Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/9K1lGeoKb1eqi8Gs3BCYjbBT9WU.roa
File: 9K1lGeoKb1eqi8Gs3BCYjbBT9WU.roa (raw, json)
Hash identifier: HgBxNjYLYdgmfD2Zny9u/QQp7tGaC4rvMH0nncv68C0=
Subject key identifier: F4:AD:65:19:EA:0A:6F:57:AA:8B:C1:AC:DC:10:98:8D:B0:53:F5:65
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0196381A072C4D8608CC94D36977A2C507F2
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/9K1lGeoKb1eqi8Gs3BCYjbBT9WU.roa
Signing time: Tue 15 Apr 2025 06:19:11 +0000
ROA not before: Tue 15 Apr 2025 06:19:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 2a06:de01:140::/44 maxlen: 48
2a06:de01:141::/48 maxlen: 48
2a06:de01:142::/48 maxlen: 48
2a06:de01:143::/48 maxlen: 48
2a06:de01:144::/48 maxlen: 48
2a06:de01:145::/48 maxlen: 48
2a0c:3b87:ff00::/40 maxlen: 48
2a0c:3b87:ffff::/48 maxlen: 48
2a0e:97c0:750::/48 maxlen: 48
2a0e:97c0:791::/48 maxlen: 48
2a0e:97c0:792::/48 maxlen: 48
2a0e:b107:9f4::/48 maxlen: 48
2a0e:b107:9f6::/48 maxlen: 48
2a0e:b107:df2::/48 maxlen: 48
2a0e:b107:1870::/48 maxlen: 48
2a0e:b107:1b9e::/48 maxlen: 48
2a0e:b107:278b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:38:1a:07:2c:4d:86:08:cc:94:d3:69:77:a2:c5:07:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Apr 15 06:19:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f4ad6519ea0a6f57aa8bc1acdc10988db053f565
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:b4:32:9d:2e:dc:d3:ce:e3:ab:fe:dd:00:f0:
62:e0:07:49:b1:f4:c5:13:6c:a0:50:b7:34:b7:22:
22:a1:fb:3c:86:7a:73:b8:b7:e8:b0:94:45:4e:a0:
ff:57:aa:99:02:c9:c3:f7:69:80:a4:82:ac:ac:31:
02:76:ec:cf:5b:59:45:ff:3d:b3:6c:c4:02:fa:6d:
9f:37:33:c9:d7:6f:dd:31:d5:08:4c:10:50:49:be:
af:fe:25:0f:42:2a:9d:15:16:9a:3d:28:6e:e8:94:
b6:f4:86:b3:71:a0:e7:20:9b:50:87:c0:fd:9d:cd:
6b:0a:a6:6a:6e:2f:2a:09:2e:85:70:08:2d:82:7e:
53:a7:80:65:41:ab:74:21:c7:82:4c:4f:82:cf:c6:
12:62:ac:5c:43:d1:0b:af:b1:fd:6b:04:3e:e5:54:
b3:75:d0:95:4a:a7:55:44:d2:ef:9e:9a:c0:ab:25:
41:28:ee:bd:37:2e:9f:84:20:5d:6b:da:c1:5a:f8:
f3:8f:13:38:b4:a2:e9:81:c3:9e:b3:87:c7:30:19:
f9:35:d5:24:cb:17:d3:02:fe:61:64:51:74:81:0e:
c1:c8:44:fa:a1:d4:a2:1f:48:59:f8:fd:b6:cd:b4:
46:5a:32:eb:a0:c5:d8:75:7e:f1:e3:8a:1e:e0:6c:
bb:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:AD:65:19:EA:0A:6F:57:AA:8B:C1:AC:DC:10:98:8D:B0:53:F5:65
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/9K1lGeoKb1eqi8Gs3BCYjbBT9WU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:de01:140::/44
2a0c:3b87:ff00::/40
2a0e:97c0:750::/48
