Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/53ff62-c1ad-4244-b91a-f8affef112d8/1/X5Pbij4rIL8Dq4Js8EvH7j1Wj7k.roa
File: X5Pbij4rIL8Dq4Js8EvH7j1Wj7k.roa (raw, json)
Hash identifier: JTczwWTBd9G1q76W/pHd7YHIV9ZzN4VCk+pl3uv/6uM=
Subject key identifier: 5F:93:DB:8A:3E:2B:20:BF:03:AB:82:6C:F0:4B:C7:EE:3D:56:8F:B9
Certificate issuer: /CN=a9f2fdea263b79fce11389052b0cd940995c6dfe
Certificate serial: 0196C0A0424563C8DCF32716EF9A52209964
Authority key identifier: A9:F2:FD:EA:26:3B:79:FC:E1:13:89:05:2B:0C:D9:40:99:5C:6D:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qfL96iY7efzhE4kFKwzZQJlcbf4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/53ff62-c1ad-4244-b91a-f8affef112d8/1/X5Pbij4rIL8Dq4Js8EvH7j1Wj7k.roa
Signing time: Sun 11 May 2025 18:34:10 +0000
ROA not before: Sun 11 May 2025 18:34:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2a12:d8c2::/32 maxlen: 32
2a12:d8c3::/32 maxlen: 32
2a12:d8c4::/32 maxlen: 32
2a12:d8c5::/32 maxlen: 32
2a12:d8c7::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/53ff62-c1ad-4244-b91a-f8affef112d8/1/qfL96iY7efzhE4kFKwzZQJlcbf4.crl
rsync://rpki.ripe.net/repository/DEFAULT/83/53ff62-c1ad-4244-b91a-f8affef112d8/1/qfL96iY7efzhE4kFKwzZQJlcbf4.mft
rsync://rpki.ripe.net/repository/DEFAULT/qfL96iY7efzhE4kFKwzZQJlcbf4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 14 May 2025 14:31:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c0:a0:42:45:63:c8:dc:f3:27:16:ef:9a:52:20:99:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9f2fdea263b79fce11389052b0cd940995c6dfe
Validity
Not Before: May 11 18:34:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5f93db8a3e2b20bf03ab826cf04bc7ee3d568fb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:94:76:c8:95:a1:fb:3a:ed:43:59:85:fe:f4:
b0:cd:6b:2c:a2:fb:59:d3:d8:a0:d8:4b:31:01:02:
0d:fb:1d:c9:12:56:32:9b:08:b3:36:32:b6:d1:d3:
86:cd:9b:56:80:a0:3d:af:b5:57:58:14:87:2c:47:
9f:79:17:8d:34:d2:2c:15:6e:73:fe:fe:53:5c:f1:
c8:2f:c3:78:f9:f6:36:b5:ad:6e:8f:9b:77:19:e4:
29:29:af:f9:9a:bc:51:fb:86:38:2a:31:c8:bd:26:
a4:e1:f2:55:98:16:2d:41:d0:37:81:f0:42:fe:d7:
d5:06:63:e6:76:6a:3a:4a:c9:c6:ff:7d:ad:1e:fd:
0b:ab:ff:4e:b1:76:26:3f:7a:71:6a:25:f6:f7:2f:
ca:79:c9:73:bc:07:c6:4a:6a:e5:8b:e1:b9:07:73:
c7:0a:f2:c8:3d:29:e4:ff:92:fb:5d:65:d8:60:ef:
ea:cf:a8:50:b5:69:dc:37:e1:27:ce:de:21:44:81:
ba:69:a7:40:6d:c0:7e:39:13:e8:14:43:74:16:37:
f5:32:df:30:cd:54:97:38:9b:86:26:5c:4d:fa:89:
5f:14:ea:84:b0:d3:20:37:dd:82:f9:0d:ef:23:13:
c7:a8:2d:27:f0:db:fd:e7:18:f6:5c:42:79:04:f1:
4c:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:93:DB:8A:3E:2B:20:BF:03:AB:82:6C:F0:4B:C7:EE:3D:56:8F:B9
X509v3 Authority Key Identifier:
keyid:A9:F2:FD:EA:26:3B:79:FC:E1:13:89:05:2B:0C:D9:40:99:5C:6D:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qfL96iY7efzhE4kFKwzZQJlcbf4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/53ff62-c1ad-4244-b91a-f8affef112d8/1/X5Pbij4rIL8Dq4Js8EvH7j1Wj7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/53ff62-c1ad-4244-b91a-f8affef112d8/1/qfL96iY7efzhE4kFKwzZQJlcbf4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:d8c2::-2a12:d8c5:ffff:ffff:ffff:ffff:ffff:ffff
2a12:d8c7::/32
Signature Algorithm: sha256WithRSAEncryption
6a:a4:eb:42:b1:25:60:c9:ed:e8:2a:53:3c:16:8c:fd:9e:0b:
ee:21:ca:06:61:fd:b3:9b:f8:f6:6d:ac:d4:1a:8b:2a:1f:02:
2e:6a:54:46:1b:21:2e:d3:58:21:69:d9:65:01:d3:6d:37:21:
8a:22:e0:e2:d1:e6:f8:32:fc:af:6d:99:a8:0a:a2:5c:24:4b:
68:3c:08:7e:86:86:9d:56:12:ec:65:47:4c:99:88:cf:d1:43:
cd:a4:18:57:fc:dd:22:5a:b3:5d:64:88:a8:8d:36:9d:e9:17:
63:b7:2c:6a:5a:d4:f3:e8:55:4a:7a:8c:0b:b1:25:2e:59:33:
19:1e:cd:73:eb:1e:5a:75:c0:8a:ce:32:44:8d:ed:91:9c:82:
48:b2:aa:59:08:4f:1e:86:10:ed:47:4f:b6:e9:31:55:43:fb:
82:a2:3b:6d:fe:f9:8f:dc:fd:92:ed:58:c5:ba:a3:53:e0:3d:
f9:20:e2:53:42:fe:f1:58:bd:d7:06:2a:22:ba:23:68:db:62:
6e:f0:ea:89:07:4e:71:3f:13:6c:1c:cc:61:4b:25:d9:07:a7:
09:c6:ef:98:49:be:95:52:82:e2:a7:40:bf:ff:49:1e:8a:7d:
cb:cd:6a:db:f5:0d:3a:18:5b:fe:c6:bb:9a:6c:5e:8a:0d:9e:
b9:b1:51:a0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZbAoEJFY8jc8ycW75pSIJlkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5ZjJmZGVhMjYzYjc5ZmNlMTEzODkwNTJiMGNkOTQwOTk1
YzZkZmUwHhcNMjUwNTExMTgzNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjkzZGI4YTNlMmIyMGJmMDNhYjgyNmNmMDRiYzdlZTNkNTY4ZmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5R2yJWh+zrtQ1mF/vSwzWssovtZ
09ig2EsxAQIN+x3JElYymwizNjK20dOGzZtWgKA9r7VXWBSHLEefeReNNNIsFW5z
/v5TXPHIL8N4+fY2ta1uj5t3GeQpKa/5mrxR+4Y4KjHIvSak4fJVmBYtQdA3gfBC
/tfVBmPmdmo6SsnG/32tHv0Lq/9OsXYmP3pxaiX29y/KeclzvAfGSmrli+G5B3PH
CvLIPSnk/5L7XWXYYO/qz6hQtWncN+Enzt4hRIG6aadAbcB+ORPoFEN0Fjf1Mt8w
zVSXOJuGJlxN+olfFOqEsNMgN92C+Q3vIxPHqC0n8Nv95xj2XEJ5BPFMQQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFF+T24o+KyC/A6uCbPBLx+49Vo+5MB8GA1UdIwQY
MBaAFKny/eomO3n84ROJBSsM2UCZXG3+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWZMOTZpWTdlZnpoRTRrRkt3elpRSmxjYmY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My81M2ZmNjItYzFhZC00MjQ0LWI5MWEt
ZjhhZmZlZjExMmQ4LzEvWDVQYmlqNHJJTDhEcTRKczhFdkg3ajFXajdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My81M2ZmNjItYzFhZC00MjQ0LWI5MWEtZjhhZmZlZjExMmQ4
LzEvcWZMOTZpWTdlZnpoRTRrRkt3elpRSmxjYmY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAdBAIAAjAXMA4DBQEqEtjC
AwUBKhLYxAMFACoS2McwDQYJKoZIhvcNAQELBQADggEBAGqk60KxJWDJ7egqUzwW
jP2eC+4hygZh/bOb+PZtrNQaiyofAi5qVEYbIS7TWCFp2WUB0203IYoi4OLR5vgy
/K9tmagKolwkS2g8CH6Ghp1WEuxlR0yZiM/RQ82kGFf83SJas11kiKiNNp3pF2O3
LGpa1PPoVUp6jAuxJS5ZMxkezXPrHlp1wIrOMkSN7ZGcgkiyqlkITx6GEO1HT7bp
MVVD+4KiO23++Y/c/ZLtWMW6o1PgPfkg4lNC/vFYvdcGKiK6I2jbYm7w6okHTnE/
E2wczGFLJdkHpwnG75hJvpVSguKnQL//SR6KfcvNatv1DToYW/7Gu5psXooNnrmx
UaA=
-----END CERTIFICATE-----
Generated at Tue May 13 18:39:34 2025 by rpki-client