Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/udMb86r6ANoqYHi4i00tk-1ZVWg.roa
File: udMb86r6ANoqYHi4i00tk-1ZVWg.roa (raw, json)
Hash identifier: tDCaSwC+9rc0/FQN7jASClcehlHxysSaUkzqi6TD4ac=
Subject key identifier: B9:D3:1B:F3:AA:FA:00:DA:2A:60:78:B8:8B:4D:2D:93:ED:59:55:68
Certificate issuer: /CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
Certificate serial: 0196644C1715EBCBB114617273309D694671
Authority key identifier: 3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/udMb86r6ANoqYHi4i00tk-1ZVWg.roa
Signing time: Wed 23 Apr 2025 20:17:10 +0000
ROA not before: Wed 23 Apr 2025 20:17:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206873
IP address blocks: 2a0d:b9c0::/32 maxlen: 32
2a0f:da84::/32 maxlen: 32
2a12:1241::/32 maxlen: 32
2a12:cc05::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.crl
rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.mft
rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 17:20:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:64:4c:17:15:eb:cb:b1:14:61:72:73:30:9d:69:46:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
Validity
Not Before: Apr 23 20:17:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b9d31bf3aafa00da2a6078b88b4d2d93ed595568
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:02:57:d7:51:e5:d9:bb:be:2b:af:cf:30:d0:
9d:ce:a4:c3:5c:48:b0:24:7f:0f:f9:34:6e:c6:94:
d6:d3:88:b6:cb:b5:eb:ab:68:74:1f:e1:bb:05:66:
70:22:b4:33:36:6d:5e:da:22:6b:0a:af:62:2a:64:
64:57:b8:6e:6f:ef:70:d9:83:b1:62:ff:62:03:31:
1a:40:f9:ab:26:76:bc:f7:5b:ca:96:3e:7f:00:de:
ad:f0:28:51:1d:0d:b2:d7:68:ff:5c:bf:5e:1d:91:
55:8f:4e:38:c9:b7:5b:ea:c2:10:a7:93:c3:15:63:
0d:a3:d2:cb:0a:64:92:13:c2:c6:42:95:74:7d:d1:
7b:ce:9b:94:43:c3:57:5d:3f:21:25:f8:41:75:d7:
2d:44:27:ca:7f:89:33:24:4d:2d:55:42:c5:e3:9e:
00:95:3c:fd:ea:b6:d3:97:1d:5a:08:f7:a6:69:16:
9a:23:1e:08:85:6b:62:aa:03:a3:60:15:58:f6:37:
a2:13:1d:ee:a3:76:24:6d:64:92:34:1a:21:69:3e:
15:64:c5:9c:a1:90:9e:ff:6c:91:4f:c5:c5:bf:d5:
37:47:07:39:7e:76:ff:f9:53:d6:d1:c7:df:ed:f1:
b5:b4:dc:2e:30:3a:21:e9:99:63:80:9b:40:2d:b6:
e2:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:D3:1B:F3:AA:FA:00:DA:2A:60:78:B8:8B:4D:2D:93:ED:59:55:68
X509v3 Authority Key Identifier:
keyid:3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/udMb86r6ANoqYHi4i00tk-1ZVWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:b9c0::/32
2a0f:da84::/32
2a12:1241::/32
2a12:cc05::/32
Signature Algorithm: sha256WithRSAEncryption
3f:86:69:14:da:50:41:5e:b3:5f:23:19:b7:01:e5:4c:80:c9:
1a:24:3b:18:a4:6e:1a:5c:4f:69:82:19:12:8a:9d:f4:03:04:
82:db:ce:12:71:3c:6c:36:f2:8c:3a:d4:1c:98:93:39:3b:9b:
de:e8:d1:62:55:e9:f0:47:dd:6b:cf:db:b4:ac:67:e4:8c:61:
c7:10:1e:67:ff:ee:db:00:48:d9:05:1e:b1:61:2d:cf:c7:2a:
27:6f:71:36:8f:d6:c1:46:15:e6:41:77:e1:b4:5c:fb:1a:5d:
d0:24:3b:9b:61:b1:6b:06:47:65:e2:5f:0f:0b:d7:3e:51:99:
e1:ec:3d:8a:c4:3f:ea:fd:b0:f0:8c:d9:c4:86:55:0d:05:29:
af:67:ea:fa:1e:03:a0:77:72:a6:a0:4f:77:c5:7d:9a:6a:e7:
7c:f9:cd:d8:71:96:8e:87:4f:3c:32:23:e7:5c:cf:39:38:50:
f2:a3:d1:bc:ff:37:a3:6a:65:6c:49:5c:61:32:ac:fc:07:d3:
ab:1c:6b:ce:d8:d9:19:28:71:96:28:78:05:91:ac:c9:3b:89:
f0:1c:6f:f2:bd:0b:13:2c:b9:37:8c:d5:0d:14:77:43:5e:fe:
e7:50:ef:28:38:4d:c7:3a:94:a3:b8:79:c9:00:5b:e6:46:0a:
b1:c3:a9:78
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZZkTBcV68uxFGFyczCdaUZxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYzUwYWI0Y2NmNzJlM2Q2MGMwOWY5NjQwMTlkNmMwMzRj
NTBhNmMwHhcNMjUwNDIzMjAxNzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWQzMWJmM2FhZmEwMGRhMmE2MDc4Yjg4YjRkMmQ5M2VkNTk1NTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAigJX11Hl2bu+K6/PMNCdzqTDXEiw
JH8P+TRuxpTW04i2y7Xrq2h0H+G7BWZwIrQzNm1e2iJrCq9iKmRkV7hub+9w2YOx
Yv9iAzEaQPmrJna891vKlj5/AN6t8ChRHQ2y12j/XL9eHZFVj044ybdb6sIQp5PD
FWMNo9LLCmSSE8LGQpV0fdF7zpuUQ8NXXT8hJfhBddctRCfKf4kzJE0tVULF454A
lTz96rbTlx1aCPemaRaaIx4IhWtiqgOjYBVY9jeiEx3uo3YkbWSSNBohaT4VZMWc
oZCe/2yRT8XFv9U3Rwc5fnb/+VPW0cff7fG1tNwuMDoh6ZljgJtALbbi2wIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFLnTG/Oq+gDaKmB4uItNLZPtWVVoMB8GA1UdIwQY
MBaAFD7FCrTM9y49YMCflkAZ1sA0xQpsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHNVS3RNejNMajFnd0otV1FCbld3RFRGQ213LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC83OWVmNGYtZTM4ZS00NGRhLWE2NTct
MjE1OTM3NmQzYTY0LzEvdWRNYjg2cjZBTm9xWUhpNGkwMHRrLTFaVldnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC83OWVmNGYtZTM4ZS00NGRhLWE2NTctMjE1OTM3NmQzYTY0
LzEvUHNVS3RNejNMajFnd0otV1FCbld3RFRGQ213LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUAKg25wAMF
ACoP2oQDBQAqEhJBAwUAKhLMBTANBgkqhkiG9w0BAQsFAAOCAQEAP4ZpFNpQQV6z
XyMZtwHlTIDJGiQ7GKRuGlxPaYIZEoqd9AMEgtvOEnE8bDbyjDrUHJiTOTub3ujR
YlXp8Efda8/btKxn5IxhxxAeZ//u2wBI2QUesWEtz8cqJ29xNo/WwUYV5kF34bRc
+xpd0CQ7m2GxawZHZeJfDwvXPlGZ4ew9isQ/6v2w8IzZxIZVDQUpr2fq+h4DoHdy
pqBPd8V9mmrnfPnN2HGWjodPPDIj51zPOThQ8qPRvP83o2plbElcYTKs/AfTqxxr
ztjZGShxlih4BZGsyTuJ8Bxv8r0LEyy5N4zVDRR3Q17+51DvKDhNxzqUo7h5yQBb
5kYKscOpeA==
-----END CERTIFICATE-----
Generated at Sun Apr 27 01:49:46 2025 by rpki-client