Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/prBGAJfo6jykezuLUpZ1BEDdn5A.roa
File: prBGAJfo6jykezuLUpZ1BEDdn5A.roa (raw, json)
Hash identifier: STwdoXQqtV0U9DHkB0uJmQZyaRCvXoZ221e5pNUAHBY=
Subject key identifier: A6:B0:46:00:97:E8:EA:3C:A4:7B:3B:8B:52:96:75:04:40:DD:9F:90
Certificate issuer: /CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Certificate serial: 0195F7F121352AA957247AB09E2970FFB1C7
Authority key identifier: 63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/prBGAJfo6jykezuLUpZ1BEDdn5A.roa
Signing time: Wed 02 Apr 2025 19:18:49 +0000
ROA not before: Wed 02 Apr 2025 19:18:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34665
IP address blocks: 2a11:8306::/32 maxlen: 32
2a11:8447::/32 maxlen: 32
2a11:cd04::/32 maxlen: 32
2a11:d084::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/YyzYf-q-QHUi4GVT8usFoMFgL78.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/YyzYf-q-QHUi4GVT8usFoMFgL78.mft
rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 09:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f7:f1:21:35:2a:a9:57:24:7a:b0:9e:29:70:ff:b1:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Validity
Not Before: Apr 2 19:18:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a6b0460097e8ea3ca47b3b8b5296750440dd9f90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:fa:d2:d8:b8:0e:5d:f7:2e:d1:ed:af:c9:2a:
f2:24:1b:4d:0a:20:f5:6d:60:1d:5d:90:fb:25:57:
34:2a:9d:8a:d0:99:41:1c:c9:d3:a0:50:e3:aa:50:
70:fd:6d:9c:54:86:dd:28:2b:9e:ea:03:cf:6e:1b:
47:3c:59:84:9f:e3:b7:be:9c:1f:c8:87:cf:90:ed:
ad:6c:00:cf:4e:d2:18:cb:fe:ff:44:48:21:16:69:
25:c1:3f:60:86:0d:ef:aa:f9:ee:77:87:28:12:56:
96:45:43:bd:03:07:72:f6:9b:d6:a4:fc:ab:3c:53:
86:07:32:7a:c5:84:ee:ce:e0:22:01:6a:1b:05:cd:
6f:80:6d:d8:83:f2:ca:bf:a4:8d:87:27:28:a2:a1:
f2:2b:f5:c6:a9:c8:bf:9a:78:ae:a8:e6:51:86:2c:
bd:d2:73:56:1e:85:ce:75:71:4e:fb:b6:1c:58:44:
0a:46:76:49:8e:9b:6f:7e:fb:57:c4:b3:d0:4e:d5:
30:0e:87:9e:71:f9:59:27:23:b6:db:45:2a:a3:3e:
fc:68:5b:56:10:3a:60:46:b4:92:5e:0d:7e:e4:34:
90:77:c1:32:9c:5f:7d:c5:13:fe:cf:bb:20:62:3e:
48:a8:39:b6:fd:31:f7:f6:f7:49:f5:67:1e:11:2b:
94:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:B0:46:00:97:E8:EA:3C:A4:7B:3B:8B:52:96:75:04:40:DD:9F:90
X509v3 Authority Key Identifier:
keyid:63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/prBGAJfo6jykezuLUpZ1BEDdn5A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/YyzYf-q-QHUi4GVT8usFoMFgL78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:8306::/32
