Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/yg8g1KIBeXcOZoIOeFDLKsb2Ys4.roa
File: yg8g1KIBeXcOZoIOeFDLKsb2Ys4.roa (raw, json)
Hash identifier: bXqIK7YAgTX1XR2ZVmmqzCL+IfHFOCwdW0H3gNQ2jXk=
Subject key identifier: CA:0F:20:D4:A2:01:79:77:0E:66:82:0E:78:50:CB:2A:C6:F6:62:CE
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 019427B57582A9B5EBE4E3460E16804880A9
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/yg8g1KIBeXcOZoIOeFDLKsb2Ys4.roa
Signing time: Thu 02 Jan 2025 15:49:50 +0000
ROA not before: Thu 02 Jan 2025 15:49:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216246
IP address blocks: 2a11:fc80::/30 maxlen: 30
2a11:fc84::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft
rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 13:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:75:82:a9:b5:eb:e4:e3:46:0e:16:80:48:80:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Jan 2 15:49:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ca0f20d4a20179770e66820e7850cb2ac6f662ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:07:fd:82:d6:20:59:55:fa:14:37:5a:ed:8e:
2a:f4:0f:96:49:0b:f7:bd:0a:2b:c4:dd:45:6c:f2:
09:0f:77:cf:9f:2e:b5:0a:9c:c4:f4:9b:7f:05:15:
1d:16:7e:33:88:9c:58:66:9b:b1:79:36:bc:3a:bb:
cd:bf:7a:c2:b9:ef:fb:da:84:45:23:7e:81:17:ce:
d1:48:63:bf:23:fb:cc:2f:6b:dc:17:3e:99:0c:2e:
17:75:79:af:c1:a1:a4:c4:e7:45:27:0b:12:79:2c:
5f:71:f9:7d:48:14:c1:e1:b8:4b:8a:41:c1:43:c4:
94:1c:59:61:1f:91:95:01:89:02:74:b3:43:ba:88:
a6:5f:81:5b:19:52:ee:03:79:f5:d6:63:9b:b7:ed:
1d:21:67:23:23:5e:2b:96:93:44:33:d4:28:a1:3d:
5e:d1:69:9f:75:2f:f0:25:3a:23:ff:67:b9:2b:bf:
7b:3a:bf:c2:8e:29:bc:0b:9a:c8:a5:af:5a:8e:a3:
f0:fe:48:ac:e9:4a:cf:d5:3f:b1:5e:44:56:fd:3a:
9e:db:2a:2e:65:10:48:cf:79:42:c5:ef:2f:ec:91:
ef:01:a2:00:93:d6:18:a2:9e:a5:2f:3e:23:e2:3f:
3a:7d:bc:06:bd:b3:ca:c2:a7:1f:c1:38:0a:94:c9:
61:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:0F:20:D4:A2:01:79:77:0E:66:82:0E:78:50:CB:2A:C6:F6:62:CE
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/yg8g1KIBeXcOZoIOeFDLKsb2Ys4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:fc80::/29
Signature Algorithm: sha256WithRSAEncryption
cd:93:5a:1f:87:63:97:13:54:57:3e:28:56:7d:69:42:93:86:
02:c9:6f:0c:3e:58:4e:ee:2f:d5:0a:76:c8:7e:00:ef:87:74:
7e:6a:9f:fd:96:3a:83:58:96:73:54:94:31:6c:e5:04:07:b9:
56:03:cc:88:54:d8:0d:e1:d7:63:83:9c:05:db:e3:2b:a3:62:
b7:00:a4:f3:01:60:af:a5:2d:f6:9d:b4:f4:84:97:90:04:33:
9f:94:76:b8:25:b1:4b:0b:08:4f:78:58:58:94:97:a7:c5:5b:
f5:0c:60:a0:1f:ac:f2:4b:32:f1:31:1b:d1:20:12:84:42:d2:
8e:53:64:93:1a:a5:02:26:ce:79:f2:df:21:df:a9:56:e2:e9:
79:ce:c6:96:ee:1d:8a:ce:14:37:f4:fb:bf:1f:c4:51:a7:62:
e0:08:2f:df:fa:12:48:8f:4a:b4:b6:ec:1a:ce:e0:bb:ed:e9:
51:f0:48:98:fd:9d:11:7d:62:d1:35:7a:8b:39:6e:96:61:11:
86:48:85:3b:6c:47:9a:9f:5b:06:c4:3a:28:56:06:9e:b0:35:
63:58:99:ee:f2:ab:cf:0e:a4:46:4c:33:2c:e0:c9:e8:44:3d:
d3:49:e5:33:38:55:bb:69:98:0e:ab:cb:d6:02:34:a2:c7:c5:
ed:9c:65:3a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQntXWCqbXr5ONGDhaASICpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjUwMTAyMTU0OTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTBmMjBkNGEyMDE3OTc3MGU2NjgyMGU3ODUwY2IyYWM2ZjY2MmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzAf9gtYgWVX6FDda7Y4q9A+WSQv3
vQorxN1FbPIJD3fPny61CpzE9Jt/BRUdFn4ziJxYZpuxeTa8OrvNv3rCue/72oRF
I36BF87RSGO/I/vML2vcFz6ZDC4XdXmvwaGkxOdFJwsSeSxfcfl9SBTB4bhLikHB
Q8SUHFlhH5GVAYkCdLNDuoimX4FbGVLuA3n11mObt+0dIWcjI14rlpNEM9QooT1e
0WmfdS/wJToj/2e5K797Or/Cjim8C5rIpa9ajqPw/kis6UrP1T+xXkRW/Tqe2you
ZRBIz3lCxe8v7JHvAaIAk9YYop6lLz4j4j86fbwGvbPKwqcfwTgKlMlhSQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFMoPINSiAXl3DmaCDnhQyyrG9mLOMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEveWc4ZzFLSUJlWGNPWm9JT2VGRExLc2IyWXM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhH8gDAN
BgkqhkiG9w0BAQsFAAOCAQEAzZNaH4djlxNUVz4oVn1pQpOGAslvDD5YTu4v1Qp2
yH4A74d0fmqf/ZY6g1iWc1SUMWzlBAe5VgPMiFTYDeHXY4OcBdvjK6NitwCk8wFg
r6Ut9p209ISXkAQzn5R2uCWxSwsIT3hYWJSXp8Vb9QxgoB+s8ksy8TEb0SAShELS
jlNkkxqlAibOefLfId+pVuLpec7Glu4dis4UN/T7vx/EUadi4Agv3/oSSI9KtLbs
Gs7gu+3pUfBImP2dEX1i0TV6izlulmERhkiFO2xHmp9bBsQ6KFYGnrA1Y1iZ7vKr
zw6kRkwzLODJ6EQ900nlMzhVu2mYDqvL1gI0osfF7ZxlOg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:10:34 2025 by rpki-client