Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/_csBcDYzb2UN7nj7MZU8xulljAs.roa
File: _csBcDYzb2UN7nj7MZU8xulljAs.roa (raw, json)
Hash identifier: 330TyOYDhWWv8Vcgf3Ynh+LQ+G+FQVxCOxcbH3jEGes=
Subject key identifier: FD:CB:01:70:36:33:6F:65:0D:EE:78:FB:31:95:3C:C6:E9:65:8C:0B
Certificate issuer: /CN=58ad60da52671e9083cf39864eca2aa23241be9e
Certificate serial: 019654AC26BB2A6C58DD54DD23E19E9C0167
Authority key identifier: 58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/_csBcDYzb2UN7nj7MZU8xulljAs.roa
Signing time: Sun 20 Apr 2025 19:28:10 +0000
ROA not before: Sun 20 Apr 2025 19:28:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2a0b:8440::/29 maxlen: 29
2a0b:b480::/29 maxlen: 29
2a10:a9c0::/29 maxlen: 29
2a13:5040::/29 maxlen: 29
2a13:cdc0::/29 maxlen: 29
2a13:d140::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.mft
rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 10:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:54:ac:26:bb:2a:6c:58:dd:54:dd:23:e1:9e:9c:01:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ad60da52671e9083cf39864eca2aa23241be9e
Validity
Not Before: Apr 20 19:28:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fdcb017036336f650dee78fb31953cc6e9658c0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:eb:57:b8:88:12:c7:8d:0a:0d:79:3c:8e:f7:
f7:f5:13:b1:47:99:26:89:0f:74:ae:3f:ef:82:ee:
49:90:34:19:e8:39:e9:eb:fb:83:13:75:35:3f:2c:
47:d6:17:69:1c:0e:3f:32:b4:2a:de:32:f0:b8:02:
86:bf:c3:92:48:a1:bc:87:43:4d:56:e0:73:10:7f:
02:ef:2c:61:f1:77:3d:83:bd:d8:06:24:43:44:2c:
9b:5c:22:69:12:0e:7e:18:14:7b:1c:8e:14:48:d8:
a4:3a:e8:9b:e7:fb:ae:d5:c1:05:f4:7d:1f:8b:fc:
d6:a8:b5:f0:7c:5f:bc:16:5a:98:e5:e9:55:b1:de:
8d:ad:fc:06:15:e1:42:1e:68:3a:ef:cc:46:70:aa:
72:a5:14:bb:3d:83:3e:b6:a7:2f:5d:d0:a4:e9:be:
d4:4b:77:9f:fb:41:19:8d:91:4f:c7:fe:8d:7f:59:
70:40:ef:70:dd:ee:1d:8a:d8:50:fb:6e:71:94:ff:
3c:89:e4:ab:ed:1a:91:63:1c:f1:ea:7b:4f:f4:39:
84:99:8a:15:c8:1d:bc:21:5c:ee:36:01:63:60:68:
0a:73:2e:2b:74:47:a6:7b:05:7e:a6:ec:52:fe:29:
99:0f:34:03:8d:ba:31:96:b6:09:c1:ec:7a:35:80:
17:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:CB:01:70:36:33:6F:65:0D:EE:78:FB:31:95:3C:C6:E9:65:8C:0B
X509v3 Authority Key Identifier:
keyid:58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/_csBcDYzb2UN7nj7MZU8xulljAs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:8440::/29
2a0b:b480::/29
2a10:a9c0::/29
2a13:5040::/29
2a13:cdc0::/29
