Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/ajJXa8aIvHOlVBnzgPL8HsXSKPc.roa
File: ajJXa8aIvHOlVBnzgPL8HsXSKPc.roa (raw, json)
Hash identifier: 2OyoDakgfS4OIoQoPgsoG8SlZKCjA3/3esWcjB+/eQ0=
Subject key identifier: 6A:32:57:6B:C6:88:BC:73:A5:54:19:F3:80:F2:FC:1E:C5:D2:28:F7
Certificate issuer: /CN=67f31bde46516347f4edfcbe30edac9a09e4e0e0
Certificate serial: 01966681E5BE21A1BB249ED9D31079A58315
Authority key identifier: 67:F3:1B:DE:46:51:63:47:F4:ED:FC:BE:30:ED:AC:9A:09:E4:E0:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/ajJXa8aIvHOlVBnzgPL8HsXSKPc.roa
Signing time: Thu 24 Apr 2025 06:35:10 +0000
ROA not before: Thu 24 Apr 2025 06:35:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213891
IP address blocks: 2a14:67c1:a060::/44 maxlen: 48
2a14:67c1:b000::/40 maxlen: 48
2a14:67c1:b000::/48 maxlen: 48
2a14:67c1:b100::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/Z_Mb3kZRY0f07fy-MO2smgnk4OA.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/Z_Mb3kZRY0f07fy-MO2smgnk4OA.mft
rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:66:81:e5:be:21:a1:bb:24:9e:d9:d3:10:79:a5:83:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67f31bde46516347f4edfcbe30edac9a09e4e0e0
Validity
Not Before: Apr 24 06:35:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6a32576bc688bc73a55419f380f2fc1ec5d228f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:1f:80:d7:90:9a:b4:d3:f8:38:dd:2f:2a:b8:
31:56:51:05:21:ed:91:d1:0c:55:10:bb:d5:ec:b3:
68:13:bf:40:e9:5f:7e:71:83:6c:15:c9:2f:18:da:
93:f3:b0:79:42:73:ed:ed:7f:c6:75:0f:bc:95:e3:
36:92:8f:17:a1:92:58:74:11:6b:3c:ca:b7:87:73:
28:51:00:2a:ed:51:15:31:cc:1b:a2:93:13:ad:f2:
41:05:d1:ca:6a:a5:f9:d1:a4:7e:7a:08:3f:f8:ec:
d0:f8:64:41:58:3e:1a:e7:3b:6b:99:57:a4:90:af:
d5:55:d4:6e:c4:33:13:e4:b4:3e:15:1a:ca:e6:00:
99:25:bf:94:b2:7f:3a:1b:c6:c8:97:93:c2:28:31:
d5:dd:be:db:61:62:4e:4c:5c:63:0b:29:15:04:55:
6b:11:66:70:01:05:56:7c:56:cc:79:83:3e:87:1e:
8c:45:9d:12:0a:6f:84:e4:d7:e5:50:36:20:fa:1f:
68:65:39:5d:b9:5c:6b:8d:43:a7:4d:8b:57:c4:ed:
b5:0e:d4:56:3c:cd:96:4a:20:0e:8c:93:37:ae:c7:
b1:f9:0f:a2:3e:73:c6:e4:c4:4b:e5:df:17:4f:cb:
f7:d5:b1:74:95:32:d7:9a:72:e8:fc:01:cf:61:17:
d0:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:32:57:6B:C6:88:BC:73:A5:54:19:F3:80:F2:FC:1E:C5:D2:28:F7
X509v3 Authority Key Identifier:
keyid:67:F3:1B:DE:46:51:63:47:F4:ED:FC:BE:30:ED:AC:9A:09:E4:E0:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/ajJXa8aIvHOlVBnzgPL8HsXSKPc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/Z_Mb3kZRY0f07fy-MO2smgnk4OA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:67c1:a060::/44
