Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/_sI3gk2hZDn41-4NfzG0rDsgjws.roa
File: _sI3gk2hZDn41-4NfzG0rDsgjws.roa (raw, json)
Hash identifier: GJeNAr5zzIi7APfhQYD6zR5b4f6TKUkgkI8dhjWpt4s=
Subject key identifier: FE:C2:37:82:4D:A1:64:39:F8:D7:EE:0D:7F:31:B4:AC:3B:20:8F:0B
Certificate issuer: /CN=0b4e3b3b84242258863142ed3a19792d97cbbc74
Certificate serial: 01963E24540993F584CEA0517C2BF74C3EAE
Authority key identifier: 0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/_sI3gk2hZDn41-4NfzG0rDsgjws.roa
Signing time: Wed 16 Apr 2025 10:28:10 +0000
ROA not before: Wed 16 Apr 2025 10:28:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213893
IP address blocks: 2a0d:d940:10::/48 maxlen: 48
2a0d:d940:11::/48 maxlen: 48
2a0d:d940:13::/48 maxlen: 48
2a0d:d940:14::/48 maxlen: 48
2a0d:d940:15::/48 maxlen: 48
2a0d:d940:18::/48 maxlen: 48
2a0d:d940:19::/48 maxlen: 48
2a0d:d940:1f00::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 04 May 2025 13:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3e:24:54:09:93:f5:84:ce:a0:51:7c:2b:f7:4c:3e:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b4e3b3b84242258863142ed3a19792d97cbbc74
Validity
Not Before: Apr 16 10:28:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fec237824da16439f8d7ee0d7f31b4ac3b208f0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:1b:93:5f:3e:11:73:37:81:b7:e9:5d:17:73:
46:66:f5:0e:09:c9:55:67:db:13:61:5e:28:63:10:
94:a4:d3:8a:4b:30:23:8a:82:b5:25:82:8d:0f:76:
fb:db:63:c4:4d:7e:00:42:c0:95:97:02:85:73:4f:
35:c7:59:1b:6a:32:a6:ca:40:c8:90:0e:5e:e8:58:
1a:9a:70:b9:63:c4:a1:9c:46:b1:da:ad:33:81:0b:
c8:e2:1d:4b:d5:f2:1b:17:1e:f1:2d:88:4f:1c:63:
21:15:e6:0c:83:c5:b9:bd:7b:6e:62:5c:13:e0:5e:
84:00:c0:34:08:ad:7a:e1:23:e1:1d:0f:59:a4:47:
c9:c2:63:da:ec:db:bf:d6:12:95:b6:be:66:17:81:
02:ea:e9:3c:13:d9:67:e1:d0:52:73:f7:7f:e7:68:
c5:c4:6c:19:c9:b1:b1:a6:e6:19:55:3c:46:06:ca:
e9:a2:e3:3f:15:05:d1:3a:a4:1d:dd:13:60:f4:26:
67:ef:5c:cb:b2:f9:36:23:fd:cf:16:db:b2:47:98:
45:7c:aa:d5:40:43:cf:a7:42:73:6f:cb:78:cb:0d:
db:5a:ef:3a:d5:6f:5c:5b:63:f3:96:79:1d:15:9c:
66:a1:88:6a:1f:8c:b5:35:bc:3a:1c:9e:2a:28:ca:
aa:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:C2:37:82:4D:A1:64:39:F8:D7:EE:0D:7F:31:B4:AC:3B:20:8F:0B
X509v3 Authority Key Identifier:
keyid:0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/_sI3gk2hZDn41-4NfzG0rDsgjws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:d940:10::/47
2a0d:d940:13::-2a0d:d940:15:ffff:ffff:ffff:ffff:ffff
