Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/8_VofHRjLqpbexG_OvMfcAc1YnM.roa
File: 8_VofHRjLqpbexG_OvMfcAc1YnM.roa (raw, json)
Hash identifier: LU1FpEuXnyVe9W4sDVOna2qpuw6a/LcZ+SoooZ+qS1I=
Subject key identifier: F3:F5:68:7C:74:63:2E:AA:5B:7B:11:BF:3A:F3:1F:70:07:35:62:73
Certificate issuer: /CN=3ee770f47fd903925d80ac58e05e076f3baa110b
Certificate serial: 0196637FEDC2AFB3464154C79832E88DF0CE
Authority key identifier: 3E:E7:70:F4:7F:D9:03:92:5D:80:AC:58:E0:5E:07:6F:3B:AA:11:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/8_VofHRjLqpbexG_OvMfcAc1YnM.roa
Signing time: Wed 23 Apr 2025 16:34:10 +0000
ROA not before: Wed 23 Apr 2025 16:34:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2a00:fbe0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:63:7f:ed:c2:af:b3:46:41:54:c7:98:32:e8:8d:f0:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ee770f47fd903925d80ac58e05e076f3baa110b
Validity
Not Before: Apr 23 16:34:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f3f5687c74632eaa5b7b11bf3af31f7007356273
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:19:e6:d5:3c:e1:06:e4:78:5f:8b:00:b0:19:
86:82:02:07:fa:39:52:ff:dc:33:83:3a:4c:42:f0:
6f:bc:cd:7f:65:ab:7d:28:72:3c:58:7a:0e:ab:76:
30:e0:97:53:b6:78:b5:27:64:df:d2:7c:2d:90:9b:
e3:45:09:cf:e3:ff:eb:e4:9c:5e:03:f5:a0:63:2f:
2a:b0:26:14:28:52:22:7d:28:64:30:ad:12:76:e4:
50:38:a4:07:90:9e:ca:f0:f2:e5:cb:2c:d0:70:bd:
b2:e2:5e:8b:d0:6e:5f:8b:5c:c8:0e:ef:21:d6:ef:
6f:ec:6c:40:b4:0a:ff:91:2e:5d:28:40:98:1c:b8:
77:8e:0c:c1:47:2e:62:c0:4d:87:af:9f:e2:75:4b:
18:39:40:88:e6:5c:1d:92:b9:84:bd:86:1a:8f:04:
7a:bf:c0:47:7e:88:e3:95:d8:e2:84:08:63:c6:30:
22:63:d5:ca:5c:f9:2a:a8:a3:11:1c:d8:61:98:f2:
61:cb:68:10:e8:26:26:6a:37:e2:fd:c4:8f:36:35:
62:02:b9:4c:fc:f0:61:2b:26:b3:83:90:e0:cc:cc:
4b:da:ea:6e:9f:6e:e5:9a:c3:ed:9c:33:dc:bb:fe:
68:48:d4:57:2f:b4:ed:77:72:ef:17:ad:10:c5:8e:
26:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:F5:68:7C:74:63:2E:AA:5B:7B:11:BF:3A:F3:1F:70:07:35:62:73
X509v3 Authority Key Identifier:
keyid:3E:E7:70:F4:7F:D9:03:92:5D:80:AC:58:E0:5E:07:6F:3B:AA:11:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/8_VofHRjLqpbexG_OvMfcAc1YnM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:fbe0::/29
Signature Algorithm: sha256WithRSAEncryption
85:63:63:37:2f:37:e0:94:f1:3a:13:c1:3c:ec:5a:95:e2:72:
2d:e3:96:1a:65:99:80:d8:66:62:f2:68:d7:d6:d9:88:87:87:
