Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/0cd65c-e57d-412e-ba65-02a09b7a4eb7/1/VNpQWKbDASJ5_N6WOt8nNsE0C5Q.roa
File: VNpQWKbDASJ5_N6WOt8nNsE0C5Q.roa (raw, json)
Hash identifier: KBAzp38l8QV3VlfIrkv3N+Ntu4Rpg5TWLWtrnsaZDEc=
Subject key identifier: 54:DA:50:58:A6:C3:01:22:79:FC:DE:96:3A:DF:27:36:C1:34:0B:94
Certificate issuer: /CN=9f067e52b4b5b2412fec0148dfc6cb1b34e9274b
Certificate serial: 019694AA9A76E6F8AC4ABA29AC20C67E9FED
Authority key identifier: 9F:06:7E:52:B4:B5:B2:41:2F:EC:01:48:DF:C6:CB:1B:34:E9:27:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nwZ-UrS1skEv7AFI38bLGzTpJ0s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/0cd65c-e57d-412e-ba65-02a09b7a4eb7/1/VNpQWKbDASJ5_N6WOt8nNsE0C5Q.roa
Signing time: Sat 03 May 2025 05:42:10 +0000
ROA not before: Sat 03 May 2025 05:42:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44765
IP address blocks: 2a00:8e40::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/0cd65c-e57d-412e-ba65-02a09b7a4eb7/1/nwZ-UrS1skEv7AFI38bLGzTpJ0s.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/0cd65c-e57d-412e-ba65-02a09b7a4eb7/1/nwZ-UrS1skEv7AFI38bLGzTpJ0s.mft
rsync://rpki.ripe.net/repository/DEFAULT/nwZ-UrS1skEv7AFI38bLGzTpJ0s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 18:19:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:94:aa:9a:76:e6:f8:ac:4a:ba:29:ac:20:c6:7e:9f:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f067e52b4b5b2412fec0148dfc6cb1b34e9274b
Validity
Not Before: May 3 05:42:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=54da5058a6c3012279fcde963adf2736c1340b94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f1:f9:5d:30:b7:24:87:11:d1:bb:53:9c:2e:
c4:1f:06:5f:55:66:37:83:4e:9e:d4:58:a8:52:f7:
7a:5e:04:19:ed:09:49:2b:5b:94:e8:28:5c:d6:da:
dc:da:6c:a7:bf:77:f0:f1:b2:ad:db:28:b2:2c:06:
ab:0d:4c:8a:fc:88:b7:2a:fc:63:8a:c1:9f:a6:5e:
47:90:2c:d3:89:1b:46:af:7a:32:9d:70:86:05:5b:
53:24:90:6a:28:41:c7:98:8a:86:00:6f:6f:8f:ac:
df:ad:13:4a:54:9e:6a:bd:b1:43:f6:60:35:08:70:
4c:d2:12:33:cb:c9:25:d6:d7:a6:7d:b7:54:72:bb:
a1:b4:d8:92:74:03:2a:7f:69:fe:90:26:ad:33:8b:
75:df:9e:41:c6:cb:5b:cb:e1:b0:18:0c:28:76:23:
db:52:7d:8c:0e:d7:b0:bb:31:07:a4:7b:7d:e8:27:
1d:81:c5:f3:6e:df:5d:ad:2d:8a:05:bc:02:8c:4f:
dc:f7:a4:a9:29:ea:d1:10:6d:0c:c5:fa:54:76:2e:
a9:4e:ae:34:65:08:9a:a8:cc:50:ae:40:ec:3b:19:
5e:2d:ef:7c:2c:60:e7:ca:d9:72:dc:ee:8b:c5:c6:
bb:ae:58:67:f9:ae:13:54:af:a9:6e:e2:0d:ff:58:
69:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:DA:50:58:A6:C3:01:22:79:FC:DE:96:3A:DF:27:36:C1:34:0B:94
X509v3 Authority Key Identifier:
keyid:9F:06:7E:52:B4:B5:B2:41:2F:EC:01:48:DF:C6:CB:1B:34:E9:27:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nwZ-UrS1skEv7AFI38bLGzTpJ0s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/0cd65c-e57d-412e-ba65-02a09b7a4eb7/1/VNpQWKbDASJ5_N6WOt8nNsE0C5Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/0cd65c-e57d-412e-ba65-02a09b7a4eb7/1/nwZ-UrS1skEv7AFI38bLGzTpJ0s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:8e40::/32
Signature Algorithm: sha256WithRSAEncryption
92:07:0a:53:e0:23:97:20:23:20:8e:a4:ec:26:56:29:af:bb:
ea:7a:89:52:5d:e3:fe:7a:10:94:56:7b:45:fd:38:25:fd:6b:
88:e9:d9:12:de:98:08:51:de:89:c8:c2:87:93:ad:ff:b7:b8:
2d:c9:b4:d0:26:21:98:69:2a:ad:7d:17:36:f9:3c:f2:61:09:
a1:eb:c0:58:bd:e7:b7:28:19:e6:10:c1:32:ae:16:e6:25:64:
52:a2:9d:0b:a8:72:65:18:cc:d6:7f:18:d9:0b:0a:86:74:3b:
ec:fa:4c:b4:c4:b0:be:42:bd:6c:90:7f:57:c8:9f:64:cb:c0:
02:0e:39:a7:d0:8a:fd:a0:38:b2:63:77:8b:83:37:b2:d1:8d:
5e:7c:c7:f9:e1:03:3e:67:b0:e7:c9:6d:b7:37:26:be:76:a2:
41:ce:d9:e3:b4:30:28:00:3b:38:f3:07:ae:2a:08:62:3f:41:
2e:dd:32:d2:37:a1:9f:35:19:45:8b:d9:61:14:e5:7f:f3:b1:
65:36:82:2a:79:64:29:7a:3f:2b:1a:95:b2:4a:18:b9:dd:34:
d9:0e:a2:54:c5:6e:09:2d:a7:67:44:b8:d7:bc:4b:6c:dd:c3:
6c:26:5b:fc:2e:69:02:d7:50:cc:29:70:0a:a1:80:f9:75:fa:
d7:1c:39:21
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZaUqpp25visSroprCDGfp/tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMDY3ZTUyYjRiNWIyNDEyZmVjMDE0OGRmYzZjYjFiMzRl
OTI3NGIwHhcNMjUwNTAzMDU0MjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGRhNTA1OGE2YzMwMTIyNzlmY2RlOTYzYWRmMjczNmMxMzQwYjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfH5XTC3JIcR0btTnC7EHwZfVWY3
g06e1FioUvd6XgQZ7QlJK1uU6Chc1trc2mynv3fw8bKt2yiyLAarDUyK/Ii3Kvxj
isGfpl5HkCzTiRtGr3oynXCGBVtTJJBqKEHHmIqGAG9vj6zfrRNKVJ5qvbFD9mA1
CHBM0hIzy8kl1temfbdUcruhtNiSdAMqf2n+kCatM4t1355Bxstby+GwGAwodiPb
Un2MDtewuzEHpHt96CcdgcXzbt9drS2KBbwCjE/c96SpKerREG0MxfpUdi6pTq40
ZQiaqMxQrkDsOxleLe98LGDnytly3O6Lxca7rlhn+a4TVK+pbuIN/1hp9QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFFTaUFimwwEiefzeljrfJzbBNAuUMB8GA1UdIwQY
MBaAFJ8GflK0tbJBL+wBSN/Gyxs06SdLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbndaLVVyUzFza0V2N0FGSTM4YkxHelRwSjBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8wY2Q2NWMtZTU3ZC00MTJlLWJhNjUt
MDJhMDliN2E0ZWI3LzEvVk5wUVdLYkRBU0o1X042V090OG5Oc0UwQzVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8wY2Q2NWMtZTU3ZC00MTJlLWJhNjUtMDJhMDliN2E0ZWI3
LzEvbndaLVVyUzFza0V2N0FGSTM4YkxHelRwSjBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgCOQDAN
BgkqhkiG9w0BAQsFAAOCAQEAkgcKU+AjlyAjII6k7CZWKa+76nqJUl3j/noQlFZ7
Rf04Jf1riOnZEt6YCFHeicjCh5Ot/7e4Lcm00CYhmGkqrX0XNvk88mEJoevAWL3n
tygZ5hDBMq4W5iVkUqKdC6hyZRjM1n8Y2QsKhnQ77PpMtMSwvkK9bJB/V8ifZMvA
Ag45p9CK/aA4smN3i4M3stGNXnzH+eEDPmew58lttzcmvnaiQc7Z47QwKAA7OPMH
rioIYj9BLt0y0jehnzUZRYvZYRTlf/OxZTaCKnlkKXo/KxqVskoYud002Q6iVMVu
CS2nZ0S417xLbN3DbCZb/C5pAtdQzClwCqGA+XX61xw5IQ==
-----END CERTIFICATE-----
Generated at Tue May 6 03:50:40 2025 by rpki-client