Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/07f623-14fb-4a80-9f46-23331b64916c/1/moO5Ks17ZAWVDkWAO-sZOL7jYGk.roa
File: moO5Ks17ZAWVDkWAO-sZOL7jYGk.roa (raw, json)
Hash identifier: vNDGafiza1LZ3cM48PDM+kPW+0J6IrOV2MqoIZsseo4=
Subject key identifier: 9A:83:B9:2A:CD:7B:64:05:95:0E:45:80:3B:EB:19:38:BE:E3:60:69
Certificate issuer: /CN=a7a4e23482268475c1b935637d0002c2fd2993b8
Certificate serial: 0196A215A7BE794DA1F2DB258466BD4D1EC3
Authority key identifier: A7:A4:E2:34:82:26:84:75:C1:B9:35:63:7D:00:02:C2:FD:29:93:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p6TiNIImhHXBuTVjfQACwv0pk7g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/07f623-14fb-4a80-9f46-23331b64916c/1/moO5Ks17ZAWVDkWAO-sZOL7jYGk.roa
Signing time: Mon 05 May 2025 20:14:10 +0000
ROA not before: Mon 05 May 2025 20:14:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209274
IP address blocks: 2a14:ae00:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/07f623-14fb-4a80-9f46-23331b64916c/1/p6TiNIImhHXBuTVjfQACwv0pk7g.crl
rsync://rpki.ripe.net/repository/DEFAULT/cc/07f623-14fb-4a80-9f46-23331b64916c/1/p6TiNIImhHXBuTVjfQACwv0pk7g.mft
rsync://rpki.ripe.net/repository/DEFAULT/p6TiNIImhHXBuTVjfQACwv0pk7g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 14 May 2025 14:31:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a2:15:a7:be:79:4d:a1:f2:db:25:84:66:bd:4d:1e:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7a4e23482268475c1b935637d0002c2fd2993b8
Validity
Not Before: May 5 20:14:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9a83b92acd7b6405950e45803beb1938bee36069
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:4f:4a:d5:4f:63:22:cb:e7:ea:53:c6:b8:2d:
97:19:1b:24:b6:d5:e9:f0:7a:6a:cc:7a:dc:84:16:
67:31:bc:10:f5:20:93:db:43:cf:4a:78:c6:23:a1:
4b:53:18:b2:9e:af:06:ab:b0:7a:fa:27:40:6c:11:
71:0f:1d:16:b6:87:9d:bf:b7:6b:40:94:fc:d4:d1:
a0:6e:a6:85:81:e7:0d:6a:c7:8b:ef:31:c7:78:d7:
d1:ec:fb:9e:68:f4:d8:1a:e0:e9:fd:15:6c:04:20:
95:74:f3:12:7d:70:fa:38:2c:a2:b1:0d:35:d8:a8:
bf:c2:f6:3b:76:1e:40:a2:98:1b:72:fc:bc:0f:a5:
30:37:a8:f0:47:2b:71:39:36:c2:41:9a:d5:f0:1a:
cb:98:b0:65:25:5c:d6:f1:46:64:9a:29:81:df:ca:
8f:76:ba:d9:28:ee:61:52:b2:f4:53:dc:48:6a:46:
93:c3:fa:c7:ce:88:82:0b:31:3d:43:4f:72:d5:03:
44:78:92:b1:60:a8:9f:ac:ae:5b:5d:c5:88:b1:29:
09:ac:84:92:f9:74:50:d5:72:7b:70:0b:34:3a:e6:
5a:ff:d7:bc:b7:00:43:36:7b:12:d8:0f:69:83:da:
02:87:30:01:9b:86:35:24:ca:26:6a:42:9b:a1:3c:
89:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:83:B9:2A:CD:7B:64:05:95:0E:45:80:3B:EB:19:38:BE:E3:60:69
X509v3 Authority Key Identifier:
keyid:A7:A4:E2:34:82:26:84:75:C1:B9:35:63:7D:00:02:C2:FD:29:93:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p6TiNIImhHXBuTVjfQACwv0pk7g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/07f623-14fb-4a80-9f46-23331b64916c/1/moO5Ks17ZAWVDkWAO-sZOL7jYGk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/07f623-14fb-4a80-9f46-23331b64916c/1/p6TiNIImhHXBuTVjfQACwv0pk7g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:ae00:1::/48
Signature Algorithm: sha256WithRSAEncryption
64:03:74:bd:5a:e7:86:90:7a:33:12:7b:f5:4b:7c:08:fb:64:
d7:c6:6c:69:eb:f9:8e:f4:81:af:73:53:39:4e:2c:5c:50:83:
da:17:85:31:62:fe:ea:22:d0:fd:89:96:f3:e1:2b:8a:d9:87:
e1:c9:82:48:5c:68:05:2e:41:2a:83:37:12:6c:4d:4f:13:10:
9c:3d:62:79:53:a5:27:a7:b8:e9:6d:5f:d6:e9:69:f0:b1:20:
41:c1:34:7f:cb:d2:02:e5:0d:11:e5:23:5b:89:3d:0f:ee:b7:
19:d7:50:61:28:81:0c:f7:30:0b:18:9e:49:59:81:bc:c4:a0:
c8:79:bb:7f:0f:4b:f6:33:fa:b2:29:5a:b9:2a:a5:48:76:be:
4f:bd:9e:1d:1c:a5:23:96:43:81:01:a2:9d:27:a8:8e:a5:68:
48:4c:02:02:d1:34:89:3a:40:d4:2d:32:8f:bc:8e:56:b1:ee:
1e:a4:5b:d2:50:74:8d:f5:bf:ec:10:a6:5a:e9:7f:86:a1:f5:
b6:c3:7a:ed:14:a5:d0:9e:8f:b4:16:91:c4:f9:81:c5:8c:0f:
6e:e7:4e:16:0a:b3:4e:50:90:d3:33:b6:c1:da:df:af:5a:3e:
2b:83:09:b0:01:2e:e6:f9:cd:da:d0:92:5a:b9:dd:20:51:ea:
fc:4f:3e:75
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZaiFae+eU2h8tslhGa9TR7DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3YTRlMjM0ODIyNjg0NzVjMWI5MzU2MzdkMDAwMmMyZmQy
OTkzYjgwHhcNMjUwNTA1MjAxNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTgzYjkyYWNkN2I2NDA1OTUwZTQ1ODAzYmViMTkzOGJlZTM2MDY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAok9K1U9jIsvn6lPGuC2XGRskttXp
8HpqzHrchBZnMbwQ9SCT20PPSnjGI6FLUxiynq8Gq7B6+idAbBFxDx0Wtoedv7dr
QJT81NGgbqaFgecNaseL7zHHeNfR7PueaPTYGuDp/RVsBCCVdPMSfXD6OCyisQ01
2Ki/wvY7dh5Aopgbcvy8D6UwN6jwRytxOTbCQZrV8BrLmLBlJVzW8UZkmimB38qP
drrZKO5hUrL0U9xIakaTw/rHzoiCCzE9Q09y1QNEeJKxYKifrK5bXcWIsSkJrISS
+XRQ1XJ7cAs0OuZa/9e8twBDNnsS2A9pg9oChzABm4Y1JMomakKboTyJvQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJqDuSrNe2QFlQ5FgDvrGTi+42BpMB8GA1UdIwQY
MBaAFKek4jSCJoR1wbk1Y30AAsL9KZO4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDZUaU5JSW1oSFhCdVRWamZRQUN3djBwazdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8wN2Y2MjMtMTRmYi00YTgwLTlmNDYt
MjMzMzFiNjQ5MTZjLzEvbW9PNUtzMTdaQVdWRGtXQU8tc1pPTDdqWUdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8wN2Y2MjMtMTRmYi00YTgwLTlmNDYtMjMzMzFiNjQ5MTZj
LzEvcDZUaU5JSW1oSFhCdVRWamZRQUN3djBwazdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhSuAAAB
MA0GCSqGSIb3DQEBCwUAA4IBAQBkA3S9WueGkHozEnv1S3wI+2TXxmxp6/mO9IGv
c1M5TixcUIPaF4UxYv7qItD9iZbz4SuK2YfhyYJIXGgFLkEqgzcSbE1PExCcPWJ5
U6Unp7jpbV/W6WnwsSBBwTR/y9IC5Q0R5SNbiT0P7rcZ11BhKIEM9zALGJ5JWYG8
xKDIebt/D0v2M/qyKVq5KqVIdr5PvZ4dHKUjlkOBAaKdJ6iOpWhITAIC0TSJOkDU
LTKPvI5Wse4epFvSUHSN9b/sEKZa6X+GofW2w3rtFKXQno+0FpHE+YHFjA9u504W
CrNOUJDTM7bB2t+vWj4rgwmwAS7m+c3a0JJaud0gUer8Tz51
-----END CERTIFICATE-----
Generated at Tue May 13 23:23:34 2025 by rpki-client