2a13:d140::/29
Signature Algorithm: sha256WithRSAEncryption
53:1c:bb:44:47:cf:d8:d5:5a:f0:ea:c5:f3:35:ca:9f:6c:3a:
18:49:7c:22:05:cf:37:38:20:ac:cb:f8:1c:f4:88:2b:42:8a:
1f:29:31:33:a3:a6:94:3b:cf:38:db:e9:0f:45:55:09:5a:bb:
b4:fd:8c:f1:b0:3b:52:16:ce:08:8b:17:dd:c8:b9:68:9f:cd:
f7:1e:0d:61:70:6c:ac:85:7f:a8:a2:6c:75:62:28:0d:1f:ab:
09:d3:5f:58:b3:34:11:e7:8f:b7:b2:fe:2d:2c:f7:a1:fd:45:
75:0a:eb:ab:74:20:68:41:ab:a1:26:02:7c:92:24:d3:50:2b:
90:bb:26:ec:a3:12:c6:3d:07:cb:06:78:eb:de:47:b7:b4:3c:
89:89:b4:a7:59:39:82:65:52:0e:06:b7:29:e4:4d:f8:8e:72:
37:02:2c:86:5f:ba:e1:cb:9d:25:42:96:39:c4:35:24:a9:42:
31:a6:4b:b0:a6:d1:db:2f:03:c7:bb:c4:90:30:bf:28:5c:87:
e2:50:08:54:26:0d:40:0b:4b:8e:37:1a:c0:2a:95:eb:f2:1f:
56:93:01:21:a3:65:e1:44:36:a9:3e:3a:f0:0b:99:1c:f4:54:
1b:da:5d:72:55:46:33:37:0e:f6:f8:8c:c5:2a:97:e2:b5:81:
9d:fa:0c:31
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZZUrCa7KmxY3VTdI+GenAFnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YWQ2MGRhNTI2NzFlOTA4M2NmMzk4NjRlY2EyYWEyMzI0
MWJlOWUwHhcNMjUwNDIwMTkyODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGNiMDE3MDM2MzM2ZjY1MGRlZTc4ZmIzMTk1M2NjNmU5NjU4YzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1OtXuIgSx40KDXk8jvf39ROxR5km
iQ90rj/vgu5JkDQZ6Dnp6/uDE3U1PyxH1hdpHA4/MrQq3jLwuAKGv8OSSKG8h0NN
VuBzEH8C7yxh8Xc9g73YBiRDRCybXCJpEg5+GBR7HI4USNikOuib5/uu1cEF9H0f
i/zWqLXwfF+8FlqY5elVsd6NrfwGFeFCHmg678xGcKpypRS7PYM+tqcvXdCk6b7U
S3ef+0EZjZFPx/6Nf1lwQO9w3e4dithQ+25xlP88ieSr7RqRYxzx6ntP9DmEmYoV
yB28IVzuNgFjYGgKcy4rdEemewV+puxS/imZDzQDjboxlrYJwex6NYAXXwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFP3LAXA2M29lDe54+zGVPMbpZYwLMB8GA1UdIwQY
MBaAFFitYNpSZx6Qg885hk7KKqIyQb6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDct
MTFiM2NmM2ZkNGUxLzEvX2NzQmNEWXpiMlVON25qN01aVTh4dWxsakFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDctMTFiM2NmM2ZkNGUx
LzEvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUDKguEQAMF
AyoLtIADBQMqEKnAAwUDKhNQQAMFAyoTzcADBQMqE9FAMA0GCSqGSIb3DQEBCwUA
A4IBAQBTHLtER8/Y1Vrw6sXzNcqfbDoYSXwiBc83OCCsy/gc9IgrQoofKTEzo6aU
O8842+kPRVUJWru0/YzxsDtSFs4IixfdyLlon833Hg1hcGyshX+oomx1YigNH6sJ
019YszQR54+3sv4tLPeh/UV1CuurdCBoQauhJgJ8kiTTUCuQuybsoxLGPQfLBnjr
3ke3tDyJibSnWTmCZVIOBrcp5E34jnI3AiyGX7rhy50lQpY5xDUkqUIxpkuwptHb
LwPHu8SQML8oXIfiUAhUJg1AC0uONxrAKpXr8h9WkwEho2XhRDapPjrwC5kc9FQb
2l1yVUYzNw72+IzFKpfitYGd+gwx
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:57:37 2025 by rpki-client