97:80:d4:6d:90:7b:06:50:5d:d8:6c:3d:c4:78:c9:
eb:55:3f:06:0f:62:8c:f1:07:2a:4b:02:16:15:b4:
70:27:35:24:02:e6:d3:52:c2:97:de:97:d4:72:d7:
c3:32:e7:32:7c:09:68:06:8b:0a:52:22:f6:36:3f:
e7:0d:ba:05:e3:90:0a:b3:08:6f:83:06:0f:dd:7f:
d8:0e:55:33:35:55:f8:9f:ea:2d:7b:3d:e6:ec:54:
76:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:C6:F4:3E:3C:56:FC:52:91:9E:7A:82:3B:18:54:1A:22:98:41:F5
X509v3 Authority Key Identifier:
keyid:A0:DF:7F:5B:66:18:BD:A2:3C:83:BE:D1:1B:44:20:41:F1:FB:45:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oN9_W2YYvaI8g77RG0QgQfH7RW0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/a5728b-a36d-4fba-93aa-5f4bc900c03d/1/dMb0PjxW_FKRnnqCOxhUGiKYQfU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/a5728b-a36d-4fba-93aa-5f4bc900c03d/1/oN9_W2YYvaI8g77RG0QgQfH7RW0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:e100:1::-2a12:e100:3:ffff:ffff:ffff:ffff:ffff
2a12:e100:10::/44
Signature Algorithm: sha256WithRSAEncryption
a4:90:43:27:f4:46:c1:7c:fa:d3:de:bc:d1:06:32:1a:72:68:
cb:21:1b:66:1e:62:f4:3a:b1:b1:bb:c2:4e:dd:43:22:ad:4e:
01:d9:c7:6d:ca:9f:90:05:ba:e0:d5:d0:e2:93:a0:36:67:61:
77:c8:78:7d:37:d6:e3:03:38:29:4d:b3:43:8d:df:25:b1:a8:
dc:37:9e:2e:76:93:93:51:5c:d6:3d:41:98:17:6e:cc:f6:cc:
a7:08:90:54:f1:63:7c:57:6d:93:6a:ce:f3:91:a4:de:d7:79:
ae:30:75:76:21:c7:8b:e2:2d:94:c9:98:39:c4:5e:67:fd:13:
9f:f5:c6:80:19:0c:b9:e5:48:56:c4:42:91:13:50:e5:01:f3:
09:b8:e9:cc:f7:32:37:22:5b:1a:d0:49:e0:fb:52:fe:eb:0d:
41:f7:21:a5:b7:dd:a9:90:85:c8:5f:77:2a:7a:a0:ad:7a:31:
c2:02:81:3d:cb:f7:d3:7e:08:8c:b8:63:c8:06:53:d0:65:89:
9e:1f:9f:3d:30:2e:be:e8:30:05:b3:e4:a1:91:34:20:ed:d8:
59:93:42:3c:03:d2:66:95:0a:15:6d:02:f2:15:6b:4f:40:92:
6c:66:38:fa:56:e4:c3:c3:69:34:62:77:35:96:25:be:08:ca:
69:c7:e5:bf
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQkRKytyhmp+OIJCvbmJvskMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZGY3ZjViNjYxOGJkYTIzYzgzYmVkMTFiNDQyMDQxZjFm
YjQ1NmQwHhcNMjUwMTAxMjM0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGM2ZjQzZTNjNTZmYzUyOTE5ZTdhODIzYjE4NTQxYTIyOTg0MWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyjnBNjDoa9+n1lOG8mCVbyhK1BVh
qpA8vDbczGhQoYnnGeD6imKAOqNLmRdZ/SM1Ke1+VpnohCAqx0J4ZLuVwidOKUp6
5S8bfvuWWges0RGCv+RiW2Fr4L+UvcBiRzdTtDrKNN6lnWYlaF9Hp8wHvof4bun+
Rr3jDxZbUZtsRRUiJjFdgGBa5JlUE8G8l9V0BXB4osGcOzSz7ZBT1kCszrfZEeaX
gNRtkHsGUF3YbD3EeMnrVT8GD2KM8QcqSwIWFbRwJzUkAubTUsKX3pfUctfDMucy
fAloBosKUiL2Nj/nDboF45AKswhvgwYP3X/YDlUzNVX4n+otez3m7FR2ywIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFHTG9D48VvxSkZ56gjsYVBoimEH1MB8GA1UdIwQY
MBaAFKDff1tmGL2iPIO+0RtEIEHx+0VtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb045X1cyWVl2YUk4Zzc3UkcwUWdRZkg3UlcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9hNTcyOGItYTM2ZC00ZmJhLTkzYWEt
NWY0YmM5MDBjMDNkLzEvZE1iMFBqeFdfRktSbm5xQ094aFVHaUtZUWZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9hNTcyOGItYTM2ZC00ZmJhLTkzYWEtNWY0YmM5MDBjMDNk
LzEvb045X1cyWVl2YUk4Zzc3UkcwUWdRZkg3UlcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAAjAdMBIDBwAqEuEA
AAEDBwIqEuEAAAADBwQqEuEAABAwDQYJKoZIhvcNAQELBQADggEBAKSQQyf0RsF8
+tPevNEGMhpyaMshG2YeYvQ6sbG7wk7dQyKtTgHZx23Kn5AFuuDV0OKToDZnYXfI
eH031uMDOClNs0ON3yWxqNw3ni52k5NRXNY9QZgXbsz2zKcIkFTxY3xXbZNqzvOR
pN7Xea4wdXYhx4viLZTJmDnEXmf9E5/1xoAZDLnlSFbEQpETUOUB8wm46cz3Mjci
WxrQSeD7Uv7rDUH3IaW33amQhchfdyp6oK16McICgT3L99N+CIy4Y8gGU9BliZ4f
nz0wLr7oMAWz5KGRNCDt2FmTQjwD0maVChVtAvIVa09AkmxmOPpW5MPDaTRidzWW
Jb4IymnH5b8=
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:34:57 2025 by rpki-client