Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/RbP9WzN9W7AgthBGxFtKwKC3VEg.roa
File: RbP9WzN9W7AgthBGxFtKwKC3VEg.roa (raw, json)
Hash identifier: Dy3SR6pxsdXGOnv/F45dOMNbVP/Be5it2JmMPs3hnKk=
Subject key identifier: 45:B3:FD:5B:33:7D:5B:B0:20:B6:10:46:C4:5B:4A:C0:A0:B7:54:48
Certificate issuer: /CN=ca9ccd830b7e03308bf5cf25e67a7fc2bde0957c
Certificate serial: 0196AC4429F17FA8E274BED7AEC0F8DEB147
Authority key identifier: CA:9C:CD:83:0B:7E:03:30:8B:F5:CF:25:E6:7A:7F:C2:BD:E0:95:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ypzNgwt-AzCL9c8l5np_wr3glXw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/RbP9WzN9W7AgthBGxFtKwKC3VEg.roa
Signing time: Wed 07 May 2025 19:41:10 +0000
ROA not before: Wed 07 May 2025 19:41:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42375
IP address blocks: 2a0a:c380::/29 maxlen: 29
2a11:1640::/29 maxlen: 29
2a11:3340::/29 maxlen: 29
2a11:4640::/29 maxlen: 29
2a11:5880::/29 maxlen: 29
2a11:65c0::/29 maxlen: 29
2a11:85c0::/29 maxlen: 29
2a11:acc0::/29 maxlen: 29
2a11:be80::/29 maxlen: 29
2a11:e540::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/ypzNgwt-AzCL9c8l5np_wr3glXw.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/ypzNgwt-AzCL9c8l5np_wr3glXw.mft
rsync://rpki.ripe.net/repository/DEFAULT/ypzNgwt-AzCL9c8l5np_wr3glXw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 10 May 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ac:44:29:f1:7f:a8:e2:74:be:d7:ae:c0:f8:de:b1:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca9ccd830b7e03308bf5cf25e67a7fc2bde0957c
Validity
Not Before: May 7 19:41:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=45b3fd5b337d5bb020b61046c45b4ac0a0b75448
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:e6:9c:72:f5:69:b8:35:6d:b2:97:f1:08:66:
04:e4:06:04:fc:79:6d:91:f6:6f:a6:bf:ce:95:4d:
d8:a8:1f:77:7b:69:d3:44:b2:fa:df:19:c4:23:57:
9e:f8:ce:b9:91:a1:a9:bb:e4:0d:b8:34:22:0a:37:
c9:50:c7:bf:e4:5d:5b:79:e4:7d:9f:9f:f7:86:10:
e4:c8:84:a5:a3:80:52:73:a1:d0:e5:87:fb:22:50:
92:e6:a0:f2:53:84:4e:30:3b:a3:e3:cb:1d:7c:62:
71:dd:fd:80:0b:50:58:ee:70:12:3d:58:16:32:64:
f3:b0:f5:f5:dd:3d:c6:7a:e1:07:cc:d2:cf:f3:37:
cd:f4:4d:61:52:c7:7b:12:41:03:7c:ac:17:44:59:
1e:c6:de:59:76:8f:fd:3f:4c:52:41:ca:27:3d:98:
32:9c:94:bf:0e:39:00:3e:dd:b2:61:cc:df:a4:5b:
4e:73:8a:fc:f1:eb:3e:c0:c3:ce:13:00:93:9b:a0:
81:da:f2:37:69:42:94:14:2e:84:88:19:16:bb:12:
85:ac:8d:81:b5:46:fc:64:d2:56:1c:1d:c1:85:b9:
f7:38:6c:d6:7c:5c:2a:e7:32:50:23:00:a6:2b:9c:
45:86:ea:67:32:a3:17:2a:d4:02:2b:9a:95:bb:7a:
c1:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:B3:FD:5B:33:7D:5B:B0:20:B6:10:46:C4:5B:4A:C0:A0:B7:54:48
X509v3 Authority Key Identifier:
keyid:CA:9C:CD:83:0B:7E:03:30:8B:F5:CF:25:E6:7A:7F:C2:BD:E0:95:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ypzNgwt-AzCL9c8l5np_wr3glXw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/RbP9WzN9W7AgthBGxFtKwKC3VEg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/ypzNgwt-AzCL9c8l5np_wr3glXw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:c380::/29
