Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/SitiOrbsqyqLTHs588Zz_8DtgP4.roa
File: SitiOrbsqyqLTHs588Zz_8DtgP4.roa (raw, json)
Hash identifier: 6mOO2gmaUiLnAjwX8nGV5tMX4PpVrBBkQHWg0JP74E0=
Subject key identifier: 4A:2B:62:3A:B6:EC:AB:2A:8B:4C:7B:39:F3:C6:73:FF:C0:ED:80:FE
Certificate issuer: /CN=58b3de5f9adb50fe41f6dc78ffd0a2c9086d2512
Certificate serial: 01968678E00FB2EEE2A95EB5299AAABBFA3D
Authority key identifier: 58:B3:DE:5F:9A:DB:50:FE:41:F6:DC:78:FF:D0:A2:C9:08:6D:25:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WLPeX5rbUP5B9tx4_9CiyQhtJRI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/SitiOrbsqyqLTHs588Zz_8DtgP4.roa
Signing time: Wed 30 Apr 2025 11:33:10 +0000
ROA not before: Wed 30 Apr 2025 11:33:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211507
IP address blocks: 2a14:c380::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/WLPeX5rbUP5B9tx4_9CiyQhtJRI.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/WLPeX5rbUP5B9tx4_9CiyQhtJRI.mft
rsync://rpki.ripe.net/repository/DEFAULT/WLPeX5rbUP5B9tx4_9CiyQhtJRI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 02 May 2025 05:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:86:78:e0:0f:b2:ee:e2:a9:5e:b5:29:9a:aa:bb:fa:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58b3de5f9adb50fe41f6dc78ffd0a2c9086d2512
Validity
Not Before: Apr 30 11:33:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4a2b623ab6ecab2a8b4c7b39f3c673ffc0ed80fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:fc:e8:89:3f:ea:75:92:c1:5f:bb:bc:e5:f5:
89:9d:78:45:b5:25:0d:d0:ec:a7:5c:04:31:02:f1:
50:4d:c4:fd:95:e8:cb:b1:ed:87:3f:53:65:c4:1c:
de:f6:6f:0a:9f:07:5b:f9:5a:8f:2f:24:14:52:75:
99:db:08:72:aa:c4:0b:ad:01:09:81:c8:17:de:6c:
32:c6:b0:39:95:6e:72:18:20:64:de:94:08:7c:b8:
65:d7:4a:40:33:1a:71:fb:59:54:5d:c2:47:68:0b:
0a:71:56:23:69:e5:78:8c:de:09:3a:a6:5f:ff:d3:
7f:ed:51:09:db:56:31:5e:7e:13:25:4b:f9:8b:0a:
80:c4:8d:74:bd:c7:ee:3f:b9:02:b5:f7:6b:fb:29:
76:ab:33:b7:b8:72:91:9b:f6:85:52:0e:43:66:b1:
28:15:81:b3:e7:d3:50:b4:5f:49:c4:7d:78:dc:4d:
43:4a:ab:36:c9:89:87:bf:3a:c1:29:b0:bb:84:99:
c0:84:b4:3a:af:51:3c:a9:41:4a:4a:e6:d0:e3:2e:
e1:b9:84:c2:f3:8b:a5:eb:94:bd:8c:9c:91:db:1b:
07:66:ed:7b:02:f9:cc:bc:64:59:35:c3:b3:51:14:
0e:bd:45:0c:11:ce:3e:2c:61:54:4c:be:6f:8d:77:
3c:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:2B:62:3A:B6:EC:AB:2A:8B:4C:7B:39:F3:C6:73:FF:C0:ED:80:FE
X509v3 Authority Key Identifier:
keyid:58:B3:DE:5F:9A:DB:50:FE:41:F6:DC:78:FF:D0:A2:C9:08:6D:25:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WLPeX5rbUP5B9tx4_9CiyQhtJRI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/SitiOrbsqyqLTHs588Zz_8DtgP4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/WLPeX5rbUP5B9tx4_9CiyQhtJRI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:c380::/29
