Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/f3fdf0-a1a5-45a1-8252-8528e5532c0e/1/HRacqG8l3Hf7zAmCVCG0P5KOMS4.roa
File: HRacqG8l3Hf7zAmCVCG0P5KOMS4.roa (raw, json)
Hash identifier: POwtAYxNl5+u6y8FOiGiNGLuMGWBIZsQmYKWLa6++Q0=
Subject key identifier: 1D:16:9C:A8:6F:25:DC:77:FB:CC:09:82:54:21:B4:3F:92:8E:31:2E
Certificate issuer: /CN=26427a260d6d96cc1115ccce8a914affb0e1d16b
Certificate serial: 019422FBF938A97417FD8AAAB0EBA23A0C73
Authority key identifier: 26:42:7A:26:0D:6D:96:CC:11:15:CC:CE:8A:91:4A:FF:B0:E1:D1:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JkJ6Jg1tlswRFczOipFK_7Dh0Ws.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/f3fdf0-a1a5-45a1-8252-8528e5532c0e/1/HRacqG8l3Hf7zAmCVCG0P5KOMS4.roa
Signing time: Wed 01 Jan 2025 17:48:46 +0000
ROA not before: Wed 01 Jan 2025 17:48:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214134
IP address blocks: 2001:67c:f2c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/f3fdf0-a1a5-45a1-8252-8528e5532c0e/1/JkJ6Jg1tlswRFczOipFK_7Dh0Ws.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/f3fdf0-a1a5-45a1-8252-8528e5532c0e/1/JkJ6Jg1tlswRFczOipFK_7Dh0Ws.mft
rsync://rpki.ripe.net/repository/DEFAULT/JkJ6Jg1tlswRFczOipFK_7Dh0Ws.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 18:34:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:f9:38:a9:74:17:fd:8a:aa:b0:eb:a2:3a:0c:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26427a260d6d96cc1115ccce8a914affb0e1d16b
Validity
Not Before: Jan 1 17:48:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1d169ca86f25dc77fbcc09825421b43f928e312e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:8e:5a:ba:53:cc:f0:df:81:ca:0e:f9:0f:59:
40:69:12:ed:8a:05:89:13:48:25:f9:73:e9:bc:19:
88:e5:fd:8b:2e:e4:ec:4e:c5:73:cf:d2:73:bb:9a:
9b:b4:70:0c:f6:a9:13:bc:92:d6:c8:8f:54:cd:af:
6b:d4:32:e5:66:98:b6:59:ef:2a:3d:53:c4:06:d2:
59:35:94:a9:5a:8a:99:c8:a7:aa:c3:5b:8f:80:a7:
1b:0e:14:e1:a3:c0:19:7d:45:74:24:98:d0:57:7c:
83:b8:d6:25:ab:d0:54:86:1b:28:7e:94:07:13:b0:
8b:bb:8a:c5:ce:92:2f:38:25:59:91:74:08:48:6e:
45:e7:de:a8:10:2b:e5:b7:b1:74:68:c9:1f:5e:9a:
48:ad:76:9d:a0:4b:93:62:58:83:ce:98:1b:42:23:
39:ef:44:fe:47:cf:1b:6d:06:1a:7b:01:83:53:42:
f7:be:05:f4:98:c5:bb:7a:6c:df:e7:16:42:da:9e:
91:15:11:08:9c:29:66:3c:83:84:fe:f7:ea:bb:44:
00:56:52:67:70:9f:87:2c:eb:ab:cb:44:75:2f:50:
16:66:b5:20:09:00:3d:3f:58:18:d5:49:37:88:e0:
34:93:d7:0e:94:48:78:2d:40:53:3e:f9:d1:61:1c:
d2:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:16:9C:A8:6F:25:DC:77:FB:CC:09:82:54:21:B4:3F:92:8E:31:2E
X509v3 Authority Key Identifier:
keyid:26:42:7A:26:0D:6D:96:CC:11:15:CC:CE:8A:91:4A:FF:B0:E1:D1:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JkJ6Jg1tlswRFczOipFK_7Dh0Ws.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/f3fdf0-a1a5-45a1-8252-8528e5532c0e/1/HRacqG8l3Hf7zAmCVCG0P5KOMS4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/f3fdf0-a1a5-45a1-8252-8528e5532c0e/1/JkJ6Jg1tlswRFczOipFK_7Dh0Ws.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:f2c::/48
Signature Algorithm: sha256WithRSAEncryption
6f:e4:47:84:75:4f:ac:ca:0b:38:ed:35:1e:3b:a8:bb:40:1a:
c7:86:9f:d7:ec:0d:f6:7f:4b:f4:b6:58:9b:fb:de:60:ad:3c:
7d:4d:37:eb:63:d3:69:93:c1:cf:4b:8e:2f:1b:3e:b6:dd:5b:
a4:48:0a:3f:c6:8f:f7:ce:e8:08:e2:fe:e7:cc:92:0e:43:df:
50:38:99:b7:74:07:69:bb:4f:56:81:84:8b:d7:81:b6:87:07:
3f:06:a4:91:4a:12:1b:ca:bf:8b:b3:9f:4c:7d:cf:15:e5:ef:
95:a8:f8:a8:fb:b5:9b:16:c9:22:b2:ff:23:3c:0c:95:e2:c6:
36:10:e5:ef:d8:04:09:fc:a8:10:f1:61:41:97:1a:d6:f1:c9:
b4:57:46:c6:5a:78:85:59:54:5b:41:3f:32:3c:d7:9e:6c:80:
33:9f:5d:ef:9c:62:e2:79:9f:3d:7a:3b:79:47:c0:af:96:10:
8c:0b:0b:78:aa:46:94:03:c4:fe:6e:c7:0b:7c:e9:36:2b:11:
09:d9:77:6f:31:32:ad:16:a3:09:4e:c6:16:20:78:f5:8c:a5:
bd:e7:49:64:f0:ea:ef:1f:70:57:cb:c8:ba:d8:d1:0d:24:8b:
df:5d:2f:a2:29:3f:d9:1b:d6:bd:1d:62:e8:31:d3:c6:1e:24:
c7:17:ce:08
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQi+/k4qXQX/YqqsOuiOgxzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NDI3YTI2MGQ2ZDk2Y2MxMTE1Y2NjZThhOTE0YWZmYjBl
MWQxNmIwHhcNMjUwMTAxMTc0ODQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDE2OWNhODZmMjVkYzc3ZmJjYzA5ODI1NDIxYjQzZjkyOGUzMTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3o5aulPM8N+Byg75D1lAaRLtigWJ
E0gl+XPpvBmI5f2LLuTsTsVzz9Jzu5qbtHAM9qkTvJLWyI9Uza9r1DLlZpi2We8q
PVPEBtJZNZSpWoqZyKeqw1uPgKcbDhTho8AZfUV0JJjQV3yDuNYlq9BUhhsofpQH
E7CLu4rFzpIvOCVZkXQISG5F596oECvlt7F0aMkfXppIrXadoEuTYliDzpgbQiM5
70T+R88bbQYaewGDU0L3vgX0mMW7emzf5xZC2p6RFREInClmPIOE/vfqu0QAVlJn
cJ+HLOury0R1L1AWZrUgCQA9P1gY1Uk3iOA0k9cOlEh4LUBTPvnRYRzSzwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFB0WnKhvJdx3+8wJglQhtD+SjjEuMB8GA1UdIwQY
MBaAFCZCeiYNbZbMERXMzoqRSv+w4dFrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmtKNkpnMXRsc3dSRmN6T2lwRktfN0RoMFdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9mM2ZkZjAtYTFhNS00NWExLTgyNTIt
ODUyOGU1NTMyYzBlLzEvSFJhY3FHOGwzSGY3ekFtQ1ZDRzBQNUtPTVM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9mM2ZkZjAtYTFhNS00NWExLTgyNTItODUyOGU1NTMyYzBl
LzEvSmtKNkpnMXRsc3dSRmN6T2lwRktfN0RoMFdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfA8s
MA0GCSqGSIb3DQEBCwUAA4IBAQBv5EeEdU+sygs47TUeO6i7QBrHhp/X7A32f0v0
tlib+95grTx9TTfrY9Npk8HPS44vGz623VukSAo/xo/3zugI4v7nzJIOQ99QOJm3
dAdpu09WgYSL14G2hwc/BqSRShIbyr+Ls59Mfc8V5e+VqPio+7WbFskisv8jPAyV
4sY2EOXv2AQJ/KgQ8WFBlxrW8cm0V0bGWniFWVRbQT8yPNeebIAzn13vnGLieZ89
ejt5R8CvlhCMCwt4qkaUA8T+bscLfOk2KxEJ2XdvMTKtFqMJTsYWIHj1jKW950lk
8OrvH3BXy8i62NENJIvfXS+iKT/ZG9a9HWLoMdPGHiTHF84I
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:09:55 2025 by rpki-client