Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/xtacYUrWT0gTPxdT4fe0TiG1Tsc.roa
File: xtacYUrWT0gTPxdT4fe0TiG1Tsc.roa (raw, json)
Hash identifier: yMQPsqMg7sD3m/fFaAS+z0fJHNjAt10OD8IjX7c29Jo=
Subject key identifier: C6:D6:9C:61:4A:D6:4F:48:13:3F:17:53:E1:F7:B4:4E:21:B5:4E:C7
Certificate issuer: /CN=67f31bde46516347f4edfcbe30edac9a09e4e0e0
Certificate serial: 01966681E4EF179EE05905E1FE4FA19DB495
Authority key identifier: 67:F3:1B:DE:46:51:63:47:F4:ED:FC:BE:30:ED:AC:9A:09:E4:E0:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/xtacYUrWT0gTPxdT4fe0TiG1Tsc.roa
Signing time: Thu 24 Apr 2025 06:35:10 +0000
ROA not before: Thu 24 Apr 2025 06:35:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213605
IP address blocks: 2a14:67c1:a020::/44 maxlen: 48
2a14:67c1:a066::/48 maxlen: 48
2a14:67c1:b000::/48 maxlen: 48
2a14:67c1:b100::/40 maxlen: 48
2a14:67c1:b100::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/Z_Mb3kZRY0f07fy-MO2smgnk4OA.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/Z_Mb3kZRY0f07fy-MO2smgnk4OA.mft
rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Apr 2025 09:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:66:81:e4:ef:17:9e:e0:59:05:e1:fe:4f:a1:9d:b4:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67f31bde46516347f4edfcbe30edac9a09e4e0e0
Validity
Not Before: Apr 24 06:35:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c6d69c614ad64f48133f1753e1f7b44e21b54ec7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:98:f5:41:32:0a:be:03:a3:18:c1:4d:da:24:
65:c5:94:c4:73:1e:85:c4:90:3e:c5:b1:04:fb:bf:
8c:42:33:bd:cf:c9:59:23:e3:c6:21:73:4f:f8:1f:
18:a4:d0:af:52:ff:7d:97:a0:1b:78:9d:22:3e:34:
3f:9b:96:ff:7d:5f:76:6e:59:a7:b5:5b:fa:d4:a9:
06:9c:cf:50:c1:b6:6d:bc:8a:83:26:20:ba:0a:eb:
86:f4:54:4a:b0:84:fd:8e:23:54:1f:bb:ae:91:55:
44:b8:57:72:9a:b7:61:cd:2e:8a:ab:d0:e5:ae:14:
fb:b9:15:dd:f7:9b:7e:0d:6b:7f:92:a5:06:3c:2e:
a9:19:e4:c8:43:64:f7:27:c4:54:50:87:b9:e4:c8:
3e:f4:1b:8a:1d:7b:f6:22:1e:16:a7:71:4f:a7:31:
90:57:5f:f7:7d:c0:a5:06:98:0a:c8:8c:8d:4e:d7:
eb:2b:5e:2c:42:fe:5d:cd:75:b6:51:6b:de:57:2f:
a7:ee:b8:f1:a9:ed:42:33:5d:4e:67:53:99:9d:5a:
45:af:ef:07:7f:4c:98:cf:89:19:59:5c:18:fc:bc:
dc:77:fc:db:e9:92:f5:ed:11:2f:fd:74:f4:d0:fd:
ff:a5:7f:f5:d4:72:85:46:89:da:e7:91:61:a0:e3:
9c:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:D6:9C:61:4A:D6:4F:48:13:3F:17:53:E1:F7:B4:4E:21:B5:4E:C7
X509v3 Authority Key Identifier:
keyid:67:F3:1B:DE:46:51:63:47:F4:ED:FC:BE:30:ED:AC:9A:09:E4:E0:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/xtacYUrWT0gTPxdT4fe0TiG1Tsc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/Z_Mb3kZRY0f07fy-MO2smgnk4OA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:67c1:a020::/44