2a14:67c1:b000::-2a14:67c1:b100:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
41:26:d4:6c:71:8d:56:2f:11:98:7d:3c:e2:c9:ec:c7:2d:05:
88:32:06:03:46:08:91:04:d2:c6:f4:b0:b6:b9:5c:b0:04:fa:
23:16:0d:40:fe:3b:fa:73:08:b5:08:4c:ba:53:fd:0c:27:c1:
16:e2:06:ac:ce:e5:19:ed:8c:53:dc:12:60:d8:51:76:e9:75:
04:76:f8:5f:4a:3e:5b:80:54:d3:07:c9:1c:0d:18:72:ba:43:
c0:77:e4:76:5b:7f:b8:6a:25:e4:60:35:0a:87:a7:b0:28:21:
d9:bf:fd:49:12:d8:09:ae:cf:fd:0a:d6:4c:18:ef:18:f0:02:
93:88:e0:b2:c9:6a:f4:28:1d:37:40:b8:3a:bd:a2:b0:44:40:
e1:59:17:5d:46:36:5b:6e:b5:33:74:d2:31:b7:df:d3:27:0f:
4c:bc:75:f2:a9:d8:b3:d8:1e:a1:43:22:98:33:83:03:ea:cd:
5f:8d:15:fd:32:df:8d:f6:df:59:a7:ab:88:28:22:e2:58:00:
99:e8:76:41:7d:ee:ec:04:c1:21:9a:1b:0b:6a:db:6b:90:32:
81:da:f2:b9:d4:81:88:25:15:74:60:0a:90:6a:af:05:1a:5a:
a2:ac:1e:83:a8:92:3b:28:58:00:b7:7b:68:70:94:98:fa:60:
8b:8c:b8:a3
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZZmgeW+IaG7JJ7Z0xB5pYMVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3ZjMxYmRlNDY1MTYzNDdmNGVkZmNiZTMwZWRhYzlhMDll
NGUwZTAwHhcNMjUwNDI0MDYzNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTMyNTc2YmM2ODhiYzczYTU1NDE5ZjM4MGYyZmMxZWM1ZDIyOGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnB+A15CatNP4ON0vKrgxVlEFIe2R
0QxVELvV7LNoE79A6V9+cYNsFckvGNqT87B5QnPt7X/GdQ+8leM2ko8XoZJYdBFr
PMq3h3MoUQAq7VEVMcwbopMTrfJBBdHKaqX50aR+egg/+OzQ+GRBWD4a5ztrmVek
kK/VVdRuxDMT5LQ+FRrK5gCZJb+Usn86G8bIl5PCKDHV3b7bYWJOTFxjCykVBFVr
EWZwAQVWfFbMeYM+hx6MRZ0SCm+E5NflUDYg+h9oZTlduVxrjUOnTYtXxO21DtRW
PM2WSiAOjJM3rsex+Q+iPnPG5MRL5d8XT8v31bF0lTLXmnLo/AHPYRfQbwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFGoyV2vGiLxzpVQZ84Dy/B7F0ij3MB8GA1UdIwQY
MBaAFGfzG95GUWNH9O38vjDtrJoJ5ODgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWl9NYjNrWlJZMGYwN2Z5LU1PMnNtZ25rNE9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC83MzJiNmMtNDhlNC00MzUwLThhNTYt
ZjZjYzRlZjBmN2RmLzEvYWpKWGE4YUl2SE9sVkJuemdQTDhIc1hTS1BjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC83MzJiNmMtNDhlNC00MzUwLThhNTYtZjZjYzRlZjBmN2Rm
LzEvWl9NYjNrWlJZMGYwN2Z5LU1PMnNtZ25rNE9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwcEKhRnwaBg
MBEDBgQqFGfBsAMHACoUZ8GxADANBgkqhkiG9w0BAQsFAAOCAQEAQSbUbHGNVi8R
mH084snsxy0FiDIGA0YIkQTSxvSwtrlcsAT6IxYNQP47+nMItQhMulP9DCfBFuIG
rM7lGe2MU9wSYNhRdul1BHb4X0o+W4BU0wfJHA0YcrpDwHfkdlt/uGol5GA1Coen
sCgh2b/9SRLYCa7P/QrWTBjvGPACk4jgsslq9CgdN0C4Or2isERA4VkXXUY2W261
M3TSMbff0ycPTLx18qnYs9geoUMimDODA+rNX40V/TLfjfbfWaeriCgi4lgAmeh2
QX3u7ATBIZobC2rba5AygdryudSBiCUVdGAKkGqvBRpaoqweg6iSOyhYALd7aHCU
mPpgi4y4ow==
-----END CERTIFICATE-----
Generated at Mon May 5 16:47:31 2025 by rpki-client