Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/7ca61a-ce3d-4bac-9110-c0f3bad99a40/1/pI05WF6SojY6FsMTKm0eiEf8hTk.roa
File: pI05WF6SojY6FsMTKm0eiEf8hTk.roa (raw, json)
Hash identifier: 6fzkDWaA3qa9z8rWjVIvRr65tFOjqLdLgnGlie32sck=
Subject key identifier: A4:8D:39:58:5E:92:A2:36:3A:16:C3:13:2A:6D:1E:88:47:FC:85:39
Certificate issuer: /CN=b689299bc49584a645940c1dd87df0afc8aaa0fd
Certificate serial: 019428260404CA68DD54BE1B0461439F7F4E
Authority key identifier: B6:89:29:9B:C4:95:84:A6:45:94:0C:1D:D8:7D:F0:AF:C8:AA:A0:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tokpm8SVhKZFlAwd2H3wr8iqoP0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/7ca61a-ce3d-4bac-9110-c0f3bad99a40/1/pI05WF6SojY6FsMTKm0eiEf8hTk.roa
Signing time: Thu 02 Jan 2025 17:52:47 +0000
ROA not before: Thu 02 Jan 2025 17:52:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212465
IP address blocks: 2a0c:93c0:8000::/48 maxlen: 48
2a0c:93c0:8002::/48 maxlen: 48
2a0c:93c0:c000::/48 maxlen: 48
2a0c:93c0:c002::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/7ca61a-ce3d-4bac-9110-c0f3bad99a40/1/tokpm8SVhKZFlAwd2H3wr8iqoP0.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/7ca61a-ce3d-4bac-9110-c0f3bad99a40/1/tokpm8SVhKZFlAwd2H3wr8iqoP0.mft
rsync://rpki.ripe.net/repository/DEFAULT/tokpm8SVhKZFlAwd2H3wr8iqoP0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:04:04:ca:68:dd:54:be:1b:04:61:43:9f:7f:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b689299bc49584a645940c1dd87df0afc8aaa0fd
Validity
Not Before: Jan 2 17:52:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a48d39585e92a2363a16c3132a6d1e8847fc8539
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:93:2a:9a:d5:94:90:c9:58:0b:06:5e:23:b5:
91:a4:94:f1:28:e5:06:2e:5e:e5:79:59:4e:7f:30:
80:1b:16:3a:ca:91:99:9d:6e:84:ee:c0:e2:fd:de:
15:f2:84:d2:6a:8b:aa:d9:6a:7e:04:58:19:da:5d:
5a:c2:d4:69:56:b7:7a:c0:c5:f9:2e:70:db:92:d1:
9b:3e:c3:4f:98:e4:30:22:0b:a7:0f:ff:92:ee:fa:
70:3c:f5:a9:27:55:c0:65:de:b4:40:39:19:e3:1b:
c7:57:21:80:a7:b9:b8:7f:ce:e3:84:ba:f3:90:57:
60:0f:3d:21:77:00:59:2d:94:e7:8b:e3:2c:b9:3a:
28:f9:5b:68:fa:25:e9:69:e9:68:0e:23:f6:f5:6f:
13:60:c3:f3:45:7b:d5:62:85:af:4e:bb:24:78:7a:
1f:01:da:9e:cd:c4:35:e6:68:96:7c:d9:50:8a:85:
61:ca:a5:49:45:4b:ff:30:1d:76:32:b6:40:01:5c:
79:d4:78:dd:4b:8e:b5:27:66:71:1a:69:e1:88:5a:
9e:7b:6e:7b:1b:91:01:f1:d6:48:d1:d1:05:4e:08:
ff:98:e0:01:5e:67:57:5b:db:ff:37:43:2d:22:02:
59:06:99:9a:ae:34:c9:bf:79:d5:3f:35:bd:76:6e:
09:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:8D:39:58:5E:92:A2:36:3A:16:C3:13:2A:6D:1E:88:47:FC:85:39
X509v3 Authority Key Identifier:
keyid:B6:89:29:9B:C4:95:84:A6:45:94:0C:1D:D8:7D:F0:AF:C8:AA:A0:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tokpm8SVhKZFlAwd2H3wr8iqoP0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/7ca61a-ce3d-4bac-9110-c0f3bad99a40/1/pI05WF6SojY6FsMTKm0eiEf8hTk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/7ca61a-ce3d-4bac-9110-c0f3bad99a40/1/tokpm8SVhKZFlAwd2H3wr8iqoP0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:93c0:8000::/48
