Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/cgfWhp9nnNlIFwxwBmM9ufcXLT8.roa
File: cgfWhp9nnNlIFwxwBmM9ufcXLT8.roa (raw, json)
Hash identifier: d9o/0tEnmxkRdMrExtvCAvZnhgV08vpjue2h9xSnd5M=
Subject key identifier: 72:07:D6:86:9F:67:9C:D9:48:17:0C:70:06:63:3D:B9:F7:17:2D:3F
Certificate issuer: /CN=87be093097097c4457ff5aa3e5893c8c15432612
Certificate serial: 0194221FBF05D229E93633A20FE8F723A607
Authority key identifier: 87:BE:09:30:97:09:7C:44:57:FF:5A:A3:E5:89:3C:8C:15:43:26:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h74JMJcJfERX_1qj5Yk8jBVDJhI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/cgfWhp9nnNlIFwxwBmM9ufcXLT8.roa
Signing time: Wed 01 Jan 2025 13:48:13 +0000
ROA not before: Wed 01 Jan 2025 13:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 931
IP address blocks: 89.35.48.0/24 maxlen: 24
89.37.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/h74JMJcJfERX_1qj5Yk8jBVDJhI.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/h74JMJcJfERX_1qj5Yk8jBVDJhI.mft
rsync://rpki.ripe.net/repository/DEFAULT/h74JMJcJfERX_1qj5Yk8jBVDJhI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 13:43:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:bf:05:d2:29:e9:36:33:a2:0f:e8:f7:23:a6:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87be093097097c4457ff5aa3e5893c8c15432612
Validity
Not Before: Jan 1 13:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7207d6869f679cd948170c7006633db9f7172d3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:64:b6:fc:54:6d:32:2f:8a:5a:6d:d9:5c:93:
48:30:4a:4e:b8:3b:9b:6d:eb:4f:ee:b6:40:c8:4a:
1b:df:51:c5:df:d0:93:02:7c:2f:73:c3:1e:41:3b:
1e:0b:6b:1d:30:f7:f1:c3:1c:42:b3:0c:dd:0a:0c:
01:d1:29:75:b8:6e:5e:4b:da:e0:94:9e:d4:0a:62:
df:ff:f3:76:c7:3f:03:8e:db:40:85:b6:78:0a:9f:
06:0a:ed:5e:d6:a1:7d:fc:42:24:fc:db:63:40:27:
77:0e:2c:06:9a:77:d4:fa:ee:01:33:3d:3c:09:9c:
cd:69:98:cf:c8:a6:71:8a:ec:de:f6:cc:e5:85:04:
fe:c0:d9:83:4d:0c:36:28:44:30:e8:84:c0:d5:f6:
d6:dd:79:61:66:73:71:64:4d:45:2e:bd:7d:d8:15:
a7:14:a3:07:c7:53:df:a2:2b:17:ba:70:ae:d6:c6:
39:ec:d9:a1:14:67:24:d3:b2:2f:62:6a:9d:a8:47:
6e:76:fc:f1:97:ae:f6:6a:fe:77:41:95:25:78:18:
97:07:1a:e6:5a:b0:6e:5c:f2:5e:49:67:1a:f5:e5:
2c:4c:67:19:62:2c:74:31:5b:59:25:05:72:19:79:
41:51:44:8d:8f:46:51:29:9a:a5:2c:ba:47:8d:8d:
89:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:07:D6:86:9F:67:9C:D9:48:17:0C:70:06:63:3D:B9:F7:17:2D:3F
X509v3 Authority Key Identifier:
keyid:87:BE:09:30:97:09:7C:44:57:FF:5A:A3:E5:89:3C:8C:15:43:26:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h74JMJcJfERX_1qj5Yk8jBVDJhI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/cgfWhp9nnNlIFwxwBmM9ufcXLT8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/h74JMJcJfERX_1qj5Yk8jBVDJhI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.48.0/24
