Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/4DnjTFN1zlZCRYgVxAY_U08Rklk.roa
File: 4DnjTFN1zlZCRYgVxAY_U08Rklk.roa (raw, json)
Hash identifier: nT7OH6zcGf7/2OOc6V4aPoosvcZ2UZCj0BuWjpgyNAU=
Subject key identifier: E0:39:E3:4C:53:75:CE:56:42:45:88:15:C4:06:3F:53:4F:11:92:59
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 019427B55EA36F338641B68731390315FC25
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/4DnjTFN1zlZCRYgVxAY_U08Rklk.roa
Signing time: Thu 02 Jan 2025 15:49:45 +0000
ROA not before: Thu 02 Jan 2025 15:49:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29226
IP address blocks: 2a09:6286::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft
rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 13:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:5e:a3:6f:33:86:41:b6:87:31:39:03:15:fc:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Jan 2 15:49:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e039e34c5375ce5642458815c4063f534f119259
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:d7:80:07:fc:40:31:6e:5e:17:f8:5d:e7:68:
5f:22:5a:20:8b:99:7e:de:a1:76:2c:ee:ee:81:8d:
2d:99:e9:86:48:72:42:1b:52:b2:39:1a:32:a8:31:
8f:a6:1e:e7:e1:93:16:94:81:4f:5b:99:eb:06:ee:
c8:24:db:09:bb:19:99:63:b4:3e:dc:37:7a:df:8a:
a4:41:f9:3b:f0:72:e6:26:93:b1:a1:77:35:2f:53:
4c:6a:c3:53:04:3b:c3:f3:6b:e8:be:06:91:ae:c1:
fe:98:45:9b:9a:39:64:d1:b1:d6:fd:8d:91:fc:9f:
8a:39:64:d3:ba:83:2c:62:b5:2b:4c:82:d6:34:67:
08:7e:6d:f7:5d:44:5c:6f:70:b5:22:01:e5:09:fb:
73:ca:6b:63:e0:0d:0a:92:77:e8:a9:47:e1:a3:1e:
18:a3:28:b0:54:3e:0e:cf:41:b9:c8:aa:64:dd:2c:
3d:52:ad:7a:6a:a8:5c:8a:a9:f5:cd:69:52:a5:c0:
2f:f6:52:b1:46:34:74:12:98:8e:c5:7c:d8:7a:dc:
de:cc:c6:32:b8:80:7e:12:43:3b:63:d5:3c:3e:68:
e9:de:13:17:36:2c:d0:6a:a3:fe:48:b6:45:37:fa:
e6:67:23:44:ad:88:81:9e:dc:53:0d:9b:2d:88:97:
1c:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:39:E3:4C:53:75:CE:56:42:45:88:15:C4:06:3F:53:4F:11:92:59
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/4DnjTFN1zlZCRYgVxAY_U08Rklk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:6286::/32
Signature Algorithm: sha256WithRSAEncryption
46:ee:83:62:bf:2c:d0:52:f6:72:c6:56:da:ec:75:47:42:a0:
af:2a:fc:46:bd:c5:c8:ca:24:83:a3:25:24:14:10:3d:52:20:
a2:28:ea:0f:f3:1f:47:41:61:fe:5f:7d:d3:35:3a:8b:57:ba:
d5:15:ea:4d:b4:97:b0:91:58:3d:b2:ba:89:e1:af:e9:82:7a:
fe:73:ad:26:8d:c8:38:da:46:d4:0d:9d:a2:58:25:68:ed:d2:
41:b3:4e:b1:ef:69:b7:ee:e6:8b:f3:f7:ab:fc:b2:e1:44:98:
17:54:39:6d:bb:0a:d2:2f:c2:e2:a0:9f:80:25:3a:ce:16:e0:
8b:ce:c9:b0:5e:2a:82:9f:4d:69:03:a0:c6:a6:d9:4a:7d:d1:
90:07:f5:ec:5f:79:7d:b1:86:40:89:b3:6c:00:cc:05:6f:76:
50:aa:c4:fb:e2:09:5b:b5:c8:bc:80:2f:9a:19:9e:15:a6:70:
87:fe:5e:76:60:e9:41:39:2a:13:74:f8:dc:df:aa:ed:71:48:
1b:83:84:76:0d:c6:6b:48:b1:3b:ee:0c:b4:75:25:5c:10:6e:
e1:bb:18:cb:6b:42:f5:cb:d9:3c:c5:39:b7:d4:e6:18:1c:da:
9e:54:62:01:be:e7:f5:49:c6:0e:7c:c2:18:de:36:37:ac:e9:
b5:3c:92:40
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQntV6jbzOGQbaHMTkDFfwlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjUwMTAyMTU0OTQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDM5ZTM0YzUzNzVjZTU2NDI0NTg4MTVjNDA2M2Y1MzRmMTE5MjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv9eAB/xAMW5eF/hd52hfIlogi5l+
3qF2LO7ugY0tmemGSHJCG1KyORoyqDGPph7n4ZMWlIFPW5nrBu7IJNsJuxmZY7Q+
3Dd634qkQfk78HLmJpOxoXc1L1NMasNTBDvD82vovgaRrsH+mEWbmjlk0bHW/Y2R
/J+KOWTTuoMsYrUrTILWNGcIfm33XURcb3C1IgHlCftzymtj4A0KknfoqUfhox4Y
oyiwVD4Oz0G5yKpk3Sw9Uq16aqhciqn1zWlSpcAv9lKxRjR0EpiOxXzYetzezMYy
uIB+EkM7Y9U8Pmjp3hMXNizQaqP+SLZFN/rmZyNErYiBntxTDZstiJccwQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOA540xTdc5WQkWIFcQGP1NPEZJZMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvNERualRGTjF6bFpDUllnVnhBWV9VMDhSa2xrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKglihjAN
BgkqhkiG9w0BAQsFAAOCAQEARu6DYr8s0FL2csZW2ux1R0Kgryr8Rr3FyMokg6Ml
JBQQPVIgoijqD/MfR0Fh/l990zU6i1e61RXqTbSXsJFYPbK6ieGv6YJ6/nOtJo3I
ONpG1A2dolglaO3SQbNOse9pt+7mi/P3q/yy4USYF1Q5bbsK0i/C4qCfgCU6zhbg
i87JsF4qgp9NaQOgxqbZSn3RkAf17F95fbGGQImzbADMBW92UKrE++IJW7XIvIAv
mhmeFaZwh/5edmDpQTkqE3T43N+q7XFIG4OEdg3Ga0ixO+4MtHUlXBBu4bsYy2tC
9cvZPMU5t9TmGBzanlRiAb7n9UnGDnzCGN42N6zptTySQA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:13:18 2025 by rpki-client