2a0c:93c0:8002::/48
2a0c:93c0:c000::/48
2a0c:93c0:c002::/48
Signature Algorithm: sha256WithRSAEncryption
c5:17:01:b6:70:3b:8c:29:46:1f:cd:7e:4e:1b:18:02:e1:bf:
04:ee:81:a9:7e:ed:9f:09:2b:8d:9b:84:7f:2a:a6:e7:35:51:
7c:1b:12:42:34:0c:c8:03:e2:fb:d5:fb:bc:37:30:17:df:18:
c3:1e:84:7c:8c:15:fd:7b:d2:ba:63:05:7a:b1:b7:a9:d8:b5:
6c:e9:9b:4f:7a:31:b3:8d:b2:46:8a:53:55:63:31:af:70:8e:
03:f5:03:41:52:22:6e:f1:11:3b:3d:7a:9e:b1:67:e3:4a:9e:
fd:b4:4f:54:26:2e:83:4c:7d:d3:45:ab:db:fe:a4:5e:68:cf:
12:b8:0f:15:51:fa:fe:a3:8d:d5:26:2d:d3:5a:98:86:7a:3f:
17:07:0c:ac:41:ad:ba:58:78:cc:a6:57:ea:22:4f:bd:24:8b:
08:47:3c:65:87:69:0a:e7:d9:bc:e8:b3:44:9f:6e:26:0d:b4:
c2:f0:e3:f9:b5:12:ef:c5:7b:99:d4:8c:f5:73:05:81:61:58:
16:a3:04:01:1e:7d:60:a2:c0:98:fd:ab:21:b0:42:2b:89:a7:
2f:37:15:fd:97:39:3e:ef:f7:05:c6:dc:1e:89:64:0d:cb:f9:
79:2c:26:e2:d7:4f:80:34:28:51:68:d0:ff:39:53:49:88:a4:
9a:b5:e3:26
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQoJgQEymjdVL4bBGFDn39OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2ODkyOTliYzQ5NTg0YTY0NTk0MGMxZGQ4N2RmMGFmYzhh
YWEwZmQwHhcNMjUwMTAyMTc1MjQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDhkMzk1ODVlOTJhMjM2M2ExNmMzMTMyYTZkMWU4ODQ3ZmM4NTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJMqmtWUkMlYCwZeI7WRpJTxKOUG
Ll7leVlOfzCAGxY6ypGZnW6E7sDi/d4V8oTSaouq2Wp+BFgZ2l1awtRpVrd6wMX5
LnDbktGbPsNPmOQwIgunD/+S7vpwPPWpJ1XAZd60QDkZ4xvHVyGAp7m4f87jhLrz
kFdgDz0hdwBZLZTni+MsuToo+Vto+iXpaeloDiP29W8TYMPzRXvVYoWvTrskeHof
AdqezcQ15miWfNlQioVhyqVJRUv/MB12MrZAAVx51HjdS461J2ZxGmnhiFqee257
G5EB8dZI0dEFTgj/mOABXmdXW9v/N0MtIgJZBpmarjTJv3nVPzW9dm4JBQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKSNOVhekqI2OhbDEyptHohH/IU5MB8GA1UdIwQY
MBaAFLaJKZvElYSmRZQMHdh98K/IqqD9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdG9rcG04U1ZoS1pGbEF3ZDJIM3dyOGlxb1AwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy83Y2E2MWEtY2UzZC00YmFjLTkxMTAt
YzBmM2JhZDk5YTQwLzEvcEkwNVdGNlNvalk2RnNNVEttMGVpRWY4aFRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy83Y2E2MWEtY2UzZC00YmFjLTkxMTAtYzBmM2JhZDk5YTQw
LzEvdG9rcG04U1ZoS1pGbEF3ZDJIM3dyOGlxb1AwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcAKgyTwIAA
AwcAKgyTwIACAwcAKgyTwMAAAwcAKgyTwMACMA0GCSqGSIb3DQEBCwUAA4IBAQDF
FwG2cDuMKUYfzX5OGxgC4b8E7oGpfu2fCSuNm4R/KqbnNVF8GxJCNAzIA+L71fu8
NzAX3xjDHoR8jBX9e9K6YwV6sbep2LVs6ZtPejGzjbJGilNVYzGvcI4D9QNBUiJu
8RE7PXqesWfjSp79tE9UJi6DTH3TRavb/qReaM8SuA8VUfr+o43VJi3TWpiGej8X
BwysQa26WHjMplfqIk+9JIsIRzxlh2kK59m86LNEn24mDbTC8OP5tRLvxXuZ1Iz1
cwWBYVgWowQBHn1gosCY/ashsEIriacvNxX9lzk+7/cFxtweiWQNy/l5LCbi10+A
NChRaND/OVNJiKSateMm
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:43:43 2025 by rpki-client