Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/bb6f38-2369-446f-88f2-0b4575b69c57/1/1hMpXEk-3MWaN_1A5D8V9EPMUFk.roa
File: 1hMpXEk-3MWaN_1A5D8V9EPMUFk.roa (raw, json)
Hash identifier: CWNT05GFaywUZSs5xqqgNA+kl89pNKE3DHnIiDI2iJE=
Subject key identifier: D6:13:29:5C:49:3E:DC:C5:9A:37:FD:40:E4:3F:15:F4:43:CC:50:59
Certificate issuer: /CN=614c9585889f98e0c77f9b6cd80361aa02bdd68e
Certificate serial: 0194221FE4E85ECE4BDD23EC76934B6581E3
Authority key identifier: 61:4C:95:85:88:9F:98:E0:C7:7F:9B:6C:D8:03:61:AA:02:BD:D6:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YUyVhYifmODHf5ts2ANhqgK91o4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/bb6f38-2369-446f-88f2-0b4575b69c57/1/1hMpXEk-3MWaN_1A5D8V9EPMUFk.roa
Signing time: Wed 01 Jan 2025 13:48:23 +0000
ROA not before: Wed 01 Jan 2025 13:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60114
IP address blocks: 2a04:dd40::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/bb6f38-2369-446f-88f2-0b4575b69c57/1/YUyVhYifmODHf5ts2ANhqgK91o4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/bb6f38-2369-446f-88f2-0b4575b69c57/1/YUyVhYifmODHf5ts2ANhqgK91o4.mft
rsync://rpki.ripe.net/repository/DEFAULT/YUyVhYifmODHf5ts2ANhqgK91o4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 30 Apr 2025 15:02:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:e4:e8:5e:ce:4b:dd:23:ec:76:93:4b:65:81:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=614c9585889f98e0c77f9b6cd80361aa02bdd68e
Validity
Not Before: Jan 1 13:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d613295c493edcc59a37fd40e43f15f443cc5059
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:35:f6:93:f9:a1:f2:d0:a5:08:a4:4a:c3:8f:
cf:6d:9f:ec:89:57:3d:1f:2f:25:52:c8:bd:6a:59:
d1:bf:41:64:a2:06:63:5b:48:26:c2:26:83:f4:09:
75:66:07:5f:ef:48:07:ea:cd:55:59:6e:16:c4:e9:
48:4a:2e:d4:da:6c:a8:53:b6:06:59:1c:9e:99:b5:
e0:d5:0b:a6:60:cc:82:21:f6:2e:bd:82:e5:46:f4:
1e:98:e2:05:86:59:65:38:18:7b:9c:b6:c1:43:d9:
89:a0:c3:44:21:b6:98:db:4d:76:33:e0:bf:5c:a9:
91:4e:ae:18:85:2f:13:12:27:a9:eb:85:06:73:08:
79:e6:29:4e:69:1f:2b:7e:1b:b2:e2:c9:36:70:aa:
72:3f:98:c9:8d:62:46:cb:20:02:ec:b4:64:28:7f:
6a:54:88:b1:0b:9c:1b:69:74:d8:dc:de:82:a6:98:
b6:d2:05:ac:c3:de:1e:9f:e7:41:34:e5:3f:69:1d:
e9:f5:1c:5f:31:36:98:2e:19:45:f3:ee:b8:42:96:
a4:79:f7:92:61:a1:ae:4c:41:52:97:fb:fb:85:e2:
09:3e:d7:e8:f1:46:e3:54:8b:4c:55:d8:09:f0:bb:
88:ac:1a:57:aa:48:e4:50:e6:99:f0:f0:68:ca:7f:
37:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:13:29:5C:49:3E:DC:C5:9A:37:FD:40:E4:3F:15:F4:43:CC:50:59
X509v3 Authority Key Identifier:
keyid:61:4C:95:85:88:9F:98:E0:C7:7F:9B:6C:D8:03:61:AA:02:BD:D6:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YUyVhYifmODHf5ts2ANhqgK91o4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/bb6f38-2369-446f-88f2-0b4575b69c57/1/1hMpXEk-3MWaN_1A5D8V9EPMUFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/bb6f38-2369-446f-88f2-0b4575b69c57/1/YUyVhYifmODHf5ts2ANhqgK91o4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:dd40::/29
Signature Algorithm: sha256WithRSAEncryption
59:44:f1:ea:a5:73:39:0e:0e:39:07:ff:9d:f0:04:13:86:a8:
b6:b4:09:51:d5:24:78:02:e0:70:d5:d1:45:88:c3:2a:2e:91:
cc:16:17:9d:86:fe:80:20:d2:0c:61:99:3d:ab:0e:88:37:2d:
a0:90:2f:47:33:9f:22:13:2d:2c:6c:a9:4f:c0:54:01:b8:15:
de:c0:e0:2d:11:ee:55:c5:1e:03:6b:d9:25:b4:44:05:be:67:
76:11:42:16:77:96:70:a0:96:01:cb:aa:dd:a1:fe:4c:82:70:
61:42:f8:65:6e:ba:26:80:64:ed:95:a3:9c:e4:87:9e:ff:4f:
b9:8b:2c:34:bc:14:4b:6a:10:64:b2:94:c1:4f:91:9f:28:71:
fb:66:5a:75:b0:05:ef:ff:08:e8:eb:34:7b:74:d5:81:8c:c8:
50:02:9b:a2:c1:46:47:23:43:13:29:4b:70:63:e6:14:d6:93:
63:95:56:da:96:ff:27:a3:ff:1c:f3:b0:bd:81:3b:a3:ec:af:
02:0f:42:00:80:ed:04:6b:d6:50:02:6b:98:21:a8:84:63:0a:
64:52:5c:8c:30:81:da:8a:0c:4b:ce:fe:cd:c1:8e:74:80:f6:
5b:08:d1:69:59:b1:18:55:79:a8:d9:bf:4c:8c:f5:76:6b:fb:
66:ab:98:74
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQiH+ToXs5L3SPsdpNLZYHjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxNGM5NTg1ODg5Zjk4ZTBjNzdmOWI2Y2Q4MDM2MWFhMDJi
ZGQ2OGUwHhcNMjUwMTAxMTM0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjEzMjk1YzQ5M2VkY2M1OWEzN2ZkNDBlNDNmMTVmNDQzY2M1MDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArDX2k/mh8tClCKRKw4/PbZ/siVc9
Hy8lUsi9alnRv0FkogZjW0gmwiaD9Al1Zgdf70gH6s1VWW4WxOlISi7U2myoU7YG
WRyembXg1QumYMyCIfYuvYLlRvQemOIFhlllOBh7nLbBQ9mJoMNEIbaY2012M+C/
XKmRTq4YhS8TEiep64UGcwh55ilOaR8rfhuy4sk2cKpyP5jJjWJGyyAC7LRkKH9q
VIixC5wbaXTY3N6Cppi20gWsw94en+dBNOU/aR3p9RxfMTaYLhlF8+64QpakefeS
YaGuTEFSl/v7heIJPtfo8UbjVItMVdgJ8LuIrBpXqkjkUOaZ8PBoyn83cwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNYTKVxJPtzFmjf9QOQ/FfRDzFBZMB8GA1UdIwQY
MBaAFGFMlYWIn5jgx3+bbNgDYaoCvdaOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVV5VmhZaWZtT0RIZjV0czJBTmhxZ0s5MW80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9iYjZmMzgtMjM2OS00NDZmLTg4ZjIt
MGI0NTc1YjY5YzU3LzEvMWhNcFhFay0zTVdhTl8xQTVEOFY5RVBNVUZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9iYjZmMzgtMjM2OS00NDZmLTg4ZjItMGI0NTc1YjY5YzU3
LzEvWVV5VmhZaWZtT0RIZjV0czJBTmhxZ0s5MW80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgTdQDAN
BgkqhkiG9w0BAQsFAAOCAQEAWUTx6qVzOQ4OOQf/nfAEE4aotrQJUdUkeALgcNXR
RYjDKi6RzBYXnYb+gCDSDGGZPasOiDctoJAvRzOfIhMtLGypT8BUAbgV3sDgLRHu
VcUeA2vZJbREBb5ndhFCFneWcKCWAcuq3aH+TIJwYUL4ZW66JoBk7ZWjnOSHnv9P
uYssNLwUS2oQZLKUwU+Rnyhx+2ZadbAF7/8I6Os0e3TVgYzIUAKbosFGRyNDEylL
cGPmFNaTY5VW2pb/J6P/HPOwvYE7o+yvAg9CAIDtBGvWUAJrmCGohGMKZFJcjDCB
2ooMS87+zcGOdID2WwjRaVmxGFV5qNm/TIz1dmv7ZquYdA==
-----END CERTIFICATE-----
Generated at Wed Apr 30 00:18:22 2025 by rpki-client