2a0d:d940:18::/47
2a0d:d940:1f00::/40
Signature Algorithm: sha256WithRSAEncryption
b5:d3:0e:3f:2e:a7:92:ed:d5:b3:a4:8f:35:d1:45:9a:ed:ee:
3f:da:86:f0:91:74:63:09:8b:bf:14:8d:fb:26:ff:d6:18:ff:
67:14:2a:b3:a9:64:e5:08:b2:df:7e:f6:74:d8:16:bc:61:b5:
65:4d:2b:12:f2:66:2a:75:ea:6c:26:8c:80:24:40:7d:5e:ea:
51:19:7d:d3:42:05:03:a0:ce:be:75:86:b4:a0:a1:f9:77:a5:
43:43:db:ad:6d:ea:08:09:0c:1e:e1:72:2c:b6:23:d4:3b:19:
f6:3d:36:bf:0e:e1:08:1e:2b:af:08:26:ba:a9:ad:70:ff:28:
f4:49:2b:b0:dd:48:64:e2:4a:3c:02:97:6b:eb:1d:3e:a0:fe:
48:e4:bc:42:ed:8d:a1:57:7f:77:9e:70:f3:2d:72:59:59:d2:
e6:ab:c4:9d:15:30:91:de:ba:ae:f9:bb:e2:d7:47:e4:7b:37:
c6:9c:d5:eb:1b:3b:28:93:a7:44:18:3f:96:a1:61:77:ab:6d:
a3:6e:84:7a:5c:7f:1d:64:b8:3c:4c:ad:a9:65:e9:c4:b5:e8:
8a:62:be:b0:d5:6e:bb:52:c1:88:33:cd:9f:62:91:77:f4:7b:
8e:72:81:f7:b0:ec:29:2e:83:de:30:5a:5f:94:7f:04:db:89:
a3:96:45:0a
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZY+JFQJk/WEzqBRfCv3TD6uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNGUzYjNiODQyNDIyNTg4NjMxNDJlZDNhMTk3OTJkOTdj
YmJjNzQwHhcNMjUwNDE2MTAyODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWMyMzc4MjRkYTE2NDM5ZjhkN2VlMGQ3ZjMxYjRhYzNiMjA4ZjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzRuTXz4RczeBt+ldF3NGZvUOCclV
Z9sTYV4oYxCUpNOKSzAjioK1JYKND3b722PETX4AQsCVlwKFc081x1kbajKmykDI
kA5e6FgamnC5Y8ShnEax2q0zgQvI4h1L1fIbFx7xLYhPHGMhFeYMg8W5vXtuYlwT
4F6EAMA0CK164SPhHQ9ZpEfJwmPa7Nu/1hKVtr5mF4EC6uk8E9ln4dBSc/d/52jF
xGwZybGxpuYZVTxGBsrpouM/FQXROqQd3RNg9CZn71zLsvk2I/3PFtuyR5hFfKrV
QEPPp0Jzb8t4yw3bWu861W9cW2PzlnkdFZxmoYhqH4y1Nbw6HJ4qKMqqQQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFP7CN4JNoWQ5+NfuDX8xtKw7II8LMB8GA1UdIwQY
MBaAFAtOOzuEJCJYhjFC7ToZeS2Xy7x0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQt
MTRkMjM4NTI3ODM1LzEvX3NJM2drMmhaRG40MS00TmZ6RzByRHNnandzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQtMTRkMjM4NTI3ODM1
LzEvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAAjAuAwcBKg3ZQAAQ
MBIDBwAqDdlAABMDBwEqDdlAABQDBwEqDdlAABgDBgAqDdlAHzANBgkqhkiG9w0B
AQsFAAOCAQEAtdMOPy6nku3Vs6SPNdFFmu3uP9qG8JF0YwmLvxSN+yb/1hj/ZxQq
s6lk5Qiy3372dNgWvGG1ZU0rEvJmKnXqbCaMgCRAfV7qURl900IFA6DOvnWGtKCh
+XelQ0PbrW3qCAkMHuFyLLYj1DsZ9j02vw7hCB4rrwgmuqmtcP8o9EkrsN1IZOJK
PAKXa+sdPqD+SOS8Qu2NoVd/d55w8y1yWVnS5qvEnRUwkd66rvm74tdH5Hs3xpzV
6xs7KJOnRBg/lqFhd6tto26Eelx/HWS4PEytqWXpxLXoimK+sNVuu1LBiDPNn2KR
d/R7jnKB97DsKS6D3jBaX5R/BNuJo5ZFCg==
-----END CERTIFICATE-----
Generated at Sat May 3 22:19:07 2025 by rpki-client