Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/O8efTaKgFVaGFT8mzv1FBFHqzV0.roa
File: O8efTaKgFVaGFT8mzv1FBFHqzV0.roa (raw, json)
Hash identifier: upULc9TUzszQbrry26z7On2PTaDa1NrOLjkJBglw8r4=
Subject key identifier: 3B:C7:9F:4D:A2:A0:15:56:86:15:3F:26:CE:FD:45:04:51:EA:CD:5D
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 0196B193B993CA8BC4E06449BB9CD323727D
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/O8efTaKgFVaGFT8mzv1FBFHqzV0.roa
Signing time: Thu 08 May 2025 20:26:10 +0000
ROA not before: Thu 08 May 2025 20:26:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215427
IP address blocks: 2a07:f580::/29 maxlen: 29
2a0d:38c0::/29 maxlen: 29
2a10:3f85::/32 maxlen: 32
2a13:c246:8000::/33 maxlen: 33
2a14:41c0::/29 maxlen: 29
2a14:4240::/29 maxlen: 29
2a14:6240::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:b1:93:b9:93:ca:8b:c4:e0:64:49:bb:9c:d3:23:72:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: May 8 20:26:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3bc79f4da2a0155686153f26cefd450451eacd5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:ac:d7:5b:81:b8:af:a2:40:fb:2c:7b:42:a6:
46:25:54:95:b1:2b:d7:b8:79:34:30:2a:5a:4e:17:
35:cb:8e:64:66:74:1d:33:7c:83:40:21:b9:59:20:
6b:c1:33:00:20:8f:53:83:9e:94:ff:27:1f:d7:64:
ae:f4:43:e7:ca:0b:cb:4e:2e:20:68:63:c3:7d:b2:
db:f2:e1:a6:bf:3d:5d:95:22:f6:1b:ce:90:da:14:
6e:3e:64:df:4f:3d:ed:20:63:be:32:95:04:c0:62:
27:b1:5a:b1:50:b3:25:e9:86:ad:74:db:05:f7:8a:
99:ac:1c:76:55:f4:52:dd:ae:76:90:82:19:6f:0d:
17:b0:d6:2b:46:28:1c:e2:a5:a1:0e:05:a8:1c:02:
f3:7d:d3:d4:57:b7:b3:39:16:df:6e:46:86:63:e2:
92:c7:d1:1c:0b:e3:6b:08:5f:64:ce:d9:ba:51:a9:
09:ff:b4:ed:41:f9:cb:80:b0:62:9a:14:43:ec:21:
da:9d:ae:f5:23:8e:2a:70:6b:7d:26:7d:a8:9a:93:
17:73:a5:29:ed:96:be:5a:b6:c4:49:c8:3e:c3:10:
86:37:9d:e4:ea:68:5e:c8:2b:c0:24:b2:1c:be:20:
78:f5:49:92:16:ec:37:8f:c7:90:36:57:b7:71:25:
95:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:C7:9F:4D:A2:A0:15:56:86:15:3F:26:CE:FD:45:04:51:EA:CD:5D
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/O8efTaKgFVaGFT8mzv1FBFHqzV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:f580::/29
2a0d:38c0::/29
2a10:3f85::/32
2a13:c246:8000::/33
2a14:41c0::/29
2a14:4240::/29
2a14:6240::/29
Signature Algorithm: sha256WithRSAEncryption
41:fa:3d:5f:3e:a9:dd:4e:49:5e:11:ee:22:62:66:b0:b9:06:
f4:91:ed:6c:21:d3:1b:62:7a:48:64:b4:07:7b:99:d8:0c:50:
95:f1:ba:fc:7e:39:45:93:c3:88:69:cc:60:2a:bc:e8:2a:57:
1c:51:3f:85:1e:be:20:36:60:80:d7:14:dd:50:d4:b6:62:b4:
1b:8b:1b:c3:20:78:62:bc:05:c7:4b:41:6f:40:2d:ce:d6:07:
62:f0:3c:7b:9b:c1:0f:7c:8f:c3:a3:be:87:f0:04:0c:10:55:
a3:53:e6:47:3e:ed:71:7c:03:9d:dd:24:ad:db:90:24:be:99:
c2:48:80:15:22:7d:9f:9c:28:e3:35:b4:b7:9e:7d:20:98:f8:
59:c8:19:3f:8d:ff:9b:b6:55:7e:c5:2a:17:21:59:80:d8:78:
2f:d7:07:1c:36:99:15:a7:e3:c3:e7:39:20:42:d7:ad:bf:f8:
15:50:1b:57:43:09:f7:11:33:d1:75:48:c9:c9:89:58:f6:4c:
71:36:a2:e1:40:27:c4:66:d2:11:72:e3:ad:f1:22:b2:79:77:
f3:1d:e0:7d:a9:27:4c:00:1d:58:39:23:a8:46:11:84:93:73:
08:eb:43:af:50:01:5c:d1:2a:9f:73:a8:8e:06:22:a8:50:09:
a2:59:8e:17
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZaxk7mTyovE4GRJu5zTI3J9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwNTA4MjAyNjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmM3OWY0ZGEyYTAxNTU2ODYxNTNmMjZjZWZkNDUwNDUxZWFjZDVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3azXW4G4r6JA+yx7QqZGJVSVsSvX
uHk0MCpaThc1y45kZnQdM3yDQCG5WSBrwTMAII9Tg56U/ycf12Su9EPnygvLTi4g
aGPDfbLb8uGmvz1dlSL2G86Q2hRuPmTfTz3tIGO+MpUEwGInsVqxULMl6YatdNsF
94qZrBx2VfRS3a52kIIZbw0XsNYrRigc4qWhDgWoHALzfdPUV7ezORbfbkaGY+KS
x9EcC+NrCF9kztm6UakJ/7TtQfnLgLBimhRD7CHana71I44qcGt9Jn2ompMXc6Up
7Za+WrbEScg+wxCGN53k6mheyCvAJLIcviB49UmSFuw3j8eQNle3cSWVMQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFDvHn02ioBVWhhU/Js79RQRR6s1dMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvTzhlZlRhS2dGVmFHRlQ4bXp2MUZCRkhxelYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAAjAyAwUDKgf1gAMF
AyoNOMADBQAqED+FAwYHKhPCRoADBQMqFEHAAwUDKhRCQAMFAyoUYkAwDQYJKoZI
hvcNAQELBQADggEBAEH6PV8+qd1OSV4R7iJiZrC5BvSR7Wwh0xtiekhktAd7mdgM
UJXxuvx+OUWTw4hpzGAqvOgqVxxRP4UeviA2YIDXFN1Q1LZitBuLG8MgeGK8BcdL
QW9ALc7WB2LwPHubwQ98j8OjvofwBAwQVaNT5kc+7XF8A53dJK3bkCS+mcJIgBUi
fZ+cKOM1tLeefSCY+FnIGT+N/5u2VX7FKhchWYDYeC/XBxw2mRWn48PnOSBC162/
+BVQG1dDCfcRM9F1SMnJiVj2THE2ouFAJ8Rm0hFy463xIrJ5d/Md4H2pJ0wAHVg5
I6hGEYSTcwjrQ69QAVzRKp9zqI4GIqhQCaJZjhc=
-----END CERTIFICATE-----
Generated at Sun May 11 06:37:11 2025 by rpki-client