2a11:8447::/32
2a11:cd04::/32
2a11:d084::/32
Signature Algorithm: sha256WithRSAEncryption
82:b1:83:38:dd:cf:67:81:c7:80:18:b6:55:52:22:fb:50:0c:
64:a5:53:ff:03:f9:9d:8e:a4:cb:ae:2a:a4:23:6b:80:84:aa:
40:5b:e2:32:6a:ca:c7:93:b5:bb:c8:31:6d:6c:77:d0:06:16:
3e:58:d1:62:4b:1a:c2:60:08:92:49:af:48:1e:6f:fe:a0:58:
6c:c9:9b:f4:4b:bd:3b:30:35:92:3e:55:47:2a:d9:c5:30:2a:
94:51:2d:7e:d5:d7:7f:d7:38:b6:fb:f2:60:9d:51:0c:8e:56:
3d:1c:99:d5:94:09:a9:7d:ec:71:b1:01:15:24:df:16:52:70:
df:0b:5f:bd:f8:fc:44:7f:92:a0:22:08:cf:be:39:4a:10:c9:
1a:86:11:6c:d7:60:a6:dc:51:58:14:6c:0a:ad:98:66:27:26:
aa:c2:ee:f7:0c:b0:cb:82:53:78:f2:64:c9:61:86:a1:2c:10:
4c:1d:53:33:26:18:45:18:cc:f3:b6:a9:2e:96:29:01:26:97:
2e:01:aa:a1:62:17:42:32:73:a5:f3:45:e7:86:ac:63:16:47:
14:91:a8:13:d3:7c:a7:01:ad:38:d1:64:19:9f:8d:c4:2a:77:
55:0d:76:e6:6a:27:d6:ef:a9:77:72:f6:c0:a0:08:c3:06:b5:
dd:45:01:cc
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZX38SE1KqlXJHqwnilw/7HHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMmNkODdmZWFiZTQwNzUyMmUwNjU1M2YyZWIwNWEwYzE2
MDJmYmYwHhcNMjUwNDAyMTkxODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmIwNDYwMDk3ZThlYTNjYTQ3YjNiOGI1Mjk2NzUwNDQwZGQ5ZjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwfrS2LgOXfcu0e2vySryJBtNCiD1
bWAdXZD7JVc0Kp2K0JlBHMnToFDjqlBw/W2cVIbdKCue6gPPbhtHPFmEn+O3vpwf
yIfPkO2tbADPTtIYy/7/REghFmklwT9ghg3vqvnud4coElaWRUO9Awdy9pvWpPyr
PFOGBzJ6xYTuzuAiAWobBc1vgG3Yg/LKv6SNhycooqHyK/XGqci/mniuqOZRhiy9
0nNWHoXOdXFO+7YcWEQKRnZJjptvfvtXxLPQTtUwDoeecflZJyO220Uqoz78aFtW
EDpgRrSSXg1+5DSQd8EynF99xRP+z7sgYj5IqDm2/TH39vdJ9WceESuUUQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFKawRgCX6Oo8pHs7i1KWdQRA3Z+QMB8GA1UdIwQY
MBaAFGMs2H/qvkB1IuBlU/LrBaDBYC+/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYt
NTUxMDQxNzNiMTgwLzEvcHJCR0FKZm82anlrZXp1TFVwWjFCRURkbjVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYtNTUxMDQxNzNiMTgw
LzEvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUAKhGDBgMF
ACoRhEcDBQAqEc0EAwUAKhHQhDANBgkqhkiG9w0BAQsFAAOCAQEAgrGDON3PZ4HH
gBi2VVIi+1AMZKVT/wP5nY6ky64qpCNrgISqQFviMmrKx5O1u8gxbWx30AYWPljR
YksawmAIkkmvSB5v/qBYbMmb9Eu9OzA1kj5VRyrZxTAqlFEtftXXf9c4tvvyYJ1R
DI5WPRyZ1ZQJqX3scbEBFSTfFlJw3wtfvfj8RH+SoCIIz745ShDJGoYRbNdgptxR
WBRsCq2YZicmqsLu9wywy4JTePJkyWGGoSwQTB1TMyYYRRjM87apLpYpASaXLgGq
oWIXQjJzpfNF54asYxZHFJGoE9N8pwGtONFkGZ+NxCp3VQ125mon1u+pd3L2wKAI
wwa13UUBzA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:52:28 2025 by rpki-client