Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/E4Vdlg_YokoDgG4eHIzTtFkz2m4.roa
File: E4Vdlg_YokoDgG4eHIzTtFkz2m4.roa (raw, json)
Hash identifier: it3bc/tTZWA6j3xSrTd2FWjEgr78Y6Q+Nc2Ij1YT2+U=
Subject key identifier: 13:85:5D:96:0F:D8:A2:4A:03:80:6E:1E:1C:8C:D3:B4:59:33:DA:6E
Certificate issuer: /CN=58ad60da52671e9083cf39864eca2aa23241be9e
Certificate serial: 0196BF262732E67D56AF896257181D19A89B
Authority key identifier: 58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/E4Vdlg_YokoDgG4eHIzTtFkz2m4.roa
Signing time: Sun 11 May 2025 11:41:10 +0000
ROA not before: Sun 11 May 2025 11:41:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215420
IP address blocks: 2a0f:89c0::/29 maxlen: 29
2a13:d140::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.mft
rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 13 May 2025 20:47:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:bf:26:27:32:e6:7d:56:af:89:62:57:18:1d:19:a8:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ad60da52671e9083cf39864eca2aa23241be9e
Validity
Not Before: May 11 11:41:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=13855d960fd8a24a03806e1e1c8cd3b45933da6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:dd:b5:68:8c:81:8c:71:3a:13:98:1d:c7:51:
d1:3a:79:53:f4:62:cb:7c:11:27:6e:98:06:9b:56:
24:28:d5:ff:3a:5d:f4:3d:f0:30:cf:d4:b2:4e:38:
c2:87:c7:e7:70:7e:39:00:f8:99:05:83:ae:a3:49:
93:d2:56:4c:ed:4c:55:d1:88:65:c7:8c:30:a9:07:
8e:39:ab:98:ca:a5:83:90:0c:c4:85:0d:a4:fd:9c:
2c:ac:72:9d:09:f3:43:a5:0c:44:c3:3c:a6:8c:2d:
65:12:fe:e9:09:25:f0:3b:67:8b:b9:46:4d:aa:7b:
d6:39:52:dd:10:67:d0:1c:0d:2a:d7:2a:0b:ea:4b:
23:cc:89:cf:49:05:05:d3:42:e9:92:64:58:40:0b:
2e:94:3f:be:21:cb:5c:59:c8:b2:3b:99:c4:76:ef:
f6:64:cd:9b:42:b9:80:22:f7:e8:12:6d:d8:15:66:
30:64:25:07:e9:7e:ee:09:8a:e8:de:12:53:a5:50:
0d:c4:cd:fb:a6:d1:24:0a:50:cb:1e:b0:50:10:2f:
29:bb:7a:27:f3:47:2d:dc:da:d6:05:b5:30:2f:ff:
c5:57:aa:3c:20:0a:b8:a6:b8:54:55:c8:86:65:65:
4a:a5:1b:93:bf:17:40:af:04:e2:1c:82:55:3d:fd:
5e:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:85:5D:96:0F:D8:A2:4A:03:80:6E:1E:1C:8C:D3:B4:59:33:DA:6E
X509v3 Authority Key Identifier:
keyid:58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/E4Vdlg_YokoDgG4eHIzTtFkz2m4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:89c0::/29
2a13:d140::/29
Signature Algorithm: sha256WithRSAEncryption
b1:05:14:99:b6:24:d6:b5:0b:0f:37:94:bf:6f:c7:e5:8b:9b:
6a:47:a4:7a:1b:3c:f9:d7:d6:c3:56:d3:c7:41:51:63:79:9e:
90:e8:98:02:d3:4a:d4:fe:44:df:b2:67:1f:b5:c8:b6:1b:49:
b6:8d:91:ec:11:95:0f:94:d0:d9:70:e2:e9:d0:97:70:70:90:
71:af:05:26:83:1b:d2:df:a1:b2:c1:a0:ba:17:10:4e:18:81:
d7:54:4c:7f:65:45:3f:b9:71:31:65:df:56:a3:7d:cf:ec:e3:
f2:f5:b9:b5:18:d6:a1:30:7a:5a:22:6a:5f:9a:09:6e:0b:fe:
a2:b1:f3:9f:90:e6:a8:61:25:51:2f:cf:31:c3:4d:1b:90:3a:
93:09:8a:ca:9a:a3:33:e5:42:2d:01:45:23:83:58:f9:23:a1:
72:e8:df:6c:11:74:d9:31:2a:6c:05:07:c2:6e:f8:05:d6:02:
31:2b:b6:25:26:f0:12:9f:8e:95:f7:28:a1:0d:d8:1b:3b:61:
03:4a:cc:1b:84:61:d7:6d:42:bb:6b:1e:2b:29:37:92:7e:98:
fd:df:a0:f8:f7:b7:1c:01:11:a0:50:49:3e:da:98:df:8c:84:
9d:a3:f9:f3:b7:1a:bf:00:af:07:db:3e:50:6b:0d:0b:55:ea:
4b:9b:38:07
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZa/Jicy5n1Wr4liVxgdGaibMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YWQ2MGRhNTI2NzFlOTA4M2NmMzk4NjRlY2EyYWEyMzI0
MWJlOWUwHhcNMjUwNTExMTE0MTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzg1NWQ5NjBmZDhhMjRhMDM4MDZlMWUxYzhjZDNiNDU5MzNkYTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi921aIyBjHE6E5gdx1HROnlT9GLL
fBEnbpgGm1YkKNX/Ol30PfAwz9SyTjjCh8fncH45APiZBYOuo0mT0lZM7UxV0Yhl
x4wwqQeOOauYyqWDkAzEhQ2k/ZwsrHKdCfNDpQxEwzymjC1lEv7pCSXwO2eLuUZN
qnvWOVLdEGfQHA0q1yoL6ksjzInPSQUF00LpkmRYQAsulD++IctcWciyO5nEdu/2
ZM2bQrmAIvfoEm3YFWYwZCUH6X7uCYro3hJTpVANxM37ptEkClDLHrBQEC8pu3on
80ct3NrWBbUwL//FV6o8IAq4prhUVciGZWVKpRuTvxdArwTiHIJVPf1e/QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFBOFXZYP2KJKA4BuHhyM07RZM9puMB8GA1UdIwQY
MBaAFFitYNpSZx6Qg885hk7KKqIyQb6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDct
MTFiM2NmM2ZkNGUxLzEvRTRWZGxnX1lva29EZ0c0ZUhJelR0Rmt6Mm00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDctMTFiM2NmM2ZkNGUx
LzEvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKg+JwAMF
AyoT0UAwDQYJKoZIhvcNAQELBQADggEBALEFFJm2JNa1Cw83lL9vx+WLm2pHpHob
PPnX1sNW08dBUWN5npDomALTStT+RN+yZx+1yLYbSbaNkewRlQ+U0Nlw4unQl3Bw
kHGvBSaDG9LfobLBoLoXEE4YgddUTH9lRT+5cTFl31ajfc/s4/L1ubUY1qEweloi
al+aCW4L/qKx85+Q5qhhJVEvzzHDTRuQOpMJisqaozPlQi0BRSODWPkjoXLo32wR
dNkxKmwFB8Ju+AXWAjErtiUm8BKfjpX3KKEN2Bs7YQNKzBuEYddtQrtrHispN5J+
mP3foPj3txwBEaBQST7amN+MhJ2j+fO3Gr8ArwfbPlBrDQtV6kubOAc=
-----END CERTIFICATE-----
Generated at Tue May 13 04:59:31 2025 by rpki-client