Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/BGevSFnT8xf0CHSmJ5dghUTZM0Y.roa
File: BGevSFnT8xf0CHSmJ5dghUTZM0Y.roa (raw, json)
Hash identifier: RseQir4/MNTB+/zBlyt2uTS8Nl4/HA8197lwxaxF7lE=
Subject key identifier: 04:67:AF:48:59:D3:F3:17:F4:08:74:A6:27:97:60:85:44:D9:33:46
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 01964DFDF275CAFD598E0D526FFA3F644B8E
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/BGevSFnT8xf0CHSmJ5dghUTZM0Y.roa
Signing time: Sat 19 Apr 2025 12:20:10 +0000
ROA not before: Sat 19 Apr 2025 12:20:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 63023
IP address blocks: 2a10:17c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 06:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:4d:fd:f2:75:ca:fd:59:8e:0d:52:6f:fa:3f:64:4b:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: Apr 19 12:20:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0467af4859d3f317f40874a62797608544d93346
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:2b:eb:0a:c0:62:74:2e:9c:e2:d6:ad:15:76:
e1:81:54:a5:53:8c:f6:a2:c8:50:7b:59:1c:9a:0c:
ac:5d:12:da:b2:e3:a5:6e:39:2b:b4:bd:23:a7:e6:
72:d3:aa:74:09:ca:e7:a7:74:51:88:e1:d0:40:4c:
12:91:3a:6d:8c:4e:1a:76:72:b6:93:82:f3:09:88:
8d:2c:58:cd:53:e1:07:75:c3:9b:51:a2:c1:87:bf:
e1:d4:48:c4:c9:09:d6:b4:49:ec:ae:c0:5f:59:5d:
64:cf:00:3d:94:6e:aa:c4:5d:3c:cc:e8:bb:48:c2:
86:db:8b:62:d6:f5:a6:c7:7b:f1:93:e4:41:8d:0b:
36:f1:7b:b7:38:5c:f8:12:fc:18:9c:a3:30:c6:1f:
77:3a:40:d1:80:e5:af:77:49:dc:1b:b9:14:e8:70:
9d:ce:f3:0c:15:f8:cc:3b:43:f1:21:2d:f9:53:0e:
70:b7:8f:00:32:dc:a7:13:6e:97:38:4b:79:06:cf:
af:cc:d2:aa:4d:c2:4e:e9:54:1e:83:43:ea:c0:c5:
27:0b:8d:b0:c5:58:21:22:ff:c7:0e:d5:bb:61:75:
45:8d:0b:e2:a7:ed:ec:b5:2a:59:5b:51:19:9e:1f:
b9:e5:fd:7d:05:a1:2b:d7:ad:9d:64:b9:6d:7b:02:
2b:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:67:AF:48:59:D3:F3:17:F4:08:74:A6:27:97:60:85:44:D9:33:46
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/BGevSFnT8xf0CHSmJ5dghUTZM0Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:17c0::/29
Signature Algorithm: sha256WithRSAEncryption
4c:da:65:80:5c:98:2b:99:dc:ba:47:65:c8:c7:ee:4f:d6:57:
a8:79:04:5c:0f:72:cb:97:f8:c0:fd:e6:c1:4e:51:17:e9:f0:
98:f3:71:9d:cc:e5:e7:54:e9:ec:bf:ab:22:c1:83:70:c3:22:
1d:f5:d5:ed:43:c3:c5:b6:2a:38:b9:89:89:57:52:d6:80:6c:
45:a0:a7:6d:e0:4c:07:89:5f:a3:70:19:62:01:87:d5:96:00:
6d:e6:00:55:4a:d7:52:07:78:a3:83:80:cd:ec:ba:69:b0:d2:
ed:51:b6:db:bd:94:77:48:e7:f9:4c:7c:0a:9d:65:d3:75:79:
12:76:2d:d5:17:e9:d8:99:2e:d8:1f:d1:13:4c:8e:40:e4:f4:
d9:9d:9b:1f:46:88:df:fd:ef:96:ff:3d:8e:98:6d:f9:94:c3:
c4:00:6e:cf:36:bb:aa:c7:c2:8d:a0:9c:7f:fd:bf:8c:e6:09:
ea:4f:34:69:16:f4:01:7f:ab:a7:04:7d:b8:d5:69:bb:f3:0e:
62:ac:af:06:97:2f:3d:1f:cb:d0:f0:6d:a8:65:e9:fd:a5:65:
b6:02:36:24:6d:21:38:87:84:a5:57:f6:c6:7c:e0:de:29:10:
30:f0:b8:a4:90:41:39:37:13:2a:3b:00:01:82:39:3c:da:2c:
75:5c:11:82
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZZN/fJ1yv1Zjg1Sb/o/ZEuOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNzYwM2E5M2JjYTMxYjAxOGY1MTFmNmQ0YjBiNzU0NmU5
NjMzNjIwHhcNMjUwNDE5MTIyMDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDY3YWY0ODU5ZDNmMzE3ZjQwODc0YTYyNzk3NjA4NTQ0ZDkzMzQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxyvrCsBidC6c4tatFXbhgVSlU4z2
oshQe1kcmgysXRLasuOlbjkrtL0jp+Zy06p0Ccrnp3RRiOHQQEwSkTptjE4adnK2
k4LzCYiNLFjNU+EHdcObUaLBh7/h1EjEyQnWtEnsrsBfWV1kzwA9lG6qxF08zOi7
SMKG24ti1vWmx3vxk+RBjQs28Xu3OFz4EvwYnKMwxh93OkDRgOWvd0ncG7kU6HCd
zvMMFfjMO0PxIS35Uw5wt48AMtynE26XOEt5Bs+vzNKqTcJO6VQeg0PqwMUnC42w
xVghIv/HDtW7YXVFjQvip+3stSpZW1EZnh+55f19BaEr162dZLltewIrHQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFARnr0hZ0/MX9Ah0pieXYIVE2TNGMB8GA1UdIwQY
MBaAFIJ2A6k7yjGwGPUR9tSwt1RuljNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYt
YjE2Y2I0ZGZhZGQzLzEvQkdldlNGblQ4eGYwQ0hTbUo1ZGdoVVRaTTBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYtYjE2Y2I0ZGZhZGQz
LzEvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhAXwDAN
BgkqhkiG9w0BAQsFAAOCAQEATNplgFyYK5ncukdlyMfuT9ZXqHkEXA9yy5f4wP3m
wU5RF+nwmPNxnczl51Tp7L+rIsGDcMMiHfXV7UPDxbYqOLmJiVdS1oBsRaCnbeBM
B4lfo3AZYgGH1ZYAbeYAVUrXUgd4o4OAzey6abDS7VG2272Ud0jn+Ux8Cp1l03V5
EnYt1Rfp2Jku2B/RE0yOQOT02Z2bH0aI3/3vlv89jpht+ZTDxABuzza7qsfCjaCc
f/2/jOYJ6k80aRb0AX+rpwR9uNVpu/MOYqyvBpcvPR/L0PBtqGXp/aVltgI2JG0h
OIeEpVf2xnzg3ikQMPC4pJBBOTcTKjsAAYI5PNosdVwRgg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:50:39 2025 by rpki-client