Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/0749c0-dec3-4f01-9bd7-3448a889ce75/1/2qyhqFKpARK1F2ET6I7_YKaOPc0.roa
File: 2qyhqFKpARK1F2ET6I7_YKaOPc0.roa (raw, json)
Hash identifier: qGM3ZFQucsF8/9E/V05Xc9DkgTgt/0zHmMZ5RCHxskE=
Subject key identifier: DA:AC:A1:A8:52:A9:01:12:B5:17:61:13:E8:8E:FF:60:A6:8E:3D:CD
Certificate issuer: /CN=c0f8dbb214a6149f3d4d42a0c4132d5725992752
Certificate serial: 019695A573A3B0EDD2215C592AFC596EC976
Authority key identifier: C0:F8:DB:B2:14:A6:14:9F:3D:4D:42:A0:C4:13:2D:57:25:99:27:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wPjbshSmFJ89TUKgxBMtVyWZJ1I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/0749c0-dec3-4f01-9bd7-3448a889ce75/1/2qyhqFKpARK1F2ET6I7_YKaOPc0.roa
Signing time: Sat 03 May 2025 10:16:10 +0000
ROA not before: Sat 03 May 2025 10:16:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213368
IP address blocks: 2001:67c:e44::/48 maxlen: 48
2001:67c:ea0::/48 maxlen: 48
2001:67c:ea4::/48 maxlen: 48
2001:67c:2754::/48 maxlen: 48
2001:67c:2bbc::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/0749c0-dec3-4f01-9bd7-3448a889ce75/1/wPjbshSmFJ89TUKgxBMtVyWZJ1I.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/0749c0-dec3-4f01-9bd7-3448a889ce75/1/wPjbshSmFJ89TUKgxBMtVyWZJ1I.mft
rsync://rpki.ripe.net/repository/DEFAULT/wPjbshSmFJ89TUKgxBMtVyWZJ1I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 09 May 2025 07:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:95:a5:73:a3:b0:ed:d2:21:5c:59:2a:fc:59:6e:c9:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0f8dbb214a6149f3d4d42a0c4132d5725992752
Validity
Not Before: May 3 10:16:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=daaca1a852a90112b5176113e88eff60a68e3dcd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:e9:0c:fc:81:ca:ae:4f:27:e8:79:d2:fd:8e:
32:52:23:2c:94:5d:77:3a:d0:f3:35:4a:3f:fc:41:
22:cb:71:62:a4:d4:08:73:ac:ca:d9:3b:50:0c:35:
8a:bf:0f:b4:90:ff:b6:0d:98:7c:5a:76:f7:e4:a0:
31:1d:21:35:54:1b:c9:77:ef:3c:7a:07:f2:6e:ee:
13:b3:19:be:04:bb:59:34:0b:20:c5:95:46:aa:c3:
6b:75:4c:d1:7e:2e:fa:05:6d:8a:82:92:da:92:46:
a2:2e:1b:32:17:d2:48:5d:87:a6:16:87:0b:7c:ca:
89:ba:49:2f:ff:ed:47:6b:ad:fd:3d:6a:e4:4c:9b:
06:e7:a6:e9:52:84:f2:83:c5:0b:bb:57:95:fe:8b:
37:fe:0d:65:7a:eb:64:72:5a:dd:11:78:cc:4e:fa:
9e:64:44:4a:57:77:a4:5c:18:65:60:cf:1e:f2:ae:
14:95:27:42:65:47:1d:8b:be:ae:cc:5f:f2:4f:83:
0c:91:f9:80:1e:66:17:0e:8f:68:8c:52:49:2d:d0:
a9:fe:d4:dd:21:0e:4e:0e:57:62:dd:a8:b3:67:67:
94:24:d3:d1:92:19:55:cd:8e:c1:b0:83:17:44:df:
9d:6c:c4:2a:78:0f:8b:0d:7f:5c:f3:cf:a3:cd:ed:
0e:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:AC:A1:A8:52:A9:01:12:B5:17:61:13:E8:8E:FF:60:A6:8E:3D:CD
X509v3 Authority Key Identifier:
keyid:C0:F8:DB:B2:14:A6:14:9F:3D:4D:42:A0:C4:13:2D:57:25:99:27:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wPjbshSmFJ89TUKgxBMtVyWZJ1I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/0749c0-dec3-4f01-9bd7-3448a889ce75/1/2qyhqFKpARK1F2ET6I7_YKaOPc0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/0749c0-dec3-4f01-9bd7-3448a889ce75/1/wPjbshSmFJ89TUKgxBMtVyWZJ1I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:e44::/48
2001:67c:ea0::/48
2001:67c:ea4::/48
2001:67c:2754::/48
2001:67c:2bbc::/48
Signature Algorithm: sha256WithRSAEncryption
42:e2:ea:11:db:74:49:e3:3d:cb:64:80:87:38:aa:97:0a:ab:
fe:a1:59:8b:5e:2f:e9:7f:35:3e:fd:37:68:50:a6:39:b8:55:
d6:ee:a1:6a:e4:b7:ee:d1:38:8e:4c:10:85:a5:1e:36:1b:c0:
51:75:7b:d5:68:bc:21:42:46:cf:17:d4:c1:c7:de:00:4c:fe:
56:d3:ed:0f:d9:f7:9a:05:01:3a:af:4b:d4:dc:e5:5b:d1:a1:
f9:a4:9b:8f:87:cc:0c:90:6d:b8:88:7a:e5:e4:e8:d0:48:ce:
f8:0d:2a:64:7f:bc:cf:de:99:19:3d:a9:9a:de:d1:15:26:ae:
3c:ca:8b:6d:14:60:21:55:c4:a6:34:4a:a0:c1:45:3f:b2:ba:
5e:86:a4:fd:aa:39:56:56:d3:34:80:f5:da:1b:0e:55:68:1b:
ad:35:dd:fa:38:e7:36:af:84:71:8a:6f:d6:17:71:54:cd:fe:
ba:94:2e:12:1d:e9:ed:2a:86:e3:9c:45:9c:ba:3e:f4:58:63:
15:02:85:c1:41:f8:2e:15:7e:2b:83:b3:65:7c:aa:d8:a2:c2:
08:7a:ce:6e:ea:ff:5d:f6:c3:80:c3:df:78:83:df:d6:8e:4d:
85:b6:82:dd:9b:2f:48:35:e4:f8:33:79:f4:dc:26:7b:11:37:
c2:e7:22:b0
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZaVpXOjsO3SIVxZKvxZbsl2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwZjhkYmIyMTRhNjE0OWYzZDRkNDJhMGM0MTMyZDU3MjU5
OTI3NTIwHhcNMjUwNTAzMTAxNjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWFjYTFhODUyYTkwMTEyYjUxNzYxMTNlODhlZmY2MGE2OGUzZGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlekM/IHKrk8n6HnS/Y4yUiMslF13
OtDzNUo//EEiy3FipNQIc6zK2TtQDDWKvw+0kP+2DZh8Wnb35KAxHSE1VBvJd+88
egfybu4Tsxm+BLtZNAsgxZVGqsNrdUzRfi76BW2KgpLakkaiLhsyF9JIXYemFocL
fMqJukkv/+1Ha639PWrkTJsG56bpUoTyg8ULu1eV/os3/g1leutkclrdEXjMTvqe
ZERKV3ekXBhlYM8e8q4UlSdCZUcdi76uzF/yT4MMkfmAHmYXDo9ojFJJLdCp/tTd
IQ5ODldi3aizZ2eUJNPRkhlVzY7BsIMXRN+dbMQqeA+LDX9c88+jze0OYwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFNqsoahSqQEStRdhE+iO/2Cmjj3NMB8GA1UdIwQY
MBaAFMD427IUphSfPU1CoMQTLVclmSdSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1BqYnNoU21GSjg5VFVLZ3hCTXRWeVdaSjFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi8wNzQ5YzAtZGVjMy00ZjAxLTliZDct
MzQ0OGE4ODljZTc1LzEvMnF5aHFGS3BBUksxRjJFVDZJN19ZS2FPUGMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi8wNzQ5YzAtZGVjMy00ZjAxLTliZDctMzQ0OGE4ODljZTc1
LzEvd1BqYnNoU21GSjg5VFVLZ3hCTXRWeVdaSjFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAzBAIAAjAtAwcAIAEGfA5E
AwcAIAEGfA6gAwcAIAEGfA6kAwcAIAEGfCdUAwcAIAEGfCu8MA0GCSqGSIb3DQEB
CwUAA4IBAQBC4uoR23RJ4z3LZICHOKqXCqv+oVmLXi/pfzU+/TdoUKY5uFXW7qFq
5Lfu0TiOTBCFpR42G8BRdXvVaLwhQkbPF9TBx94ATP5W0+0P2feaBQE6r0vU3OVb
0aH5pJuPh8wMkG24iHrl5OjQSM74DSpkf7zP3pkZPama3tEVJq48yottFGAhVcSm
NEqgwUU/srpehqT9qjlWVtM0gPXaGw5VaButNd36OOc2r4Rxim/WF3FUzf66lC4S
HentKobjnEWcuj70WGMVAoXBQfguFX4rg7NlfKrYosIIes5u6v9d9sOAw994g9/W
jk2FtoLdmy9INeT4M3n03CZ7ETfC5yKw
-----END CERTIFICATE-----
Generated at Thu May 8 15:27:12 2025 by rpki-client