2a14:67c1:a066::/48
2a14:67c1:b000::/48
2a14:67c1:b100::/40
Signature Algorithm: sha256WithRSAEncryption
ce:e7:ea:26:d1:ba:e7:33:e2:9a:09:58:1d:a5:19:58:79:39:
ff:8a:4d:81:00:f7:2c:eb:e0:f1:3a:99:d1:44:42:36:69:9d:
04:5b:93:35:64:08:37:ee:98:ac:cd:ea:98:5c:e7:90:92:3b:
f3:29:c6:96:a3:f0:d6:6f:48:5f:48:4b:1c:20:77:55:2a:72:
ca:50:37:35:e7:02:5c:b7:ec:f8:e6:75:04:20:cf:7a:6c:6f:
80:94:93:49:bd:1c:45:bd:a3:bf:1f:87:58:d9:cf:29:98:1b:
22:02:e0:d5:71:e1:2e:d8:a6:54:4e:ce:cd:5e:65:b8:e0:c3:
ed:88:f5:81:be:db:91:9b:ad:64:e2:5f:b2:c7:80:fb:d9:db:
ff:aa:11:48:d2:c2:86:74:29:d0:df:01:f9:83:46:83:d2:a5:
f1:3d:cd:77:e7:4d:1f:f5:42:26:39:b8:b7:97:ad:c9:b9:bc:
27:c4:6a:77:53:84:a3:70:a7:99:29:7d:10:d1:59:03:bb:dc:
7e:60:22:d2:98:e7:92:41:01:90:4d:ac:81:5a:a2:dc:f7:9f:
90:82:c3:38:1c:ca:e4:d5:9a:0a:db:d3:54:d4:de:90:47:7e:
43:e4:40:ef:5e:c8:6a:9e:52:50:bd:2c:c1:71:ef:d6:a5:a6:
3d:56:cf:dd
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZZmgeTvF57gWQXh/k+hnbSVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3ZjMxYmRlNDY1MTYzNDdmNGVkZmNiZTMwZWRhYzlhMDll
NGUwZTAwHhcNMjUwNDI0MDYzNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmQ2OWM2MTRhZDY0ZjQ4MTMzZjE3NTNlMWY3YjQ0ZTIxYjU0ZWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs5j1QTIKvgOjGMFN2iRlxZTEcx6F
xJA+xbEE+7+MQjO9z8lZI+PGIXNP+B8YpNCvUv99l6AbeJ0iPjQ/m5b/fV92blmn
tVv61KkGnM9QwbZtvIqDJiC6CuuG9FRKsIT9jiNUH7uukVVEuFdymrdhzS6Kq9Dl
rhT7uRXd95t+DWt/kqUGPC6pGeTIQ2T3J8RUUIe55Mg+9BuKHXv2Ih4Wp3FPpzGQ
V1/3fcClBpgKyIyNTtfrK14sQv5dzXW2UWveVy+n7rjxqe1CM11OZ1OZnVpFr+8H
f0yYz4kZWVwY/Lzcd/zb6ZL17REv/XT00P3/pX/11HKFRona55FhoOOc1QIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFMbWnGFK1k9IEz8XU+H3tE4htU7HMB8GA1UdIwQY
MBaAFGfzG95GUWNH9O38vjDtrJoJ5ODgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWl9NYjNrWlJZMGYwN2Z5LU1PMnNtZ25rNE9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC83MzJiNmMtNDhlNC00MzUwLThhNTYt
ZjZjYzRlZjBmN2RmLzEveHRhY1lVcldUMGdUUHhkVDRmZTBUaUcxVHNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC83MzJiNmMtNDhlNC00MzUwLThhNTYtZjZjYzRlZjBmN2Rm
LzEvWl9NYjNrWlJZMGYwN2Z5LU1PMnNtZ25rNE9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwcEKhRnwaAg
AwcAKhRnwaBmAwcAKhRnwbAAAwYAKhRnwbEwDQYJKoZIhvcNAQELBQADggEBAM7n
6ibRuucz4poJWB2lGVh5Of+KTYEA9yzr4PE6mdFEQjZpnQRbkzVkCDfumKzN6phc
55CSO/Mpxpaj8NZvSF9ISxwgd1UqcspQNzXnAly37PjmdQQgz3psb4CUk0m9HEW9
o78fh1jZzymYGyIC4NVx4S7YplROzs1eZbjgw+2I9YG+25GbrWTiX7LHgPvZ2/+q
EUjSwoZ0KdDfAfmDRoPSpfE9zXfnTR/1QiY5uLeXrcm5vCfEandThKNwp5kpfRDR
WQO73H5gItKY55JBAZBNrIFaotz3n5CCwzgcyuTVmgrb01TU3pBHfkPkQO9eyGqe
UlC9LMFx79alpj1Wz90=
-----END CERTIFICATE-----
Generated at Mon Apr 28 17:52:53 2025 by rpki-client