Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/pbUlZNWNJZWgFYB5x2dgnIPZ_UM.roa
File: pbUlZNWNJZWgFYB5x2dgnIPZ_UM.roa (raw, json)
Hash identifier: Yx+TYc5mYEyIixE5cz01PiWyRztaIExYc4jl8k24pBQ=
Subject key identifier: A5:B5:25:64:D5:8D:25:95:A0:15:80:79:C7:67:60:9C:83:D9:FD:43
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 0196B1958E12EBBCAB25C1044FA86B7DA967
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/pbUlZNWNJZWgFYB5x2dgnIPZ_UM.roa
Signing time: Thu 08 May 2025 20:28:10 +0000
ROA not before: Thu 08 May 2025 20:28:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215434
IP address blocks: 2a10:3f86::/32 maxlen: 32
2a13:afc0::/29 maxlen: 29
2a13:c247::/33 maxlen: 33
2a14:61c0::/29 maxlen: 29
2a14:69c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 12 May 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:b1:95:8e:12:eb:bc:ab:25:c1:04:4f:a8:6b:7d:a9:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: May 8 20:28:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a5b52564d58d2595a0158079c767609c83d9fd43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:0f:02:67:86:9e:3f:5e:7d:55:28:a2:55:0e:
00:7d:01:0c:e7:01:07:12:7c:bd:c4:52:84:4f:7b:
90:94:71:a9:01:8d:b8:40:99:00:28:a8:23:ff:22:
60:98:e9:c8:a4:51:ed:ca:ee:2c:94:c9:6d:90:56:
74:1b:f7:3d:b2:aa:fd:30:e8:f5:90:32:22:1f:1e:
61:59:6a:e2:2e:cb:ae:4b:31:59:03:16:51:15:03:
8e:29:a8:ea:b3:4a:c1:3a:bd:2f:81:6d:e6:0d:c1:
f0:2b:0a:92:2f:00:95:8a:e0:c4:67:5d:09:12:be:
64:ec:0f:bc:8c:b1:f5:fa:e1:a4:cd:2a:05:13:63:
de:d0:72:c0:cb:fa:3f:1b:1b:35:4f:4d:88:d9:a1:
2b:bd:b0:4d:e7:e0:c9:a4:fa:8b:59:c2:76:02:34:
82:08:af:52:d4:f6:f5:60:0b:fd:5b:42:61:6c:30:
f1:db:b0:28:81:54:6e:59:e3:7c:5f:0b:fc:4a:2c:
ea:aa:ac:61:99:22:b2:10:45:a0:12:af:40:07:58:
d5:c8:47:5b:f8:0d:11:3e:83:3a:30:83:cb:b8:15:
b4:b9:a3:51:96:5f:70:d2:f7:3b:91:c7:55:6a:1d:
aa:d4:d6:6b:32:db:0b:8a:27:cc:43:5c:a0:cd:27:
68:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:B5:25:64:D5:8D:25:95:A0:15:80:79:C7:67:60:9C:83:D9:FD:43
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/pbUlZNWNJZWgFYB5x2dgnIPZ_UM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:3f86::/32
2a13:afc0::/29
2a13:c247::/33
2a14:61c0::/29
2a14:69c0::/29
Signature Algorithm: sha256WithRSAEncryption
08:7e:62:7c:f9:bb:59:e4:8b:24:ac:b9:9f:50:44:08:08:47:
69:19:7e:f2:8f:f3:9d:78:78:2d:79:b5:22:73:0e:e8:96:bd:
2a:06:0b:70:0d:f3:54:64:51:64:f9:7c:6f:e1:26:53:c1:99:
99:58:1c:8b:0f:0b:60:52:8c:6c:b6:f1:34:05:8f:3b:0b:54:
ad:3c:11:be:7f:00:2d:17:81:44:51:c1:28:d8:17:52:56:f5:
e1:39:b5:b4:e0:1b:8d:ce:3d:c9:96:b0:ca:10:02:80:db:d0:
01:7f:16:70:8c:c0:1a:09:12:93:07:c4:c8:fc:0e:b3:6d:9c:
2c:25:43:06:fd:24:8f:1d:ad:87:89:f3:a2:87:95:09:4c:93:
22:81:66:7a:c9:07:cd:91:9b:74:a9:3d:8a:3f:1a:73:21:fd:
4d:e2:8f:09:3e:29:29:01:51:ec:13:22:90:74:b3:eb:d6:1e:
34:2f:dc:46:8e:1f:ab:bb:86:a2:c6:80:6c:1e:d2:62:7c:50:
80:40:1b:96:ca:0a:ec:e9:82:e7:dc:86:ff:19:d8:b0:1a:3f:
c6:c3:00:5f:7a:c7:6d:fe:70:48:64:33:0c:ba:99:34:c0:f7:
5a:13:9d:c8:4c:75:76:96:1c:f7:6d:b3:a1:79:7b:01:a6:c8:
9c:ca:60:da
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZaxlY4S67yrJcEET6hrfalnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwNTA4MjAyODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWI1MjU2NGQ1OGQyNTk1YTAxNTgwNzljNzY3NjA5YzgzZDlmZDQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5g8CZ4aeP159VSiiVQ4AfQEM5wEH
Eny9xFKET3uQlHGpAY24QJkAKKgj/yJgmOnIpFHtyu4slMltkFZ0G/c9sqr9MOj1
kDIiHx5hWWriLsuuSzFZAxZRFQOOKajqs0rBOr0vgW3mDcHwKwqSLwCViuDEZ10J
Er5k7A+8jLH1+uGkzSoFE2Pe0HLAy/o/Gxs1T02I2aErvbBN5+DJpPqLWcJ2AjSC
CK9S1Pb1YAv9W0JhbDDx27AogVRuWeN8Xwv8SizqqqxhmSKyEEWgEq9AB1jVyEdb
+A0RPoM6MIPLuBW0uaNRll9w0vc7kcdVah2q1NZrMtsLiifMQ1ygzSdolwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKW1JWTVjSWVoBWAecdnYJyD2f1DMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvcGJVbFpOV05KWldnRllCNXgyZGduSVBaX1VNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwUAKhA/hgMF
AyoTr8ADBgcqE8JHAAMFAyoUYcADBQMqFGnAMA0GCSqGSIb3DQEBCwUAA4IBAQAI
fmJ8+btZ5IskrLmfUEQICEdpGX7yj/OdeHgtebUicw7olr0qBgtwDfNUZFFk+Xxv
4SZTwZmZWByLDwtgUoxstvE0BY87C1StPBG+fwAtF4FEUcEo2BdSVvXhObW04BuN
zj3JlrDKEAKA29ABfxZwjMAaCRKTB8TI/A6zbZwsJUMG/SSPHa2HifOih5UJTJMi
gWZ6yQfNkZt0qT2KPxpzIf1N4o8JPikpAVHsEyKQdLPr1h40L9xGjh+ru4aixoBs
HtJifFCAQBuWygrs6YLn3Ib/GdiwGj/GwwBfesdt/nBIZDMMupk0wPdaE53ITHV2
lhz3bbOheXsBpsicymDa
-----END CERTIFICATE-----
Generated at Sun May 11 22:57:38 2025 by rpki-client