Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/cb6f7e-e3b8-4d0c-8293-a497b8cbf177/1/j9E2OX2quheywQ8WlyoApoQxAyY.roa
File: j9E2OX2quheywQ8WlyoApoQxAyY.roa (raw, json)
Hash identifier: yPfGJS8Ox1MQ4VMXdPPHGDVV+XyDxx2gPlzjZQqu4Mo=
Subject key identifier: 8F:D1:36:39:7D:AA:BA:17:B2:C1:0F:16:97:2A:00:A6:84:31:03:26
Certificate issuer: /CN=0d8d3ced32e360fcd46c163556de28aa2824b19b
Certificate serial: 0196ABAEEE6D2E20175021C89CE05E5CD827
Authority key identifier: 0D:8D:3C:ED:32:E3:60:FC:D4:6C:16:35:56:DE:28:AA:28:24:B1:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DY087TLjYPzUbBY1Vt4oqigksZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/cb6f7e-e3b8-4d0c-8293-a497b8cbf177/1/j9E2OX2quheywQ8WlyoApoQxAyY.roa
Signing time: Wed 07 May 2025 16:58:10 +0000
ROA not before: Wed 07 May 2025 16:58:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209179
IP address blocks: 2a03:bb80::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/cb6f7e-e3b8-4d0c-8293-a497b8cbf177/1/DY087TLjYPzUbBY1Vt4oqigksZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/cb6f7e-e3b8-4d0c-8293-a497b8cbf177/1/DY087TLjYPzUbBY1Vt4oqigksZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/DY087TLjYPzUbBY1Vt4oqigksZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 10 May 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ab:ae:ee:6d:2e:20:17:50:21:c8:9c:e0:5e:5c:d8:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d8d3ced32e360fcd46c163556de28aa2824b19b
Validity
Not Before: May 7 16:58:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8fd136397daaba17b2c10f16972a00a684310326
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:33:a1:e2:3a:b8:45:1a:0d:7e:8a:c3:aa:12:
37:00:04:44:2a:61:59:e5:28:33:e2:ef:07:82:40:
87:36:9e:40:e0:2b:c1:f5:1c:02:7e:36:14:58:7e:
61:51:8f:f3:0d:c1:14:9c:f7:93:52:6b:e1:18:35:
55:83:4a:60:eb:10:9d:17:75:38:b6:9a:85:cc:7c:
c9:92:94:81:3a:db:9d:b6:ff:bd:5f:7e:fc:7b:c6:
ff:14:cd:79:47:90:08:f2:47:c6:42:bf:1e:f8:61:
1b:a1:67:ae:ee:e4:4a:ec:1c:c3:15:92:a8:4e:ea:
f6:6e:e3:c8:f5:38:80:90:d5:d5:9f:4c:4a:45:68:
7d:9e:86:47:03:e2:f8:68:a5:bf:28:87:8f:e5:74:
83:fe:75:f6:af:a6:04:b8:dc:cb:87:55:f0:de:e8:
31:b8:96:c0:1b:34:e7:6b:89:e0:94:d6:e1:2a:f3:
f7:28:ac:90:aa:11:9d:56:d4:f9:4b:72:63:a9:67:
1e:8a:30:98:59:61:89:08:42:f5:83:f6:9a:3f:8e:
4d:cf:f3:11:54:cc:db:49:45:4e:36:75:b9:b0:17:
7a:07:d5:62:2c:01:8a:c3:e4:f1:2e:3a:1f:82:bc:
21:56:46:aa:75:99:65:f7:7e:3c:d8:c4:5b:bd:bb:
6e:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:D1:36:39:7D:AA:BA:17:B2:C1:0F:16:97:2A:00:A6:84:31:03:26
X509v3 Authority Key Identifier:
keyid:0D:8D:3C:ED:32:E3:60:FC:D4:6C:16:35:56:DE:28:AA:28:24:B1:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DY087TLjYPzUbBY1Vt4oqigksZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/cb6f7e-e3b8-4d0c-8293-a497b8cbf177/1/j9E2OX2quheywQ8WlyoApoQxAyY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/cb6f7e-e3b8-4d0c-8293-a497b8cbf177/1/DY087TLjYPzUbBY1Vt4oqigksZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:bb80::/48
Signature Algorithm: sha256WithRSAEncryption
51:05:30:23:01:72:68:fd:cd:e1:f5:75:5a:28:dd:68:60:90:
e3:9b:bb:31:5c:0b:ea:e1:ce:1a:fe:30:9d:f6:0e:2b:62:19:
52:cc:fa:72:f2:a8:10:58:6a:92:5d:67:b9:36:3b:81:da:38:
ee:24:03:d1:5e:b4:31:d0:0a:6e:7d:70:bb:a4:09:ff:cc:5a:
14:37:5e:11:8e:8b:50:c3:16:a6:95:67:9e:08:84:1a:14:57:
9f:44:a9:ea:b3:f5:c7:0a:8b:38:4a:d2:d1:5e:d8:41:43:56:
a0:2c:a5:2e:f1:ad:44:5b:a8:c2:72:78:27:4b:31:bf:15:35:
6a:0f:a0:54:67:ab:db:72:85:58:49:cb:db:4b:f3:69:ac:49:
14:36:64:b9:31:04:db:8b:3f:50:b4:b7:be:c3:0f:21:8f:76:
70:bb:a8:e4:96:ce:43:51:86:9f:89:37:6a:18:a8:9b:d9:c7:
b7:54:65:6f:c0:d1:0b:31:6b:ef:7f:cc:10:58:b8:32:5c:86:
35:1d:77:1f:22:9d:d1:42:47:cc:32:70:d7:a9:51:85:8d:eb:
06:50:ae:78:08:33:2b:46:96:e7:2b:aa:37:c5:c8:c7:f7:38:
12:8e:4e:e9:25:d2:1d:7e:5c:12:5d:3a:04:89:6d:cc:85:04:
7f:80:4b:46
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZarru5tLiAXUCHInOBeXNgnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkOGQzY2VkMzJlMzYwZmNkNDZjMTYzNTU2ZGUyOGFhMjgy
NGIxOWIwHhcNMjUwNTA3MTY1ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmQxMzYzOTdkYWFiYTE3YjJjMTBmMTY5NzJhMDBhNjg0MzEwMzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApzOh4jq4RRoNforDqhI3AAREKmFZ
5Sgz4u8HgkCHNp5A4CvB9RwCfjYUWH5hUY/zDcEUnPeTUmvhGDVVg0pg6xCdF3U4
tpqFzHzJkpSBOtudtv+9X378e8b/FM15R5AI8kfGQr8e+GEboWeu7uRK7BzDFZKo
Tur2buPI9TiAkNXVn0xKRWh9noZHA+L4aKW/KIeP5XSD/nX2r6YEuNzLh1Xw3ugx
uJbAGzTna4nglNbhKvP3KKyQqhGdVtT5S3JjqWceijCYWWGJCEL1g/aaP45Nz/MR
VMzbSUVONnW5sBd6B9ViLAGKw+TxLjofgrwhVkaqdZll93482MRbvbtudQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFI/RNjl9qroXssEPFpcqAKaEMQMmMB8GA1UdIwQY
MBaAFA2NPO0y42D81GwWNVbeKKooJLGbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFkwODdUTGpZUHpVYkJZMVZ0NG9xaWdrc1pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9jYjZmN2UtZTNiOC00ZDBjLTgyOTMt
YTQ5N2I4Y2JmMTc3LzEvajlFMk9YMnF1aGV5d1E4V2x5b0Fwb1F4QXlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9jYjZmN2UtZTNiOC00ZDBjLTgyOTMtYTQ5N2I4Y2JmMTc3
LzEvRFkwODdUTGpZUHpVYkJZMVZ0NG9xaWdrc1pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgO7gAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQBRBTAjAXJo/c3h9XVaKN1oYJDjm7sxXAvq4c4a
/jCd9g4rYhlSzPpy8qgQWGqSXWe5NjuB2jjuJAPRXrQx0ApufXC7pAn/zFoUN14R
jotQwxamlWeeCIQaFFefRKnqs/XHCos4StLRXthBQ1agLKUu8a1EW6jCcngnSzG/
FTVqD6BUZ6vbcoVYScvbS/NprEkUNmS5MQTbiz9QtLe+ww8hj3Zwu6jkls5DUYaf
iTdqGKib2ce3VGVvwNELMWvvf8wQWLgyXIY1HXcfIp3RQkfMMnDXqVGFjesGUK54
CDMrRpbnK6o3xcjH9zgSjk7pJdIdflwSXToEiW3MhQR/gEtG
-----END CERTIFICATE-----
Generated at Sat May 10 05:11:07 2025 by rpki-client