13:d1:d2:16:ae:ef:8e:aa:cb:20:50:49:d5:c1:18:ea:4b:ae:
72:3d:76:82:b5:f2:02:67:ab:c5:2d:58:17:2e:6a:29:e6:85:
0e:06:d2:06:a7:5e:69:f6:4e:fd:2f:a0:96:16:83:89:8f:c7:
a2:03:44:94:83:48:28:32:20:4c:a4:a3:ee:97:f9:9c:90:1c:
e4:7b:5e:72:83:57:4e:72:8a:46:42:d2:3f:60:5a:d9:51:73:
7e:8e:2c:7a:ef:f6:7b:b9:63:e1:b9:aa:4e:58:e4:b1:e2:7e:
25:66:fc:1b:4a:5f:ba:2b:0d:06:41:4e:75:c3:c7:8d:ae:df:
cb:e2:0b:38:9d:fd:05:c0:38:e2:a8:8e:1d:ee:04:7c:04:91:
9f:be:b9:33:78:41:85:6a:8f:bf:46:8a:e1:2b:48:2e:32:1f:
ed:d5:bd:71:20:05:d4:50:fb:62:cb:d1:3d:68:69:23:02:d5:
1a:9f:10:31:c6:12:6b:be:73:46:2e:bc:5c:14:81:78:51:29:
62:2f:33:d6:4f:64:43:ca:a6:3c:52:0b:54:58:75:93:a6:4e:
17:58:88:4b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZZjf+3Cr7NGQVTHmDLojfDOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZTc3MGY0N2ZkOTAzOTI1ZDgwYWM1OGUwNWUwNzZmM2Jh
YTExMGIwHhcNMjUwNDIzMTYzNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2Y1Njg3Yzc0NjMyZWFhNWI3YjExYmYzYWYzMWY3MDA3MzU2MjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Rnm1TzhBuR4X4sAsBmGggIH+jlS
/9wzgzpMQvBvvM1/Zat9KHI8WHoOq3Yw4JdTtni1J2Tf0nwtkJvjRQnP4//r5Jxe
A/WgYy8qsCYUKFIifShkMK0SduRQOKQHkJ7K8PLlyyzQcL2y4l6L0G5fi1zIDu8h
1u9v7GxAtAr/kS5dKECYHLh3jgzBRy5iwE2Hr5/idUsYOUCI5lwdkrmEvYYajwR6
v8BHfojjldjihAhjxjAiY9XKXPkqqKMRHNhhmPJhy2gQ6CYmajfi/cSPNjViArlM
/PBhKyazg5DgzMxL2upun27lmsPtnDPcu/5oSNRXL7Ttd3LvF60QxY4m1wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPP1aHx0Yy6qW3sRvzrzH3AHNWJzMB8GA1UdIwQY
MBaAFD7ncPR/2QOSXYCsWOBeB287qhELMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHVkdzlIX1pBNUpkZ0t4WTRGNEhienVxRVFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi80MzQzNDQtMzIzZS00OGY4LWFkZTIt
NjI0ZjgzNjgyMTY5LzEvOF9Wb2ZIUmpMcXBiZXhHX092TWZjQWMxWW5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi80MzQzNDQtMzIzZS00OGY4LWFkZTItNjI0ZjgzNjgyMTY5
LzEvUHVkdzlIX1pBNUpkZ0t4WTRGNEhienVxRVFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgD74DAN
BgkqhkiG9w0BAQsFAAOCAQEAhWNjNy834JTxOhPBPOxaleJyLeOWGmWZgNhmYvJo
19bZiIeHE9HSFq7vjqrLIFBJ1cEY6kuucj12grXyAmerxS1YFy5qKeaFDgbSBqde
afZO/S+glhaDiY/HogNElINIKDIgTKSj7pf5nJAc5HtecoNXTnKKRkLSP2Ba2VFz
fo4seu/2e7lj4bmqTljkseJ+JWb8G0pfuisNBkFOdcPHja7fy+ILOJ39BcA44qiO
He4EfASRn765M3hBhWqPv0aK4StILjIf7dW9cSAF1FD7YsvRPWhpIwLVGp8QMcYS
a75zRi68XBSBeFEpYi8z1k9kQ8qmPFILVFh1k6ZOF1iISw==
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:57:55 2025 by rpki-client