Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/a4cca1-6512-4660-8735-787aaa444cda/1/sP-bFJ2GmNkHBQJTvI6gfR-P34M.roa
File: sP-bFJ2GmNkHBQJTvI6gfR-P34M.roa (raw, json)
Hash identifier: YAE1riF3M5+gJzUwR1Sf1tDjF0W3/xjSiT+4/+dNn0s=
Subject key identifier: B0:FF:9B:14:9D:86:98:D9:07:05:02:53:BC:8E:A0:7D:1F:8F:DF:83
Certificate issuer: /CN=25f3fb2b1cb50a3fcc642608633f512375226d1f
Certificate serial: 0194228DCA3BB64D2E9D2AC3B07683FDA7E7
Authority key identifier: 25:F3:FB:2B:1C:B5:0A:3F:CC:64:26:08:63:3F:51:23:75:22:6D:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JfP7Kxy1Cj_MZCYIYz9RI3UibR8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/a4cca1-6512-4660-8735-787aaa444cda/1/sP-bFJ2GmNkHBQJTvI6gfR-P34M.roa
Signing time: Wed 01 Jan 2025 15:48:25 +0000
ROA not before: Wed 01 Jan 2025 15:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197730
IP address blocks: 91.193.25.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/a4cca1-6512-4660-8735-787aaa444cda/1/JfP7Kxy1Cj_MZCYIYz9RI3UibR8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d8/a4cca1-6512-4660-8735-787aaa444cda/1/JfP7Kxy1Cj_MZCYIYz9RI3UibR8.mft
rsync://rpki.ripe.net/repository/DEFAULT/JfP7Kxy1Cj_MZCYIYz9RI3UibR8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:ca:3b:b6:4d:2e:9d:2a:c3:b0:76:83:fd:a7:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25f3fb2b1cb50a3fcc642608633f512375226d1f
Validity
Not Before: Jan 1 15:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b0ff9b149d8698d907050253bc8ea07d1f8fdf83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:57:06:85:af:be:c9:a9:be:fd:05:b4:0f:76:
e6:29:50:0b:c6:44:ca:71:3a:a0:e7:57:e4:05:8f:
cf:52:78:68:1e:98:17:8c:77:0f:79:1a:d3:3b:fa:
f1:3e:7e:2f:f6:68:21:ae:57:2b:ba:1f:99:c6:fc:
d4:5a:dd:8d:1d:64:31:c2:08:43:a3:85:48:89:a1:
9a:12:fa:f4:df:f5:b4:a1:b9:37:ff:e4:9a:46:e4:
3d:4d:d7:39:c4:bb:38:8f:3e:ce:54:00:db:c6:0d:
f9:c3:5c:25:cb:2f:e4:c2:1a:2e:20:3b:49:83:0a:
dd:2e:b3:77:4e:39:0f:55:cf:5d:37:2d:6e:71:9e:
8e:4f:23:14:81:f2:b7:5a:f6:3e:b8:c0:b4:2f:b2:
31:83:a5:74:47:55:81:f4:fa:4e:1f:90:d8:3d:b4:
5b:e3:5d:f2:ad:b6:dd:c1:a5:4b:a5:bc:67:a2:78:
2c:6e:57:fe:c5:58:bc:b0:08:14:cb:dd:ca:33:95:
34:88:59:f7:49:63:bc:bd:fc:75:2d:30:a0:03:37:
2f:ec:e7:d2:0c:77:61:a7:fe:e8:d1:8f:95:a7:35:
96:cc:fe:c2:95:84:0e:69:d9:01:23:ef:ea:95:0d:
3e:f1:3d:c6:58:4c:c3:d8:68:4c:37:b6:0d:2d:f7:
c3:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:FF:9B:14:9D:86:98:D9:07:05:02:53:BC:8E:A0:7D:1F:8F:DF:83
X509v3 Authority Key Identifier:
keyid:25:F3:FB:2B:1C:B5:0A:3F:CC:64:26:08:63:3F:51:23:75:22:6D:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JfP7Kxy1Cj_MZCYIYz9RI3UibR8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/a4cca1-6512-4660-8735-787aaa444cda/1/sP-bFJ2GmNkHBQJTvI6gfR-P34M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/a4cca1-6512-4660-8735-787aaa444cda/1/JfP7Kxy1Cj_MZCYIYz9RI3UibR8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.193.25.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:09:57:3d:f9:bb:6b:fa:3c:96:0a:a6:6a:b8:98:b4:db:b9:
c4:b9:f4:c6:b5:09:e0:4b:90:2e:e8:cd:7d:e4:ec:7a:61:3b:
70:11:bc:84:7b:67:9e:1f:4d:2f:ce:0e:64:f3:aa:99:0f:0d:
6d:c2:7a:ed:27:ef:70:cc:eb:32:99:41:5f:2b:b0:c8:75:6a:
72:88:58:86:c9:79:c3:6c:aa:52:d3:b4:58:d7:69:d2:a2:66:
6e:5b:92:79:e7:13:9c:03:f3:bb:76:cc:3e:2b:04:c0:84:ae:
5e:12:a7:b9:bd:78:30:3e:1a:12:3b:30:1d:02:0e:12:e7:73:
89:68:f4:b6:37:04:19:3a:47:d6:6f:4a:b9:75:16:8b:94:b0:
17:63:07:07:16:5b:08:fa:31:b0:69:83:d3:57:b7:5f:9d:77:
b9:c2:91:bb:6d:61:c9:79:ab:61:95:a4:09:0b:db:16:80:f4:
61:7c:d6:ce:96:a1:29:52:09:3a:5c:e6:8f:1e:ca:04:75:4e:
a2:98:45:67:ec:fb:a8:77:72:5a:d5:86:7e:8f:e3:35:50:99:
bc:e7:97:06:3f:78:94:1b:d1:af:68:e3:65:07:88:7c:88:1f:
c1:83:6f:a1:8c:90:1d:00:b8:03:88:95:5f:05:b5:5d:1c:ac:
cc:67:ec:2b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijco7tk0unSrDsHaD/afnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1ZjNmYjJiMWNiNTBhM2ZjYzY0MjYwODYzM2Y1MTIzNzUy
MjZkMWYwHhcNMjUwMTAxMTU0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGZmOWIxNDlkODY5OGQ5MDcwNTAyNTNiYzhlYTA3ZDFmOGZkZjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAslcGha++yam+/QW0D3bmKVALxkTK
cTqg51fkBY/PUnhoHpgXjHcPeRrTO/rxPn4v9mghrlcruh+ZxvzUWt2NHWQxwghD
o4VIiaGaEvr03/W0obk3/+SaRuQ9Tdc5xLs4jz7OVADbxg35w1wlyy/kwhouIDtJ
gwrdLrN3TjkPVc9dNy1ucZ6OTyMUgfK3WvY+uMC0L7Ixg6V0R1WB9PpOH5DYPbRb
413yrbbdwaVLpbxnongsblf+xVi8sAgUy93KM5U0iFn3SWO8vfx1LTCgAzcv7OfS
DHdhp/7o0Y+VpzWWzP7ClYQOadkBI+/qlQ0+8T3GWEzD2GhMN7YNLffDnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLD/mxSdhpjZBwUCU7yOoH0fj9+DMB8GA1UdIwQY
MBaAFCXz+ysctQo/zGQmCGM/USN1Im0fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmZQN0t4eTFDal9NWkNZSVl6OVJJM1VpYlI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC9hNGNjYTEtNjUxMi00NjYwLTg3MzUt
Nzg3YWFhNDQ0Y2RhLzEvc1AtYkZKMkdtTmtIQlFKVHZJNmdmUi1QMzRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC9hNGNjYTEtNjUxMi00NjYwLTg3MzUtNzg3YWFhNDQ0Y2Rh
LzEvSmZQN0t4eTFDal9NWkNZSVl6OVJJM1VpYlI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8EZMA0G
CSqGSIb3DQEBCwUAA4IBAQBbCVc9+btr+jyWCqZquJi027nEufTGtQngS5Au6M19
5Ox6YTtwEbyEe2eeH00vzg5k86qZDw1twnrtJ+9wzOsymUFfK7DIdWpyiFiGyXnD
bKpS07RY12nSomZuW5J55xOcA/O7dsw+KwTAhK5eEqe5vXgwPhoSOzAdAg4S53OJ
aPS2NwQZOkfWb0q5dRaLlLAXYwcHFlsI+jGwaYPTV7dfnXe5wpG7bWHJeathlaQJ
C9sWgPRhfNbOlqEpUgk6XOaPHsoEdU6imEVn7Puod3Ja1YZ+j+M1UJm855cGP3iU
G9GvaONlB4h8iB/Bg2+hjJAdALgDiJVfBbVdHKzMZ+wr
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:49:37 2025 by rpki-client