Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/d39416-f46a-4f82-b1e1-e0d1f7cacff1/1/Ri5k7SQxU6x0UFludmWvZ0B6TWI.roa
File: Ri5k7SQxU6x0UFludmWvZ0B6TWI.roa (raw, json)
Hash identifier: TLxEmCkGZUEaMyJcwR/yeYXTxZGAU/9BCp1xDMGwRT4=
Subject key identifier: 46:2E:64:ED:24:31:53:AC:74:50:59:6E:76:65:AF:67:40:7A:4D:62
Certificate issuer: /CN=27873afe6330b7ae9ee562e0c988e9fd5ea8f567
Certificate serial: 01961938C0852055B630FFA9AA6C21EF6219
Authority key identifier: 27:87:3A:FE:63:30:B7:AE:9E:E5:62:E0:C9:88:E9:FD:5E:A8:F5:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J4c6_mMwt66e5WLgyYjp_V6o9Wc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/d39416-f46a-4f82-b1e1-e0d1f7cacff1/1/Ri5k7SQxU6x0UFludmWvZ0B6TWI.roa
Signing time: Wed 09 Apr 2025 06:24:31 +0000
ROA not before: Wed 09 Apr 2025 06:24:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57087
IP address blocks: 141.8.236.0/23 maxlen: 24
2a13:8cc0:1f00::/48 maxlen: 48
2a13:8cc0:1f01::/48 maxlen: 48
2a13:8cc0:1f02::/48 maxlen: 48
2a13:8cc0:1f03::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/d39416-f46a-4f82-b1e1-e0d1f7cacff1/1/J4c6_mMwt66e5WLgyYjp_V6o9Wc.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/d39416-f46a-4f82-b1e1-e0d1f7cacff1/1/J4c6_mMwt66e5WLgyYjp_V6o9Wc.mft
rsync://rpki.ripe.net/repository/DEFAULT/J4c6_mMwt66e5WLgyYjp_V6o9Wc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 01 May 2025 06:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:19:38:c0:85:20:55:b6:30:ff:a9:aa:6c:21:ef:62:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27873afe6330b7ae9ee562e0c988e9fd5ea8f567
Validity
Not Before: Apr 9 06:24:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=462e64ed243153ac7450596e7665af67407a4d62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:fc:29:98:4f:13:c5:00:7e:df:f6:a4:f5:68:
ac:40:e6:a0:8c:c5:84:25:44:35:a1:b6:30:04:b6:
d2:68:0d:59:05:ed:2c:e8:e7:75:92:3d:bc:85:62:
17:98:fb:18:ad:00:36:0a:eb:5d:e8:93:78:05:14:
9b:fc:ce:27:fd:11:cc:58:eb:39:4e:6c:9a:3d:c9:
5a:4a:3d:8f:dc:af:ef:00:25:67:f7:be:f0:54:a6:
7b:92:18:1b:c1:84:b0:96:4d:6a:ec:6b:31:3b:e7:
35:66:43:de:80:fe:34:ce:6f:99:f2:93:d8:2e:74:
c6:b7:ff:ff:0a:34:34:a1:fa:69:d0:31:68:ba:9c:
7d:32:56:7f:f6:b0:a6:4c:75:17:a8:52:ec:a5:56:
c8:d4:e6:18:dd:a9:dc:72:ec:90:21:af:e5:df:96:
20:6a:49:1c:ae:d1:28:a8:9c:d4:69:78:a0:ec:7c:
df:69:e8:58:e1:b7:f4:23:22:45:1a:0f:ea:94:3d:
ce:51:39:e7:7c:a5:f6:9c:a7:7c:04:bf:c9:0f:be:
d5:68:c2:50:ff:ec:dd:79:8c:0e:3d:7c:25:8e:97:
13:82:8e:30:ff:5f:da:b9:4c:ac:34:d4:ef:78:46:
17:b1:da:b3:27:bf:8f:78:83:b3:9a:0c:1c:12:18:
4f:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:2E:64:ED:24:31:53:AC:74:50:59:6E:76:65:AF:67:40:7A:4D:62
X509v3 Authority Key Identifier:
keyid:27:87:3A:FE:63:30:B7:AE:9E:E5:62:E0:C9:88:E9:FD:5E:A8:F5:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J4c6_mMwt66e5WLgyYjp_V6o9Wc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/d39416-f46a-4f82-b1e1-e0d1f7cacff1/1/Ri5k7SQxU6x0UFludmWvZ0B6TWI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/d39416-f46a-4f82-b1e1-e0d1f7cacff1/1/J4c6_mMwt66e5WLgyYjp_V6o9Wc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.8.236.0/23
IPv6:
2a13:8cc0:1f00::/46
Signature Algorithm: sha256WithRSAEncryption
0d:ed:42:51:6e:1f:c9:5e:75:db:a5:0b:6c:a4:74:76:ce:15:
6a:93:19:45:17:de:7d:0a:04:b7:6d:0b:f6:c7:14:6d:6c:6f:
84:b5:0c:9a:80:4a:ff:88:d8:4b:ac:fd:44:e2:ec:97:80:7e:
25:8b:66:83:48:bd:b9:56:74:53:1d:fd:ed:c0:f2:3d:72:b8:
83:ea:a9:ec:30:3e:cf:ea:fd:8e:0b:fe:78:1c:cb:0a:05:46:
4b:47:4e:7c:0f:c3:e6:5e:73:e9:63:f0:3e:15:08:ef:94:c4:
ac:00:ef:ea:f5:3a:a3:02:f2:b1:b7:ef:0e:c4:7a:3b:86:56:
dc:60:6a:7f:4b:7f:04:fe:da:46:f7:13:ec:d6:ae:10:8f:fa:
ab:3c:b2:11:ff:f7:7a:1d:1f:d7:7e:e0:26:d4:19:ee:b8:26:
ba:7e:fe:54:b7:0d:ac:98:57:e1:3b:06:aa:71:5d:76:8a:8f:
79:0b:33:01:0d:3c:51:6d:e6:bb:2b:fe:de:96:8c:e2:39:c6:
cb:60:1c:e5:00:b3:c7:31:a8:98:7a:a7:ea:4e:46:cc:8c:36:
60:9c:d5:c0:55:da:b0:51:40:e9:bd:2d:ee:36:04:cd:c9:9c:
ec:3b:e0:c8:49:97:26:0c:76:47:ec:73:d5:19:47:6a:6e:c2:
1f:b3:37:40
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZYZOMCFIFW2MP+pqmwh72IZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3ODczYWZlNjMzMGI3YWU5ZWU1NjJlMGM5ODhlOWZkNWVh
OGY1NjcwHhcNMjUwNDA5MDYyNDMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjJlNjRlZDI0MzE1M2FjNzQ1MDU5NmU3NjY1YWY2NzQwN2E0ZDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyPwpmE8TxQB+3/ak9WisQOagjMWE
JUQ1obYwBLbSaA1ZBe0s6Od1kj28hWIXmPsYrQA2Cutd6JN4BRSb/M4n/RHMWOs5
TmyaPclaSj2P3K/vACVn977wVKZ7khgbwYSwlk1q7GsxO+c1ZkPegP40zm+Z8pPY
LnTGt///CjQ0ofpp0DFoupx9MlZ/9rCmTHUXqFLspVbI1OYY3anccuyQIa/l35Yg
akkcrtEoqJzUaXig7HzfaehY4bf0IyJFGg/qlD3OUTnnfKX2nKd8BL/JD77VaMJQ
/+zdeYwOPXwljpcTgo4w/1/auUysNNTveEYXsdqzJ7+PeIOzmgwcEhhPHwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEYuZO0kMVOsdFBZbnZlr2dAek1iMB8GA1UdIwQY
MBaAFCeHOv5jMLeunuVi4MmI6f1eqPVnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjRjNl9tTXd0NjZlNVdMZ3lZanBfVjZvOVdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS9kMzk0MTYtZjQ2YS00ZjgyLWIxZTEt
ZTBkMWY3Y2FjZmYxLzEvUmk1azdTUXhVNngwVUZsdWRtV3ZaMEI2VFdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS9kMzk0MTYtZjQ2YS00ZjgyLWIxZTEtZTBkMWY3Y2FjZmYx
LzEvSjRjNl9tTXd0NjZlNVdMZ3lZanBfVjZvOVdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBjQjsMA8E
AgACMAkDBwIqE4zAHwAwDQYJKoZIhvcNAQELBQADggEBAA3tQlFuH8leddulC2yk
dHbOFWqTGUUX3n0KBLdtC/bHFG1sb4S1DJqASv+I2Eus/UTi7JeAfiWLZoNIvblW
dFMd/e3A8j1yuIPqqewwPs/q/Y4L/ngcywoFRktHTnwPw+Zec+lj8D4VCO+UxKwA
7+r1OqMC8rG37w7EejuGVtxgan9LfwT+2kb3E+zWrhCP+qs8shH/93odH9d+4CbU
Ge64Jrp+/lS3DayYV+E7BqpxXXaKj3kLMwENPFFt5rsr/t6WjOI5xstgHOUAs8cx
qJh6p+pORsyMNmCc1cBV2rBRQOm9Le42BM3JnOw74MhJlyYMdkfsc9UZR2puwh+z
N0A=
-----END CERTIFICATE-----
Generated at Wed Apr 30 13:39:18 2025 by rpki-client