Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/vRLj2XfIJCmd2h29ApFam8hZX5g.roa
File: vRLj2XfIJCmd2h29ApFam8hZX5g.roa (raw, json)
Hash identifier: LIz+t7jd+u0aHEAgwFjWvD8d/UKc2KzNkRXqUvtjicM=
Subject key identifier: BD:12:E3:D9:77:C8:24:29:9D:DA:1D:BD:02:91:5A:9B:C8:59:5F:98
Certificate issuer: /CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Certificate serial: 0196EA1338B83312FFE48BC34C2475E5A3F7
Authority key identifier: C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/vRLj2XfIJCmd2h29ApFam8hZX5g.roa
Signing time: Mon 19 May 2025 19:44:10 +0000
ROA not before: Mon 19 May 2025 19:44:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42375
IP address blocks: 2a11:646::/32 maxlen: 32
2a11:1340::/29 maxlen: 29
2a11:2c40::/29 maxlen: 29
2a11:4340::/29 maxlen: 29
2a11:6340::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/w4KAxTALdIiKx-tL-mQX2aLnsL4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/w4KAxTALdIiKx-tL-mQX2aLnsL4.mft
rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 17:57:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ea:13:38:b8:33:12:ff:e4:8b:c3:4c:24:75:e5:a3:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Validity
Not Before: May 19 19:44:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bd12e3d977c824299dda1dbd02915a9bc8595f98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a7:f0:2e:76:c3:66:13:aa:ee:cf:e3:95:7b:
31:34:74:b2:30:de:40:fd:fc:e2:ca:8d:25:51:01:
dc:b2:48:cd:f4:37:70:e8:a4:9c:4e:93:8b:01:b1:
e7:be:b1:d9:ee:9c:a3:19:47:eb:78:7c:d6:d4:6b:
35:2d:7b:f2:96:95:45:8e:9c:fb:d3:da:b9:88:e7:
96:2c:1b:8d:75:13:72:4b:0e:af:09:0a:ae:42:4f:
a2:cd:c6:5d:4d:2c:45:be:97:6b:f4:01:b6:6e:1e:
33:22:49:86:ee:51:0b:18:ad:99:9e:a5:6e:46:df:
6c:86:9b:2a:00:e8:1e:e3:1a:b1:99:91:b4:c2:7d:
ca:39:b4:65:f5:55:78:89:88:dd:9d:f1:7b:4d:28:
35:08:75:17:d9:d2:a1:ee:f0:35:09:0d:43:5a:37:
e7:d1:be:db:bc:4c:c1:34:71:52:ca:1d:76:4e:33:
62:42:f7:aa:b5:51:72:78:e6:a0:ca:d1:02:ae:fd:
fe:1c:33:e8:75:44:10:2a:38:63:43:51:88:07:2f:
44:9a:92:2b:9a:84:24:d5:50:65:a4:41:a3:97:c5:
73:a8:fa:d5:12:df:2e:2d:23:75:04:e6:bb:22:e3:
bc:02:ad:d7:2a:fe:33:ea:63:4b:4a:e7:c6:44:95:
97:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:12:E3:D9:77:C8:24:29:9D:DA:1D:BD:02:91:5A:9B:C8:59:5F:98
X509v3 Authority Key Identifier:
keyid:C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/vRLj2XfIJCmd2h29ApFam8hZX5g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/w4KAxTALdIiKx-tL-mQX2aLnsL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:646::/32
