Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/tfIx9ZETkxJKA8srjzC-PZ_rkuQ.roa
File: tfIx9ZETkxJKA8srjzC-PZ_rkuQ.roa (raw, json)
Hash identifier: 00UIyNz3q56oJ8XG2YOwH7avd0q0R31I6WrHQTaqyGI=
Subject key identifier: B5:F2:31:F5:91:13:93:12:4A:03:CB:2B:8F:30:BE:3D:9F:EB:92:E4
Certificate issuer: /CN=5e0ff8aaf7453114147028d54ae1c693a8a147bc
Certificate serial: 01963A3D7CDAC86AA9354D4B622DFE27EEC9
Authority key identifier: 5E:0F:F8:AA:F7:45:31:14:14:70:28:D5:4A:E1:C6:93:A8:A1:47:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xg_4qvdFMRQUcCjVSuHGk6ihR7w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/tfIx9ZETkxJKA8srjzC-PZ_rkuQ.roa
Signing time: Tue 15 Apr 2025 16:17:10 +0000
ROA not before: Tue 15 Apr 2025 16:17:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216024
IP address blocks: 2a10:9681::/32 maxlen: 32
2a10:9682::/32 maxlen: 32
2a10:9683::/32 maxlen: 32
2a10:9687::/32 maxlen: 32
2a11:c880::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/Xg_4qvdFMRQUcCjVSuHGk6ihR7w.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/Xg_4qvdFMRQUcCjVSuHGk6ihR7w.mft
rsync://rpki.ripe.net/repository/DEFAULT/Xg_4qvdFMRQUcCjVSuHGk6ihR7w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 08 May 2025 18:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3a:3d:7c:da:c8:6a:a9:35:4d:4b:62:2d:fe:27:ee:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e0ff8aaf7453114147028d54ae1c693a8a147bc
Validity
Not Before: Apr 15 16:17:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b5f231f5911393124a03cb2b8f30be3d9feb92e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:d9:91:39:e0:c0:c4:db:d7:62:00:f8:23:cc:
11:d9:ee:d3:12:75:d6:89:bf:81:f6:92:66:94:e5:
7c:f2:e3:02:c1:f6:2e:6d:32:ff:9f:5e:1c:2e:a9:
6a:ac:ea:86:eb:a8:b2:6f:ce:c0:e3:1d:15:b7:d3:
43:8d:e5:8f:fe:45:d0:fc:d1:c3:ea:6b:a3:e0:26:
d2:e0:32:61:f9:3e:76:6c:20:82:f0:bb:4b:8e:80:
a0:0b:92:f9:b8:87:a9:80:fe:7f:02:66:a5:d7:0c:
aa:5e:21:c1:45:17:cc:d5:fa:0b:cb:6f:70:04:82:
07:c3:77:80:d6:74:d5:d7:22:71:e3:d6:61:cc:50:
85:65:23:1b:31:d8:60:b4:09:a4:2e:15:4b:2b:05:
b8:af:fd:c5:e2:e4:69:98:3e:8c:1d:50:c4:d1:ab:
31:a4:07:64:c4:42:e3:36:31:16:cf:33:cd:b5:c5:
bb:38:55:b7:54:1e:85:ac:32:b3:51:ba:d1:dd:2c:
80:9d:12:39:00:51:01:0c:15:00:0d:37:26:21:d2:
9b:7d:ea:57:5e:d6:44:39:61:bb:b5:87:a4:ee:45:
3c:b8:6a:29:5d:b8:b6:05:cd:be:cb:43:88:ad:42:
42:94:f7:df:b2:44:d7:b6:16:c0:a7:5f:06:48:c0:
c7:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:F2:31:F5:91:13:93:12:4A:03:CB:2B:8F:30:BE:3D:9F:EB:92:E4
X509v3 Authority Key Identifier:
keyid:5E:0F:F8:AA:F7:45:31:14:14:70:28:D5:4A:E1:C6:93:A8:A1:47:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xg_4qvdFMRQUcCjVSuHGk6ihR7w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/tfIx9ZETkxJKA8srjzC-PZ_rkuQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/Xg_4qvdFMRQUcCjVSuHGk6ihR7w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:9681::-2a10:9683:ffff:ffff:ffff:ffff:ffff:ffff
