Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/nZaqbX4b0xd3UwU7l5sM7yoGBBo.roa
File: nZaqbX4b0xd3UwU7l5sM7yoGBBo.roa (raw, json)
Hash identifier: OWNumqHHHp/8gdqH67NYyJSDu9rO3vPuBbgXU7s9BgM=
Subject key identifier: 9D:96:AA:6D:7E:1B:D3:17:77:53:05:3B:97:9B:0C:EF:2A:06:04:1A
Certificate issuer: /CN=af5e93f902354ce4804b4cb049cf68b20f76aeb2
Certificate serial: 01941F8C23B50CB931E489B5EBD558A5721E
Authority key identifier: AF:5E:93:F9:02:35:4C:E4:80:4B:4C:B0:49:CF:68:B2:0F:76:AE:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r16T-QI1TOSAS0ywSc9osg92rrI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/nZaqbX4b0xd3UwU7l5sM7yoGBBo.roa
Signing time: Wed 01 Jan 2025 01:47:45 +0000
ROA not before: Wed 01 Jan 2025 01:47:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57270
IP address blocks: 91.231.190.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/r16T-QI1TOSAS0ywSc9osg92rrI.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/r16T-QI1TOSAS0ywSc9osg92rrI.mft
rsync://rpki.ripe.net/repository/DEFAULT/r16T-QI1TOSAS0ywSc9osg92rrI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 19:01:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:23:b5:0c:b9:31:e4:89:b5:eb:d5:58:a5:72:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af5e93f902354ce4804b4cb049cf68b20f76aeb2
Validity
Not Before: Jan 1 01:47:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9d96aa6d7e1bd3177753053b979b0cef2a06041a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:41:d5:12:f7:cf:8c:f7:cd:df:0a:3e:e1:8f:
88:93:46:4f:c0:b3:cf:38:c5:3e:78:4b:35:20:54:
30:15:be:c3:e6:1d:19:31:48:bb:a2:f6:1c:de:96:
78:d3:01:ea:f6:75:74:fe:b9:88:cb:9d:13:0c:51:
70:b6:9f:3d:d2:4e:62:cc:63:cf:aa:b3:1f:65:7b:
8d:5e:7e:4e:fc:35:f8:35:be:48:d8:7a:bb:18:67:
b2:1b:a0:1e:aa:9f:1a:40:93:4e:d8:62:ce:05:59:
9e:67:f6:0b:dd:72:1d:fc:2f:a9:b7:60:41:7f:b2:
9b:af:4b:16:90:44:ee:41:39:8d:31:3b:6a:ea:0f:
7e:6b:60:05:6d:5a:91:1f:0c:93:9d:5e:67:30:a1:
bd:40:d6:6f:ed:0c:cb:20:5b:72:a6:64:24:49:8c:
4a:cf:8f:c4:4a:c1:46:f9:10:f2:e2:c1:2a:96:88:
99:89:2b:0f:9d:27:9f:86:52:ae:80:6b:83:46:07:
6a:27:52:3e:f8:50:54:bc:71:3f:98:76:76:bb:4c:
07:6a:73:be:55:62:4e:7f:fd:18:79:3d:ea:e9:ac:
08:d1:a6:bf:b0:06:b5:92:c3:51:52:d4:04:61:29:
ab:7a:b6:16:d5:87:55:5c:02:4a:e8:bb:45:f0:8e:
9c:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:96:AA:6D:7E:1B:D3:17:77:53:05:3B:97:9B:0C:EF:2A:06:04:1A
X509v3 Authority Key Identifier:
keyid:AF:5E:93:F9:02:35:4C:E4:80:4B:4C:B0:49:CF:68:B2:0F:76:AE:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r16T-QI1TOSAS0ywSc9osg92rrI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/nZaqbX4b0xd3UwU7l5sM7yoGBBo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/r16T-QI1TOSAS0ywSc9osg92rrI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.231.190.0/24
