Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/UV0SVDziFZVTED17NCMkbUUrhZU.roa
File: UV0SVDziFZVTED17NCMkbUUrhZU.roa (raw, json)
Hash identifier: KdxBMMSlWe0EF/zK+9qsQxGjth8/of5sRqMt09IJyRs=
Subject key identifier: 51:5D:12:54:3C:E2:15:95:53:10:3D:7B:34:23:24:6D:45:2B:85:95
Certificate issuer: /CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Certificate serial: 0196433ECBAD3FB3A57CD2F80951C5BD6DF8
Authority key identifier: EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/UV0SVDziFZVTED17NCMkbUUrhZU.roa
Signing time: Thu 17 Apr 2025 10:15:10 +0000
ROA not before: Thu 17 Apr 2025 10:15:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213220
IP address blocks: 2a13:f083::/32 maxlen: 32
2a13:f084::/32 maxlen: 32
2a13:f085::/32 maxlen: 32
2a13:f086::/32 maxlen: 32
2a13:f087::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.mft
rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 01 May 2025 09:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:43:3e:cb:ad:3f:b3:a5:7c:d2:f8:09:51:c5:bd:6d:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Validity
Not Before: Apr 17 10:15:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=515d12543ce2159553103d7b3423246d452b8595
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:5f:94:18:d0:e4:b8:e9:fb:9d:9d:0c:a0:00:
8e:84:5b:5d:65:61:9a:a3:50:68:23:83:82:e0:6e:
b6:3e:e5:f2:33:fc:a8:3d:bc:51:86:8c:cf:64:07:
e0:c0:7b:58:5a:47:5d:f1:26:6f:3f:4a:63:7f:b8:
45:cd:df:6d:d7:69:db:8a:3b:df:bc:b8:98:5d:31:
75:56:ee:ca:bb:40:9d:dc:2d:c0:09:6e:49:20:8a:
ab:6c:21:94:b9:55:d8:2e:8b:83:da:d0:db:a3:e2:
13:12:94:2a:21:f0:45:3c:f0:bb:c4:e6:e2:7f:19:
2d:a9:f6:ea:9e:5f:ea:c0:e9:8e:48:9b:bc:1a:2b:
ff:7b:71:d9:ad:2c:45:73:1e:2e:d2:e6:cf:61:7a:
2d:b7:db:11:da:1b:8f:42:5d:32:17:82:b8:25:0c:
c8:ac:8d:c3:6e:b5:8f:7d:f4:61:39:cd:13:44:6e:
29:02:b3:e4:1f:0b:a6:25:14:83:47:14:5d:d8:30:
67:bf:3a:8f:2f:6f:6d:be:db:65:55:96:b3:5c:5f:
f0:83:85:71:eb:70:91:77:af:8c:9a:69:89:2f:6b:
c3:28:d6:8c:6e:98:0c:3b:b7:1b:10:a9:45:6f:a7:
5c:fb:23:9a:25:b7:ca:fc:01:95:a6:fe:ca:b5:5a:
10:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:5D:12:54:3C:E2:15:95:53:10:3D:7B:34:23:24:6D:45:2B:85:95
X509v3 Authority Key Identifier:
keyid:EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/UV0SVDziFZVTED17NCMkbUUrhZU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:f083::-2a13:f087:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
18:08:53:95:c2:59:d3:fe:dd:d9:53:7d:34:d0:ef:74:27:3c:
27:10:83:e5:3a:cf:db:dc:2d:86:ba:6f:ba:cc:17:00:4d:5b:
c6:21:f8:cc:bf:87:45:e7:32:c3:d4:77:58:48:30:84:c4:d9:
ac:4d:a4:53:55:c7:63:0f:03:cb:84:58:ec:80:8c:3c:82:ca:
93:05:21:87:70:af:64:84:2a:1b:b7:b5:57:3a:99:af:9e:a1:
4b:d0:e3:09:da:e5:c9:c3:74:1f:f0:30:5b:37:74:73:dc:4f:
db:06:8b:44:06:17:38:75:0d:b0:1b:cd:81:22:7d:74:ca:c5:
70:5a:8a:7d:f3:e9:a7:a3:00:9f:37:97:c4:d0:05:80:f7:57:
6d:86:00:ad:c2:df:5e:56:36:64:f1:73:b9:5a:98:00:bb:4a:
bb:fb:62:df:c6:75:f5:c3:b3:cc:78:90:2d:0a:8a:40:d0:14:
ad:f2:a0:65:9e:2e:07:31:03:56:20:ae:76:97:4e:06:4a:58:
89:4b:ae:55:c0:e0:7d:84:e5:41:07:91:15:96:f6:fe:15:eb:
13:52:f4:9c:90:11:cc:87:40:ac:a8:6b:09:40:0e:7f:f8:a9:
da:35:9b:69:e9:b1:75:c6:41:5b:6f:c3:b1:ee:be:9d:89:ce:
3d:44:35:39
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAZZDPsutP7OlfNL4CVHFvW34MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYmJmMzE3ZTVmYWY1ZWYwMmM5Y2NlNzk1MjdkNWU3NGI4
YWJjYzUwHhcNMjUwNDE3MTAxNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTVkMTI1NDNjZTIxNTk1NTMxMDNkN2IzNDIzMjQ2ZDQ1MmI4NTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg1+UGNDkuOn7nZ0MoACOhFtdZWGa
o1BoI4OC4G62PuXyM/yoPbxRhozPZAfgwHtYWkdd8SZvP0pjf7hFzd9t12nbijvf
vLiYXTF1Vu7Ku0Cd3C3ACW5JIIqrbCGUuVXYLouD2tDbo+ITEpQqIfBFPPC7xObi
fxktqfbqnl/qwOmOSJu8Giv/e3HZrSxFcx4u0ubPYXott9sR2huPQl0yF4K4JQzI
rI3DbrWPffRhOc0TRG4pArPkHwumJRSDRxRd2DBnvzqPL29tvttlVZazXF/wg4Vx
63CRd6+MmmmJL2vDKNaMbpgMO7cbEKlFb6dc+yOaJbfK/AGVpv7KtVoQiwIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFFFdElQ84hWVUxA9ezQjJG1FK4WVMB8GA1UdIwQY
MBaAFO678xfl+vXvAsnM55Un1edLirzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMt
NmZlOWJmNjA1NjFjLzEvVVYwU1ZEemlGWlZURUQxN05DTWtiVVVyaFpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMtNmZlOWJmNjA1NjFj
LzEvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQMA4DBQAqE/CD
AwUDKhPwgDANBgkqhkiG9w0BAQsFAAOCAQEAGAhTlcJZ0/7d2VN9NNDvdCc8JxCD
5TrP29wthrpvuswXAE1bxiH4zL+HRecyw9R3WEgwhMTZrE2kU1XHYw8Dy4RY7ICM
PILKkwUhh3CvZIQqG7e1VzqZr56hS9DjCdrlycN0H/AwWzd0c9xP2waLRAYXOHUN
sBvNgSJ9dMrFcFqKffPpp6MAnzeXxNAFgPdXbYYArcLfXlY2ZPFzuVqYALtKu/ti
38Z19cOzzHiQLQqKQNAUrfKgZZ4uBzEDViCudpdOBkpYiUuuVcDgfYTlQQeRFZb2
/hXrE1L0nJARzIdArKhrCUAOf/ip2jWbaemxdcZBW2/Dse6+nYnOPUQ1OQ==
-----END CERTIFICATE-----
Generated at Wed Apr 30 13:34:14 2025 by rpki-client