Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/6fe110-2b31-4fed-a56b-5ad5d29d72dd/1/qI02I2WeIbyQJXU2kKmSYDmuGmg.roa
File: qI02I2WeIbyQJXU2kKmSYDmuGmg.roa (raw, json)
Hash identifier: +/v2LoWNQyCo7X5QXEt3nR9mBWrSzfmyTw/jlV14U04=
Subject key identifier: A8:8D:36:23:65:9E:21:BC:90:25:75:36:90:A9:92:60:39:AE:1A:68
Certificate issuer: /CN=9cf45e00ae164e67aa1354857237d09adf27c952
Certificate serial: 01942521EFFEB879D5EFE802FD3B02C9F9C0
Authority key identifier: 9C:F4:5E:00:AE:16:4E:67:AA:13:54:85:72:37:D0:9A:DF:27:C9:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nPReAK4WTmeqE1SFcjfQmt8nyVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/6fe110-2b31-4fed-a56b-5ad5d29d72dd/1/qI02I2WeIbyQJXU2kKmSYDmuGmg.roa
Signing time: Thu 02 Jan 2025 03:49:28 +0000
ROA not before: Thu 02 Jan 2025 03:49:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48069
IP address blocks: 91.208.209.0/24 maxlen: 24
2001:67c:19a8::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/6fe110-2b31-4fed-a56b-5ad5d29d72dd/1/nPReAK4WTmeqE1SFcjfQmt8nyVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/6fe110-2b31-4fed-a56b-5ad5d29d72dd/1/nPReAK4WTmeqE1SFcjfQmt8nyVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/nPReAK4WTmeqE1SFcjfQmt8nyVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:ef:fe:b8:79:d5:ef:e8:02:fd:3b:02:c9:f9:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9cf45e00ae164e67aa1354857237d09adf27c952
Validity
Not Before: Jan 2 03:49:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a88d3623659e21bc9025753690a9926039ae1a68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:c0:ac:ad:31:00:c7:94:73:71:7c:fc:86:48:
07:0d:62:7f:1e:34:8e:4f:5e:16:4d:06:9f:31:c0:
9f:82:d2:af:6e:0a:1d:89:08:a8:93:ff:e4:2a:bf:
f7:bc:de:b0:20:95:82:90:0c:06:28:ad:25:ba:94:
d8:03:bf:32:ca:2f:9e:d8:2d:4e:0f:09:b3:59:95:
76:ce:b8:41:b5:c8:25:a4:5a:7e:ef:64:1f:4f:61:
35:59:df:3a:00:af:3d:9e:27:70:27:bf:8b:80:f8:
31:f9:be:a0:7c:42:b3:34:53:c8:5c:1b:53:00:ca:
ac:87:68:94:95:73:4b:c2:b1:fc:fb:47:fc:48:b6:
56:85:51:25:00:d5:f0:cf:7c:ac:58:39:23:66:4a:
35:a6:92:dc:9a:d3:4c:f5:c4:4a:c4:56:38:17:9d:
df:8e:8b:a2:0c:32:ca:1e:45:72:ca:64:d4:22:7f:
78:05:10:08:ab:26:79:18:a5:52:25:8a:da:37:2a:
40:bc:24:4f:ca:76:b4:7b:3f:ea:0f:15:61:95:91:
3b:af:1c:3e:6c:f9:f4:bd:e8:7e:54:68:e5:34:64:
1d:7e:a2:4f:e1:f0:73:b9:bf:97:71:fc:37:d9:5c:
39:b2:08:da:d0:e5:1d:c2:88:f5:86:72:44:7d:fb:
22:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:8D:36:23:65:9E:21:BC:90:25:75:36:90:A9:92:60:39:AE:1A:68
X509v3 Authority Key Identifier:
keyid:9C:F4:5E:00:AE:16:4E:67:AA:13:54:85:72:37:D0:9A:DF:27:C9:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nPReAK4WTmeqE1SFcjfQmt8nyVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/6fe110-2b31-4fed-a56b-5ad5d29d72dd/1/qI02I2WeIbyQJXU2kKmSYDmuGmg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/6fe110-2b31-4fed-a56b-5ad5d29d72dd/1/nPReAK4WTmeqE1SFcjfQmt8nyVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.209.0/24