2a11:1340::/29
2a11:2c40::/29
2a11:4340::/29
2a11:6340::/29
Signature Algorithm: sha256WithRSAEncryption
79:2e:e2:90:c2:f8:86:8d:69:ab:00:26:54:bb:a7:7a:b1:6b:
86:e6:89:2f:bb:4b:d0:5b:d2:47:94:b4:82:7b:65:70:31:50:
12:fb:82:c9:36:7c:18:08:5d:3d:3f:dc:12:7f:5e:93:29:29:
01:84:6a:96:f6:50:71:03:43:f7:65:31:b5:1b:90:bf:50:8a:
eb:20:18:28:f2:be:c3:ec:8e:8d:38:f4:11:74:89:f4:9b:5b:
99:bf:66:51:18:fc:1c:f1:79:35:fa:44:5a:0e:84:47:80:72:
e2:06:1e:bb:e5:9a:8c:8e:24:0f:d9:08:d0:8c:f6:b7:2d:3f:
f4:d5:31:a0:b1:73:b2:7a:11:26:e1:6a:f5:09:8a:bc:c9:f9:
60:f1:97:4b:65:6a:ad:48:68:bf:92:ef:62:43:0a:f2:53:d3:
67:73:75:b4:df:fd:db:1b:87:9a:43:54:b4:ad:f8:c2:42:8a:
c0:3c:42:04:ec:a6:bd:c9:ee:ec:75:4d:8d:84:1f:70:62:a4:
68:d7:eb:9f:53:75:56:0a:91:24:90:c6:8c:66:28:c1:71:3b:
d4:c6:cf:eb:6a:e8:59:98:9d:16:4d:43:b8:0a:b9:fa:12:47:
a6:87:31:7c:9d:08:98:61:f8:d5:c7:de:79:27:1c:6b:7d:e5:
fd:6d:35:fa
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZbqEzi4MxL/5IvDTCR15aP3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzODI4MGM1MzAwYjc0ODg4YWM3ZWI0YmZhNjQxN2Q5YTJl
N2IwYmUwHhcNMjUwNTE5MTk0NDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDEyZTNkOTc3YzgyNDI5OWRkYTFkYmQwMjkxNWE5YmM4NTk1Zjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqfwLnbDZhOq7s/jlXsxNHSyMN5A
/fziyo0lUQHcskjN9Ddw6KScTpOLAbHnvrHZ7pyjGUfreHzW1Gs1LXvylpVFjpz7
09q5iOeWLBuNdRNySw6vCQquQk+izcZdTSxFvpdr9AG2bh4zIkmG7lELGK2ZnqVu
Rt9shpsqAOge4xqxmZG0wn3KObRl9VV4iYjdnfF7TSg1CHUX2dKh7vA1CQ1DWjfn
0b7bvEzBNHFSyh12TjNiQveqtVFyeOagytECrv3+HDPodUQQKjhjQ1GIBy9EmpIr
moQk1VBlpEGjl8VzqPrVEt8uLSN1BOa7IuO8Aq3XKv4z6mNLSufGRJWXjwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFL0S49l3yCQpndodvQKRWpvIWV+YMB8GA1UdIwQY
MBaAFMOCgMUwC3SIisfrS/pkF9mi57C+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2Yt
NDFiYjIxYWMyODAxLzEvdlJMajJYZklKQ21kMmgyOUFwRmFtOGhaWDVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2YtNDFiYjIxYWMyODAx
LzEvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUAKhEGRgMF
AyoRE0ADBQMqESxAAwUDKhFDQAMFAyoRY0AwDQYJKoZIhvcNAQELBQADggEBAHku
4pDC+IaNaasAJlS7p3qxa4bmiS+7S9Bb0keUtIJ7ZXAxUBL7gsk2fBgIXT0/3BJ/
XpMpKQGEapb2UHEDQ/dlMbUbkL9QiusgGCjyvsPsjo049BF0ifSbW5m/ZlEY/Bzx
eTX6RFoOhEeAcuIGHrvlmoyOJA/ZCNCM9rctP/TVMaCxc7J6ESbhavUJirzJ+WDx
l0tlaq1IaL+S72JDCvJT02dzdbTf/dsbh5pDVLSt+MJCisA8QgTspr3J7ux1TY2E
H3BipGjX659TdVYKkSSQxoxmKMFxO9TGz+tq6FmYnRZNQ7gKufoSR6aHMXydCJhh
+NXH3nknHGt95f1tNfo=
-----END CERTIFICATE-----
Generated at Sun Jun 8 01:37:35 2025 by rpki-client