Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/_ydRflsIxjgskIUx7gN4baFV8C8.roa
File: _ydRflsIxjgskIUx7gN4baFV8C8.roa (raw, json)
Hash identifier: lHvedqgu53CdWRW4X4unqTm50BUV5shlwZBlFMdLtYw=
Subject key identifier: FF:27:51:7E:5B:08:C6:38:2C:90:85:31:EE:03:78:6D:A1:55:F0:2F
Certificate issuer: /CN=58ad60da52671e9083cf39864eca2aa23241be9e
Certificate serial: 0196CE0E11A017ACA7DAC6A249D9AD785832
Authority key identifier: 58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/_ydRflsIxjgskIUx7gN4baFV8C8.roa
Signing time: Wed 14 May 2025 09:09:10 +0000
ROA not before: Wed 14 May 2025 09:09:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396931
IP address blocks: 2a0f:63c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.mft
rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 15 May 2025 17:32:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ce:0e:11:a0:17:ac:a7:da:c6:a2:49:d9:ad:78:58:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ad60da52671e9083cf39864eca2aa23241be9e
Validity
Not Before: May 14 09:09:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ff27517e5b08c6382c908531ee03786da155f02f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:fc:3c:40:97:09:1f:c0:bd:ba:13:68:d1:df:
52:6c:9c:70:16:e0:ce:94:19:54:a4:ca:85:df:31:
d9:0a:a5:72:ac:57:82:52:9f:86:eb:b3:34:87:e4:
5a:39:72:6b:95:2f:ef:39:3e:ad:c5:13:ad:9b:dc:
1c:92:c9:eb:f5:76:14:18:81:3b:f3:48:f2:07:31:
4f:cd:d8:ae:d4:99:3a:2b:4d:4b:f1:f9:40:6e:c5:
8a:2a:9d:8a:04:5a:4b:5d:58:ac:9f:69:c0:fd:9f:
c8:43:f7:89:80:e3:b4:07:e8:67:76:56:46:67:8e:
7e:2b:76:a1:fc:b9:cd:1a:57:36:63:ad:ef:e0:18:
39:ad:e6:7d:c2:73:d6:ce:55:6f:ed:30:ef:db:1e:
7a:e9:78:d0:da:96:6b:7e:a2:0b:b1:42:ad:ce:cf:
1d:ad:3b:95:e8:d3:56:6f:c9:cf:c0:bc:72:69:86:
bb:74:8d:38:b6:7f:36:ac:2a:a3:29:73:65:1e:43:
ab:88:38:93:57:3a:ec:46:e8:da:68:6b:59:02:e5:
c6:fa:56:c8:fb:e8:85:bc:f0:e2:22:d9:01:b9:48:
8e:af:aa:ba:05:c1:aa:88:04:90:cf:4a:39:18:26:
24:60:e8:da:f0:0b:d6:09:93:91:98:ab:cd:09:e0:
12:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:27:51:7E:5B:08:C6:38:2C:90:85:31:EE:03:78:6D:A1:55:F0:2F
X509v3 Authority Key Identifier:
keyid:58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/_ydRflsIxjgskIUx7gN4baFV8C8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:63c0::/32
Signature Algorithm: sha256WithRSAEncryption
79:7b:ed:12:9d:8e:57:82:e1:22:43:63:38:ca:f8:05:f5:dc:
ea:8f:1c:5d:9f:c5:c7:49:19:39:e8:7f:83:51:0f:0c:da:97:
e3:16:a9:fd:e8:48:4b:ae:3d:28:2f:ac:f5:f6:47:89:d8:c9:
e7:b1:65:79:ce:0c:00:5f:85:c0:48:6b:15:0a:6f:10:2e:a3:
9b:9d:60:0f:cd:4d:9c:80:35:40:9a:a0:4f:b6:f8:ca:7a:ef:
e0:b0:76:84:70:6b:40:ef:f2:77:91:12:82:45:f5:4b:f0:fe:
52:b0:c9:58:3b:13:6d:3c:3a:1d:bc:f1:88:21:9d:05:67:1d:
5f:2b:06:d4:11:00:b4:84:64:7d:74:ca:f2:56:eb:fe:fb:0d:
6d:18:e4:fd:81:3b:71:ec:2c:29:4f:ac:27:ce:63:a4:b9:ba:
5b:25:2f:9f:ea:6a:48:f5:e0:a3:90:02:84:9a:f2:a7:41:b4:
5f:9a:4f:f1:c2:1e:a7:2e:15:8f:da:dc:bc:88:55:a4:7b:d1:
1a:1c:aa:be:c9:2f:ae:2d:1b:64:dc:e9:c1:4a:fc:8b:ca:5d:
6f:08:1d:ff:9f:2c:83:0e:c8:72:12:36:4a:ae:60:70:b8:a5:
f8:8f:3f:8e:90:27:03:2a:75:ff:86:42:f6:62:0f:3f:52:61:
80:70:2b:bc
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZbODhGgF6yn2saiSdmteFgyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YWQ2MGRhNTI2NzFlOTA4M2NmMzk4NjRlY2EyYWEyMzI0
MWJlOWUwHhcNMjUwNTE0MDkwOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjI3NTE3ZTViMDhjNjM4MmM5MDg1MzFlZTAzNzg2ZGExNTVmMDJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq/w8QJcJH8C9uhNo0d9SbJxwFuDO
lBlUpMqF3zHZCqVyrFeCUp+G67M0h+RaOXJrlS/vOT6txROtm9wcksnr9XYUGIE7
80jyBzFPzdiu1Jk6K01L8flAbsWKKp2KBFpLXVisn2nA/Z/IQ/eJgOO0B+hndlZG
Z45+K3ah/LnNGlc2Y63v4Bg5reZ9wnPWzlVv7TDv2x566XjQ2pZrfqILsUKtzs8d
rTuV6NNWb8nPwLxyaYa7dI04tn82rCqjKXNlHkOriDiTVzrsRujaaGtZAuXG+lbI
++iFvPDiItkBuUiOr6q6BcGqiASQz0o5GCYkYOja8AvWCZORmKvNCeASqwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFP8nUX5bCMY4LJCFMe4DeG2hVfAvMB8GA1UdIwQY
MBaAFFitYNpSZx6Qg885hk7KKqIyQb6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDct
MTFiM2NmM2ZkNGUxLzEvX3lkUmZsc0l4amdza0lVeDdnTjRiYUZWOEM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDctMTFiM2NmM2ZkNGUx
LzEvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg9jwDAN
BgkqhkiG9w0BAQsFAAOCAQEAeXvtEp2OV4LhIkNjOMr4BfXc6o8cXZ/Fx0kZOeh/
g1EPDNqX4xap/ehIS649KC+s9fZHidjJ57Flec4MAF+FwEhrFQpvEC6jm51gD81N
nIA1QJqgT7b4ynrv4LB2hHBrQO/yd5ESgkX1S/D+UrDJWDsTbTw6HbzxiCGdBWcd
XysG1BEAtIRkfXTK8lbr/vsNbRjk/YE7cewsKU+sJ85jpLm6WyUvn+pqSPXgo5AC
hJryp0G0X5pP8cIepy4Vj9rcvIhVpHvRGhyqvskvri0bZNzpwUr8i8pdbwgd/58s
gw7IchI2Sq5gcLil+I8/jpAnAyp1/4ZC9mIPP1JhgHArvA==
-----END CERTIFICATE-----
Generated at Thu May 15 02:28:20 2025 by rpki-client