Signature Algorithm: sha256WithRSAEncryption
13:b7:ef:04:04:66:21:de:8a:e0:f7:07:09:fe:10:66:f1:32:
99:17:50:df:ec:d0:1c:0a:92:44:1f:18:86:a9:a6:d7:f3:58:
24:76:f5:57:7d:de:38:f1:89:e0:b9:38:b3:a3:5d:6b:7d:9d:
6e:27:22:97:a0:49:07:96:10:4f:61:44:d9:6d:75:48:de:07:
24:3b:49:10:82:57:24:1b:cc:a1:1a:81:e1:1d:a7:91:c6:78:
36:20:92:54:29:d5:5b:56:c4:c2:d2:c6:53:7a:3c:e7:5c:6c:
49:9c:85:46:24:dd:0c:b8:93:3c:a6:fd:42:3e:20:b9:2f:f3:
67:55:80:2c:27:e1:d1:1a:2a:eb:98:86:d0:8c:d3:7c:04:6f:
67:5f:db:92:8b:f9:dd:c8:92:50:ab:c1:64:a6:0f:f7:64:bb:
da:8a:10:0a:35:84:e6:d0:27:2b:75:57:86:e8:2b:b8:10:57:
29:68:e1:80:6c:ac:13:1a:8c:1a:bf:aa:a6:b9:c5:66:0f:80:
27:b3:0f:e2:31:1a:5d:c5:0e:2c:b7:b8:a3:b9:0a:a9:fd:f8:
2f:35:39:ec:2e:70:94:f9:d8:92:93:32:b2:67:a3:ed:4b:13:
32:b4:70:df:97:4d:19:01:a8:26:7e:fa:06:bd:56:83:1d:3a:
ef:ee:7c:e9
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZaGeOAPsu7iqV61KZqqu/o9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YjNkZTVmOWFkYjUwZmU0MWY2ZGM3OGZmZDBhMmM5MDg2
ZDI1MTIwHhcNMjUwNDMwMTEzMzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTJiNjIzYWI2ZWNhYjJhOGI0YzdiMzlmM2M2NzNmZmMwZWQ4MGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3fzoiT/qdZLBX7u85fWJnXhFtSUN
0OynXAQxAvFQTcT9lejLse2HP1NlxBze9m8Knwdb+VqPLyQUUnWZ2whyqsQLrQEJ
gcgX3mwyxrA5lW5yGCBk3pQIfLhl10pAMxpx+1lUXcJHaAsKcVYjaeV4jN4JOqZf
/9N/7VEJ21YxXn4TJUv5iwqAxI10vcfuP7kCtfdr+yl2qzO3uHKRm/aFUg5DZrEo
FYGz59NQtF9JxH143E1DSqs2yYmHvzrBKbC7hJnAhLQ6r1E8qUFKSubQ4y7huYTC
84ul65S9jJyR2xsHZu17AvnMvGRZNcOzURQOvUUMEc4+LGFUTL5vjXc8/wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFEorYjq27Ksqi0x7OfPGc//A7YD+MB8GA1UdIwQY
MBaAFFiz3l+a21D+QfbceP/QoskIbSUSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0xQZVg1cmJVUDVCOXR4NF85Q2l5UWh0SlJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC82Yjc0OTAtZTEwYS00MmUwLTllMmUt
NTMyMWQ2OWQ5NzlkLzEvU2l0aU9yYnNxeXFMVEhzNTg4WnpfOER0Z1A0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC82Yjc0OTAtZTEwYS00MmUwLTllMmUtNTMyMWQ2OWQ5Nzlk
LzEvV0xQZVg1cmJVUDVCOXR4NF85Q2l5UWh0SlJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhTDgDAN
BgkqhkiG9w0BAQsFAAOCAQEAE7fvBARmId6K4PcHCf4QZvEymRdQ3+zQHAqSRB8Y
hqmm1/NYJHb1V33eOPGJ4Lk4s6Nda32dbicil6BJB5YQT2FE2W11SN4HJDtJEIJX
JBvMoRqB4R2nkcZ4NiCSVCnVW1bEwtLGU3o851xsSZyFRiTdDLiTPKb9Qj4guS/z
Z1WALCfh0Roq65iG0IzTfARvZ1/bkov53ciSUKvBZKYP92S72ooQCjWE5tAnK3VX
hugruBBXKWjhgGysExqMGr+qprnFZg+AJ7MP4jEaXcUOLLe4o7kKqf34LzU57C5w
lPnYkpMysmej7UsTMrRw35dNGQGoJn76Br1Wgx067+586Q==
-----END CERTIFICATE-----
Generated at Thu May 1 15:22:22 2025 by rpki-client