Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/a8947f-e52c-4de1-bade-70c0a506d797/1/RN98TJ7kqQI5BuSnvdMcE3q1sxc.roa
File: RN98TJ7kqQI5BuSnvdMcE3q1sxc.roa (raw, json)
Hash identifier: YxQcvIdmH83Dh0Q3zwPjsii4N4gNYgzKFTXwaXCIS7Y=
Subject key identifier: 44:DF:7C:4C:9E:E4:A9:02:39:06:E4:A7:BD:D3:1C:13:7A:B5:B3:17
Certificate issuer: /CN=02b980c10d7110f91fff9e0eceb639d9e75b35e2
Certificate serial: 019427B50EBFEC495CEBAC7CB8A90C6E67A7
Authority key identifier: 02:B9:80:C1:0D:71:10:F9:1F:FF:9E:0E:CE:B6:39:D9:E7:5B:35:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ArmAwQ1xEPkf_54OzrY52edbNeI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/a8947f-e52c-4de1-bade-70c0a506d797/1/RN98TJ7kqQI5BuSnvdMcE3q1sxc.roa
Signing time: Thu 02 Jan 2025 15:49:24 +0000
ROA not before: Thu 02 Jan 2025 15:49:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 109.224.233.0/24 maxlen: 24
193.111.200.0/24 maxlen: 24
195.74.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/a8947f-e52c-4de1-bade-70c0a506d797/1/ArmAwQ1xEPkf_54OzrY52edbNeI.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/a8947f-e52c-4de1-bade-70c0a506d797/1/ArmAwQ1xEPkf_54OzrY52edbNeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/ArmAwQ1xEPkf_54OzrY52edbNeI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 14:13:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:0e:bf:ec:49:5c:eb:ac:7c:b8:a9:0c:6e:67:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02b980c10d7110f91fff9e0eceb639d9e75b35e2
Validity
Not Before: Jan 2 15:49:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=44df7c4c9ee4a9023906e4a7bdd31c137ab5b317
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:cd:4c:c0:ae:56:ef:11:a5:53:19:30:ad:1b:
94:1e:94:bd:66:62:ea:76:f4:a9:06:d7:89:48:2b:
6a:fe:b2:b7:f6:ef:a5:6d:22:9c:01:5e:c0:e6:38:
28:50:66:5c:1c:2f:07:98:e5:d0:e6:64:33:92:7d:
51:9b:da:6e:04:d0:c3:7e:ad:2e:f8:53:00:3a:76:
1f:a4:04:2a:03:e2:b3:0f:d0:19:45:5d:49:82:81:
4a:ed:a3:0c:8e:8c:6f:d6:c1:35:ee:c9:4e:e3:ff:
34:51:54:d8:77:d4:4e:fb:2c:ad:05:9c:fa:7f:eb:
ae:0c:d8:eb:66:c6:72:4a:56:87:32:2f:1c:dc:d3:
f1:99:b2:d0:cc:f3:36:93:ff:45:ba:ab:36:29:1e:
08:0c:d7:4b:2d:52:b3:32:31:bc:81:50:ec:63:d8:
95:f2:71:86:50:9f:4b:1a:b8:4d:2f:e3:bf:9e:a7:
ef:4d:13:6b:46:ee:ee:99:d3:c4:1b:c4:95:d2:59:
20:03:5a:b6:71:f1:a0:33:38:a6:33:a1:c7:84:f6:
03:35:aa:0b:35:73:d4:ad:9f:e1:53:77:f2:9f:53:
b2:ed:46:6f:f9:97:a5:ee:b1:84:4a:ef:d4:6a:93:
ed:21:77:8c:67:c2:d4:76:01:2a:e8:3e:65:97:b2:
f9:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:DF:7C:4C:9E:E4:A9:02:39:06:E4:A7:BD:D3:1C:13:7A:B5:B3:17
X509v3 Authority Key Identifier:
keyid:02:B9:80:C1:0D:71:10:F9:1F:FF:9E:0E:CE:B6:39:D9:E7:5B:35:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ArmAwQ1xEPkf_54OzrY52edbNeI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/a8947f-e52c-4de1-bade-70c0a506d797/1/RN98TJ7kqQI5BuSnvdMcE3q1sxc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/a8947f-e52c-4de1-bade-70c0a506d797/1/ArmAwQ1xEPkf_54OzrY52edbNeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.224.233.0/24
193.111.200.0/24
195.74.60.0/24
Signature Algorithm: sha256WithRSAEncryption
86:3b:11:de:ca:80:65:f2:f9:79:1d:95:d6:d9:42:66:b9:47:
df:56:60:63:91:ba:5d:12:85:75:5d:61:7b:cd:e2:6c:3d:fc:
b0:b6:92:88:a9:04:72:63:79:51:5a:0f:4f:d3:56:b7:56:7d:
7a:b3:f6:a9:1f:ab:47:5e:85:62:6f:bf:dc:0a:74:27:0e:27:
b4:5a:1b:a3:2e:2c:93:53:96:bb:b0:75:83:cc:1e:91:fb:7e:
fe:8f:a7:41:a9:37:65:fb:de:ef:be:c3:1b:3e:78:25:8f:04:
ce:20:9c:08:76:2c:6d:35:00:57:09:73:c4:59:9d:99:57:05:
21:d2:52:db:8a:fd:1d:c9:97:f9:d9:0a:df:eb:23:77:b2:5a:
f6:22:9d:7d:e6:8f:d7:b9:91:d5:26:af:48:b7:5b:47:77:e1:
78:d6:36:4e:48:91:70:d1:eb:7b:e3:3b:60:58:24:67:ad:bc:
d1:9f:60:08:35:bc:4b:fe:03:5d:60:f4:36:0b:e2:15:40:4e:
1e:7d:7b:20:e4:43:31:80:7d:27:78:25:5d:04:a0:b5:6c:cd:
4c:48:dc:f9:1d:0d:a4:f0:56:f9:ca:1e:ba:4a:c0:9a:70:21:
38:92:f1:3b:ce:4a:c3:48:61:b6:d7:5f:fb:ff:e0:5f:f8:65:
c0:d4:50:f8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQntQ6/7Elc66x8uKkMbmenMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyYjk4MGMxMGQ3MTEwZjkxZmZmOWUwZWNlYjYzOWQ5ZTc1
YjM1ZTIwHhcNMjUwMTAyMTU0OTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGRmN2M0YzllZTRhOTAyMzkwNmU0YTdiZGQzMWMxMzdhYjViMzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoM1MwK5W7xGlUxkwrRuUHpS9ZmLq
dvSpBteJSCtq/rK39u+lbSKcAV7A5jgoUGZcHC8HmOXQ5mQzkn1Rm9puBNDDfq0u
+FMAOnYfpAQqA+KzD9AZRV1JgoFK7aMMjoxv1sE17slO4/80UVTYd9RO+yytBZz6
f+uuDNjrZsZySlaHMi8c3NPxmbLQzPM2k/9Fuqs2KR4IDNdLLVKzMjG8gVDsY9iV
8nGGUJ9LGrhNL+O/nqfvTRNrRu7umdPEG8SV0lkgA1q2cfGgMzimM6HHhPYDNaoL
NXPUrZ/hU3fyn1Oy7UZv+Zel7rGESu/UapPtIXeMZ8LUdgEq6D5ll7L5mQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFETffEye5KkCOQbkp73THBN6tbMXMB8GA1UdIwQY
MBaAFAK5gMENcRD5H/+eDs62OdnnWzXiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXJtQXdRMXhFUGtmXzU0T3pyWTUyZWRiTmVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9hODk0N2YtZTUyYy00ZGUxLWJhZGUt
NzBjMGE1MDZkNzk3LzEvUk45OFRKN2txUUk1QnVTbnZkTWNFM3Exc3hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9hODk0N2YtZTUyYy00ZGUxLWJhZGUtNzBjMGE1MDZkNzk3
LzEvQXJtQXdRMXhFUGtmXzU0T3pyWTUyZWRiTmVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAbeDpAwQA
wW/IAwQAw0o8MA0GCSqGSIb3DQEBCwUAA4IBAQCGOxHeyoBl8vl5HZXW2UJmuUff
VmBjkbpdEoV1XWF7zeJsPfywtpKIqQRyY3lRWg9P01a3Vn16s/apH6tHXoVib7/c
CnQnDie0WhujLiyTU5a7sHWDzB6R+37+j6dBqTdl+97vvsMbPngljwTOIJwIdixt
NQBXCXPEWZ2ZVwUh0lLbiv0dyZf52Qrf6yN3slr2Ip195o/XuZHVJq9It1tHd+F4
1jZOSJFw0et74ztgWCRnrbzRn2AINbxL/gNdYPQ2C+IVQE4efXsg5EMxgH0neCVd
BKC1bM1MSNz5HQ2k8Fb5yh66SsCacCE4kvE7zkrDSGG211/7/+Bf+GXA1FD4
-----END CERTIFICATE-----
Generated at Wed Apr 9 18:32:42 2025 by rpki-client