Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/0512df-7d0c-463b-8724-82531e9c7804/1/ANJPzCxK_HnMEX4DpZted-gFbKc.roa
File: ANJPzCxK_HnMEX4DpZted-gFbKc.roa (raw, json)
Hash identifier: u7oq/DdEoSmnGW4xIokmlTuk13k00LAjUJfdE5RPRJY=
Subject key identifier: 00:D2:4F:CC:2C:4A:FC:79:CC:11:7E:03:A5:9B:5E:77:E8:05:6C:A7
Certificate issuer: /CN=ef55459645979c413d0bc6f7454f0d36e40e99f9
Certificate serial: 0196E87910D8177FEDCF21784AC0E50876C5
Authority key identifier: EF:55:45:96:45:97:9C:41:3D:0B:C6:F7:45:4F:0D:36:E4:0E:99:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/71VFlkWXnEE9C8b3RU8NNuQOmfk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/0512df-7d0c-463b-8724-82531e9c7804/1/ANJPzCxK_HnMEX4DpZted-gFbKc.roa
Signing time: Mon 19 May 2025 12:16:10 +0000
ROA not before: Mon 19 May 2025 12:16:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213512
IP address blocks: 2a14:47c0::/32 maxlen: 32
2a14:47c0:fe00::/40 maxlen: 40
2a14:47c0:fe01::/48 maxlen: 48
2a14:47c0:fe02::/48 maxlen: 48
2a14:47c0:fe03::/48 maxlen: 48
2a14:47c0:fe04::/48 maxlen: 48
2a14:47c0:ff00::/40 maxlen: 40
2a14:47c0:fffe::/48 maxlen: 48
2a14:47c0:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/0512df-7d0c-463b-8724-82531e9c7804/1/71VFlkWXnEE9C8b3RU8NNuQOmfk.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/0512df-7d0c-463b-8724-82531e9c7804/1/71VFlkWXnEE9C8b3RU8NNuQOmfk.mft
rsync://rpki.ripe.net/repository/DEFAULT/71VFlkWXnEE9C8b3RU8NNuQOmfk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 07:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:e8:79:10:d8:17:7f:ed:cf:21:78:4a:c0:e5:08:76:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef55459645979c413d0bc6f7454f0d36e40e99f9
Validity
Not Before: May 19 12:16:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=00d24fcc2c4afc79cc117e03a59b5e77e8056ca7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:13:7d:c7:29:5f:2c:6d:74:65:40:a9:d7:71:
85:a7:ba:2d:6e:c7:49:0e:ca:b7:c7:05:6e:44:bb:
35:c1:1d:9a:69:d9:e6:ea:eb:50:91:2a:1f:25:d5:
fa:b6:f8:35:f8:b9:8e:97:ed:b2:86:98:7a:bc:62:
7f:8d:62:a1:4d:e5:1e:77:6d:fa:3c:d8:1d:87:37:
3b:ea:63:31:9d:65:86:a5:35:13:c3:54:84:79:b7:
df:9c:b4:4e:12:5b:b5:b8:ab:a0:d9:3f:fc:b4:34:
8b:49:b7:10:5e:a7:7d:0e:f9:ea:46:cc:5c:c5:11:
19:39:20:b4:38:b1:8e:de:d4:fa:37:ae:c2:79:1b:
dc:f5:c6:e7:0e:1c:b7:8e:e2:f0:b8:2b:d5:55:cd:
ef:b8:f8:26:64:84:55:0f:20:e7:7c:ad:4c:3e:96:
11:d1:5c:1a:4a:b0:3d:0e:49:5f:5d:ea:26:d3:5e:
83:2f:1c:ce:d3:29:e5:12:4e:1b:66:01:d6:47:24:
ac:06:47:f4:cc:e2:a1:a7:52:ce:09:29:62:46:46:
44:44:88:03:23:25:b3:e5:53:50:71:09:e6:1b:af:
6d:48:33:c7:7d:9f:0c:b2:da:1c:b3:fb:f7:f0:72:
e2:2a:cf:84:20:e8:3a:43:31:3d:e8:ee:0d:fd:50:
50:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:D2:4F:CC:2C:4A:FC:79:CC:11:7E:03:A5:9B:5E:77:E8:05:6C:A7
X509v3 Authority Key Identifier:
keyid:EF:55:45:96:45:97:9C:41:3D:0B:C6:F7:45:4F:0D:36:E4:0E:99:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71VFlkWXnEE9C8b3RU8NNuQOmfk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/0512df-7d0c-463b-8724-82531e9c7804/1/ANJPzCxK_HnMEX4DpZted-gFbKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/0512df-7d0c-463b-8724-82531e9c7804/1/71VFlkWXnEE9C8b3RU8NNuQOmfk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:47c0::/32
Signature Algorithm: sha256WithRSAEncryption
36:35:03:66:cf:18:d8:e3:8d:de:25:91:4a:eb:a0:bd:2a:12:
75:13:e1:1c:6e:b0:20:79:00:53:94:40:18:cd:7f:01:0e:54:
af:ca:38:be:62:5f:a1:39:cc:23:76:02:24:26:b2:8b:bb:26:
85:43:76:ce:88:1a:68:d4:36:02:7b:15:3e:b3:42:77:ed:41:
ba:11:05:16:65:02:90:64:c0:74:86:42:bc:7c:f2:e0:19:ff:
31:60:35:96:67:df:15:d1:bf:40:f0:31:f0:11:f6:44:65:1d:
99:e0:9a:ff:3a:77:b7:58:ee:a4:1f:bd:49:7a:48:43:52:81:
ee:b7:a7:d1:3e:b3:d7:ad:e4:59:55:19:40:e3:51:66:1e:90:
6f:40:aa:d9:8b:cd:7d:5c:0d:62:cf:00:b6:5a:4b:94:86:6c:
3a:8a:7b:c0:0c:5d:49:fe:f4:9d:1e:28:3c:50:1b:4e:7e:14:
e3:42:57:c9:b5:9a:26:b8:30:6d:09:38:1a:a0:ff:a8:eb:7e:
c3:8c:11:33:b6:dc:5f:98:79:19:b3:b4:68:cf:db:f9:0d:d8:
ba:dc:fa:cc:e7:40:79:6c:04:33:fa:e4:42:02:fd:c5:4c:ce:
e1:58:ed:bf:a7:3d:0e:a0:51:6d:e4:5c:e3:ce:14:b9:3d:6e:
b8:75:d1:f8
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZboeRDYF3/tzyF4SsDlCHbFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNTU0NTk2NDU5NzljNDEzZDBiYzZmNzQ1NGYwZDM2ZTQw
ZTk5ZjkwHhcNMjUwNTE5MTIxNjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGQyNGZjYzJjNGFmYzc5Y2MxMTdlMDNhNTliNWU3N2U4MDU2Y2E3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6BN9xylfLG10ZUCp13GFp7otbsdJ
Dsq3xwVuRLs1wR2aadnm6utQkSofJdX6tvg1+LmOl+2yhph6vGJ/jWKhTeUed236
PNgdhzc76mMxnWWGpTUTw1SEebffnLROElu1uKug2T/8tDSLSbcQXqd9DvnqRsxc
xREZOSC0OLGO3tT6N67CeRvc9cbnDhy3juLwuCvVVc3vuPgmZIRVDyDnfK1MPpYR
0VwaSrA9DklfXeom016DLxzO0ynlEk4bZgHWRySsBkf0zOKhp1LOCSliRkZERIgD
IyWz5VNQcQnmG69tSDPHfZ8Mstocs/v38HLiKs+EIOg6QzE96O4N/VBQ3wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFADST8wsSvx5zBF+A6WbXnfoBWynMB8GA1UdIwQY
MBaAFO9VRZZFl5xBPQvG90VPDTbkDpn5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFWRmxrV1huRUU5QzhiM1JVOE5OdVFPbWZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8wNTEyZGYtN2QwYy00NjNiLTg3MjQt
ODI1MzFlOWM3ODA0LzEvQU5KUHpDeEtfSG5NRVg0RHBadGVkLWdGYktjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8wNTEyZGYtN2QwYy00NjNiLTg3MjQtODI1MzFlOWM3ODA0
LzEvNzFWRmxrV1huRUU5QzhiM1JVOE5OdVFPbWZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhRHwDAN
BgkqhkiG9w0BAQsFAAOCAQEANjUDZs8Y2OON3iWRSuugvSoSdRPhHG6wIHkAU5RA
GM1/AQ5Ur8o4vmJfoTnMI3YCJCayi7smhUN2zogaaNQ2AnsVPrNCd+1BuhEFFmUC
kGTAdIZCvHzy4Bn/MWA1lmffFdG/QPAx8BH2RGUdmeCa/zp3t1jupB+9SXpIQ1KB
7ren0T6z163kWVUZQONRZh6Qb0Cq2YvNfVwNYs8AtlpLlIZsOop7wAxdSf70nR4o
PFAbTn4U40JXybWaJrgwbQk4GqD/qOt+w4wRM7bcX5h5GbO0aM/b+Q3Yutz6zOdA
eWwEM/rkQgL9xUzO4Vjtv6c9DqBRbeRc484UuT1uuHXR+A==
-----END CERTIFICATE-----
Generated at Mon Jun 30 15:04:10 2025 by rpki-client