Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/VUj2jDG1P5mpu3G51mRFUhrIbU4.roa
File: VUj2jDG1P5mpu3G51mRFUhrIbU4.roa (raw, json)
Hash identifier: twr8z4nqYemreBGHT9Kr4AfrcVcZYqpeai7rZry08Us=
Subject key identifier: 55:48:F6:8C:31:B5:3F:99:A9:BB:71:B9:D6:64:45:52:1A:C8:6D:4E
Certificate issuer: /CN=5d370a48b59fb811495f11c49734482f22b1a392
Certificate serial: 019424B28F1327D5CE21ACD3CB83A2C56459
Authority key identifier: 5D:37:0A:48:B5:9F:B8:11:49:5F:11:C4:97:34:48:2F:22:B1:A3:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XTcKSLWfuBFJXxHElzRILyKxo5I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/VUj2jDG1P5mpu3G51mRFUhrIbU4.roa
Signing time: Thu 02 Jan 2025 01:47:49 +0000
ROA not before: Thu 02 Jan 2025 01:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 64080
IP address blocks: 91.226.97.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/XTcKSLWfuBFJXxHElzRILyKxo5I.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/XTcKSLWfuBFJXxHElzRILyKxo5I.mft
rsync://rpki.ripe.net/repository/DEFAULT/XTcKSLWfuBFJXxHElzRILyKxo5I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 13:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:8f:13:27:d5:ce:21:ac:d3:cb:83:a2:c5:64:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d370a48b59fb811495f11c49734482f22b1a392
Validity
Not Before: Jan 2 01:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5548f68c31b53f99a9bb71b9d66445521ac86d4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:db:68:44:0c:93:b5:dd:44:4e:fb:bf:2a:5e:
6e:2b:ec:3f:ac:b9:8d:65:66:f3:01:3d:fb:1c:0b:
3f:12:7b:69:67:63:c1:a4:94:a8:98:6d:b5:21:1f:
43:fd:47:db:47:a5:53:3d:f9:82:fb:83:19:6e:a4:
02:ac:72:7e:e7:2f:55:e7:3c:3a:44:b0:53:ad:f3:
ab:4a:50:65:45:85:b0:c8:93:64:03:20:9f:bc:bd:
a8:16:a5:3f:55:d7:55:42:56:54:27:11:6c:e8:b6:
b9:32:03:57:20:d0:4b:94:66:b6:a9:1d:75:cf:46:
a7:cc:cb:b3:86:92:60:dd:2d:18:82:21:a1:f0:7d:
08:20:ce:ef:2f:d0:c9:4c:25:02:5d:67:b9:fd:ca:
4f:35:42:47:55:ab:eb:aa:3a:61:52:9e:8b:8e:37:
07:07:1e:13:80:e2:2b:5f:7e:a7:c0:c5:5a:0b:cb:
12:04:96:59:bd:80:95:4d:0b:a4:df:f2:c0:1f:2e:
c2:18:1e:f9:03:83:c3:b7:2a:d0:77:1a:c3:51:2d:
b4:a4:0c:8e:7a:11:6f:90:dc:78:23:9c:92:36:ea:
05:3a:04:05:49:fe:3a:a6:05:13:81:7b:94:e5:e6:
34:d7:e5:bf:55:99:bd:8e:37:a4:18:59:d3:21:2b:
70:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:48:F6:8C:31:B5:3F:99:A9:BB:71:B9:D6:64:45:52:1A:C8:6D:4E
X509v3 Authority Key Identifier:
keyid:5D:37:0A:48:B5:9F:B8:11:49:5F:11:C4:97:34:48:2F:22:B1:A3:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTcKSLWfuBFJXxHElzRILyKxo5I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/VUj2jDG1P5mpu3G51mRFUhrIbU4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/XTcKSLWfuBFJXxHElzRILyKxo5I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.226.97.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:6c:f1:b9:69:6a:c9:62:37:30:35:29:5e:d4:61:0a:9c:dd:
f2:36:09:26:15:9b:bb:3f:83:61:a1:53:2f:13:a6:2b:07:c1:
06:9b:0a:5a:34:00:62:76:65:1b:5e:ae:f0:93:3a:f1:8d:7c:
2b:53:14:5f:95:71:f9:64:91:9e:d2:74:11:ea:5e:47:0c:22:
83:1b:42:0f:be:07:4e:f6:eb:5e:02:5f:3d:c2:b9:2a:9b:39:
4d:39:69:a8:b4:1a:c1:99:24:94:39:59:25:40:ac:4f:e8:53:
d6:81:c7:ea:a0:50:71:ae:df:20:de:8c:68:c3:a5:8a:b1:0d:
9b:f8:d0:29:8d:2e:01:90:2c:e1:d3:2f:51:89:3e:56:f1:38:
b5:f3:7f:8f:a0:f8:55:b9:c2:64:a6:26:e4:ae:ee:37:95:e1:
9b:3e:49:00:9f:5f:3f:5c:bc:cb:3e:33:46:71:7e:f4:72:26:
19:da:aa:50:f3:53:2e:7b:48:cd:c4:a3:ac:84:c0:3f:e8:1e:
35:22:d6:d7:83:66:9b:0f:76:27:8f:56:ae:3d:3e:f5:a2:a5:
d2:c2:c8:08:d8:19:37:22:02:d1:87:9d:e0:22:38:60:66:6a:
c1:b6:4b:61:61:d4:50:e7:56:76:46:f9:f5:43:46:75:57:f9:
78:c0:30:72
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkso8TJ9XOIazTy4OixWRZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkMzcwYTQ4YjU5ZmI4MTE0OTVmMTFjNDk3MzQ0ODJmMjJi
MWEzOTIwHhcNMjUwMTAyMDE0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTQ4ZjY4YzMxYjUzZjk5YTliYjcxYjlkNjY0NDU1MjFhYzg2ZDRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlttoRAyTtd1ETvu/Kl5uK+w/rLmN
ZWbzAT37HAs/EntpZ2PBpJSomG21IR9D/UfbR6VTPfmC+4MZbqQCrHJ+5y9V5zw6
RLBTrfOrSlBlRYWwyJNkAyCfvL2oFqU/VddVQlZUJxFs6La5MgNXINBLlGa2qR11
z0anzMuzhpJg3S0YgiGh8H0IIM7vL9DJTCUCXWe5/cpPNUJHVavrqjphUp6LjjcH
Bx4TgOIrX36nwMVaC8sSBJZZvYCVTQuk3/LAHy7CGB75A4PDtyrQdxrDUS20pAyO
ehFvkNx4I5ySNuoFOgQFSf46pgUTgXuU5eY01+W/VZm9jjekGFnTIStw9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFVI9owxtT+ZqbtxudZkRVIayG1OMB8GA1UdIwQY
MBaAFF03Cki1n7gRSV8RxJc0SC8isaOSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFRjS1NMV2Z1QkZKWHhIRWx6UklMeUt4bzVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS83MDg1OGEtNjM5NS00MDJkLTlhY2Ut
ZTI3MjAxMzAyNmI0LzEvVlVqMmpERzFQNW1wdTNHNTFtUkZVaHJJYlU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS83MDg1OGEtNjM5NS00MDJkLTlhY2UtZTI3MjAxMzAyNmI0
LzEvWFRjS1NMV2Z1QkZKWHhIRWx6UklMeUt4bzVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+JhMA0G
CSqGSIb3DQEBCwUAA4IBAQALbPG5aWrJYjcwNSle1GEKnN3yNgkmFZu7P4NhoVMv
E6YrB8EGmwpaNABidmUbXq7wkzrxjXwrUxRflXH5ZJGe0nQR6l5HDCKDG0IPvgdO
9uteAl89wrkqmzlNOWmotBrBmSSUOVklQKxP6FPWgcfqoFBxrt8g3oxow6WKsQ2b
+NApjS4BkCzh0y9RiT5W8Ti183+PoPhVucJkpibkru43leGbPkkAn18/XLzLPjNG
cX70ciYZ2qpQ81Mue0jNxKOshMA/6B41ItbXg2abD3Ynj1auPT71oqXSwsgI2Bk3
IgLRh53gIjhgZmrBtkthYdRQ51Z2Rvn1Q0Z1V/l4wDBy
-----END CERTIFICATE-----
Generated at Wed Apr 9 23:42:11 2025 by rpki-client