Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/YI4H7NGhAufkd2rDCF4xc0fU4SY.roa
File: YI4H7NGhAufkd2rDCF4xc0fU4SY.roa (raw, json)
Hash identifier: yOUNd4+yLfM9BjMvAqucVx3sMK1r2nOoskU4bxWi/oA=
Subject key identifier: 60:8E:07:EC:D1:A1:02:E7:E4:77:6A:C3:08:5E:31:73:47:D4:E1:26
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 0196433ECAED1755DA9A966FB743491C917B
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/YI4H7NGhAufkd2rDCF4xc0fU4SY.roa
Signing time: Thu 17 Apr 2025 10:15:10 +0000
ROA not before: Thu 17 Apr 2025 10:15:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213861
IP address blocks: 2a11:e9c5::/32 maxlen: 32
2a14:2dc0::/32 maxlen: 32
2a14:2dc1::/32 maxlen: 32
2a14:2dc2::/32 maxlen: 32
2a14:2dc3::/32 maxlen: 32
2a14:2dc4::/32 maxlen: 32
2a14:2dc5::/32 maxlen: 32
2a14:2dc6::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Apr 2025 06:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:43:3e:ca:ed:17:55:da:9a:96:6f:b7:43:49:1c:91:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Apr 17 10:15:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=608e07ecd1a102e7e4776ac3085e317347d4e126
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:7b:07:de:60:b8:cd:b7:7f:65:c1:54:c8:ca:
ac:bd:c1:19:e4:56:ed:c7:8e:06:e9:43:55:71:4c:
86:e6:58:40:6b:a7:34:ee:27:54:37:6e:3a:f3:38:
8c:27:18:14:c5:90:69:3e:47:fe:9a:8a:fa:2d:32:
11:40:d1:3d:d5:dd:3a:04:00:41:c8:38:00:57:86:
df:0a:ea:23:bf:83:0d:57:45:13:8a:d5:ed:c0:8d:
4a:de:41:5a:e2:69:91:6c:35:94:27:c5:7a:7b:56:
fc:8a:68:20:fd:84:89:cc:d2:fa:07:28:df:97:4d:
8a:2d:92:d4:21:5c:27:28:7e:44:71:5c:f6:76:3e:
0e:56:21:de:42:52:81:d1:ec:df:d2:64:b7:d3:a9:
d5:0d:7e:66:94:f6:cc:51:00:fa:a1:76:5b:aa:e3:
4a:ec:5e:33:4b:7e:ef:71:e2:e3:24:99:59:aa:2d:
20:b1:67:3f:cc:49:a2:67:28:78:c3:69:c9:da:37:
6d:a7:68:3f:7f:2f:02:a1:6c:f0:26:94:f5:69:70:
66:fb:47:dd:0d:f3:b7:cb:94:6b:8f:8c:a3:74:8e:
3d:a3:3c:ce:b1:91:d3:46:c4:f8:08:37:cb:23:c3:
37:1d:6e:92:b7:99:50:73:db:53:74:ac:be:d1:c0:
9d:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:8E:07:EC:D1:A1:02:E7:E4:77:6A:C3:08:5E:31:73:47:D4:E1:26
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/YI4H7NGhAufkd2rDCF4xc0fU4SY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:e9c5::/32
2a14:2dc0::-2a14:2dc6:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
16:9e:1f:b5:c6:6c:34:6c:93:a7:3a:80:74:7d:fc:96:08:60:
52:ff:c6:4e:bb:cf:f0:ab:ea:c3:4b:aa:c3:a4:65:fa:a3:03:
8f:c0:9d:13:53:3c:e5:07:6e:2d:36:51:ae:07:45:4d:c7:20:
a0:8f:19:6b:8e:c1:67:95:8b:f1:0c:53:a4:68:03:ea:07:cc:
bc:a4:9a:87:bc:13:b2:d9:6e:80:91:e6:28:bc:2d:9d:4d:5d:
b1:3c:03:bb:ad:db:81:4c:86:82:50:4b:a5:e1:7a:9b:bd:ee:
8a:cd:c1:6f:16:de:63:f6:c0:7c:c4:04:86:85:73:b9:ee:60:
58:a6:b8:27:c5:f5:d1:d1:49:60:74:e7:a8:80:bd:d0:f4:a9:
14:af:d4:4d:c9:ad:1f:f7:84:11:30:08:5a:bb:71:09:a1:bc:
62:73:2a:e5:5b:e6:5b:5f:54:3f:ff:93:a5:c4:fb:84:27:29:
f8:55:77:86:a5:c1:d9:99:39:e3:5d:06:56:0e:9f:4c:8e:d7:
90:3a:25:83:85:33:47:c5:c0:92:ee:05:cc:6f:21:4c:53:f2:
b3:e4:10:b9:5a:2c:65:42:90:f2:60:1e:83:fc:18:fe:5d:f1:
3b:b0:a2:24:a7:1c:15:68:79:fe:b3:68:99:f5:19:2f:7c:26:
40:4c:7b:c3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZZDPsrtF1XampZvt0NJHJF7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjUwNDE3MTAxNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDhlMDdlY2QxYTEwMmU3ZTQ3NzZhYzMwODVlMzE3MzQ3ZDRlMTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAynsH3mC4zbd/ZcFUyMqsvcEZ5Fbt
x44G6UNVcUyG5lhAa6c07idUN2468ziMJxgUxZBpPkf+mor6LTIRQNE91d06BABB
yDgAV4bfCuojv4MNV0UTitXtwI1K3kFa4mmRbDWUJ8V6e1b8imgg/YSJzNL6Byjf
l02KLZLUIVwnKH5EcVz2dj4OViHeQlKB0ezf0mS306nVDX5mlPbMUQD6oXZbquNK
7F4zS37vceLjJJlZqi0gsWc/zEmiZyh4w2nJ2jdtp2g/fy8CoWzwJpT1aXBm+0fd
DfO3y5Rrj4yjdI49ozzOsZHTRsT4CDfLI8M3HW6St5lQc9tTdKy+0cCdWwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGCOB+zRoQLn5HdqwwheMXNH1OEmMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvWUk0SDdOR2hBdWZrZDJyRENGNHhjMGZVNFNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAdBAIAAjAXAwUAKhHpxTAO
AwUGKhQtwAMFACoULcYwDQYJKoZIhvcNAQELBQADggEBABaeH7XGbDRsk6c6gHR9
/JYIYFL/xk67z/Cr6sNLqsOkZfqjA4/AnRNTPOUHbi02Ua4HRU3HIKCPGWuOwWeV
i/EMU6RoA+oHzLykmoe8E7LZboCR5ii8LZ1NXbE8A7ut24FMhoJQS6Xhepu97orN
wW8W3mP2wHzEBIaFc7nuYFimuCfF9dHRSWB056iAvdD0qRSv1E3JrR/3hBEwCFq7
cQmhvGJzKuVb5ltfVD//k6XE+4QnKfhVd4alwdmZOeNdBlYOn0yO15A6JYOFM0fF
wJLuBcxvIUxT8rPkELlaLGVCkPJgHoP8GP5d8TuwoiSnHBVoef6zaJn1GS98JkBM
e8M=
-----END CERTIFICATE-----
Generated at Mon Apr 28 14:40:39 2025 by rpki-client