2a10:9687::/32
2a11:c880::/29
Signature Algorithm: sha256WithRSAEncryption
36:de:81:91:08:b3:04:30:06:6e:82:6b:95:53:5b:32:58:7a:
e4:b1:65:03:8c:85:db:61:27:c9:27:b1:45:40:b5:7f:6f:10:
f1:0a:e9:14:54:83:c8:b1:0a:93:9e:b1:1d:96:b6:d8:e5:c9:
79:f6:b4:43:c5:4a:9f:57:c9:2a:0d:a4:87:54:07:eb:e2:df:
f4:00:6c:eb:79:19:90:a6:38:83:19:64:43:9e:c0:52:55:a5:
d0:d0:88:2b:81:d3:06:fd:04:2e:f1:a2:e9:42:b6:ba:7e:38:
83:c1:12:bf:b4:8c:ce:7a:45:88:ac:b0:e3:83:d7:b4:40:8b:
91:09:13:0b:5a:c8:12:2a:fd:9b:10:e7:b6:cb:bd:ef:34:93:
a1:60:de:cd:6f:a3:a6:fd:e3:63:52:4a:9a:2d:84:33:9a:a1:
67:4b:28:eb:b6:2a:75:00:fe:a4:52:26:77:2a:e6:b9:c0:03:
d2:af:30:01:d2:4d:b5:c3:cb:8d:70:99:4a:c5:fb:45:c5:ae:
d2:3b:6f:9f:57:84:ce:84:d9:ed:9e:b1:fa:3a:73:14:ea:5d:
d0:92:be:25:95:c5:aa:0b:4d:72:e9:58:9c:9d:df:8c:77:8a:
43:6a:ff:5e:8a:5f:dd:1f:0c:d4:26:43:12:5d:64:a9:d7:15:
f5:c8:cf:c4
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZY6PXzayGqpNU1LYi3+J+7JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlMGZmOGFhZjc0NTMxMTQxNDcwMjhkNTRhZTFjNjkzYThh
MTQ3YmMwHhcNMjUwNDE1MTYxNzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWYyMzFmNTkxMTM5MzEyNGEwM2NiMmI4ZjMwYmUzZDlmZWI5MmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAztmROeDAxNvXYgD4I8wR2e7TEnXW
ib+B9pJmlOV88uMCwfYubTL/n14cLqlqrOqG66iyb87A4x0Vt9NDjeWP/kXQ/NHD
6muj4CbS4DJh+T52bCCC8LtLjoCgC5L5uIepgP5/Amal1wyqXiHBRRfM1foLy29w
BIIHw3eA1nTV1yJx49ZhzFCFZSMbMdhgtAmkLhVLKwW4r/3F4uRpmD6MHVDE0asx
pAdkxELjNjEWzzPNtcW7OFW3VB6FrDKzUbrR3SyAnRI5AFEBDBUADTcmIdKbfepX
XtZEOWG7tYek7kU8uGopXbi2Bc2+y0OIrUJClPffskTXthbAp18GSMDHBQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLXyMfWRE5MSSgPLK48wvj2f65LkMB8GA1UdIwQY
MBaAFF4P+Kr3RTEUFHAo1UrhxpOooUe8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGdfNHF2ZEZNUlFVY0NqVlN1SEdrNmloUjd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9kZDZlMWQtYWJjOS00NzNiLWE5MWEt
ZDg3MjEzNzU2NDRhLzEvdGZJeDlaRVRreEpLQThzcmp6Qy1QWl9ya3VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9kZDZlMWQtYWJjOS00NzNiLWE5MWEtZDg3MjEzNzU2NDRh
LzEvWGdfNHF2ZEZNUlFVY0NqVlN1SEdrNmloUjd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAAjAeMA4DBQAqEJaB
AwUCKhCWgAMFACoQlocDBQMqEciAMA0GCSqGSIb3DQEBCwUAA4IBAQA23oGRCLME
MAZugmuVU1syWHrksWUDjIXbYSfJJ7FFQLV/bxDxCukUVIPIsQqTnrEdlrbY5cl5
9rRDxUqfV8kqDaSHVAfr4t/0AGzreRmQpjiDGWRDnsBSVaXQ0IgrgdMG/QQu8aLp
Qra6fjiDwRK/tIzOekWIrLDjg9e0QIuRCRMLWsgSKv2bEOe2y73vNJOhYN7Nb6Om
/eNjUkqaLYQzmqFnSyjrtip1AP6kUiZ3Kua5wAPSrzAB0k21w8uNcJlKxftFxa7S
O2+fV4TOhNntnrH6OnMU6l3Qkr4llcWqC01y6Vicnd+Md4pDav9eil/dHwzUJkMS
XWSp1xX1yM/E
-----END CERTIFICATE-----
Generated at Thu May 8 02:34:00 2025 by rpki-client