Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/1-EMHybFRds1zZrQKcG6RjZ8Jmdc.roa
File: 1-EMHybFRds1zZrQKcG6RjZ8Jmdc.roa (raw, json)
Hash identifier: NB3ODqFPp8614yoft+Ba7k/jyDn7UP7uSY9B+W0fRNo=
Subject key identifier: F8:43:07:C9:B1:51:76:CD:73:66:B4:0A:70:6E:91:8D:9F:09:99:D7
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 01965A31BAA89DBB42476727F8D3B09A5324
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/1-EMHybFRds1zZrQKcG6RjZ8Jmdc.roa
Signing time: Mon 21 Apr 2025 21:12:10 +0000
ROA not before: Mon 21 Apr 2025 21:12:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210027
IP address blocks: 2a13:c240:8000::/33 maxlen: 33
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 14:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:5a:31:ba:a8:9d:bb:42:47:67:27:f8:d3:b0:9a:53:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Apr 21 21:12:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f84307c9b15176cd7366b40a706e918d9f0999d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:05:e2:b8:9c:81:e5:43:96:e7:58:7c:85:bf:
f9:f1:08:8e:df:f4:9e:9f:4c:8f:29:6a:27:24:65:
ad:cc:16:fa:11:3c:ca:5d:81:0e:2c:f2:f5:8f:f9:
1a:be:12:82:c7:de:b7:5e:66:69:1c:46:1b:7e:67:
bf:6e:16:4c:15:4f:a7:20:da:a0:bb:0c:24:0c:ae:
bb:76:a3:fd:55:6f:3a:b9:00:5f:54:f9:c0:9d:4c:
db:2a:13:af:52:77:d3:2f:b4:5e:c2:58:b3:3d:d1:
ed:4c:01:41:14:e9:f9:e7:21:c5:96:44:24:af:5a:
d7:fa:9a:4c:62:18:3a:91:59:8d:7c:c3:d3:c8:b8:
78:6a:ed:70:02:34:a5:0e:cf:4e:02:83:ff:15:e4:
10:31:41:c1:6a:de:2e:98:8a:d5:e4:93:78:84:cf:
48:d6:79:d7:ff:16:ba:41:f1:5f:ce:2b:bf:fa:c2:
b8:0e:c0:39:b8:c0:fa:b6:95:c2:52:b6:ac:6e:88:
fa:cb:d8:10:6c:48:15:33:8a:97:8b:96:1f:ef:83:
58:e7:19:10:1b:de:44:f8:17:2a:c8:58:ab:37:1c:
db:c8:e7:bf:cc:ad:13:25:35:26:17:9c:e6:5f:ea:
e4:18:7e:48:54:e4:c9:1c:5a:61:2c:02:bf:25:26:
e9:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:43:07:C9:B1:51:76:CD:73:66:B4:0A:70:6E:91:8D:9F:09:99:D7
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/1-EMHybFRds1zZrQKcG6RjZ8Jmdc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:c240:8000::/33
Signature Algorithm: sha256WithRSAEncryption
cf:44:f8:69:6f:5a:d0:ce:7e:d3:ae:51:7b:1c:3e:1f:66:99:
6f:7c:56:51:60:a0:6f:4d:f3:b3:3a:d8:6d:a2:1d:13:8c:06:
e7:cd:ad:40:35:52:27:86:85:54:bb:9f:46:bc:08:a4:02:ea:
b0:9d:5f:4d:47:93:1f:49:87:d3:c3:6c:0f:1a:d1:88:6b:bb:
f1:46:fb:d2:3c:15:7b:0d:b2:5f:85:f4:50:29:d8:9a:be:50:
25:4d:6d:15:4c:7b:7e:81:b2:98:65:f9:2c:07:e5:da:29:fd:
75:77:97:bc:4a:71:1a:ae:f7:b8:be:c8:f4:6a:a4:e7:0c:df:
f4:f1:b9:0c:69:ec:7a:38:b4:47:60:90:e3:f3:1f:01:38:35:
54:fa:e4:6b:8a:63:a3:ff:84:14:6d:68:6a:db:7b:9c:90:93:
a7:22:b6:d6:15:53:c9:d7:8f:b4:28:4d:94:0e:04:59:8f:ef:
e0:55:49:e0:bd:4b:1e:9b:e2:d5:2d:71:be:5b:3c:fa:1f:2d:
27:e3:68:ee:b7:9f:77:5e:ae:b0:00:44:61:0a:33:91:34:f2:
74:57:a8:17:ef:a1:37:ea:b5:4c:e4:77:8a:77:d8:24:3d:d5:
54:75:d0:9f:03:66:f2:da:03:4f:1d:20:06:fa:52:f6:1b:d9:
1b:65:c0:de
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZZaMbqonbtCR2cn+NOwmlMkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwNDIxMjExMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODQzMDdjOWIxNTE3NmNkNzM2NmI0MGE3MDZlOTE4ZDlmMDk5OWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzwXiuJyB5UOW51h8hb/58QiO3/Se
n0yPKWonJGWtzBb6ETzKXYEOLPL1j/kavhKCx963XmZpHEYbfme/bhZMFU+nINqg
uwwkDK67dqP9VW86uQBfVPnAnUzbKhOvUnfTL7RewlizPdHtTAFBFOn55yHFlkQk
r1rX+ppMYhg6kVmNfMPTyLh4au1wAjSlDs9OAoP/FeQQMUHBat4umIrV5JN4hM9I
1nnX/xa6QfFfziu/+sK4DsA5uMD6tpXCUrasboj6y9gQbEgVM4qXi5Yf74NY5xkQ
G95E+BcqyFirNxzbyOe/zK0TJTUmF5zmX+rkGH5IVOTJHFphLAK/JSbpbQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPhDB8mxUXbNc2a0CnBukY2fCZnXMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvMS1FTUh5YkZSZHMxelpyUUtjRzZSalo4Sm1kYy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMWUvM2NhYTUxLTdhMjEtNDk5ZC1hNTQ1LWJhZmJkZmM4MTMy
YS8xL1R4UVJMUVhwMkhZVW5TZDQxSTdhcWpKTnNLVS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGByoTwkCA
MA0GCSqGSIb3DQEBCwUAA4IBAQDPRPhpb1rQzn7TrlF7HD4fZplvfFZRYKBvTfOz
Othtoh0TjAbnza1ANVInhoVUu59GvAikAuqwnV9NR5MfSYfTw2wPGtGIa7vxRvvS
PBV7DbJfhfRQKdiavlAlTW0VTHt+gbKYZfksB+XaKf11d5e8SnEarve4vsj0aqTn
DN/08bkMaex6OLRHYJDj8x8BODVU+uRrimOj/4QUbWhq23uckJOnIrbWFVPJ14+0
KE2UDgRZj+/gVUngvUsem+LVLXG+Wzz6Hy0n42jut593Xq6wAERhCjORNPJ0V6gX
76E36rVM5HeKd9gkPdVUddCfA2by2gNPHSAG+lL2G9kbZcDe
-----END CERTIFICATE-----
Generated at Sun Apr 27 23:59:50 2025 by rpki-client