Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/c7zfqNcHN2AoVBsITWjbsmvXBYQ.roa
File: c7zfqNcHN2AoVBsITWjbsmvXBYQ.roa (raw, json)
Hash identifier: 4vzk5gOvHKN1ImT8LCi52GvsO/JZuBWMT7Ywg2W01tI=
Subject key identifier: 73:BC:DF:A8:D7:07:37:60:28:54:1B:08:4D:68:DB:B2:6B:D7:05:84
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 01965A364F66D17C93F678158DD8186A501E
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/c7zfqNcHN2AoVBsITWjbsmvXBYQ.roa
Signing time: Mon 21 Apr 2025 21:17:10 +0000
ROA not before: Mon 21 Apr 2025 21:17:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215427
IP address blocks: 2a07:f580::/29 maxlen: 29
2a0d:38c0::/29 maxlen: 29
2a13:c246:8000::/33 maxlen: 33
2a14:41c0::/29 maxlen: 29
2a14:4240::/29 maxlen: 29
2a14:6240::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 02 May 2025 14:33:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:5a:36:4f:66:d1:7c:93:f6:78:15:8d:d8:18:6a:50:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Apr 21 21:17:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=73bcdfa8d707376028541b084d68dbb26bd70584
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:08:9b:ab:d2:22:c2:ab:03:a0:b6:f4:5f:2d:
57:7d:45:20:19:51:81:38:b6:e6:06:c4:8d:cb:e2:
f2:c6:f8:3e:52:4c:fc:fa:4d:00:6a:ec:b4:0f:b7:
da:d1:16:16:58:04:14:63:b3:71:55:91:83:61:7d:
38:44:e0:50:a9:9b:09:bb:72:75:63:95:8f:c1:bd:
92:3a:9b:ae:e8:4f:b1:eb:0b:09:a0:d1:10:23:0b:
07:2c:f8:f6:b4:d9:d1:ee:0b:80:76:ec:9d:b5:d7:
27:fb:ba:f0:9f:88:db:77:28:97:dc:66:bc:18:2b:
fa:7c:7b:57:a7:af:a8:c8:1a:38:ee:52:28:1e:c0:
d6:a5:13:45:e3:8b:b8:de:8e:52:ab:30:64:db:24:
4b:a5:cf:3f:7c:c1:0b:48:34:0b:17:9a:5b:4f:1b:
76:b0:e8:af:a9:92:b6:0e:c6:d9:5e:9a:8b:88:2c:
4b:46:7e:ea:f1:86:d4:e3:78:56:b2:4d:a8:ca:bc:
aa:63:51:5a:b9:22:83:d6:6d:7f:7a:52:91:25:97:
a2:f0:56:28:66:da:9b:51:a0:d5:a6:c7:c8:86:fd:
ec:a7:98:49:ba:77:24:af:31:1f:39:6e:26:e7:47:
a9:40:c5:2d:cf:d1:8f:a4:19:e6:c9:56:f4:43:bf:
f5:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:BC:DF:A8:D7:07:37:60:28:54:1B:08:4D:68:DB:B2:6B:D7:05:84
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/c7zfqNcHN2AoVBsITWjbsmvXBYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:f580::/29
2a0d:38c0::/29
2a13:c246:8000::/33
2a14:41c0::/29
2a14:4240::/29
2a14:6240::/29
Signature Algorithm: sha256WithRSAEncryption
2f:39:78:ec:45:75:79:de:bf:33:7b:80:2e:f1:e6:cd:01:47:
84:5f:05:e6:3e:77:ce:40:89:c6:b2:ff:b7:4b:82:02:6b:4f:
df:0c:21:9d:02:fe:dc:00:1a:e5:cc:1d:3a:d4:5b:e9:91:7c:
0a:b7:4e:a6:cb:df:86:7f:a4:cf:f0:72:d7:d2:f6:bd:34:8c:
14:51:2b:2d:fe:6f:ec:96:73:e1:cd:4a:3f:b8:de:d2:2d:95:
78:9c:8e:7d:f1:52:0a:78:9a:1d:3a:37:a9:d8:88:26:0a:93:
9b:f0:51:f8:b8:90:42:06:c5:90:81:b0:da:8a:67:89:eb:57:
b1:f4:7f:2b:c1:75:e6:7b:02:bd:51:03:9f:67:29:84:5a:9f:
9e:be:ec:8b:5f:12:75:6c:f5:38:1a:af:ea:69:79:bf:cb:63:
26:cf:39:7c:79:3f:44:66:20:9e:f5:59:3c:34:10:b8:01:39:
23:ca:49:21:ea:75:12:f2:65:f8:dc:2e:a4:0d:8b:34:dc:42:
7a:0a:9c:6c:62:14:1d:c3:c2:47:ec:f2:bd:62:ff:cc:3a:76:
dd:41:ba:74:b4:52:1d:f4:e5:b4:2a:83:f9:80:f0:37:94:71:
14:32:b1:89:88:35:bb:fd:b3:78:e1:bd:12:4f:48:e6:62:d0:
23:96:b5:96
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAZZaNk9m0XyT9ngVjdgYalAeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwNDIxMjExNzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2JjZGZhOGQ3MDczNzYwMjg1NDFiMDg0ZDY4ZGJiMjZiZDcwNTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAugibq9IiwqsDoLb0Xy1XfUUgGVGB
OLbmBsSNy+Lyxvg+Ukz8+k0Aauy0D7fa0RYWWAQUY7NxVZGDYX04ROBQqZsJu3J1
Y5WPwb2SOpuu6E+x6wsJoNEQIwsHLPj2tNnR7guAduydtdcn+7rwn4jbdyiX3Ga8
GCv6fHtXp6+oyBo47lIoHsDWpRNF44u43o5SqzBk2yRLpc8/fMELSDQLF5pbTxt2
sOivqZK2DsbZXpqLiCxLRn7q8YbU43hWsk2oyryqY1FauSKD1m1/elKRJZei8FYo
ZtqbUaDVpsfIhv3sp5hJunckrzEfOW4m50epQMUtz9GPpBnmyVb0Q7/1LwIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFHO836jXBzdgKFQbCE1o27Jr1wWEMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvYzd6ZnFOY0hOMkFvVkJzSVRXamJzbXZYQllRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAxBAIAAjArAwUDKgf1gAMF
AyoNOMADBgcqE8JGgAMFAyoUQcADBQMqFEJAAwUDKhRiQDANBgkqhkiG9w0BAQsF
AAOCAQEALzl47EV1ed6/M3uALvHmzQFHhF8F5j53zkCJxrL/t0uCAmtP3wwhnQL+
3AAa5cwdOtRb6ZF8CrdOpsvfhn+kz/By19L2vTSMFFErLf5v7JZz4c1KP7je0i2V
eJyOffFSCniaHTo3qdiIJgqTm/BR+LiQQgbFkIGw2opnietXsfR/K8F15nsCvVED
n2cphFqfnr7si18SdWz1OBqv6ml5v8tjJs85fHk/RGYgnvVZPDQQuAE5I8pJIep1
EvJl+NwupA2LNNxCegqcbGIUHcPCR+zyvWL/zDp23UG6dLRSHfTltCqD+YDwN5Rx
FDKxiYg1u/2zeOG9Ek9I5mLQI5a1lg==
-----END CERTIFICATE-----
Generated at Thu May 1 18:13:01 2025 by rpki-client