Signature Algorithm: sha256WithRSAEncryption
80:6d:aa:c8:26:4c:c8:00:5b:50:fb:5a:b1:59:a8:a9:b2:50:
4c:80:d0:74:1a:36:9a:88:44:56:0f:50:74:8a:9f:85:64:ba:
fb:3f:5a:cc:95:d8:4e:9f:c1:dc:88:7d:6f:7c:e0:e9:48:d9:
69:b5:99:c5:26:09:f1:e6:01:a9:5b:bf:27:44:47:67:56:26:
dc:ba:e3:10:d1:00:1c:eb:2e:f7:e4:1f:32:74:ac:e3:3c:06:
94:0c:8d:7a:98:e7:7b:ab:b1:0d:22:a2:fb:2f:96:b7:87:62:
bc:86:3b:43:c5:bc:8e:fb:b5:0b:c7:fd:1a:e4:d7:82:72:c1:
8a:2f:61:c3:39:57:9f:ba:e3:b7:35:4e:10:14:12:e1:bc:78:
1b:9f:ce:9b:f0:cf:61:f6:1f:9b:d9:de:ef:2e:d8:9d:40:ec:
3e:0f:c3:7a:82:15:50:3f:58:83:25:e7:d0:b3:43:f0:80:f1:
ac:e0:f8:25:96:dd:a5:69:c0:3d:87:61:b1:c4:ff:ab:d5:58:
8d:fe:b2:e7:02:2a:f1:c0:21:bb:1a:52:85:7a:69:5a:58:d7:
06:3e:9b:b5:2c:ac:32:56:04:4a:4a:9c:b7:af:1a:98:84:b5:
c8:04:ad:a5:5e:8d:6e:e3:93:39:06:07:36:c2:58:08:54:c8:
f1:99:33:69
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjCO1DLkx5Im169VYpXIeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNWU5M2Y5MDIzNTRjZTQ4MDRiNGNiMDQ5Y2Y2OGIyMGY3
NmFlYjIwHhcNMjUwMTAxMDE0NzQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDk2YWE2ZDdlMWJkMzE3Nzc1MzA1M2I5NzliMGNlZjJhMDYwNDFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmkHVEvfPjPfN3wo+4Y+Ik0ZPwLPP
OMU+eEs1IFQwFb7D5h0ZMUi7ovYc3pZ40wHq9nV0/rmIy50TDFFwtp890k5izGPP
qrMfZXuNXn5O/DX4Nb5I2Hq7GGeyG6Aeqp8aQJNO2GLOBVmeZ/YL3XId/C+pt2BB
f7Kbr0sWkETuQTmNMTtq6g9+a2AFbVqRHwyTnV5nMKG9QNZv7QzLIFtypmQkSYxK
z4/ESsFG+RDy4sEqloiZiSsPnSefhlKugGuDRgdqJ1I++FBUvHE/mHZ2u0wHanO+
VWJOf/0YeT3q6awI0aa/sAa1ksNRUtQEYSmrerYW1YdVXAJK6LtF8I6crwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ2Wqm1+G9MXd1MFO5ebDO8qBgQaMB8GA1UdIwQY
MBaAFK9ek/kCNUzkgEtMsEnPaLIPdq6yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjE2VC1RSTFUT1NBUzB5d1NjOW9zZzkycnJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9mNDAwNGItZDYwMi00NzVkLTkzMWIt
N2UwNWFkMDE5MGNlLzEvblphcWJYNGIweGQzVXdVN2w1c003eW9HQkJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9mNDAwNGItZDYwMi00NzVkLTkzMWItN2UwNWFkMDE5MGNl
LzEvcjE2VC1RSTFUT1NBUzB5d1NjOW9zZzkycnJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+e+MA0G
CSqGSIb3DQEBCwUAA4IBAQCAbarIJkzIAFtQ+1qxWaipslBMgNB0GjaaiERWD1B0
ip+FZLr7P1rMldhOn8HciH1vfODpSNlptZnFJgnx5gGpW78nREdnVibcuuMQ0QAc
6y735B8ydKzjPAaUDI16mOd7q7ENIqL7L5a3h2K8hjtDxbyO+7ULx/0a5NeCcsGK
L2HDOVefuuO3NU4QFBLhvHgbn86b8M9h9h+b2d7vLtidQOw+D8N6ghVQP1iDJefQ
s0PwgPGs4Pgllt2lacA9h2GxxP+r1ViN/rLnAirxwCG7GlKFemlaWNcGPpu1LKwy
VgRKSpy3rxqYhLXIBK2lXo1u45M5Bgc2wlgIVMjxmTNp
-----END CERTIFICATE-----
Generated at Tue Apr 8 01:28:03 2025 by rpki-client