Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/97c353-0c36-4066-a56b-139a496cd59c/1/wH2BXhQbp4RbWEqazf0ETM0OAOI.roa
File: wH2BXhQbp4RbWEqazf0ETM0OAOI.roa (raw, json)
Hash identifier: WPj1rnPevOFK6Wz2Mo2etzdEIyu2IX1IvghxSjU5v1Q=
Subject key identifier: C0:7D:81:5E:14:1B:A7:84:5B:58:4A:9A:CD:FD:04:4C:CD:0E:00:E2
Certificate issuer: /CN=d24322b2d0a794fd076b85e8dc578abb0d03ec40
Certificate serial: 019426D9CFE99003FFF0B6C7E02873695E9E
Authority key identifier: D2:43:22:B2:D0:A7:94:FD:07:6B:85:E8:DC:57:8A:BB:0D:03:EC:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0kMistCnlP0Ha4Xo3FeKuw0D7EA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/97c353-0c36-4066-a56b-139a496cd59c/1/wH2BXhQbp4RbWEqazf0ETM0OAOI.roa
Signing time: Thu 02 Jan 2025 11:49:56 +0000
ROA not before: Thu 02 Jan 2025 11:49:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2119
IP address blocks: 2001:67c:21e4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/97c353-0c36-4066-a56b-139a496cd59c/1/0kMistCnlP0Ha4Xo3FeKuw0D7EA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/97c353-0c36-4066-a56b-139a496cd59c/1/0kMistCnlP0Ha4Xo3FeKuw0D7EA.mft
rsync://rpki.ripe.net/repository/DEFAULT/0kMistCnlP0Ha4Xo3FeKuw0D7EA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 08:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:cf:e9:90:03:ff:f0:b6:c7:e0:28:73:69:5e:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d24322b2d0a794fd076b85e8dc578abb0d03ec40
Validity
Not Before: Jan 2 11:49:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c07d815e141ba7845b584a9acdfd044ccd0e00e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:ee:5b:27:b7:58:13:fe:11:6c:de:9c:f5:c5:
47:54:e5:51:0a:3d:b9:4d:6b:e7:d7:60:f1:cb:b9:
d2:2b:d6:6d:0b:bc:5d:c0:2b:1f:a3:ef:fc:c4:42:
6b:25:24:9e:21:a1:d9:dc:ba:eb:49:84:1f:04:a2:
0e:12:d0:60:85:10:7b:1a:c3:dc:89:6c:90:58:dc:
53:1d:8e:32:1c:93:3c:f8:94:0a:f7:40:e3:5a:ae:
57:8d:68:40:85:f2:a7:08:06:c9:06:a1:4b:8a:13:
2a:07:10:8a:4c:51:5c:ad:2f:f8:3d:02:ee:0e:24:
b9:27:02:ed:d4:34:82:ea:f0:09:22:0f:fa:00:85:
a8:64:6d:59:02:f9:20:14:6b:53:55:55:a0:fb:36:
75:9a:80:f6:a7:e7:19:af:a9:d4:c0:ee:fe:42:36:
25:a2:d0:8c:7e:2d:be:47:ab:fb:0e:92:71:e3:82:
e2:9b:32:a9:13:f6:f5:ee:c4:98:3e:b6:0d:c2:95:
58:29:8c:0e:13:54:63:06:b9:af:f7:66:13:46:30:
1a:7a:83:b1:11:55:2b:cf:29:ce:78:cf:ca:04:ae:
9e:65:74:6f:24:3d:9c:63:19:15:93:6b:6e:90:29:
5b:7d:34:5c:e1:1b:7a:07:f1:33:b5:f4:3e:4a:36:
e2:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:7D:81:5E:14:1B:A7:84:5B:58:4A:9A:CD:FD:04:4C:CD:0E:00:E2
X509v3 Authority Key Identifier:
keyid:D2:43:22:B2:D0:A7:94:FD:07:6B:85:E8:DC:57:8A:BB:0D:03:EC:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0kMistCnlP0Ha4Xo3FeKuw0D7EA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/97c353-0c36-4066-a56b-139a496cd59c/1/wH2BXhQbp4RbWEqazf0ETM0OAOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/97c353-0c36-4066-a56b-139a496cd59c/1/0kMistCnlP0Ha4Xo3FeKuw0D7EA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:21e4::/48
Signature Algorithm: sha256WithRSAEncryption
03:14:e3:00:39:c3:5b:2b:5f:85:3f:8b:c9:3e:99:4a:7a:eb:
99:e8:8f:f3:99:ee:bc:4d:ba:fd:6b:62:af:7f:d8:f0:96:6c:
7f:ef:88:cd:d6:c0:49:b9:f1:fc:b2:c4:af:48:54:5a:5c:99:
eb:de:9f:6e:94:7b:4f:27:66:5a:a6:af:70:68:e7:3a:67:66:
db:af:66:67:81:0e:e7:82:f5:61:84:0c:7b:39:c5:58:61:a8:
97:94:72:33:90:2b:75:59:39:9d:28:ab:5f:f9:37:92:a6:91:
4b:4a:f3:30:97:5c:da:c6:db:69:85:85:b9:e5:88:35:44:ab:
be:ef:97:f1:6c:0e:40:b9:db:44:06:a8:e3:96:98:de:b8:2d:
09:d1:0e:aa:b1:b7:8c:e6:ba:0f:ff:43:20:1b:7f:af:5d:c9:
6d:b8:3f:53:f4:12:1c:6c:68:07:22:14:6e:d0:a6:2e:b9:f9:
64:9b:6a:31:a3:a5:2f:3a:98:87:40:fa:0e:68:13:83:b5:66:
76:f0:e1:7a:90:cc:1b:22:3c:28:0e:cc:07:ce:43:1b:c1:8c:
e4:a7:72:4a:69:45:18:d8:00:67:dd:24:3f:ad:47:a6:e9:05:
ea:a3:21:91:36:bb:ea:a2:6d:1d:64:aa:a1:a3:ca:26:93:e8:
9b:31:a7:8e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQm2c/pkAP/8LbH4ChzaV6eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNDMyMmIyZDBhNzk0ZmQwNzZiODVlOGRjNTc4YWJiMGQw
M2VjNDAwHhcNMjUwMTAyMTE0OTU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDdkODE1ZTE0MWJhNzg0NWI1ODRhOWFjZGZkMDQ0Y2NkMGUwMGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyO5bJ7dYE/4RbN6c9cVHVOVRCj25
TWvn12Dxy7nSK9ZtC7xdwCsfo+/8xEJrJSSeIaHZ3LrrSYQfBKIOEtBghRB7GsPc
iWyQWNxTHY4yHJM8+JQK90DjWq5XjWhAhfKnCAbJBqFLihMqBxCKTFFcrS/4PQLu
DiS5JwLt1DSC6vAJIg/6AIWoZG1ZAvkgFGtTVVWg+zZ1moD2p+cZr6nUwO7+QjYl
otCMfi2+R6v7DpJx44LimzKpE/b17sSYPrYNwpVYKYwOE1RjBrmv92YTRjAaeoOx
EVUrzynOeM/KBK6eZXRvJD2cYxkVk2tukClbfTRc4Rt6B/EztfQ+SjbiYwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMB9gV4UG6eEW1hKms39BEzNDgDiMB8GA1UdIwQY
MBaAFNJDIrLQp5T9B2uF6NxXirsNA+xAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGtNaXN0Q25sUDBIYTRYbzNGZUt1dzBEN0VBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy85N2MzNTMtMGMzNi00MDY2LWE1NmIt
MTM5YTQ5NmNkNTljLzEvd0gyQlhoUWJwNFJiV0VxYXpmMEVUTTBPQU9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy85N2MzNTMtMGMzNi00MDY2LWE1NmItMTM5YTQ5NmNkNTlj
LzEvMGtNaXN0Q25sUDBIYTRYbzNGZUt1dzBEN0VBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfCHk
MA0GCSqGSIb3DQEBCwUAA4IBAQADFOMAOcNbK1+FP4vJPplKeuuZ6I/zme68Tbr9
a2Kvf9jwlmx/74jN1sBJufH8ssSvSFRaXJnr3p9ulHtPJ2Zapq9waOc6Z2bbr2Zn
gQ7ngvVhhAx7OcVYYaiXlHIzkCt1WTmdKKtf+TeSppFLSvMwl1zaxttphYW55Yg1
RKu+75fxbA5AudtEBqjjlpjeuC0J0Q6qsbeM5roP/0MgG3+vXcltuD9T9BIcbGgH
IhRu0KYuuflkm2oxo6UvOpiHQPoOaBODtWZ28OF6kMwbIjwoDswHzkMbwYzkp3JK
aUUY2ABn3SQ/rUem6QXqoyGRNrvqom0dZKqho8omk+ibMaeO
-----END CERTIFICATE-----
Generated at Sat Apr 12 16:49:11 2025 by rpki-client