Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/GsUGzpUos76sFGQbWGJ8Ekw1qmw.roa
File: GsUGzpUos76sFGQbWGJ8Ekw1qmw.roa (raw, json)
Hash identifier: Wl7Np+zNebQbvvJohBcppO8aYll5lDtZMGb3wnBSvLQ=
Subject key identifier: 1A:C5:06:CE:95:28:B3:BE:AC:14:64:1B:58:62:7C:12:4C:35:AA:6C
Certificate issuer: /CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
Certificate serial: 0196644B2E085394573DFECD84A792083D64
Authority key identifier: 3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/GsUGzpUos76sFGQbWGJ8Ekw1qmw.roa
Signing time: Wed 23 Apr 2025 20:16:10 +0000
ROA not before: Wed 23 Apr 2025 20:16:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209641
IP address blocks: 2a09:6900::/32 maxlen: 32
2a0f:4300::/32 maxlen: 32
2a0f:da81::/32 maxlen: 32
2a0f:da82::/32 maxlen: 32
2a12:cc01::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.crl
rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.mft
rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 03 May 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:64:4b:2e:08:53:94:57:3d:fe:cd:84:a7:92:08:3d:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
Validity
Not Before: Apr 23 20:16:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1ac506ce9528b3beac14641b58627c124c35aa6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:11:c0:90:0d:4a:ef:1f:c6:c7:b4:fa:28:cb:
86:3d:0f:4e:87:42:5f:07:b9:94:ed:99:af:95:83:
36:e3:0b:4b:e6:12:79:8d:25:55:dd:c0:cb:71:d4:
85:9b:c6:da:e3:4c:a0:47:ee:9f:f6:19:0c:46:59:
25:5c:87:9a:ca:4b:72:ff:62:49:d1:6f:35:54:5c:
d8:fb:91:14:1f:12:e7:b9:b0:38:20:e6:fa:00:72:
48:32:1a:d7:8c:69:91:57:53:0d:2d:a6:c4:1d:2a:
90:c9:19:be:04:e6:60:54:39:62:c4:2c:d0:01:79:
39:3b:45:e7:d5:a9:46:01:77:bd:49:89:d1:49:90:
9a:48:ca:11:6a:96:b3:2c:08:70:74:08:3c:ab:54:
e7:e5:46:34:6f:39:df:58:4c:d9:99:8e:ee:50:85:
fc:06:70:97:35:1a:d4:f4:19:36:3f:97:c8:d8:74:
6c:ca:fd:78:8d:05:bc:f3:67:3a:47:c7:2a:62:81:
6b:37:8f:27:ed:ea:3b:ad:b1:6a:39:d7:52:35:dd:
c1:b3:00:22:6a:dd:77:50:d8:52:84:0f:13:e2:88:
23:5f:72:a8:d8:c4:b9:b4:8f:c7:5e:85:5b:84:7e:
a4:20:f6:02:75:f5:1c:b1:5a:70:f7:2d:9d:fd:14:
c1:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:C5:06:CE:95:28:B3:BE:AC:14:64:1B:58:62:7C:12:4C:35:AA:6C
X509v3 Authority Key Identifier:
keyid:3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/GsUGzpUos76sFGQbWGJ8Ekw1qmw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:6900::/32
2a0f:4300::/32
2a0f:da81::-2a0f:da82:ffff:ffff:ffff:ffff:ffff:ffff
2a12:cc01::/32
Signature Algorithm: sha256WithRSAEncryption