89.37.99.0/24
Signature Algorithm: sha256WithRSAEncryption
24:cd:cd:8a:2f:f7:97:5a:49:b3:85:32:27:4c:c2:c8:e5:42:
1e:64:34:3b:06:ab:c0:72:95:90:0c:7b:7d:02:14:f4:f5:73:
8d:27:75:c2:67:ea:06:be:ce:33:37:8e:a8:ac:be:f6:de:1a:
59:02:ca:fd:53:8e:d9:05:5a:19:ab:be:00:b2:2c:5f:db:61:
c6:2a:72:4e:f9:82:df:ab:55:ba:d1:d3:40:f5:2b:03:4f:64:
1f:28:9e:a6:fe:e9:b4:9d:01:99:38:9b:a1:9b:d4:b2:07:fc:
2b:77:ee:49:c8:96:77:d7:a0:fc:2e:73:99:8d:da:f5:63:8d:
51:61:b7:fd:7a:87:61:83:2e:91:59:37:82:74:f4:54:8a:b4:
c9:1e:6f:69:92:0c:32:ef:72:85:db:44:04:6a:a5:48:cd:34:
4f:1e:b7:8d:5f:e1:89:ed:04:0c:25:74:a9:36:5e:91:b4:93:
3a:99:1c:98:ff:c8:ec:22:92:64:fc:5f:b5:46:92:59:08:96:
12:a2:e5:ca:ef:83:b7:e7:91:1c:c2:3a:70:55:d4:40:38:df:
b4:48:7d:96:40:5c:82:74:cd:fc:3f:53:57:4a:b1:6b:bb:b1:
8b:1c:f8:3d:80:8c:f2:56:2e:5d:0c:ff:34:99:6b:00:59:a3:
a4:c7:05:c2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQiH78F0inpNjOiD+j3I6YHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3YmUwOTMwOTcwOTdjNDQ1N2ZmNWFhM2U1ODkzYzhjMTU0
MzI2MTIwHhcNMjUwMTAxMTM0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjA3ZDY4NjlmNjc5Y2Q5NDgxNzBjNzAwNjYzM2RiOWY3MTcyZDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxWS2/FRtMi+KWm3ZXJNIMEpOuDub
betP7rZAyEob31HF39CTAnwvc8MeQTseC2sdMPfxwxxCswzdCgwB0Sl1uG5eS9rg
lJ7UCmLf//N2xz8DjttAhbZ4Cp8GCu1e1qF9/EIk/NtjQCd3DiwGmnfU+u4BMz08
CZzNaZjPyKZxiuze9szlhQT+wNmDTQw2KEQw6ITA1fbW3XlhZnNxZE1FLr192BWn
FKMHx1PfoisXunCu1sY57NmhFGck07IvYmqdqEdudvzxl672av53QZUleBiXBxrm
WrBuXPJeSWca9eUsTGcZYix0MVtZJQVyGXlBUUSNj0ZRKZqlLLpHjY2JBwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHIH1oafZ5zZSBcMcAZjPbn3Fy0/MB8GA1UdIwQY
MBaAFIe+CTCXCXxEV/9ao+WJPIwVQyYSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDc0Sk1KY0pmRVJYXzFxajVZazhqQlZESmhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jYzhmNGEtNGMwMi00MDRiLThkOTMt
MmNkZTY1ZjMxMTJhLzEvY2dmV2hwOW5uTmxJRnd4d0JtTTl1ZmNYTFQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jYzhmNGEtNGMwMi00MDRiLThkOTMtMmNkZTY1ZjMxMTJh
LzEvaDc0Sk1KY0pmRVJYXzFxajVZazhqQlZESmhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWSMwAwQA
WSVjMA0GCSqGSIb3DQEBCwUAA4IBAQAkzc2KL/eXWkmzhTInTMLI5UIeZDQ7BqvA
cpWQDHt9AhT09XONJ3XCZ+oGvs4zN46orL723hpZAsr9U47ZBVoZq74Asixf22HG
KnJO+YLfq1W60dNA9SsDT2QfKJ6m/um0nQGZOJuhm9SyB/wrd+5JyJZ316D8LnOZ
jdr1Y41RYbf9eodhgy6RWTeCdPRUirTJHm9pkgwy73KF20QEaqVIzTRPHreNX+GJ
7QQMJXSpNl6RtJM6mRyY/8jsIpJk/F+1RpJZCJYSouXK74O355EcwjpwVdRAON+0
SH2WQFyCdM38P1NXSrFru7GLHPg9gIzyVi5dDP80mWsAWaOkxwXC
-----END CERTIFICATE-----
Generated at Tue Apr 8 21:21:00 2025 by rpki-client