2a11:1640::/29
2a11:3340::/29
2a11:4640::/29
2a11:5880::/29
2a11:65c0::/29
2a11:85c0::/29
2a11:acc0::/29
2a11:be80::/29
2a11:e540::/29
Signature Algorithm: sha256WithRSAEncryption
13:d5:3b:2c:ec:17:3e:d3:68:5a:62:0c:44:00:4f:8c:37:09:
97:74:50:a0:8e:43:01:e4:56:80:84:26:e4:ba:45:6c:d0:bf:
b6:9b:57:50:78:98:c5:7c:ae:c9:de:c7:f5:41:64:f6:a7:fa:
87:f0:84:91:e7:d0:ac:33:c5:ee:2f:dc:e5:d3:ea:fc:28:3b:
b9:70:49:04:dd:cd:75:bb:48:d0:72:a9:44:24:6f:2b:60:67:
6d:bb:4f:89:09:e1:70:c2:be:ce:a4:d1:6d:9c:db:c9:1d:ed:
cf:5d:01:d9:96:81:6c:4f:70:61:f9:5a:36:f3:57:2f:5f:e5:
3b:8b:c2:15:f7:e8:b3:e1:0d:80:f6:33:ad:8c:9c:fa:17:b4:
1c:80:1f:f5:dc:76:de:05:4b:a8:a0:d6:45:bd:01:ce:76:5e:
e8:46:fa:16:77:41:d1:ab:5b:2b:32:4d:06:e6:24:5a:4b:fc:
44:3b:00:fc:04:0a:ab:a3:ab:3c:0f:a6:6c:e0:ee:be:06:22:
0d:32:17:e9:06:16:f8:df:a2:87:32:0c:2b:0d:cc:1a:a7:0d:
50:d3:f0:ba:35:2c:9a:b5:c8:b6:20:8e:c7:b4:c4:f4:e2:e0:
48:34:20:ec:8a:46:2a:79:63:55:9b:b8:ce:57:3c:78:43:4b:
93:94:26:56
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZasRCnxf6jidL7XrsD43rFHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhOWNjZDgzMGI3ZTAzMzA4YmY1Y2YyNWU2N2E3ZmMyYmRl
MDk1N2MwHhcNMjUwNTA3MTk0MTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWIzZmQ1YjMzN2Q1YmIwMjBiNjEwNDZjNDViNGFjMGEwYjc1NDQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+accvVpuDVtspfxCGYE5AYE/Hlt
kfZvpr/OlU3YqB93e2nTRLL63xnEI1ee+M65kaGpu+QNuDQiCjfJUMe/5F1beeR9
n5/3hhDkyISlo4BSc6HQ5Yf7IlCS5qDyU4ROMDuj48sdfGJx3f2AC1BY7nASPVgW
MmTzsPX13T3GeuEHzNLP8zfN9E1hUsd7EkEDfKwXRFkext5Zdo/9P0xSQconPZgy
nJS/DjkAPt2yYczfpFtOc4r88es+wMPOEwCTm6CB2vI3aUKUFC6EiBkWuxKFrI2B
tUb8ZNJWHB3Bhbn3OGzWfFwq5zJQIwCmK5xFhupnMqMXKtQCK5qVu3rBZQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFEWz/VszfVuwILYQRsRbSsCgt1RIMB8GA1UdIwQY
MBaAFMqczYMLfgMwi/XPJeZ6f8K94JV8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXB6Tmd3dC1BekNMOWM4bDVucF93cjNnbFh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9hNjhmMjEtOWZmOC00YTQ0LWEzNmQt
ZDFjZGUyNDY1Zjg5LzEvUmJQOVd6TjlXN0FndGhCR3hGdEt3S0MzVkVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9hNjhmMjEtOWZmOC00YTQ0LWEzNmQtZDFjZGUyNDY1Zjg5
LzEveXB6Tmd3dC1BekNMOWM4bDVucF93cjNnbFh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAAjBGAwUDKgrDgAMF
AyoRFkADBQMqETNAAwUDKhFGQAMFAyoRWIADBQMqEWXAAwUDKhGFwAMFAyoRrMAD
BQMqEb6AAwUDKhHlQDANBgkqhkiG9w0BAQsFAAOCAQEAE9U7LOwXPtNoWmIMRABP
jDcJl3RQoI5DAeRWgIQm5LpFbNC/tptXUHiYxXyuyd7H9UFk9qf6h/CEkefQrDPF
7i/c5dPq/Cg7uXBJBN3NdbtI0HKpRCRvK2BnbbtPiQnhcMK+zqTRbZzbyR3tz10B
2ZaBbE9wYflaNvNXL1/lO4vCFffos+ENgPYzrYyc+he0HIAf9dx23gVLqKDWRb0B
znZe6Eb6FndB0atbKzJNBuYkWkv8RDsA/AQKq6OrPA+mbODuvgYiDTIX6QYW+N+i
hzIMKw3MGqcNUNPwujUsmrXItiCOx7TE9OLgSDQg7IpGKnljVZu4zlc8eENLk5Qm
Vg==
-----END CERTIFICATE-----
Generated at Fri May 9 19:18:15 2025 by rpki-client