Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/VC6fBW2LtHtO1C8vS0jUwdG2qrE.roa
File: VC6fBW2LtHtO1C8vS0jUwdG2qrE.roa (raw, json)
Hash identifier: o790lZxgQYifafDmAj89LBnxxxmYdRRlWE2fKBucfDM=
Subject key identifier: 54:2E:9F:05:6D:8B:B4:7B:4E:D4:2F:2F:4B:48:D4:C1:D1:B6:AA:B1
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 01954D12CDC9FC3A537CBFEC040127EC6D29
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/VC6fBW2LtHtO1C8vS0jUwdG2qrE.roa
Signing time: Fri 28 Feb 2025 15:00:32 +0000
ROA not before: Fri 28 Feb 2025 15:00:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14576
IP address blocks: 2a04:6e40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft
rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 13:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:4d:12:cd:c9:fc:3a:53:7c:bf:ec:04:01:27:ec:6d:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Feb 28 15:00:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=542e9f056d8bb47b4ed42f2f4b48d4c1d1b6aab1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:86:75:fd:4f:81:f9:25:56:8c:ca:dd:f1:54:
9a:6d:0a:d0:92:e8:54:5d:be:ec:e8:8e:c5:b8:0b:
7a:52:60:f7:d2:2a:66:2d:f4:aa:06:c4:38:17:5c:
c2:0d:2c:59:09:aa:e0:5f:1d:a3:94:d5:97:88:61:
67:3f:f7:18:de:45:08:73:f0:e5:f4:be:1b:5f:83:
30:13:97:54:58:20:90:e4:c2:87:b1:e7:5b:32:f2:
d1:e3:29:b9:00:07:46:ca:17:a4:93:de:35:10:e8:
31:dc:76:18:b0:98:a7:e5:61:98:09:7d:a3:3f:75:
ab:61:e9:6c:c9:a2:4d:2c:0f:72:48:ce:7c:ad:97:
c7:eb:d5:c6:67:20:9e:d1:10:39:a6:f9:fe:5f:65:
42:4d:ce:63:cb:02:b8:df:27:8a:4d:14:bb:0b:a8:
dc:21:81:f8:48:fd:de:d6:b7:30:9f:57:d4:ff:63:
43:34:96:3a:ba:b5:02:fc:14:2f:99:f4:c3:48:21:
ee:9e:18:9d:98:cc:cd:b2:8b:35:27:74:5c:a9:8c:
33:92:a5:4d:ec:5b:96:be:8a:6e:06:cc:90:d7:f7:
f3:03:a5:76:bc:1d:bb:1e:7c:75:9f:b6:13:c4:64:
99:84:2b:73:fc:e1:1d:80:78:d9:09:c4:c4:0d:a3:
00:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:2E:9F:05:6D:8B:B4:7B:4E:D4:2F:2F:4B:48:D4:C1:D1:B6:AA:B1
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/VC6fBW2LtHtO1C8vS0jUwdG2qrE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:6e40::/29
Signature Algorithm: sha256WithRSAEncryption
2b:0a:63:29:cc:08:9a:bf:e1:84:a0:8a:df:79:d9:63:2a:90:
61:af:ec:3b:f4:a4:38:90:d6:ef:dd:55:6b:e1:1c:9c:a5:a7:
44:4e:e6:a1:5e:81:76:4d:91:da:08:7c:af:05:24:3b:15:f4:
86:cc:8c:8e:78:65:e7:10:bc:1f:0a:66:a7:74:e9:54:20:90:
ab:46:12:a8:cf:40:9c:86:21:10:82:c4:be:58:18:0c:27:c8:
4c:19:af:7f:4b:45:31:b1:01:5e:2e:be:33:f7:03:b2:6a:f0:
5b:f6:02:85:82:2d:e4:91:7b:84:e8:d3:5a:89:ac:1b:8b:2b:
b6:2a:b6:4c:15:a3:c1:14:9f:13:20:b7:5b:87:a8:75:44:a0:
95:75:c4:a5:aa:77:ab:3e:f6:62:f4:1a:ca:75:4d:48:81:5e:
9c:06:75:5a:af:bb:fe:f4:b1:a2:00:be:f5:12:06:38:90:e2:
12:eb:06:ca:dd:50:dc:34:7e:6b:9d:d7:d1:45:b6:d7:e2:fb:
d2:d3:22:e9:79:e8:1c:22:45:76:af:93:54:e1:f3:a3:f2:2a:
3a:11:55:00:55:0d:a1:e4:4f:a3:ea:37:23:44:c6:be:4b:5c:
ae:83:a5:d8:11:00:c5:b0:4a:d2:1b:c9:28:66:46:b9:b2:ad:
2e:92:ca:18
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZVNEs3J/DpTfL/sBAEn7G0pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjUwMjI4MTUwMDMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDJlOWYwNTZkOGJiNDdiNGVkNDJmMmY0YjQ4ZDRjMWQxYjZhYWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkYZ1/U+B+SVWjMrd8VSabQrQkuhU
Xb7s6I7FuAt6UmD30ipmLfSqBsQ4F1zCDSxZCargXx2jlNWXiGFnP/cY3kUIc/Dl
9L4bX4MwE5dUWCCQ5MKHsedbMvLR4ym5AAdGyhekk941EOgx3HYYsJin5WGYCX2j
P3WrYelsyaJNLA9ySM58rZfH69XGZyCe0RA5pvn+X2VCTc5jywK43yeKTRS7C6jc
IYH4SP3e1rcwn1fU/2NDNJY6urUC/BQvmfTDSCHunhidmMzNsos1J3RcqYwzkqVN
7FuWvopuBsyQ1/fzA6V2vB27Hnx1n7YTxGSZhCtz/OEdgHjZCcTEDaMAKQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFFQunwVti7R7TtQvL0tI1MHRtqqxMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvVkM2ZkJXMkx0SHRPMUM4dlMwalV3ZEcycXJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgRuQDAN
BgkqhkiG9w0BAQsFAAOCAQEAKwpjKcwImr/hhKCK33nZYyqQYa/sO/SkOJDW791V
a+EcnKWnRE7moV6Bdk2R2gh8rwUkOxX0hsyMjnhl5xC8Hwpmp3TpVCCQq0YSqM9A
nIYhEILEvlgYDCfITBmvf0tFMbEBXi6+M/cDsmrwW/YChYIt5JF7hOjTWomsG4sr
tiq2TBWjwRSfEyC3W4eodUSglXXEpap3qz72YvQaynVNSIFenAZ1Wq+7/vSxogC+
9RIGOJDiEusGyt1Q3DR+a53X0UW21+L70tMi6XnoHCJFdq+TVOHzo/IqOhFVAFUN
oeRPo+o3I0TGvktcroOl2BEAxbBK0hvJKGZGubKtLpLKGA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:08:39 2025 by rpki-client