Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/11e13f-4cea-44af-81f9-b2cccf0eadab/1/eL7L2yvUaHUcrqYa9YfSEkCrZQ0.roa
File: eL7L2yvUaHUcrqYa9YfSEkCrZQ0.roa (raw, json)
Hash identifier: hRmFfXusSA4yPVBPDkdUWWukYfa7ZjWi3ll24wVEEEs=
Subject key identifier: 78:BE:CB:DB:2B:D4:68:75:1C:AE:A6:1A:F5:87:D2:12:40:AB:65:0D
Certificate issuer: /CN=333361fba8409174fb3c482b8ca26f235ebd22c2
Certificate serial: 019420D6045154BF9BC42F2618A9BAAEDCA5
Authority key identifier: 33:33:61:FB:A8:40:91:74:FB:3C:48:2B:8C:A2:6F:23:5E:BD:22:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MzNh-6hAkXT7PEgrjKJvI169IsI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/11e13f-4cea-44af-81f9-b2cccf0eadab/1/eL7L2yvUaHUcrqYa9YfSEkCrZQ0.roa
Signing time: Wed 01 Jan 2025 07:48:04 +0000
ROA not before: Wed 01 Jan 2025 07:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 148996
IP address blocks: 2a0f:7880:100::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/11e13f-4cea-44af-81f9-b2cccf0eadab/1/MzNh-6hAkXT7PEgrjKJvI169IsI.crl
rsync://rpki.ripe.net/repository/DEFAULT/ef/11e13f-4cea-44af-81f9-b2cccf0eadab/1/MzNh-6hAkXT7PEgrjKJvI169IsI.mft
rsync://rpki.ripe.net/repository/DEFAULT/MzNh-6hAkXT7PEgrjKJvI169IsI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 07:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:04:51:54:bf:9b:c4:2f:26:18:a9:ba:ae:dc:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=333361fba8409174fb3c482b8ca26f235ebd22c2
Validity
Not Before: Jan 1 07:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=78becbdb2bd468751caea61af587d21240ab650d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:0f:36:1c:02:ad:bb:aa:2f:df:da:ec:bb:75:
52:6c:77:6b:34:c3:46:73:83:6e:f3:fd:ed:5e:30:
52:59:11:78:31:56:17:1f:f1:6b:57:e3:94:9a:9c:
e1:0d:17:df:a3:c3:a6:d2:d0:74:51:3d:43:aa:9d:
71:ca:60:f4:15:16:ad:e6:5a:d8:48:5b:59:e2:5c:
61:b4:2b:13:13:f8:f2:eb:32:f4:f5:51:86:25:95:
e5:7e:ea:a5:11:46:c5:cf:dc:a1:22:be:f6:ff:92:
5b:c2:da:7f:ad:0b:89:a1:6b:fb:76:8f:46:82:b8:
f9:c6:84:77:8a:3b:f2:9b:1e:67:4e:2d:94:ea:63:
62:6f:7d:93:7c:89:dc:1b:48:58:da:54:80:0f:7e:
f6:85:b4:7f:8a:f9:e9:7c:61:dc:9e:85:0f:4c:09:
9f:e0:b3:33:ff:1e:36:a3:cf:94:f7:27:4e:c2:c9:
96:3c:a3:d6:c7:94:e2:21:43:47:b0:3c:49:2a:2c:
e4:03:da:a8:56:4f:19:41:85:92:b8:3f:26:05:7c:
17:42:c9:29:62:1a:c5:b1:ff:cf:8b:41:6b:bc:11:
5e:21:4a:e9:4d:4e:5c:2a:88:a2:c1:96:e2:26:98:
19:b5:59:27:53:73:e4:98:0a:6c:55:f8:9b:26:7e:
39:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:BE:CB:DB:2B:D4:68:75:1C:AE:A6:1A:F5:87:D2:12:40:AB:65:0D
X509v3 Authority Key Identifier:
keyid:33:33:61:FB:A8:40:91:74:FB:3C:48:2B:8C:A2:6F:23:5E:BD:22:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MzNh-6hAkXT7PEgrjKJvI169IsI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/11e13f-4cea-44af-81f9-b2cccf0eadab/1/eL7L2yvUaHUcrqYa9YfSEkCrZQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/11e13f-4cea-44af-81f9-b2cccf0eadab/1/MzNh-6hAkXT7PEgrjKJvI169IsI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:7880:100::/40
Signature Algorithm: sha256WithRSAEncryption
0b:47:13:6e:e2:59:8f:43:18:cd:ea:23:3c:a1:89:9a:a3:e2:
11:48:71:7c:58:af:c3:4d:ac:f0:2d:aa:3b:19:c5:a3:1a:58:
51:0f:81:53:e7:2b:83:a2:b1:3f:f5:91:1e:71:d0:5f:76:a0:
7a:9b:9e:c4:11:b5:92:e4:8c:96:69:b6:f0:ae:53:86:ca:69:
d0:0d:a2:0d:f0:b8:40:bd:bd:83:e6:f9:44:0b:97:2d:22:a6:
57:e2:cf:ab:22:14:30:9a:48:01:22:f5:be:2f:1d:7a:79:5f:
4c:41:99:7a:d6:c5:cd:ed:79:fe:5d:d5:7a:54:98:0b:b5:b0:
af:89:b8:05:35:37:aa:15:a9:cc:36:01:2a:33:30:26:79:57:
a4:17:84:a5:4b:6d:70:b8:b6:61:9c:6e:79:48:70:91:c5:e2:
21:88:5d:12:31:c8:8a:c5:30:d0:a6:dc:2c:ef:6e:5c:d5:ef:
8c:49:c5:f1:55:1c:1b:1e:f0:4c:06:ed:b0:68:5a:47:08:4d:
8c:65:d2:6e:40:d4:b8:ec:7d:e8:62:e7:57:04:48:39:00:34:
58:5f:b5:bf:37:e9:49:da:0a:9a:56:59:96:6c:78:43:80:46:
66:e9:b8:68:57:e9:fe:e5:14:8d:28:ae:0c:61:34:e6:d9:96:
f3:08:65:d0
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQg1gRRVL+bxC8mGKm6rtylMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzMzM2MWZiYTg0MDkxNzRmYjNjNDgyYjhjYTI2ZjIzNWVi
ZDIyYzIwHhcNMjUwMTAxMDc0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGJlY2JkYjJiZDQ2ODc1MWNhZWE2MWFmNTg3ZDIxMjQwYWI2NTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQ82HAKtu6ov39rsu3VSbHdrNMNG
c4Nu8/3tXjBSWRF4MVYXH/FrV+OUmpzhDRffo8Om0tB0UT1Dqp1xymD0FRat5lrY
SFtZ4lxhtCsTE/jy6zL09VGGJZXlfuqlEUbFz9yhIr72/5Jbwtp/rQuJoWv7do9G
grj5xoR3ijvymx5nTi2U6mNib32TfIncG0hY2lSAD372hbR/ivnpfGHcnoUPTAmf
4LMz/x42o8+U9ydOwsmWPKPWx5TiIUNHsDxJKizkA9qoVk8ZQYWSuD8mBXwXQskp
YhrFsf/Pi0FrvBFeIUrpTU5cKoiiwZbiJpgZtVknU3PkmApsVfibJn45TQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFHi+y9sr1Gh1HK6mGvWH0hJAq2UNMB8GA1UdIwQY
MBaAFDMzYfuoQJF0+zxIK4yibyNevSLCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXpOaC02aEFrWFQ3UEVncmpLSnZJMTY5SXNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi8xMWUxM2YtNGNlYS00NGFmLTgxZjkt
YjJjY2NmMGVhZGFiLzEvZUw3TDJ5dlVhSFVjcnFZYTlZZlNFa0NyWlEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi8xMWUxM2YtNGNlYS00NGFmLTgxZjktYjJjY2NmMGVhZGFi
LzEvTXpOaC02aEFrWFQ3UEVncmpLSnZJMTY5SXNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKg94gAEw
DQYJKoZIhvcNAQELBQADggEBAAtHE27iWY9DGM3qIzyhiZqj4hFIcXxYr8NNrPAt
qjsZxaMaWFEPgVPnK4OisT/1kR5x0F92oHqbnsQRtZLkjJZptvCuU4bKadANog3w
uEC9vYPm+UQLly0iplfiz6siFDCaSAEi9b4vHXp5X0xBmXrWxc3tef5d1XpUmAu1
sK+JuAU1N6oVqcw2ASozMCZ5V6QXhKVLbXC4tmGcbnlIcJHF4iGIXRIxyIrFMNCm
3CzvblzV74xJxfFVHBse8EwG7bBoWkcITYxl0m5A1Ljsfehi51cESDkANFhftb83
6UnaCppWWZZseEOARmbpuGhX6f7lFI0orgxhNObZlvMIZdA=
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:10:27 2025 by rpki-client