Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/379KyU2oDiIti7-0Beh7CyDuELg.roa
File: 379KyU2oDiIti7-0Beh7CyDuELg.roa (raw, json)
Hash identifier: ReR1XKSXwtfAqsWrsYEG+eBW7p2DkPnXTfWoOtDj+ek=
Subject key identifier: DF:BF:4A:C9:4D:A8:0E:22:2D:8B:BF:B4:05:E8:7B:0B:20:EE:10:B8
Certificate issuer: /CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Certificate serial: 019686962AB04BC24715F6D869E910BE7CF0
Authority key identifier: 56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/379KyU2oDiIti7-0Beh7CyDuELg.roa
Signing time: Wed 30 Apr 2025 12:05:10 +0000
ROA not before: Wed 30 Apr 2025 12:05:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:3380::/29 maxlen: 29
2a0b:3e00::/29 maxlen: 29
2a0c:8340::/29 maxlen: 29
2a10:9600::/29 maxlen: 29
2a13:b840::/29 maxlen: 29
2a13:ddc0::/29 maxlen: 29
2a14:35c0::/29 maxlen: 29
2a14:5840::/29 maxlen: 29
2a14:72c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 04 May 2025 03:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:86:96:2a:b0:4b:c2:47:15:f6:d8:69:e9:10:be:7c:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Validity
Not Before: Apr 30 12:05:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dfbf4ac94da80e222d8bbfb405e87b0b20ee10b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:d3:de:b8:e6:ac:79:f2:13:3e:64:ca:72:57:
1c:3f:3a:fc:af:42:16:75:ec:42:37:58:9a:48:e8:
f0:4f:9a:52:ef:a5:53:80:1c:43:64:b8:8f:53:d8:
f4:4c:97:c5:c5:ce:70:99:5e:02:62:4d:2b:b1:bb:
e6:a0:1c:8f:8d:3f:64:66:11:7e:88:86:46:de:41:
2c:53:e0:f5:9b:2b:f3:de:63:6a:db:4a:53:7a:1c:
2a:0e:45:e5:a3:5a:28:dc:3e:47:4a:38:b9:42:89:
6d:55:94:3b:03:86:a6:4f:1a:e8:c6:9b:17:f0:12:
66:b7:53:1f:62:08:4c:04:51:2d:10:4b:8f:fa:19:
5e:c5:89:bb:77:23:d1:b9:35:88:a1:46:6d:9c:91:
8e:26:6f:1f:29:5a:1f:6c:5f:73:2c:ad:f9:65:91:
37:25:11:34:f5:01:67:5c:b6:56:c1:1e:04:b9:97:
fc:f8:8e:62:17:23:33:28:bc:de:a1:7e:03:ee:2e:
5f:e5:1b:90:a1:36:74:e3:0a:e4:ef:ae:fd:a8:f6:
b4:44:17:a2:f9:0e:b0:ce:59:42:30:95:bf:b9:f2:
c0:c1:9f:ab:0a:6c:94:9c:d8:cf:e5:cd:a3:3a:b0:
6f:13:76:bc:2e:ae:3f:ba:df:e8:47:43:cd:ce:36:
aa:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:BF:4A:C9:4D:A8:0E:22:2D:8B:BF:B4:05:E8:7B:0B:20:EE:10:B8
X509v3 Authority Key Identifier:
keyid:56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/379KyU2oDiIti7-0Beh7CyDuELg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3380::/29
2a0b:3e00::/29
2a0c:8340::/29
2a10:9600::/29
2a13:b840::/29
2a13:ddc0::/29
2a14:35c0::/29
2a14:5840::/29
