Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/143392-d868-4a26-8543-3aa2227badfe/1/1ffahNtPZYX-N5j-O0KlFd0HH4g.roa
File: 1ffahNtPZYX-N5j-O0KlFd0HH4g.roa (raw, json)
Hash identifier: MoHHu9VYXOcbIDzTY/tBkP4afwJz6bsnwUqB9SFua4c=
Subject key identifier: D5:F7:DA:84:DB:4F:65:85:FE:37:98:FE:3B:42:A5:15:DD:07:1F:88
Certificate issuer: /CN=5524b2e26dd3afcc5c1eac01f90263d201fbe099
Certificate serial: 01942445795CBEF03D56B07BC1EF2F817F19
Authority key identifier: 55:24:B2:E2:6D:D3:AF:CC:5C:1E:AC:01:F9:02:63:D2:01:FB:E0:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VSSy4m3Tr8xcHqwB-QJj0gH74Jk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/143392-d868-4a26-8543-3aa2227badfe/1/1ffahNtPZYX-N5j-O0KlFd0HH4g.roa
Signing time: Wed 01 Jan 2025 23:48:40 +0000
ROA not before: Wed 01 Jan 2025 23:48:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200216
IP address blocks: 2a13:2880::/29 maxlen: 29
2a13:d3c0::/29 maxlen: 29
2a14:1300::/29 maxlen: 29
2a14:1500::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/143392-d868-4a26-8543-3aa2227badfe/1/VSSy4m3Tr8xcHqwB-QJj0gH74Jk.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/143392-d868-4a26-8543-3aa2227badfe/1/VSSy4m3Tr8xcHqwB-QJj0gH74Jk.mft
rsync://rpki.ripe.net/repository/DEFAULT/VSSy4m3Tr8xcHqwB-QJj0gH74Jk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 11:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:79:5c:be:f0:3d:56:b0:7b:c1:ef:2f:81:7f:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5524b2e26dd3afcc5c1eac01f90263d201fbe099
Validity
Not Before: Jan 1 23:48:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d5f7da84db4f6585fe3798fe3b42a515dd071f88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:28:25:a1:d3:80:b5:a5:3f:b5:59:6d:36:ad:
79:7e:5e:c6:9f:be:eb:cb:5e:71:75:09:7a:32:24:
92:55:d9:a8:25:f7:1f:5e:e1:2f:b7:82:f7:5b:77:
61:b0:91:2c:38:c3:75:a1:4b:2f:95:a4:a5:15:e4:
93:4c:45:66:3e:48:87:a2:ad:0d:61:90:7d:32:30:
d2:fd:4a:1d:32:ae:e8:b4:62:4c:1e:32:ee:ec:5e:
d6:69:f3:a8:db:68:7b:fa:92:c4:6d:b2:04:45:d6:
e1:2c:dc:6d:d7:76:8a:7c:b1:41:8d:5d:bb:ac:4c:
96:4e:71:4a:5c:b0:a5:75:f5:66:67:47:73:02:47:
b6:0c:fc:0b:58:b5:4c:96:8a:5c:c5:86:52:e0:da:
f6:1f:80:0c:3e:16:89:d9:1a:56:e9:46:52:3e:8c:
b2:57:11:ef:44:f4:ef:d7:b3:a7:dd:7f:03:f2:ab:
4b:8c:7e:f4:c1:f0:73:86:c3:03:ef:7e:f6:93:bc:
72:df:f1:8b:7f:34:ed:37:45:90:8f:c6:d7:6c:ed:
ed:86:be:3e:c1:c4:01:de:08:c2:e3:84:d0:d7:23:
0c:60:ef:d2:6f:09:f5:5f:ff:6d:74:49:56:db:c4:
81:0b:37:13:28:8f:bd:c8:92:a4:2a:d3:cd:11:46:
dd:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:F7:DA:84:DB:4F:65:85:FE:37:98:FE:3B:42:A5:15:DD:07:1F:88
X509v3 Authority Key Identifier:
keyid:55:24:B2:E2:6D:D3:AF:CC:5C:1E:AC:01:F9:02:63:D2:01:FB:E0:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VSSy4m3Tr8xcHqwB-QJj0gH74Jk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/143392-d868-4a26-8543-3aa2227badfe/1/1ffahNtPZYX-N5j-O0KlFd0HH4g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/143392-d868-4a26-8543-3aa2227badfe/1/VSSy4m3Tr8xcHqwB-QJj0gH74Jk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:2880::/29
2a13:d3c0::/29
2a14:1300::/29
2a14:1500::/29
Signature Algorithm: sha256WithRSAEncryption
6b:70:ab:91:70:a5:7a:67:6c:65:05:13:d3:2d:8e:5f:23:be:
79:75:ec:6e:14:1e:ab:95:89:7f:df:74:8f:c2:f8:2d:ec:87:
2e:ea:37:fa:ed:a5:be:18:eb:5e:85:68:6f:dc:55:03:41:c6:
f4:49:13:16:72:cf:83:c9:6b:34:e6:c2:39:bd:72:3d:48:e9:
47:a1:df:86:9f:8f:11:20:b8:8e:e9:57:2a:e8:69:39:ec:da:
7a:65:53:f0:60:17:87:7b:4e:c6:69:22:dd:d7:6c:30:34:37:
57:cc:0d:e1:01:2f:74:c2:e8:cc:92:49:44:30:54:10:61:a3:
62:80:ef:eb:93:fb:f0:fd:e4:2d:5b:c1:d3:1f:6c:26:04:1e:
e9:72:2d:8d:bd:9c:05:cf:07:3a:7c:df:22:19:06:65:6c:68:
47:b0:29:ac:4a:63:5f:09:92:01:a9:09:1b:09:7d:84:6e:37:
72:80:12:4c:9c:15:fe:d7:04:21:c4:4f:3c:df:52:8a:a2:9d:
bc:73:16:0d:92:1e:bc:3e:e4:73:b2:0d:8d:1b:50:ad:3e:80:
c5:6b:a9:d1:82:ab:c8:32:8b:3a:45:07:78:19:2d:0b:ad:d6:
7d:cf:38:1a:39:ce:a5:13:d8:f7:77:eb:2f:47:2e:d2:97:94:
ef:da:78:a9
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZQkRXlcvvA9VrB7we8vgX8ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1MjRiMmUyNmRkM2FmY2M1YzFlYWMwMWY5MDI2M2QyMDFm
YmUwOTkwHhcNMjUwMTAxMjM0ODQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWY3ZGE4NGRiNGY2NTg1ZmUzNzk4ZmUzYjQyYTUxNWRkMDcxZjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5yglodOAtaU/tVltNq15fl7Gn77r
y15xdQl6MiSSVdmoJfcfXuEvt4L3W3dhsJEsOMN1oUsvlaSlFeSTTEVmPkiHoq0N
YZB9MjDS/UodMq7otGJMHjLu7F7WafOo22h7+pLEbbIERdbhLNxt13aKfLFBjV27
rEyWTnFKXLCldfVmZ0dzAke2DPwLWLVMlopcxYZS4Nr2H4AMPhaJ2RpW6UZSPoyy
VxHvRPTv17On3X8D8qtLjH70wfBzhsMD7372k7xy3/GLfzTtN0WQj8bXbO3thr4+
wcQB3gjC44TQ1yMMYO/Sbwn1X/9tdElW28SBCzcTKI+9yJKkKtPNEUbdEQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFNX32oTbT2WF/jeY/jtCpRXdBx+IMB8GA1UdIwQY
MBaAFFUksuJt06/MXB6sAfkCY9IB++CZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlNTeTRtM1RyOHhjSHF3Qi1RSmowZ0g3NEprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8xNDMzOTItZDg2OC00YTI2LTg1NDMt
M2FhMjIyN2JhZGZlLzEvMWZmYWhOdFBaWVgtTjVqLU8wS2xGZDBISDRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS8xNDMzOTItZDg2OC00YTI2LTg1NDMtM2FhMjIyN2JhZGZl
LzEvVlNTeTRtM1RyOHhjSHF3Qi1RSmowZ0g3NEprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKhMogAMF
AyoT08ADBQMqFBMAAwUDKhQVADANBgkqhkiG9w0BAQsFAAOCAQEAa3CrkXClemds
ZQUT0y2OXyO+eXXsbhQeq5WJf990j8L4LeyHLuo3+u2lvhjrXoVob9xVA0HG9EkT
FnLPg8lrNObCOb1yPUjpR6Hfhp+PESC4julXKuhpOezaemVT8GAXh3tOxmki3dds
MDQ3V8wN4QEvdMLozJJJRDBUEGGjYoDv65P78P3kLVvB0x9sJgQe6XItjb2cBc8H
OnzfIhkGZWxoR7AprEpjXwmSAakJGwl9hG43coASTJwV/tcEIcRPPN9SiqKdvHMW
DZIevD7kc7INjRtQrT6AxWup0YKryDKLOkUHeBktC63Wfc84GjnOpRPY93frL0cu
0peU79p4qQ==
-----END CERTIFICATE-----
Generated at Fri Apr 11 21:31:21 2025 by rpki-client