Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/4f955b-2ba5-4fc4-83f5-02dae131246f/1/1-QQKoKkBsfVHiC7zwZN32LAwqdI.roa
File: 1-QQKoKkBsfVHiC7zwZN32LAwqdI.roa (raw, json)
Hash identifier: su6NuoB2BV5792mo+Gkr7XFZc0UAJCglrf+FguhXwQA=
Subject key identifier: F9:04:0A:A0:A9:01:B1:F5:47:88:2E:F3:C1:93:77:D8:B0:30:A9:D2
Certificate issuer: /CN=5d4fccc994e94131dc11bfc95c64585b345e01f5
Certificate serial: 01941FFAB9394FF9A84BF19747E80E7CF857
Authority key identifier: 5D:4F:CC:C9:94:E9:41:31:DC:11:BF:C9:5C:64:58:5B:34:5E:01:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XU_MyZTpQTHcEb_JXGRYWzReAfU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/4f955b-2ba5-4fc4-83f5-02dae131246f/1/1-QQKoKkBsfVHiC7zwZN32LAwqdI.roa
Signing time: Wed 01 Jan 2025 03:48:32 +0000
ROA not before: Wed 01 Jan 2025 03:48:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201458
IP address blocks: 2a03:4720::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/4f955b-2ba5-4fc4-83f5-02dae131246f/1/XU_MyZTpQTHcEb_JXGRYWzReAfU.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/4f955b-2ba5-4fc4-83f5-02dae131246f/1/XU_MyZTpQTHcEb_JXGRYWzReAfU.mft
rsync://rpki.ripe.net/repository/DEFAULT/XU_MyZTpQTHcEb_JXGRYWzReAfU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 03:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:b9:39:4f:f9:a8:4b:f1:97:47:e8:0e:7c:f8:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d4fccc994e94131dc11bfc95c64585b345e01f5
Validity
Not Before: Jan 1 03:48:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f9040aa0a901b1f547882ef3c19377d8b030a9d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ee:dd:a7:6a:91:57:27:85:3b:ad:59:d5:66:
e7:1c:65:4d:f6:68:2f:7b:c5:63:0d:3a:61:dc:7c:
d3:c4:b1:5b:be:86:10:70:7c:2b:e2:54:dd:bd:65:
9c:66:6e:bc:b8:57:76:20:57:37:c0:a5:9d:c3:56:
6b:74:e5:c5:c5:d6:69:b8:2e:24:c6:f6:b3:4f:3d:
91:94:32:45:1c:20:a8:4e:5a:e7:ca:ec:67:ba:c6:
e1:c7:d2:b4:69:06:1c:e2:2e:a6:dd:9b:5e:cd:f0:
9e:5e:74:86:5e:18:f2:b3:02:10:0a:6f:e9:56:8c:
18:cc:b5:26:74:21:0e:b0:1f:6e:43:7d:73:f6:16:
02:c0:33:74:f6:20:41:9b:33:de:6b:b2:64:84:11:
20:2d:61:b7:36:a9:10:55:32:f9:df:72:d6:55:b0:
d5:ab:84:88:6a:66:4b:d4:db:9b:f3:75:4c:ee:a6:
7d:00:ef:d8:56:48:df:b8:c5:1a:3b:0c:0a:37:b3:
eb:82:e4:c6:56:61:6c:67:6d:1a:15:bd:2f:0d:2a:
94:ff:0d:a9:5f:43:06:65:73:1c:10:5e:97:bc:7f:
6d:05:f5:cf:e4:52:0b:49:1e:70:57:38:07:17:d4:
63:60:8d:6e:dd:96:56:02:9b:dd:41:9e:37:11:11:
45:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:04:0A:A0:A9:01:B1:F5:47:88:2E:F3:C1:93:77:D8:B0:30:A9:D2
X509v3 Authority Key Identifier:
keyid:5D:4F:CC:C9:94:E9:41:31:DC:11:BF:C9:5C:64:58:5B:34:5E:01:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XU_MyZTpQTHcEb_JXGRYWzReAfU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/4f955b-2ba5-4fc4-83f5-02dae131246f/1/1-QQKoKkBsfVHiC7zwZN32LAwqdI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/4f955b-2ba5-4fc4-83f5-02dae131246f/1/XU_MyZTpQTHcEb_JXGRYWzReAfU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:4720::/32
Signature Algorithm: sha256WithRSAEncryption
d1:3d:41:b0:7e:1e:06:d2:cb:6d:94:7d:c8:39:b8:b4:b1:ee:
20:b6:32:83:99:3d:84:89:f8:87:9a:a1:9e:21:6c:b6:c5:eb:
85:18:b9:c7:c7:46:ba:bb:52:c2:34:cb:11:ca:96:07:8e:4b:
83:8d:8c:85:f5:8c:27:a0:83:91:fa:85:00:c8:a2:3c:33:af:
5d:7f:32:fc:ba:95:d3:51:e0:95:8a:e5:c6:b4:b1:d9:2a:14:
39:0e:51:96:e6:a4:a0:25:58:46:79:7e:b0:f4:9a:77:6b:64:
66:3b:81:20:d5:c2:32:e9:24:49:aa:f0:ba:79:12:7a:50:3a:
79:d6:32:10:5e:35:05:4e:e3:67:dc:73:9a:dc:ae:cf:2f:b1:
9a:2b:71:59:b6:da:1e:6b:1d:7f:83:b2:9f:c4:72:b8:88:cf:
11:36:cc:79:2c:a4:a0:ff:71:f1:b5:42:d7:20:44:46:5e:fa:
96:21:3f:fa:fd:d5:52:4b:f3:13:b2:d4:bc:6a:0e:3c:a6:a9:
ad:42:d2:9b:2e:e7:9e:38:fb:8a:b9:a7:6e:33:29:97:4e:60:
4b:76:87:1a:00:d1:f8:68:c4:46:68:7d:c8:53:10:d0:67:46:
63:be:a7:65:00:de:1c:ef:b3:bc:08:d5:7d:47:11:c4:ef:50:
fc:18:f0:df
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQf+rk5T/moS/GXR+gOfPhXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkNGZjY2M5OTRlOTQxMzFkYzExYmZjOTVjNjQ1ODViMzQ1
ZTAxZjUwHhcNMjUwMTAxMDM0ODMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTA0MGFhMGE5MDFiMWY1NDc4ODJlZjNjMTkzNzdkOGIwMzBhOWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+7dp2qRVyeFO61Z1WbnHGVN9mgv
e8VjDTph3HzTxLFbvoYQcHwr4lTdvWWcZm68uFd2IFc3wKWdw1ZrdOXFxdZpuC4k
xvazTz2RlDJFHCCoTlrnyuxnusbhx9K0aQYc4i6m3ZtezfCeXnSGXhjyswIQCm/p
VowYzLUmdCEOsB9uQ31z9hYCwDN09iBBmzPea7JkhBEgLWG3NqkQVTL533LWVbDV
q4SIamZL1Nub83VM7qZ9AO/YVkjfuMUaOwwKN7PrguTGVmFsZ20aFb0vDSqU/w2p
X0MGZXMcEF6XvH9tBfXP5FILSR5wVzgHF9RjYI1u3ZZWApvdQZ43ERFFvwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFPkECqCpAbH1R4gu88GTd9iwMKnSMB8GA1UdIwQY
MBaAFF1PzMmU6UEx3BG/yVxkWFs0XgH1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFVfTXlaVHBRVEhjRWJfSlhHUllXelJlQWZVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS80Zjk1NWItMmJhNS00ZmM0LTgzZjUt
MDJkYWUxMzEyNDZmLzEvMS1RUUtvS2tCc2ZWSGlDN3p3Wk4zMkxBd3FkSS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTUvNGY5NTViLTJiYTUtNGZjNC04M2Y1LTAyZGFlMTMxMjQ2
Zi8xL1hVX015WlRwUVRIY0ViX0pYR1JZV3pSZUFmVS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoDRyAw
DQYJKoZIhvcNAQELBQADggEBANE9QbB+HgbSy22Ufcg5uLSx7iC2MoOZPYSJ+Iea
oZ4hbLbF64UYucfHRrq7UsI0yxHKlgeOS4ONjIX1jCegg5H6hQDIojwzr11/Mvy6
ldNR4JWK5ca0sdkqFDkOUZbmpKAlWEZ5frD0mndrZGY7gSDVwjLpJEmq8Lp5EnpQ
OnnWMhBeNQVO42fcc5rcrs8vsZorcVm22h5rHX+Dsp/EcriIzxE2zHkspKD/cfG1
QtcgREZe+pYhP/r91VJL8xOy1LxqDjymqa1C0psu5544+4q5p24zKZdOYEt2hxoA
0fhoxEZofchTENBnRmO+p2UA3hzvs7wI1X1HEcTvUPwY8N8=
-----END CERTIFICATE-----
Generated at Wed Apr 16 13:54:25 2025 by rpki-client