2a14:72c0::/29
Signature Algorithm: sha256WithRSAEncryption
5c:b1:5a:07:84:7b:9e:87:e2:26:c3:6a:1b:3d:34:3e:83:7d:
17:a2:f7:42:ac:d1:27:8e:7c:40:18:09:ad:ce:7c:94:1e:bc:
aa:d8:0d:e4:0e:2c:e2:37:6f:42:45:59:07:91:01:7d:19:a4:
9c:3a:32:84:08:88:50:54:17:d4:34:a2:18:4c:d8:3c:d4:b8:
58:ed:f5:4f:4f:4b:5d:18:2e:69:89:3d:bc:6a:f2:6e:82:45:
f6:f3:4e:06:e9:52:1a:2e:f5:22:ea:ce:52:55:b8:e2:07:ce:
4d:ca:47:6e:0d:d6:5e:60:ab:57:88:65:6b:45:15:dd:f1:b0:
78:64:60:ff:74:f1:fb:88:14:4d:c9:09:29:0b:43:ef:b6:fd:
db:fd:be:28:15:fe:41:65:61:12:cf:fb:2c:b9:e7:40:77:ce:
9c:04:9f:16:a4:1c:b1:21:92:6f:6d:a6:35:24:13:ba:3d:50:
df:a5:3a:1b:3c:32:d0:8f:26:2d:a3:d7:63:49:bf:44:88:b4:
39:9a:d9:06:c6:4e:90:75:67:f6:08:0a:02:2d:67:96:bc:5a:
64:b8:d3:89:03:97:4a:32:78:21:cd:a9:d3:1e:15:6e:27:66:
0d:17:49:de:6e:8f:e8:0b:3a:89:2d:db:73:68:c1:16:9b:41:
e7:ce:f3:ee
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZaGliqwS8JHFfbYaekQvnzwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2Yjk4ZjgzY2NiZGE3YzE5ZjAwNDE1MWM5OGI1N2M1OWQy
NjhmNTQwHhcNMjUwNDMwMTIwNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmJmNGFjOTRkYTgwZTIyMmQ4YmJmYjQwNWU4N2IwYjIwZWUxMGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy9PeuOasefITPmTKclccPzr8r0IW
dexCN1iaSOjwT5pS76VTgBxDZLiPU9j0TJfFxc5wmV4CYk0rsbvmoByPjT9kZhF+
iIZG3kEsU+D1myvz3mNq20pTehwqDkXlo1oo3D5HSji5QoltVZQ7A4amTxroxpsX
8BJmt1MfYghMBFEtEEuP+hlexYm7dyPRuTWIoUZtnJGOJm8fKVofbF9zLK35ZZE3
JRE09QFnXLZWwR4EuZf8+I5iFyMzKLzeoX4D7i5f5RuQoTZ04wrk7679qPa0RBei
+Q6wzllCMJW/ufLAwZ+rCmyUnNjP5c2jOrBvE3a8Lq4/ut/oR0PNzjaq6QIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFN+/SslNqA4iLYu/tAXoewsg7hC4MB8GA1UdIwQY
MBaAFFa5j4PMvafBnwBBUcmLV8WdJo9UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2Yt
N2FhN2ZjMzU5NjU1LzEvMzc5S3lVMm9EaUl0aTctMEJlaDdDeUR1RUxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2YtN2FhN2ZjMzU5NjU1
LzEvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzBFBAIAAjA/AwUDIAEzgAMF
AyoLPgADBQMqDINAAwUDKhCWAAMFAyoTuEADBQMqE93AAwUDKhQ1wAMFAyoUWEAD
BQMqFHLAMA0GCSqGSIb3DQEBCwUAA4IBAQBcsVoHhHueh+Imw2obPTQ+g30XovdC
rNEnjnxAGAmtznyUHryq2A3kDiziN29CRVkHkQF9GaScOjKECIhQVBfUNKIYTNg8
1LhY7fVPT0tdGC5piT28avJugkX2804G6VIaLvUi6s5SVbjiB85NykduDdZeYKtX
iGVrRRXd8bB4ZGD/dPH7iBRNyQkpC0Pvtv3b/b4oFf5BZWESz/ssuedAd86cBJ8W
pByxIZJvbaY1JBO6PVDfpTobPDLQjyYto9djSb9EiLQ5mtkGxk6QdWf2CAoCLWeW
vFpkuNOJA5dKMnghzanTHhVuJ2YNF0nebo/oCzqJLdtzaMEWm0HnzvPu
-----END CERTIFICATE-----
Generated at Sat May 3 12:38:16 2025 by rpki-client