Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/jA2vSU3SCgCpZjP6uPIpzTM7izs.roa
File: jA2vSU3SCgCpZjP6uPIpzTM7izs.roa (raw, json)
Hash identifier: F2V1sXhuvS4w8Uh1olTJbz2yrvF79F/U7O5HbXTunrE=
Subject key identifier: 8C:0D:AF:49:4D:D2:0A:00:A9:66:33:FA:B8:F2:29:CD:33:3B:8B:3B
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 0196A1A9A1EDFC48903FB3A8DC2C9ACD2506
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/jA2vSU3SCgCpZjP6uPIpzTM7izs.roa
Signing time: Mon 05 May 2025 18:16:10 +0000
ROA not before: Mon 05 May 2025 18:16:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213861
IP address blocks: 2a11:e9c5::/32 maxlen: 32
2a14:2dc0::/32 maxlen: 32
2a14:2dc1::/32 maxlen: 32
2a14:2dc2::/32 maxlen: 32
2a14:2dc3::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 08 May 2025 15:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a1:a9:a1:ed:fc:48:90:3f:b3:a8:dc:2c:9a:cd:25:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: May 5 18:16:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8c0daf494dd20a00a96633fab8f229cd333b8b3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:ad:64:78:d6:d6:3c:35:6d:78:1c:16:7d:56:
bb:ba:14:84:44:d9:eb:da:5f:8a:9d:cd:71:1f:d2:
be:06:34:f8:60:cb:b1:c5:cb:c9:39:07:31:1f:f6:
b0:36:3f:aa:20:d8:be:2d:21:5d:ee:37:ca:be:3d:
37:7b:a4:c8:ae:a2:d5:e7:f1:cd:10:23:bd:90:70:
48:fb:27:0f:49:f9:f6:e5:be:d5:21:74:44:d3:75:
74:ff:9d:c6:d2:93:e2:a4:81:51:a2:16:e4:91:c1:
cc:cb:73:5f:bf:9c:3d:88:bc:9c:10:23:24:09:8d:
3e:9f:db:55:bc:a7:61:a8:9e:01:15:82:98:43:0a:
bd:77:d4:3f:cd:75:eb:49:bc:26:60:ac:e7:88:2a:
22:89:25:cb:b1:7a:8a:6f:12:e3:a2:e0:64:db:6c:
7c:98:51:13:42:58:02:af:4c:44:d1:d3:ba:c5:55:
ab:fb:d2:34:c1:14:0d:17:3b:51:87:2e:4d:a7:0a:
d5:f6:b6:2b:2c:6f:75:f1:f2:95:66:c1:d1:ab:c1:
cc:c4:d2:90:08:e5:8e:cf:1f:17:ca:62:c7:19:2a:
cb:1c:26:85:fe:1f:f1:46:bc:14:9d:6e:75:20:29:
3d:8b:52:75:7a:81:70:e4:92:a5:f6:d6:41:c4:5f:
7b:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:0D:AF:49:4D:D2:0A:00:A9:66:33:FA:B8:F2:29:CD:33:3B:8B:3B
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/jA2vSU3SCgCpZjP6uPIpzTM7izs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:e9c5::/32
2a14:2dc0::/30
Signature Algorithm: sha256WithRSAEncryption
6e:2f:97:d7:8b:ac:e3:ec:1c:24:8f:a2:0d:e0:87:05:f5:9f:
83:ea:11:a0:89:a7:a3:ed:9b:56:8c:14:fe:17:52:6c:5b:86:
08:d2:2c:ec:a3:4b:a3:e9:18:2e:3c:01:e9:7d:3d:c0:d0:12:
35:aa:50:21:2f:30:2a:97:97:5a:78:58:4b:6e:38:5a:f6:be:
49:89:45:77:33:da:e4:10:af:58:a9:a9:c3:d8:49:03:12:a9:
68:4a:e8:23:b7:39:f1:d4:ef:22:8c:3e:63:40:89:a6:4d:db:
49:e6:34:19:ab:78:90:cc:8a:48:c7:1d:92:5e:c3:31:52:89:
9b:13:c4:a1:d3:c8:24:08:be:91:fe:ae:57:0d:13:c9:e5:4c:
73:64:80:07:4d:b6:4a:92:a3:52:87:9d:b6:22:7e:09:1b:2b:
6c:2a:e6:4e:18:8c:f6:68:12:e0:cf:f5:65:90:57:4d:d3:43:
fa:d0:da:50:fb:c1:21:b4:45:f1:9e:e5:c2:95:05:45:91:ec:
a7:55:b5:fd:55:2a:d3:dc:78:7f:16:5d:9e:1c:7b:9d:6a:06:
45:06:0f:d4:cb:33:98:e7:f2:34:58:02:cc:16:be:34:18:b0:
4b:c7:1b:1c:c1:5d:05:a7:d7:94:4e:32:d4:5b:9f:48:c2:a0:
c7:7f:8d:2b
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZahqaHt/EiQP7Oo3CyazSUGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjUwNTA1MTgxNjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzBkYWY0OTRkZDIwYTAwYTk2NjMzZmFiOGYyMjljZDMzM2I4YjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAna1keNbWPDVteBwWfVa7uhSERNnr
2l+Knc1xH9K+BjT4YMuxxcvJOQcxH/awNj+qINi+LSFd7jfKvj03e6TIrqLV5/HN
ECO9kHBI+ycPSfn25b7VIXRE03V0/53G0pPipIFRohbkkcHMy3Nfv5w9iLycECMk
CY0+n9tVvKdhqJ4BFYKYQwq9d9Q/zXXrSbwmYKzniCoiiSXLsXqKbxLjouBk22x8
mFETQlgCr0xE0dO6xVWr+9I0wRQNFztRhy5NpwrV9rYrLG918fKVZsHRq8HMxNKQ
COWOzx8XymLHGSrLHCaF/h/xRrwUnW51ICk9i1J1eoFw5JKl9tZBxF97pQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFIwNr0lN0goAqWYz+rjyKc0zO4s7MB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvakEydlNVM1NDZ0NwWmpQNnVQSXB6VE03aXpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKhHpxQMF
AioULcAwDQYJKoZIhvcNAQELBQADggEBAG4vl9eLrOPsHCSPog3ghwX1n4PqEaCJ
p6Ptm1aMFP4XUmxbhgjSLOyjS6PpGC48Ael9PcDQEjWqUCEvMCqXl1p4WEtuOFr2
vkmJRXcz2uQQr1ipqcPYSQMSqWhK6CO3OfHU7yKMPmNAiaZN20nmNBmreJDMikjH
HZJewzFSiZsTxKHTyCQIvpH+rlcNE8nlTHNkgAdNtkqSo1KHnbYifgkbK2wq5k4Y
jPZoEuDP9WWQV03TQ/rQ2lD7wSG0RfGe5cKVBUWR7KdVtf1VKtPceH8WXZ4ce51q
BkUGD9TLM5jn8jRYAswWvjQYsEvHGxzBXQWn15ROMtRbn0jCoMd/jSs=
-----END CERTIFICATE-----
Generated at Thu May 8 00:13:44 2025 by rpki-client