Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/9GT9JJ3NQPGYhQ8veU5LdxHQVus.roa
File: 9GT9JJ3NQPGYhQ8veU5LdxHQVus.roa (raw, json)
Hash identifier: UBa7hSTFPahRK5n0WLcYKVjlEuqviO4o2tPIFJ++zTg=
Subject key identifier: F4:64:FD:24:9D:CD:40:F1:98:85:0F:2F:79:4E:4B:77:11:D0:56:EB
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 019653BB5E96C2C68B60F7E5EA7192E545AB
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/9GT9JJ3NQPGYhQ8veU5LdxHQVus.roa
Signing time: Sun 20 Apr 2025 15:05:10 +0000
ROA not before: Sun 20 Apr 2025 15:05:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200250
IP address blocks: 2a0c:fe01::/32 maxlen: 48
2a0e:a942::/32 maxlen: 48
2a0e:cbc3::/33 maxlen: 48
2a0e:cbc3:8000::/33 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.mft
rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 20:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:53:bb:5e:96:c2:c6:8b:60:f7:e5:ea:71:92:e5:45:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Apr 20 15:05:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f464fd249dcd40f198850f2f794e4b7711d056eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:00:4e:b2:81:37:96:be:be:db:de:46:fe:64:
dd:3a:25:b9:bb:e3:ff:a9:4b:05:cf:1e:23:74:42:
e2:8b:7f:2e:ce:aa:bb:16:19:cd:1e:5f:52:5c:7d:
ca:e3:cd:fc:e1:af:6d:bc:8f:30:e5:f4:da:ed:c1:
fb:67:8d:16:3c:27:b9:2a:51:8c:7d:b7:b9:8b:04:
d7:ae:9a:02:fd:ca:36:7b:57:e4:57:30:2e:45:c7:
9d:72:fc:14:39:11:b4:e6:b4:f6:b8:96:c6:6a:9b:
3d:9f:9d:49:50:b9:5e:0e:56:5c:e5:8b:6b:07:bc:
39:74:ff:f9:b2:75:8e:6a:d4:40:f8:11:b7:0f:d8:
d3:59:c6:be:39:38:83:49:0c:c3:14:6b:6b:7a:11:
d4:33:93:13:bc:18:f8:df:f1:91:5e:d6:17:df:4c:
97:c0:8c:da:5b:3d:a9:7e:73:6f:46:63:6b:c0:d9:
d5:a9:a8:3e:69:dd:63:66:df:45:9b:2c:8e:33:3d:
29:40:e5:7e:f9:b4:a7:fd:bc:2d:bd:1a:9d:08:71:
4f:66:ad:40:6b:52:f5:58:84:e1:21:6b:8c:3f:18:
cf:83:a6:bb:d4:b0:86:44:0c:dc:11:03:d7:1f:ea:
f0:4a:62:3a:62:11:d6:9f:01:d1:a2:2d:f8:1d:c5:
2d:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:64:FD:24:9D:CD:40:F1:98:85:0F:2F:79:4E:4B:77:11:D0:56:EB
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/9GT9JJ3NQPGYhQ8veU5LdxHQVus.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:fe01::/32
2a0e:a942::/32
2a0e:cbc3::/32
Signature Algorithm: sha256WithRSAEncryption
27:b8:4f:44:e5:6d:bd:c7:d3:a7:ad:f7:6f:4d:76:0f:be:e0:
74:b4:1c:db:96:15:d1:4e:5d:a2:a9:ab:eb:0d:0b:97:80:50:
9d:ff:f7:cf:ca:9e:ae:82:ef:7f:f0:13:0c:95:57:66:da:8f:
f3:52:9e:d9:25:f7:7b:93:a2:ee:ae:6a:b3:62:7a:cc:fd:02:
10:9d:46:62:4e:f0:25:19:fd:0e:77:44:6e:3c:f0:92:f6:d7:
6c:a0:ab:75:95:94:94:5e:70:0e:19:6f:29:13:a2:be:e5:d3:
0b:1f:0c:56:ce:ab:10:47:9d:41:4c:3a:8c:72:5c:f0:8b:35:
38:cd:8b:1d:95:1d:2b:4d:2e:7f:76:a6:20:49:a0:5f:0a:2e:
94:e6:34:41:08:5d:29:52:a9:51:6b:83:9f:bb:4d:49:04:2a:
50:c4:cc:f1:6d:a4:1c:0f:ae:1d:c0:24:4a:0b:3a:bb:f3:31:
5f:29:aa:e1:f4:66:d9:6f:2a:6d:31:df:6b:e9:c1:b1:af:cf:
cc:38:b3:b3:24:76:9c:ff:7a:da:ab:00:d3:dc:37:5e:ce:99:
10:5b:b7:4c:67:f8:c9:9e:a4:6f:68:60:f7:64:a0:02:bc:a3:
88:09:2a:cc:38:75:c3:6e:9e:a3:50:69:db:52:7e:af:8c:50:
67:f4:8e:c3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZZTu16WwsaLYPfl6nGS5UWrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjUwNDIwMTUwNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDY0ZmQyNDlkY2Q0MGYxOTg4NTBmMmY3OTRlNGI3NzExZDA1NmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzwBOsoE3lr6+295G/mTdOiW5u+P/
qUsFzx4jdELii38uzqq7FhnNHl9SXH3K48384a9tvI8w5fTa7cH7Z40WPCe5KlGM
fbe5iwTXrpoC/co2e1fkVzAuRcedcvwUORG05rT2uJbGaps9n51JULleDlZc5Ytr
B7w5dP/5snWOatRA+BG3D9jTWca+OTiDSQzDFGtrehHUM5MTvBj43/GRXtYX30yX
wIzaWz2pfnNvRmNrwNnVqag+ad1jZt9FmyyOMz0pQOV++bSn/bwtvRqdCHFPZq1A
a1L1WIThIWuMPxjPg6a71LCGRAzcEQPXH+rwSmI6YhHWnwHRoi34HcUteQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPRk/SSdzUDxmIUPL3lOS3cR0FbrMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvOUdUOUpKM05RUEdZaFE4dmVVNUxkeEhRVnVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKgz+AQMF
ACoOqUIDBQAqDsvDMA0GCSqGSIb3DQEBCwUAA4IBAQAnuE9E5W29x9OnrfdvTXYP
vuB0tBzblhXRTl2iqavrDQuXgFCd//fPyp6ugu9/8BMMlVdm2o/zUp7ZJfd7k6Lu
rmqzYnrM/QIQnUZiTvAlGf0Od0RuPPCS9tdsoKt1lZSUXnAOGW8pE6K+5dMLHwxW
zqsQR51BTDqMclzwizU4zYsdlR0rTS5/dqYgSaBfCi6U5jRBCF0pUqlRa4Ofu01J
BCpQxMzxbaQcD64dwCRKCzq78zFfKarh9GbZbyptMd9r6cGxr8/MOLOzJHac/3ra
qwDT3DdezpkQW7dMZ/jJnqRvaGD3ZKACvKOICSrMOHXDbp6jUGnbUn6vjFBn9I7D
-----END CERTIFICATE-----
Generated at Sun Apr 27 05:26:52 2025 by rpki-client