Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/d9d9b6-c3be-4c5d-adea-4bc84c79fc58/1/Opo6TZ7VAy-hV-S-P53LcegXaxc.roa
File: Opo6TZ7VAy-hV-S-P53LcegXaxc.roa (raw, json)
Hash identifier: MyJ/vgGQynDRrxnXXTkth9TEVuUomwtY2khOCP3bmmU=
Subject key identifier: 3A:9A:3A:4D:9E:D5:03:2F:A1:57:E4:BE:3F:9D:CB:71:E8:17:6B:17
Certificate issuer: /CN=d94f238c5c74eb9a75a46e2bc67411e8dc22d982
Certificate serial: 0196A45007E8E1962324D627C8CC0500955D
Authority key identifier: D9:4F:23:8C:5C:74:EB:9A:75:A4:6E:2B:C6:74:11:E8:DC:22:D9:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2U8jjFx065p1pG4rxnQR6Nwi2YI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/d9d9b6-c3be-4c5d-adea-4bc84c79fc58/1/Opo6TZ7VAy-hV-S-P53LcegXaxc.roa
Signing time: Tue 06 May 2025 06:37:10 +0000
ROA not before: Tue 06 May 2025 06:37:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56843
IP address blocks: 2a02:2951::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/d9d9b6-c3be-4c5d-adea-4bc84c79fc58/1/2U8jjFx065p1pG4rxnQR6Nwi2YI.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/d9d9b6-c3be-4c5d-adea-4bc84c79fc58/1/2U8jjFx065p1pG4rxnQR6Nwi2YI.mft
rsync://rpki.ripe.net/repository/DEFAULT/2U8jjFx065p1pG4rxnQR6Nwi2YI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 12 May 2025 21:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a4:50:07:e8:e1:96:23:24:d6:27:c8:cc:05:00:95:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d94f238c5c74eb9a75a46e2bc67411e8dc22d982
Validity
Not Before: May 6 06:37:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3a9a3a4d9ed5032fa157e4be3f9dcb71e8176b17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:64:3a:5a:7f:b9:71:8d:51:6f:4e:14:05:58:
0e:d7:d2:78:aa:4e:53:2a:e9:24:9c:40:c5:c2:d9:
6c:35:29:c4:f3:e9:90:a5:06:4a:26:57:9b:b1:ea:
b3:9e:18:d2:a5:93:4d:02:23:32:24:3d:ab:a2:b7:
0c:b1:41:61:18:29:c0:d0:7f:c1:2e:d5:97:35:9c:
c1:72:59:53:51:7d:9f:a5:74:7d:60:d3:e2:79:0b:
f9:e0:b3:59:5f:49:e5:56:05:d5:c2:f8:3d:b4:4f:
e1:d0:bc:fd:86:f7:bf:cf:e9:e6:cc:76:5c:a6:42:
a7:7c:70:87:45:40:10:61:ec:54:6c:48:dc:5b:e0:
2e:1d:44:fd:27:2f:00:3d:a7:dc:49:20:03:27:32:
c1:94:1d:ec:42:83:cf:15:8e:13:64:3c:20:67:cf:
23:03:8f:cf:e0:64:e8:29:94:e2:94:d9:a3:9a:2e:
07:6b:3f:fb:03:ce:ac:fe:e1:14:bb:60:d0:1e:d9:
d6:40:51:8e:26:1e:34:83:93:7e:5b:ca:37:46:54:
32:be:28:6d:e6:fd:25:0f:72:a6:75:20:b8:ed:66:
86:cf:6e:75:72:e0:b3:0c:1f:74:b7:a8:f6:fc:26:
5c:f1:ff:64:e4:0e:b7:0c:7a:cc:e7:5d:ee:13:23:
b6:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:9A:3A:4D:9E:D5:03:2F:A1:57:E4:BE:3F:9D:CB:71:E8:17:6B:17
X509v3 Authority Key Identifier:
keyid:D9:4F:23:8C:5C:74:EB:9A:75:A4:6E:2B:C6:74:11:E8:DC:22:D9:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2U8jjFx065p1pG4rxnQR6Nwi2YI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/d9d9b6-c3be-4c5d-adea-4bc84c79fc58/1/Opo6TZ7VAy-hV-S-P53LcegXaxc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/d9d9b6-c3be-4c5d-adea-4bc84c79fc58/1/2U8jjFx065p1pG4rxnQR6Nwi2YI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2951::/32
Signature Algorithm: sha256WithRSAEncryption
8a:33:57:65:55:56:6d:df:2b:70:81:2a:73:b4:37:ec:a1:b0:
9a:5f:a6:4a:3a:95:78:74:2c:9e:aa:15:43:a8:e1:bc:9a:a6:
cf:18:2f:ea:4c:98:1f:2c:2e:23:5c:05:e2:1d:7b:e4:49:2c:
cb:99:a2:1b:01:24:87:0f:7e:13:ea:39:03:48:e0:dd:69:b2:
e8:1a:0e:16:4d:09:69:f2:76:07:99:37:45:20:40:7c:62:da:
27:66:2f:77:88:56:7a:9d:bc:90:78:0b:37:96:c3:ab:0c:24:
6b:70:da:11:5f:b0:41:1b:3f:91:36:d3:44:ba:28:67:59:3a:
cd:bb:40:51:54:c1:40:92:fd:4d:f6:53:49:b5:f2:68:2d:1e:
ef:ef:8b:64:a6:e0:8f:5d:d5:f1:87:02:9c:40:ca:be:5e:ae:
d2:5d:2d:8b:1d:2e:25:eb:92:5f:76:f6:47:bc:78:10:6a:ec:
4d:d6:4e:2a:eb:b4:7c:c6:dd:1f:68:32:23:ac:18:df:51:72:
e0:4b:49:98:b5:3d:93:28:39:0e:8a:bd:90:d4:29:11:3f:63:
69:54:a3:84:bf:1d:44:55:ea:d8:e6:77:d6:ed:b7:a9:3e:bf:
5b:1b:56:24:35:55:0a:4e:ab:57:88:b0:f9:77:1c:a9:4a:80:
8a:ec:9d:bd
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZakUAfo4ZYjJNYnyMwFAJVdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5NGYyMzhjNWM3NGViOWE3NWE0NmUyYmM2NzQxMWU4ZGMy
MmQ5ODIwHhcNMjUwNTA2MDYzNzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTlhM2E0ZDllZDUwMzJmYTE1N2U0YmUzZjlkY2I3MWU4MTc2YjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyWQ6Wn+5cY1Rb04UBVgO19J4qk5T
KukknEDFwtlsNSnE8+mQpQZKJlebseqznhjSpZNNAiMyJD2rorcMsUFhGCnA0H/B
LtWXNZzBcllTUX2fpXR9YNPieQv54LNZX0nlVgXVwvg9tE/h0Lz9hve/z+nmzHZc
pkKnfHCHRUAQYexUbEjcW+AuHUT9Jy8APafcSSADJzLBlB3sQoPPFY4TZDwgZ88j
A4/P4GToKZTilNmjmi4Haz/7A86s/uEUu2DQHtnWQFGOJh40g5N+W8o3RlQyviht
5v0lD3KmdSC47WaGz251cuCzDB90t6j2/CZc8f9k5A63DHrM513uEyO2qwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDqaOk2e1QMvoVfkvj+dy3HoF2sXMB8GA1UdIwQY
MBaAFNlPI4xcdOuadaRuK8Z0EejcItmCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlU4ampGeDA2NXAxcEc0cnhuUVI2TndpMllJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9kOWQ5YjYtYzNiZS00YzVkLWFkZWEt
NGJjODRjNzlmYzU4LzEvT3BvNlRaN1ZBeS1oVi1TLVA1M0xjZWdYYXhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9kOWQ5YjYtYzNiZS00YzVkLWFkZWEtNGJjODRjNzlmYzU4
LzEvMlU4ampGeDA2NXAxcEc0cnhuUVI2TndpMllJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgIpUTAN
BgkqhkiG9w0BAQsFAAOCAQEAijNXZVVWbd8rcIEqc7Q37KGwml+mSjqVeHQsnqoV
Q6jhvJqmzxgv6kyYHywuI1wF4h175Eksy5miGwEkhw9+E+o5A0jg3Wmy6BoOFk0J
afJ2B5k3RSBAfGLaJ2Yvd4hWep28kHgLN5bDqwwka3DaEV+wQRs/kTbTRLooZ1k6
zbtAUVTBQJL9TfZTSbXyaC0e7++LZKbgj13V8YcCnEDKvl6u0l0tix0uJeuSX3b2
R7x4EGrsTdZOKuu0fMbdH2gyI6wY31Fy4EtJmLU9kyg5Doq9kNQpET9jaVSjhL8d
RFXq2OZ31u23qT6/WxtWJDVVCk6rV4iw+XccqUqAiuydvQ==
-----END CERTIFICATE-----
Generated at Mon May 12 04:01:23 2025 by rpki-client