IPv6:
2001:67c:19a8::/48
Signature Algorithm: sha256WithRSAEncryption
4f:c1:4e:96:26:5d:ce:3d:54:01:0f:db:3d:af:a4:e8:74:a9:
85:01:85:c2:5d:89:72:cb:41:14:8f:bc:34:42:be:7c:f7:23:
49:ed:01:18:20:7f:af:91:83:13:b8:ea:b4:bf:a0:c2:c5:77:
5e:c4:cd:02:30:40:df:03:97:cc:9f:6c:70:bd:13:c3:6f:f7:
cf:f0:20:c3:40:25:f3:ea:e3:75:79:25:dd:4d:ba:28:1b:b0:
0c:1b:dd:4f:e2:eb:c4:fb:cf:46:86:72:19:ba:8d:b5:47:82:
8e:24:3c:5c:5f:4e:08:89:07:93:93:80:a2:a3:e5:31:4c:38:
29:f1:44:b3:31:10:91:dd:4e:5f:b9:1c:59:42:af:ae:19:59:
80:cb:df:a7:b9:bf:ee:38:f0:08:47:55:dc:e0:05:13:70:49:
37:8a:39:eb:fc:7f:82:1d:cf:d4:9e:f2:81:a1:e6:3d:92:0a:
02:ff:fa:be:aa:f1:9f:5c:49:d1:8d:86:97:e9:70:ad:aa:5f:
7c:a8:cc:fe:cf:64:02:18:bc:3a:10:c6:f9:fa:28:e2:31:a5:
4d:be:d1:79:0e:5f:69:c4:e9:00:15:a9:c9:f7:16:31:d3:c7:
f9:70:3c:c7:bd:99:05:1a:2c:c5:2a:bd:9c:97:9c:e1:ad:18:
d8:f7:c3:81
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQlIe/+uHnV7+gC/TsCyfnAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljZjQ1ZTAwYWUxNjRlNjdhYTEzNTQ4NTcyMzdkMDlhZGYy
N2M5NTIwHhcNMjUwMTAyMDM0OTI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODhkMzYyMzY1OWUyMWJjOTAyNTc1MzY5MGE5OTI2MDM5YWUxYTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAusCsrTEAx5RzcXz8hkgHDWJ/HjSO
T14WTQafMcCfgtKvbgodiQiok//kKr/3vN6wIJWCkAwGKK0lupTYA78yyi+e2C1O
DwmzWZV2zrhBtcglpFp+72QfT2E1Wd86AK89nidwJ7+LgPgx+b6gfEKzNFPIXBtT
AMqsh2iUlXNLwrH8+0f8SLZWhVElANXwz3ysWDkjZko1ppLcmtNM9cRKxFY4F53f
jouiDDLKHkVyymTUIn94BRAIqyZ5GKVSJYraNypAvCRPyna0ez/qDxVhlZE7rxw+
bPn0veh+VGjlNGQdfqJP4fBzub+Xcfw32Vw5sgja0OUdwoj1hnJEffsiUQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKiNNiNlniG8kCV1NpCpkmA5rhpoMB8GA1UdIwQY
MBaAFJz0XgCuFk5nqhNUhXI30JrfJ8lSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblBSZUFLNFdUbWVxRTFTRmNqZlFtdDhueVZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC82ZmUxMTAtMmIzMS00ZmVkLWE1NmIt
NWFkNWQyOWQ3MmRkLzEvcUkwMkkyV2VJYnlRSlhVMmtLbVNZRG11R21nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC82ZmUxMTAtMmIzMS00ZmVkLWE1NmItNWFkNWQyOWQ3MmRk
LzEvblBSZUFLNFdUbWVxRTFTRmNqZlFtdDhueVZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW9DRMA8E
AgACMAkDBwAgAQZ8GagwDQYJKoZIhvcNAQELBQADggEBAE/BTpYmXc49VAEP2z2v
pOh0qYUBhcJdiXLLQRSPvDRCvnz3I0ntARggf6+RgxO46rS/oMLFd17EzQIwQN8D
l8yfbHC9E8Nv98/wIMNAJfPq43V5Jd1NuigbsAwb3U/i68T7z0aGchm6jbVHgo4k
PFxfTgiJB5OTgKKj5TFMOCnxRLMxEJHdTl+5HFlCr64ZWYDL36e5v+448AhHVdzg
BRNwSTeKOev8f4Idz9Se8oGh5j2SCgL/+r6q8Z9cSdGNhpfpcK2qX3yozP7PZAIY
vDoQxvn6KOIxpU2+0XkOX2nE6QAVqcn3FjHTx/lwPMe9mQUaLMUqvZyXnOGtGNj3
w4E=
-----END CERTIFICATE-----
Generated at Wed Apr 23 06:35:37 2025 by rpki-client