Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/aa1c51-9264-406e-b796-4e00c3b70878/1/msDEeS6sASlV5Nrug60HOmxHAjw.roa
File: msDEeS6sASlV5Nrug60HOmxHAjw.roa (raw, json)
Hash identifier: td9s2j9cTMVJ/N4A25CfBZ5lbq+TNEGFP43f11ycPe4=
Subject key identifier: 9A:C0:C4:79:2E:AC:01:29:55:E4:DA:EE:83:AD:07:3A:6C:47:02:3C
Certificate issuer: /CN=83df0cacb9fd50e1be7dfbf3d0ac854beed786be
Certificate serial: 0196AC53B9EB3FFA685154E3FE52F04E54EA
Authority key identifier: 83:DF:0C:AC:B9:FD:50:E1:BE:7D:FB:F3:D0:AC:85:4B:EE:D7:86:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g98MrLn9UOG-ffvz0KyFS-7Xhr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/aa1c51-9264-406e-b796-4e00c3b70878/1/msDEeS6sASlV5Nrug60HOmxHAjw.roa
Signing time: Wed 07 May 2025 19:58:10 +0000
ROA not before: Wed 07 May 2025 19:58:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210385
IP address blocks: 2a14:ee80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/aa1c51-9264-406e-b796-4e00c3b70878/1/g98MrLn9UOG-ffvz0KyFS-7Xhr4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/aa1c51-9264-406e-b796-4e00c3b70878/1/g98MrLn9UOG-ffvz0KyFS-7Xhr4.mft
rsync://rpki.ripe.net/repository/DEFAULT/g98MrLn9UOG-ffvz0KyFS-7Xhr4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 03:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ac:53:b9:eb:3f:fa:68:51:54:e3:fe:52:f0:4e:54:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83df0cacb9fd50e1be7dfbf3d0ac854beed786be
Validity
Not Before: May 7 19:58:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9ac0c4792eac012955e4daee83ad073a6c47023c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:69:9e:4f:30:26:94:c9:10:b0:c2:f0:44:8f:
47:8c:bd:0e:d0:8f:92:29:30:f5:db:47:fd:ec:ff:
a7:54:6c:39:61:98:40:73:59:47:5a:64:20:e9:0c:
bf:93:20:f2:76:36:2b:19:50:34:de:f1:06:f7:ae:
15:2b:2f:5a:79:b8:e5:8e:de:36:9a:5c:d4:72:bd:
54:f7:e1:ce:03:3c:52:ce:b2:ac:b3:be:52:ab:5d:
c6:29:1e:f8:a9:5d:b3:2a:5f:27:bb:96:2e:13:6a:
e9:04:c4:41:0f:de:f3:b3:7f:e9:85:45:de:4d:89:
4a:d6:32:92:83:c9:1e:c8:49:07:da:62:6f:2b:d0:
d8:05:03:39:c3:84:5b:4f:fc:e7:51:39:48:c9:d9:
28:0a:5a:bd:7a:48:04:1f:ba:34:02:7b:a5:a9:f3:
ee:b5:c0:56:40:57:99:2f:03:44:94:ee:a1:c4:a9:
f2:df:27:1e:3c:a2:61:2d:41:92:cf:ab:c6:55:6d:
67:01:cf:6b:bf:e7:64:03:66:b3:09:99:bb:cf:7d:
25:c1:e6:e3:91:10:7d:c4:ca:c8:f8:1f:e8:3c:8f:
81:a1:f0:9b:38:84:11:23:7f:8d:ad:e8:0a:3b:cf:
8f:18:85:17:38:4f:a8:94:59:e1:55:13:71:78:b6:
66:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:C0:C4:79:2E:AC:01:29:55:E4:DA:EE:83:AD:07:3A:6C:47:02:3C
X509v3 Authority Key Identifier:
keyid:83:DF:0C:AC:B9:FD:50:E1:BE:7D:FB:F3:D0:AC:85:4B:EE:D7:86:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g98MrLn9UOG-ffvz0KyFS-7Xhr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/aa1c51-9264-406e-b796-4e00c3b70878/1/msDEeS6sASlV5Nrug60HOmxHAjw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/aa1c51-9264-406e-b796-4e00c3b70878/1/g98MrLn9UOG-ffvz0KyFS-7Xhr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:ee80::/32
Signature Algorithm: sha256WithRSAEncryption
26:0d:22:88:a9:2f:19:98:6e:03:51:93:a7:6f:0a:b4:de:5a:
fa:d9:d7:65:b7:94:86:c4:85:9a:69:61:87:3a:8d:22:72:2d:
6d:fe:19:d2:9a:6d:ee:7e:eb:37:17:6b:00:e8:29:7b:46:a4:
8a:ec:a2:ec:04:ac:a6:2c:a2:20:fc:8f:58:70:3d:1c:02:32:
cf:dc:0a:e2:d4:ac:a4:bc:41:ce:10:61:f1:cf:6f:5c:45:bf:
62:a7:87:54:b6:97:3a:f4:63:48:52:e3:75:a9:75:49:ac:14:
63:ba:3a:ef:7f:ee:45:40:ca:10:9b:5c:e9:17:7d:24:2e:d8:
b6:f7:40:f1:5f:c6:79:df:11:fc:e3:52:e7:a6:1d:c8:67:84:
7f:64:8d:f8:e6:c1:63:fd:09:d0:ca:60:02:d8:46:c3:03:16:
8c:60:d5:ec:85:b2:d9:3c:11:a4:d2:79:00:e7:60:f5:58:3a:
70:0e:96:a2:e1:58:ca:f4:e6:d3:b2:5f:ae:35:f5:d0:5e:26:
85:5b:23:e0:60:75:b2:de:a7:22:b9:1c:2d:99:e5:78:c5:1c:
4d:ac:35:32:85:06:4e:40:4e:21:69:13:db:92:25:46:2b:d2:
2e:62:27:55:6b:2f:ff:aa:96:e3:c4:be:70:bc:59:05:66:99:
5c:46:fa:60
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZasU7nrP/poUVTj/lLwTlTqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzZGYwY2FjYjlmZDUwZTFiZTdkZmJmM2QwYWM4NTRiZWVk
Nzg2YmUwHhcNMjUwNTA3MTk1ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWMwYzQ3OTJlYWMwMTI5NTVlNGRhZWU4M2FkMDczYTZjNDcwMjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmWmeTzAmlMkQsMLwRI9HjL0O0I+S
KTD120f97P+nVGw5YZhAc1lHWmQg6Qy/kyDydjYrGVA03vEG964VKy9aebjljt42
mlzUcr1U9+HOAzxSzrKss75Sq13GKR74qV2zKl8nu5YuE2rpBMRBD97zs3/phUXe
TYlK1jKSg8keyEkH2mJvK9DYBQM5w4RbT/znUTlIydkoClq9ekgEH7o0AnulqfPu
tcBWQFeZLwNElO6hxKny3ycePKJhLUGSz6vGVW1nAc9rv+dkA2azCZm7z30lwebj
kRB9xMrI+B/oPI+BofCbOIQRI3+NregKO8+PGIUXOE+olFnhVRNxeLZmuwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJrAxHkurAEpVeTa7oOtBzpsRwI8MB8GA1UdIwQY
MBaAFIPfDKy5/VDhvn3789CshUvu14a+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzk4TXJMbjlVT0ctZmZ2ejBLeUZTLTdYaHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC9hYTFjNTEtOTI2NC00MDZlLWI3OTYt
NGUwMGMzYjcwODc4LzEvbXNERWVTNnNBU2xWNU5ydWc2MEhPbXhIQWp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC9hYTFjNTEtOTI2NC00MDZlLWI3OTYtNGUwMGMzYjcwODc4
LzEvZzk4TXJMbjlVT0ctZmZ2ejBLeUZTLTdYaHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhTugDAN
BgkqhkiG9w0BAQsFAAOCAQEAJg0iiKkvGZhuA1GTp28KtN5a+tnXZbeUhsSFmmlh
hzqNInItbf4Z0ppt7n7rNxdrAOgpe0akiuyi7ASspiyiIPyPWHA9HAIyz9wK4tSs
pLxBzhBh8c9vXEW/YqeHVLaXOvRjSFLjdal1SawUY7o673/uRUDKEJtc6Rd9JC7Y
tvdA8V/Ged8R/ONS56YdyGeEf2SN+ObBY/0J0MpgAthGwwMWjGDV7IWy2TwRpNJ5
AOdg9Vg6cA6WouFYyvTm07JfrjX10F4mhVsj4GB1st6nIrkcLZnleMUcTaw1MoUG
TkBOIWkT25IlRivSLmInVWsv/6qW48S+cLxZBWaZXEb6YA==
-----END CERTIFICATE-----
Generated at Sun Jun 8 13:28:57 2025 by rpki-client