2a0e:97c0:791::-2a0e:97c0:792:ffff:ffff:ffff:ffff:ffff
2a0e:b107:9f4::/48
2a0e:b107:9f6::/48
2a0e:b107:df2::/48
2a0e:b107:1870::/48
2a0e:b107:1b9e::/48
2a0e:b107:278b::/48
Signature Algorithm: sha256WithRSAEncryption
25:32:b7:1d:f9:b1:e6:1b:14:cc:13:e8:bf:b3:57:0b:10:16:
3a:b8:bc:1f:73:c6:9a:1d:a7:e5:81:a2:f8:b5:9d:5d:e7:cf:
06:ed:ec:58:ef:35:2a:76:e9:31:3c:24:0a:ef:f5:e7:f8:1a:
29:fc:95:23:e0:1e:cd:f9:23:a6:56:ba:b3:a4:49:e8:0a:55:
ca:d3:b6:21:64:9c:bb:d4:77:b6:26:15:2c:c6:e1:bf:c5:55:
69:05:08:67:45:b7:af:45:43:4d:a5:90:96:96:91:d2:5e:6d:
fe:4d:d1:94:2c:af:aa:b7:11:aa:41:29:15:a7:33:0e:c3:92:
66:51:1b:78:7f:4e:83:46:f8:3c:b1:c5:6c:37:88:fa:e4:1b:
89:3f:20:59:49:4d:fd:40:19:4f:6f:fc:db:14:59:ba:4f:db:
52:38:46:5d:ed:34:2c:c4:19:32:83:df:54:4f:71:5a:87:58:
6e:f0:a6:8f:06:1d:d4:f3:2e:60:b2:a7:9b:18:d0:09:a3:6d:
71:f1:e0:ed:40:b8:a7:21:23:f3:52:d8:c7:d6:5a:94:68:6a:
ca:f6:a9:af:4f:85:1f:ee:8c:11:c0:4f:38:f5:3a:fb:18:16:
0c:5e:10:bc:71:2f:df:75:d8:16:8b:2f:0f:a3:65:76:91:7a:
97:6a:bd:bb
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAZY4GgcsTYYIzJTTaXeixQfyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwNDE1MDYxOTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGFkNjUxOWVhMGE2ZjU3YWE4YmMxYWNkYzEwOTg4ZGIwNTNmNTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLQynS7c087jq/7dAPBi4AdJsfTF
E2ygULc0tyIiofs8hnpzuLfosJRFTqD/V6qZAsnD92mApIKsrDECduzPW1lF/z2z
bMQC+m2fNzPJ12/dMdUITBBQSb6v/iUPQiqdFRaaPShu6JS29IazcaDnIJtQh8D9
nc1rCqZqbi8qCS6FcAgtgn5Tp4BlQat0IceCTE+Cz8YSYqxcQ9ELr7H9awQ+5VSz
ddCVSqdVRNLvnprAqyVBKO69Ny6fhCBda9rBWvjzjxM4tKLpgcOes4fHMBn5NdUk
yxfTAv5hZFF0gQ7ByET6odSiH0hZ+P22zbRGWjLroMXYdX7x44oe4Gy7/QIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFPStZRnqCm9XqovBrNwQmI2wU/VlMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvOUsxbEdlb0tiMWVxaThHczNCQ1lqYkJUOVdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBqBAIAAjBkAwcEKgbeAQFA
AwYAKgw7h/8DBwAqDpfAB1AwEgMHACoOl8AHkQMHACoOl8AHkgMHACoOsQcJ9AMH
ACoOsQcJ9gMHACoOsQcN8gMHACoOsQcYcAMHACoOsQcbngMHACoOsQcnizANBgkq
hkiG9w0BAQsFAAOCAQEAJTK3Hfmx5hsUzBPov7NXCxAWOri8H3PGmh2n5YGi+LWd
XefPBu3sWO81KnbpMTwkCu/15/gaKfyVI+Aezfkjpla6s6RJ6ApVytO2IWScu9R3
tiYVLMbhv8VVaQUIZ0W3r0VDTaWQlpaR0l5t/k3RlCyvqrcRqkEpFaczDsOSZlEb
eH9Og0b4PLHFbDeI+uQbiT8gWUlN/UAZT2/82xRZuk/bUjhGXe00LMQZMoPfVE9x
WodYbvCmjwYd1PMuYLKnmxjQCaNtcfHg7UC4pyEj81LYx9ZalGhqyvapr0+FH+6M
EcBPOPU6+xgWDF4QvHEv33XYFosvD6NldpF6l2q9uw==
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:02:06 2025 by rpki-client