Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/341508-a0aa-40c9-ae0c-0379930f8286/1/hr1FzTLzhvjdHRGQawXaK0XuGQ4.roa
File: hr1FzTLzhvjdHRGQawXaK0XuGQ4.roa (raw, json)
Hash identifier: wRJW1xVVLpDSguuiY7y5qT4f4RgVOBoZp/PuXmFp+qI=
Subject key identifier: 86:BD:45:CD:32:F3:86:F8:DD:1D:11:90:6B:05:DA:2B:45:EE:19:0E
Certificate issuer: /CN=3753dbc5829ec500b33426a188d0399395b806aa
Certificate serial: 019424B3E226F7A4E038C9B3FF40E552C88A
Authority key identifier: 37:53:DB:C5:82:9E:C5:00:B3:34:26:A1:88:D0:39:93:95:B8:06:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N1PbxYKexQCzNCahiNA5k5W4Bqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/341508-a0aa-40c9-ae0c-0379930f8286/1/hr1FzTLzhvjdHRGQawXaK0XuGQ4.roa
Signing time: Thu 02 Jan 2025 01:49:16 +0000
ROA not before: Thu 02 Jan 2025 01:49:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21277
IP address blocks: 2a03:47c0::/29 maxlen: 29
2a03:47c0::/32 maxlen: 32
2a03:47c0:1080::/48 maxlen: 48
2a03:47c0:20c0::/48 maxlen: 48
2a03:47c0:2180::/48 maxlen: 48
2a03:47c0:2280::/48 maxlen: 48
2a03:47c0:2400::/48 maxlen: 48
2a03:47c0:2480::/48 maxlen: 48
2a03:47c1::/32 maxlen: 32
2a03:47c2::/32 maxlen: 32
2a03:47c3::/32 maxlen: 32
2a03:47c4::/32 maxlen: 32
2a03:47c5::/32 maxlen: 32
2a03:47c6::/32 maxlen: 32
2a03:47c7::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/341508-a0aa-40c9-ae0c-0379930f8286/1/N1PbxYKexQCzNCahiNA5k5W4Bqo.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/341508-a0aa-40c9-ae0c-0379930f8286/1/N1PbxYKexQCzNCahiNA5k5W4Bqo.mft
rsync://rpki.ripe.net/repository/DEFAULT/N1PbxYKexQCzNCahiNA5k5W4Bqo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:e2:26:f7:a4:e0:38:c9:b3:ff:40:e5:52:c8:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3753dbc5829ec500b33426a188d0399395b806aa
Validity
Not Before: Jan 2 01:49:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=86bd45cd32f386f8dd1d11906b05da2b45ee190e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:fa:98:c7:34:2a:5a:99:c4:c1:4e:9f:43:e6:
ce:47:8e:d3:6b:b1:af:5f:70:1c:72:c8:0f:81:b3:
0f:12:ac:60:72:df:20:4a:b2:40:29:93:44:70:25:
a8:34:8e:36:b3:7e:cb:e2:31:32:10:ba:3b:d6:20:
f8:6b:e7:10:8a:16:a2:fe:e6:a4:99:19:ce:09:a8:
cc:2d:94:62:a6:e9:f9:50:67:ca:64:7c:ff:70:20:
c6:07:ca:8a:fa:93:1a:60:da:f9:7f:1c:2b:44:45:
1c:40:e5:e6:11:b1:72:4b:5e:55:b9:a6:70:8b:a2:
b0:59:00:3e:06:ee:c1:48:43:27:54:ce:44:25:99:
d8:4b:8c:a0:3f:65:7a:f6:16:f8:75:02:bc:25:0f:
ef:6b:97:e7:b7:02:43:96:70:a7:ba:9b:1d:6f:5d:
9a:59:cb:69:3d:34:6f:27:84:e7:33:46:97:57:b7:
72:4b:94:4e:d6:ef:86:d6:fe:80:2a:75:90:43:b0:
5c:b6:2f:21:19:5a:5d:fc:10:40:88:32:61:b9:0b:
56:45:0f:51:c3:da:56:94:57:b1:51:52:dd:6d:24:
69:19:a3:06:bb:18:ac:89:2b:90:c0:0a:2c:3f:5b:
af:cb:7d:17:47:7e:66:47:e2:08:eb:e8:c8:c6:ff:
bc:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:BD:45:CD:32:F3:86:F8:DD:1D:11:90:6B:05:DA:2B:45:EE:19:0E
X509v3 Authority Key Identifier:
keyid:37:53:DB:C5:82:9E:C5:00:B3:34:26:A1:88:D0:39:93:95:B8:06:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N1PbxYKexQCzNCahiNA5k5W4Bqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/341508-a0aa-40c9-ae0c-0379930f8286/1/hr1FzTLzhvjdHRGQawXaK0XuGQ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/341508-a0aa-40c9-ae0c-0379930f8286/1/N1PbxYKexQCzNCahiNA5k5W4Bqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:47c0::/29
Signature Algorithm: sha256WithRSAEncryption
91:30:85:a8:6c:f8:4e:06:b3:04:1e:6c:6b:7f:50:c4:4c:94:
1d:2b:7c:fc:57:d6:e9:91:2b:d9:ae:f9:61:a3:00:b4:88:07:
f9:3f:d8:e1:3a:41:58:7d:58:c5:80:a8:73:c9:c2:d5:b2:ee:
13:16:19:66:46:8d:0c:bc:4c:df:90:ab:90:8b:96:85:bb:11:
08:9e:5a:b7:97:ac:72:33:e1:c0:91:bb:c0:e3:06:21:00:57:
da:9e:76:ab:5e:1a:2d:e5:09:cd:3f:a3:6a:f5:b7:f7:a0:5b:
ef:62:16:f9:7f:5b:fe:0c:1f:9f:34:43:80:fc:93:ce:66:bf:
aa:37:7a:f6:89:d0:d9:34:66:91:bc:33:48:35:89:59:9a:1f:
e2:ae:a5:23:da:df:28:8d:d3:b6:36:4e:50:5f:26:6b:a0:8a:
8b:db:57:9f:cc:ea:66:c5:9d:c4:fd:79:9e:7b:c3:83:11:9e:
bd:64:13:b4:1d:e4:00:8d:b6:1a:59:dc:75:25:f3:d0:fe:21:
bf:51:51:e8:18:08:4c:f5:cd:4d:8b:7e:a9:1c:f1:dd:66:b2:
30:93:9a:18:a4:f6:3b:fa:ed:87:85:b5:57:c5:8e:7e:78:b5:
80:2e:ad:2b:45:6d:61:80:de:73:fc:40:b8:18:55:55:ff:12:
32:20:d3:06
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQks+Im96TgOMmz/0DlUsiKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NTNkYmM1ODI5ZWM1MDBiMzM0MjZhMTg4ZDAzOTkzOTVi
ODA2YWEwHhcNMjUwMTAyMDE0OTE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmJkNDVjZDMyZjM4NmY4ZGQxZDExOTA2YjA1ZGEyYjQ1ZWUxOTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArfqYxzQqWpnEwU6fQ+bOR47Ta7Gv
X3AccsgPgbMPEqxgct8gSrJAKZNEcCWoNI42s37L4jEyELo71iD4a+cQihai/uak
mRnOCajMLZRipun5UGfKZHz/cCDGB8qK+pMaYNr5fxwrREUcQOXmEbFyS15VuaZw
i6KwWQA+Bu7BSEMnVM5EJZnYS4ygP2V69hb4dQK8JQ/va5fntwJDlnCnupsdb12a
WctpPTRvJ4TnM0aXV7dyS5RO1u+G1v6AKnWQQ7Bcti8hGVpd/BBAiDJhuQtWRQ9R
w9pWlFexUVLdbSRpGaMGuxisiSuQwAosP1uvy30XR35mR+II6+jIxv+8MwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIa9Rc0y84b43R0RkGsF2itF7hkOMB8GA1UdIwQY
MBaAFDdT28WCnsUAszQmoYjQOZOVuAaqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjFQYnhZS2V4UUN6TkNhaGlOQTVrNVc0QnFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC8zNDE1MDgtYTBhYS00MGM5LWFlMGMt
MDM3OTkzMGY4Mjg2LzEvaHIxRnpUTHpodmpkSFJHUWF3WGFLMFh1R1E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC8zNDE1MDgtYTBhYS00MGM5LWFlMGMtMDM3OTkzMGY4Mjg2
LzEvTjFQYnhZS2V4UUN6TkNhaGlOQTVrNVc0QnFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgNHwDAN
BgkqhkiG9w0BAQsFAAOCAQEAkTCFqGz4TgazBB5sa39QxEyUHSt8/FfW6ZEr2a75
YaMAtIgH+T/Y4TpBWH1YxYCoc8nC1bLuExYZZkaNDLxM35CrkIuWhbsRCJ5at5es
cjPhwJG7wOMGIQBX2p52q14aLeUJzT+javW396Bb72IW+X9b/gwfnzRDgPyTzma/
qjd69onQ2TRmkbwzSDWJWZof4q6lI9rfKI3TtjZOUF8ma6CKi9tXn8zqZsWdxP15
nnvDgxGevWQTtB3kAI22GlncdSXz0P4hv1FR6BgITPXNTYt+qRzx3WayMJOaGKT2
O/rth4W1V8WOfni1gC6tK0VtYYDec/xAuBhVVf8SMiDTBg==
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:37:57 2025 by rpki-client