Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/ba16ba-a8c8-442a-bab9-45e4740023db/1/f98-QGGyvPNag3NBWDooTVrQ2vI.roa
File: f98-QGGyvPNag3NBWDooTVrQ2vI.roa (raw, json)
Hash identifier: HJhPbHQVg92t7q01K4xm1xNnj11AYPaciJd3bC3Ng+4=
Subject key identifier: 7F:DF:3E:40:61:B2:BC:F3:5A:83:73:41:58:3A:28:4D:5A:D0:DA:F2
Certificate issuer: /CN=dd48d508215340eac0f14f0b74749d1c8ec9f566
Certificate serial: 019427B3D22E7C979C25A95015A26B0E0DC8
Authority key identifier: DD:48:D5:08:21:53:40:EA:C0:F1:4F:0B:74:74:9D:1C:8E:C9:F5:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3UjVCCFTQOrA8U8LdHSdHI7J9WY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/ba16ba-a8c8-442a-bab9-45e4740023db/1/f98-QGGyvPNag3NBWDooTVrQ2vI.roa
Signing time: Thu 02 Jan 2025 15:48:03 +0000
ROA not before: Thu 02 Jan 2025 15:48:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39294
IP address blocks: 91.234.108.0/22 maxlen: 22
213.5.76.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/ba16ba-a8c8-442a-bab9-45e4740023db/1/3UjVCCFTQOrA8U8LdHSdHI7J9WY.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/ba16ba-a8c8-442a-bab9-45e4740023db/1/3UjVCCFTQOrA8U8LdHSdHI7J9WY.mft
rsync://rpki.ripe.net/repository/DEFAULT/3UjVCCFTQOrA8U8LdHSdHI7J9WY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 12:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b3:d2:2e:7c:97:9c:25:a9:50:15:a2:6b:0e:0d:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd48d508215340eac0f14f0b74749d1c8ec9f566
Validity
Not Before: Jan 2 15:48:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7fdf3e4061b2bcf35a837341583a284d5ad0daf2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:9e:7f:e7:26:84:21:2f:ef:bf:ed:4f:4e:ad:
14:cf:0a:d5:7f:fb:34:62:02:bd:4d:98:a6:19:55:
9b:08:d5:67:70:32:dc:d8:b0:da:99:05:f2:44:92:
4e:0d:1b:8d:20:0e:0c:c4:0c:75:1e:2f:b0:b8:2b:
37:2c:e7:6f:3b:03:79:a7:4d:77:53:2f:7f:22:7e:
db:88:69:ff:c1:4c:9d:09:ce:bc:22:ce:f2:1b:5e:
09:fa:6e:17:ee:af:f8:ef:15:82:dc:4a:47:33:e1:
cf:2e:7a:59:29:bc:55:4a:f6:6c:db:64:73:e3:d6:
0b:a4:f5:c9:a0:ff:fc:e0:0c:df:d1:72:b6:03:e0:
32:79:42:76:35:4e:89:b1:22:fa:b0:0d:71:af:d9:
87:a6:91:00:46:aa:5e:f5:16:00:8b:bf:d4:d1:8b:
56:75:0c:ba:48:02:1e:d6:48:12:e2:84:04:0d:ae:
62:66:a0:4e:5a:f1:3e:ce:5d:46:a7:67:04:7f:12:
a6:a4:a6:2d:c2:5a:0c:04:5e:e1:96:b1:40:23:32:
19:a4:7a:2a:47:a8:f7:d9:7e:2b:21:2a:07:28:2e:
fe:de:5c:9d:28:af:0a:7e:d1:39:ee:41:71:d0:05:
d2:02:47:0d:91:3e:17:b5:75:b8:73:62:e4:ae:b9:
bf:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:DF:3E:40:61:B2:BC:F3:5A:83:73:41:58:3A:28:4D:5A:D0:DA:F2
X509v3 Authority Key Identifier:
keyid:DD:48:D5:08:21:53:40:EA:C0:F1:4F:0B:74:74:9D:1C:8E:C9:F5:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3UjVCCFTQOrA8U8LdHSdHI7J9WY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/ba16ba-a8c8-442a-bab9-45e4740023db/1/f98-QGGyvPNag3NBWDooTVrQ2vI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/ba16ba-a8c8-442a-bab9-45e4740023db/1/3UjVCCFTQOrA8U8LdHSdHI7J9WY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.234.108.0/22
213.5.76.0/22
Signature Algorithm: sha256WithRSAEncryption
13:f8:09:63:fc:80:1d:6c:e0:6a:b3:70:35:e7:ea:a6:1b:9d:
64:4f:a3:3f:17:96:fb:64:20:a3:54:15:5c:d1:de:2f:fe:e3:
19:01:24:db:4b:1b:5b:6b:0c:c4:02:8e:9c:2f:22:20:b8:36:
df:eb:39:cf:0f:b4:22:6a:a3:0d:ae:32:99:22:e8:30:39:23:
d2:17:eb:db:a8:b2:05:e7:8e:75:d0:b7:7b:27:c4:42:8f:3a:
7a:63:20:1f:f7:78:d4:90:fc:7b:7a:0b:64:95:92:0f:7e:ab:
83:81:a3:74:01:b5:ba:e9:d5:22:c3:31:65:93:2f:72:09:54:
62:2d:2a:94:6e:3d:8c:e1:14:09:9d:16:84:3b:2a:84:d3:21:
9b:d5:8e:26:4b:f1:9c:63:c6:e6:23:3e:c3:51:41:93:67:9b:
f1:04:a0:59:c1:09:00:c7:45:c7:40:f3:c3:61:f5:a4:9b:03:
d0:a6:1b:3a:99:d3:cb:2a:42:e8:a2:4a:61:b0:4a:a1:6d:95:
2a:93:c7:d3:47:da:ad:5b:75:61:9e:9a:8c:a8:d6:c3:57:6e:
fb:29:6b:ce:55:c2:c0:ff:f2:8e:b0:68:e3:76:15:94:52:e5:
a5:53:49:96:6d:6f:0f:22:01:40:82:a0:da:b5:0b:74:21:3f:
c5:d0:eb:19
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQns9IufJecJalQFaJrDg3IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNDhkNTA4MjE1MzQwZWFjMGYxNGYwYjc0NzQ5ZDFjOGVj
OWY1NjYwHhcNMjUwMTAyMTU0ODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmRmM2U0MDYxYjJiY2YzNWE4MzczNDE1ODNhMjg0ZDVhZDBkYWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt55/5yaEIS/vv+1PTq0UzwrVf/s0
YgK9TZimGVWbCNVncDLc2LDamQXyRJJODRuNIA4MxAx1Hi+wuCs3LOdvOwN5p013
Uy9/In7biGn/wUydCc68Is7yG14J+m4X7q/47xWC3EpHM+HPLnpZKbxVSvZs22Rz
49YLpPXJoP/84Azf0XK2A+AyeUJ2NU6JsSL6sA1xr9mHppEARqpe9RYAi7/U0YtW
dQy6SAIe1kgS4oQEDa5iZqBOWvE+zl1Gp2cEfxKmpKYtwloMBF7hlrFAIzIZpHoq
R6j32X4rISoHKC7+3lydKK8KftE57kFx0AXSAkcNkT4XtXW4c2Lkrrm/2wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFH/fPkBhsrzzWoNzQVg6KE1a0NryMB8GA1UdIwQY
MBaAFN1I1QghU0DqwPFPC3R0nRyOyfVmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1VqVkNDRlRRT3JBOFU4TGRIU2RISTdKOVdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9iYTE2YmEtYThjOC00NDJhLWJhYjkt
NDVlNDc0MDAyM2RiLzEvZjk4LVFHR3l2UE5hZzNOQldEb29UVnJRMnZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9iYTE2YmEtYThjOC00NDJhLWJhYjktNDVlNDc0MDAyM2Ri
LzEvM1VqVkNDRlRRT3JBOFU4TGRIU2RISTdKOVdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW+psAwQC
1QVMMA0GCSqGSIb3DQEBCwUAA4IBAQAT+Alj/IAdbOBqs3A15+qmG51kT6M/F5b7
ZCCjVBVc0d4v/uMZASTbSxtbawzEAo6cLyIguDbf6znPD7QiaqMNrjKZIugwOSPS
F+vbqLIF54510Ld7J8RCjzp6YyAf93jUkPx7egtklZIPfquDgaN0AbW66dUiwzFl
ky9yCVRiLSqUbj2M4RQJnRaEOyqE0yGb1Y4mS/GcY8bmIz7DUUGTZ5vxBKBZwQkA
x0XHQPPDYfWkmwPQphs6mdPLKkLookphsEqhbZUqk8fTR9qtW3VhnpqMqNbDV277
KWvOVcLA//KOsGjjdhWUUuWlU0mWbW8PIgFAgqDatQt0IT/F0OsZ
-----END CERTIFICATE-----
Generated at Tue Apr 22 20:49:28 2025 by rpki-client