Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0dd668-9725-48bc-80f6-15b0185e7a79/1/9Ikrgii6aWEfsxAWAi789vrE9wg.roa
File: 9Ikrgii6aWEfsxAWAi789vrE9wg.roa (raw, json)
Hash identifier: iLnyK1Sj4Jg60yb2gV/nuNI+npfH3YvqxRf21D1k0LY=
Subject key identifier: F4:89:2B:82:28:BA:69:61:1F:B3:10:16:02:2E:FC:F6:FA:C4:F7:08
Certificate issuer: /CN=8c48dcecbbcc052c659f971609229e3656a3d956
Certificate serial: 019423D73D2020FC2283BA2499D3333438E3
Authority key identifier: 8C:48:DC:EC:BB:CC:05:2C:65:9F:97:16:09:22:9E:36:56:A3:D9:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jEjc7LvMBSxln5cWCSKeNlaj2VY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0dd668-9725-48bc-80f6-15b0185e7a79/1/9Ikrgii6aWEfsxAWAi789vrE9wg.roa
Signing time: Wed 01 Jan 2025 21:48:15 +0000
ROA not before: Wed 01 Jan 2025 21:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197295
IP address blocks: 91.231.168.0/23 maxlen: 23
178.159.160.0/20 maxlen: 20
185.157.164.0/22 maxlen: 22
194.156.16.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/0dd668-9725-48bc-80f6-15b0185e7a79/1/jEjc7LvMBSxln5cWCSKeNlaj2VY.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/0dd668-9725-48bc-80f6-15b0185e7a79/1/jEjc7LvMBSxln5cWCSKeNlaj2VY.mft
rsync://rpki.ripe.net/repository/DEFAULT/jEjc7LvMBSxln5cWCSKeNlaj2VY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 16:01:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:3d:20:20:fc:22:83:ba:24:99:d3:33:34:38:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c48dcecbbcc052c659f971609229e3656a3d956
Validity
Not Before: Jan 1 21:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f4892b8228ba69611fb31016022efcf6fac4f708
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:07:5b:58:73:99:00:25:04:10:8a:30:35:3a:
8f:89:55:2f:50:38:3e:d5:2e:61:f6:26:b4:62:8d:
6a:87:56:46:20:28:06:cc:50:c6:d0:15:d3:54:1c:
e7:cf:ad:e5:44:05:ef:8f:71:ab:56:51:b1:60:84:
c8:8b:b6:c6:d5:bd:15:5a:99:e6:f2:f2:b0:de:1b:
f2:48:93:d1:99:7c:8a:93:c5:8b:1e:de:60:d2:ff:
c3:8e:89:6d:81:dc:bd:3c:a2:a1:67:88:b3:cb:19:
63:16:d9:2e:07:95:3d:34:b3:68:25:92:bd:86:f0:
34:3f:51:72:5a:97:30:e1:fe:8b:bc:7f:d9:d1:28:
89:38:90:79:8c:61:86:79:44:e8:1b:88:55:21:60:
c3:0c:ce:16:1e:80:f1:a1:7c:5c:c3:80:3b:ae:ee:
4d:39:4c:7e:b2:3f:6e:63:d9:ed:fd:ff:ef:b9:49:
12:06:e8:20:ee:73:2f:5e:e6:58:cc:1d:24:9f:ef:
69:ff:75:59:d7:a7:c1:16:7e:4d:80:86:7a:8c:60:
2b:6d:f8:fe:5b:67:64:0f:61:64:6e:d7:48:7d:db:
62:d1:75:6a:67:eb:aa:2d:7f:75:c6:7e:1e:10:82:
ba:d5:0e:5c:ef:1f:be:43:7c:40:e4:f3:ec:96:ec:
2b:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:89:2B:82:28:BA:69:61:1F:B3:10:16:02:2E:FC:F6:FA:C4:F7:08
X509v3 Authority Key Identifier:
keyid:8C:48:DC:EC:BB:CC:05:2C:65:9F:97:16:09:22:9E:36:56:A3:D9:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jEjc7LvMBSxln5cWCSKeNlaj2VY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0dd668-9725-48bc-80f6-15b0185e7a79/1/9Ikrgii6aWEfsxAWAi789vrE9wg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0dd668-9725-48bc-80f6-15b0185e7a79/1/jEjc7LvMBSxln5cWCSKeNlaj2VY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.231.168.0/23
178.159.160.0/20
185.157.164.0/22
194.156.16.0/22
Signature Algorithm: sha256WithRSAEncryption
47:73:a1:6a:03:a3:46:cf:f1:89:58:50:48:c4:c3:d8:73:86:
55:c8:bf:db:64:2f:11:bf:d4:73:99:c2:78:b2:60:b0:b2:28:
d8:48:8c:ef:94:d6:91:cc:5e:95:33:fe:8b:91:04:0d:af:71:
1e:7f:5a:3c:c3:46:b4:90:13:7e:a6:38:26:7c:04:7b:cb:14:
86:56:b4:76:82:f6:51:66:17:17:d7:01:fe:88:cf:ae:68:89:
74:38:2e:d9:54:c4:66:dd:6a:1e:f0:bc:77:e2:bc:16:2f:4b:
cf:98:bb:27:87:14:c3:43:ce:12:e7:b2:e1:92:40:14:74:e3:
27:48:0d:28:57:a7:42:68:b6:9f:f5:8b:40:9e:39:cc:26:ba:
3a:82:d1:4d:2d:05:ef:1f:26:c7:19:c5:66:4c:34:3f:0d:4c:
84:9f:7e:c9:43:97:e6:80:fb:39:2b:4a:46:cd:4b:e8:1a:74:
66:f3:b1:14:55:58:76:93:36:d5:84:08:8c:58:2f:ec:72:cb:
f9:94:f4:ef:80:b0:83:97:15:a0:9c:17:65:b9:03:79:f3:1e:
65:9d:9d:57:6a:cd:89:ad:9e:65:a5:c5:d8:4c:38:76:0f:8c:
91:29:c0:99:46:66:4b:e9:99:eb:b5:46:50:7c:85:de:ef:f4:
c8:b1:62:a7
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQj1z0gIPwig7okmdMzNDjjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjNDhkY2VjYmJjYzA1MmM2NTlmOTcxNjA5MjI5ZTM2NTZh
M2Q5NTYwHhcNMjUwMTAxMjE0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDg5MmI4MjI4YmE2OTYxMWZiMzEwMTYwMjJlZmNmNmZhYzRmNzA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3wdbWHOZACUEEIowNTqPiVUvUDg+
1S5h9ia0Yo1qh1ZGICgGzFDG0BXTVBznz63lRAXvj3GrVlGxYITIi7bG1b0VWpnm
8vKw3hvySJPRmXyKk8WLHt5g0v/Djoltgdy9PKKhZ4izyxljFtkuB5U9NLNoJZK9
hvA0P1FyWpcw4f6LvH/Z0SiJOJB5jGGGeUToG4hVIWDDDM4WHoDxoXxcw4A7ru5N
OUx+sj9uY9nt/f/vuUkSBugg7nMvXuZYzB0kn+9p/3VZ16fBFn5NgIZ6jGArbfj+
W2dkD2FkbtdIfdti0XVqZ+uqLX91xn4eEIK61Q5c7x++Q3xA5PPsluwr7QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPSJK4IoumlhH7MQFgIu/Pb6xPcIMB8GA1UdIwQY
MBaAFIxI3Oy7zAUsZZ+XFgkinjZWo9lWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakVqYzdMdk1CU3hsbjVjV0NTS2VObGFqMlZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wZGQ2NjgtOTcyNS00OGJjLTgwZjYt
MTViMDE4NWU3YTc5LzEvOUlrcmdpaTZhV0Vmc3hBV0FpNzg5dnJFOXdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wZGQ2NjgtOTcyNS00OGJjLTgwZjYtMTViMDE4NWU3YTc5
LzEvakVqYzdMdk1CU3hsbjVjV0NTS2VObGFqMlZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBW+eoAwQE
sp+gAwQCuZ2kAwQCwpwQMA0GCSqGSIb3DQEBCwUAA4IBAQBHc6FqA6NGz/GJWFBI
xMPYc4ZVyL/bZC8Rv9RzmcJ4smCwsijYSIzvlNaRzF6VM/6LkQQNr3Eef1o8w0a0
kBN+pjgmfAR7yxSGVrR2gvZRZhcX1wH+iM+uaIl0OC7ZVMRm3Woe8Lx34rwWL0vP
mLsnhxTDQ84S57LhkkAUdOMnSA0oV6dCaLaf9YtAnjnMJro6gtFNLQXvHybHGcVm
TDQ/DUyEn37JQ5fmgPs5K0pGzUvoGnRm87EUVVh2kzbVhAiMWC/scsv5lPTvgLCD
lxWgnBdluQN58x5lnZ1Xas2JrZ5lpcXYTDh2D4yRKcCZRmZL6ZnrtUZQfIXe7/TI
sWKn
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:15:09 2025 by rpki-client