9b:5d:d5:26:fc:58:68:34:b2:de:93:de:86:06:b7:40:a8:74:
92:f0:a6:89:91:98:a3:73:cf:39:e0:5f:9a:63:93:2c:56:5e:
c8:e9:81:71:99:98:6f:4d:46:ca:28:9f:3c:a5:5b:12:c3:01:
b1:49:a6:7e:5b:2e:48:4d:c0:69:07:c3:2c:02:df:36:8b:36:
12:6e:be:e2:73:93:50:2e:ad:93:9c:b5:4c:82:4b:48:4f:76:
32:f1:c0:7c:28:14:55:9e:ec:a8:e9:c1:b7:92:2a:8a:30:95:
02:17:44:1b:05:81:9d:04:f5:5f:db:ee:7f:d8:0b:c2:48:31:
98:23:05:34:b6:43:23:b5:98:44:a8:01:d3:18:2b:7d:65:05:
46:58:95:e6:42:14:9d:d1:36:84:1c:3b:8b:2b:3d:9d:be:74:
d4:08:4b:f0:5d:c5:b5:9a:18:a2:de:bd:89:a1:30:a9:9b:80:
82:2b:8e:b6:fe:6c:9f:a0:06:a2:30:ae:68:f2:1c:c7:0a:93:
f6:13:7e:c0:7a:22:5f:bd:51:8c:5e:ab:9d:e7:e4:60:86:fb:
a2:17:fe:33:32:5e:09:e1:b4:14:dd:66:2e:73:b2:aa:f8:06:
16:45:dc:e6:72:eb:9b:85:ea:dd:0a:00:fe:9c:6e:ea:1e:93:
94:52:9d:0b
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAZZkSy4IU5RXPf7NhKeSCD1kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYzUwYWI0Y2NmNzJlM2Q2MGMwOWY5NjQwMTlkNmMwMzRj
NTBhNmMwHhcNMjUwNDIzMjAxNjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWM1MDZjZTk1MjhiM2JlYWMxNDY0MWI1ODYyN2MxMjRjMzVhYTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzRHAkA1K7x/Gx7T6KMuGPQ9Oh0Jf
B7mU7ZmvlYM24wtL5hJ5jSVV3cDLcdSFm8ba40ygR+6f9hkMRlklXIeaykty/2JJ
0W81VFzY+5EUHxLnubA4IOb6AHJIMhrXjGmRV1MNLabEHSqQyRm+BOZgVDlixCzQ
AXk5O0Xn1alGAXe9SYnRSZCaSMoRapazLAhwdAg8q1Tn5UY0bznfWEzZmY7uUIX8
BnCXNRrU9Bk2P5fI2HRsyv14jQW882c6R8cqYoFrN48n7eo7rbFqOddSNd3BswAi
at13UNhShA8T4ogjX3Ko2MS5tI/HXoVbhH6kIPYCdfUcsVpw9y2d/RTBhwIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFBrFBs6VKLO+rBRkG1hifBJMNapsMB8GA1UdIwQY
MBaAFD7FCrTM9y49YMCflkAZ1sA0xQpsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHNVS3RNejNMajFnd0otV1FCbld3RFRGQ213LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC83OWVmNGYtZTM4ZS00NGRhLWE2NTct
MjE1OTM3NmQzYTY0LzEvR3NVR3pwVW9zNzZzRkdRYldHSjhFa3cxcW13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC83OWVmNGYtZTM4ZS00NGRhLWE2NTctMjE1OTM3NmQzYTY0
LzEvUHNVS3RNejNMajFnd0otV1FCbld3RFRGQ213LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTArBAIAAjAlAwUAKglpAAMF
ACoPQwAwDgMFACoP2oEDBQAqD9qCAwUAKhLMATANBgkqhkiG9w0BAQsFAAOCAQEA
m13VJvxYaDSy3pPehga3QKh0kvCmiZGYo3PPOeBfmmOTLFZeyOmBcZmYb01Gyiif
PKVbEsMBsUmmflsuSE3AaQfDLALfNos2Em6+4nOTUC6tk5y1TIJLSE92MvHAfCgU
VZ7sqOnBt5IqijCVAhdEGwWBnQT1X9vuf9gLwkgxmCMFNLZDI7WYRKgB0xgrfWUF
RliV5kIUndE2hBw7iys9nb501AhL8F3FtZoYot69iaEwqZuAgiuOtv5sn6AGojCu
aPIcxwqT9hN+wHoiX71RjF6rnefkYIb7ohf+MzJeCeG0FN1mLnOyqvgGFkXc5nLr
m4Xq3QoA/pxu6h6TlFKdCw==
-----END CERTIFICATE-----
Generated at Sat May 3 05:29:31 2025 by rpki-client