Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/31952a-608c-468e-a00e-d633aa70dd66/1/DSjiByReVAFtGenTha4D-8dSQJA.roa
File: DSjiByReVAFtGenTha4D-8dSQJA.roa (raw, json)
Hash identifier: LTaqsJLmNorNuR9w6MCAPY47C39e6eSxiN8KzBSficg=
Subject key identifier: 0D:28:E2:07:24:5E:54:01:6D:19:E9:D3:85:AE:03:FB:C7:52:40:90
Certificate issuer: /CN=88fe1905cd7af36e63ada6366c147b61d85c9f2b
Certificate serial: 019421B24BCDD1FC1AD0E9E71FA013716934
Authority key identifier: 88:FE:19:05:CD:7A:F3:6E:63:AD:A6:36:6C:14:7B:61:D8:5C:9F:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iP4ZBc16825jraY2bBR7Ydhcnys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/31952a-608c-468e-a00e-d633aa70dd66/1/DSjiByReVAFtGenTha4D-8dSQJA.roa
Signing time: Wed 01 Jan 2025 11:48:40 +0000
ROA not before: Wed 01 Jan 2025 11:48:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 185.99.236.0/24 maxlen: 24
185.99.237.0/24 maxlen: 24
185.99.238.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/31952a-608c-468e-a00e-d633aa70dd66/1/iP4ZBc16825jraY2bBR7Ydhcnys.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/31952a-608c-468e-a00e-d633aa70dd66/1/iP4ZBc16825jraY2bBR7Ydhcnys.mft
rsync://rpki.ripe.net/repository/DEFAULT/iP4ZBc16825jraY2bBR7Ydhcnys.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:4b:cd:d1:fc:1a:d0:e9:e7:1f:a0:13:71:69:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88fe1905cd7af36e63ada6366c147b61d85c9f2b
Validity
Not Before: Jan 1 11:48:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0d28e207245e54016d19e9d385ae03fbc7524090
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:e9:55:21:67:64:e6:9c:57:f6:a5:95:c8:17:
cf:81:ab:cf:87:77:15:cf:8a:90:a9:cc:a8:c9:08:
78:59:aa:f9:d1:ba:a5:97:c6:f6:61:cd:be:9a:97:
23:b7:2e:b8:de:d7:62:2e:24:86:5d:0c:7d:63:9e:
20:51:b6:33:ce:a4:2a:d2:87:51:81:73:fd:a3:d3:
7c:19:33:24:5d:02:ad:0c:9c:52:f5:5a:9a:e7:23:
d8:e9:91:9e:27:3e:26:db:5b:d8:51:92:db:72:e5:
e7:d5:75:99:77:00:71:fd:01:e5:6d:4d:29:52:58:
40:9b:70:dd:3e:1f:7d:8f:11:b3:6a:80:91:1d:f9:
91:f1:87:d2:1c:db:fe:11:33:aa:21:79:15:4e:da:
eb:cc:07:0a:b3:41:be:b5:6b:96:79:fc:f4:28:79:
28:00:0e:d7:d5:1a:bf:45:1b:2f:27:e1:eb:8a:e2:
97:ec:43:62:ab:aa:40:7d:d4:f4:c8:40:a5:7f:dd:
c2:a1:f1:81:dd:58:40:c3:23:80:d0:57:ff:cc:a2:
50:4b:a5:3a:eb:be:c0:b2:27:65:14:91:a0:71:24:
ea:21:f6:d1:a4:d8:30:97:1c:d9:fd:2c:bd:15:b6:
b1:4c:d7:a8:a6:f9:2e:10:c1:66:f3:1c:b7:63:ed:
4c:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:28:E2:07:24:5E:54:01:6D:19:E9:D3:85:AE:03:FB:C7:52:40:90
X509v3 Authority Key Identifier:
keyid:88:FE:19:05:CD:7A:F3:6E:63:AD:A6:36:6C:14:7B:61:D8:5C:9F:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iP4ZBc16825jraY2bBR7Ydhcnys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/31952a-608c-468e-a00e-d633aa70dd66/1/DSjiByReVAFtGenTha4D-8dSQJA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/31952a-608c-468e-a00e-d633aa70dd66/1/iP4ZBc16825jraY2bBR7Ydhcnys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.99.236.0-185.99.238.255
Signature Algorithm: sha256WithRSAEncryption
8d:0a:2e:36:6f:98:4b:15:5c:c2:12:6d:86:a4:f6:fc:4d:6c:
b3:b4:7a:68:46:57:03:22:c7:70:11:3d:e9:37:fe:a0:fa:d6:
91:73:05:fa:4c:4a:5b:0f:b1:7c:e0:73:e4:41:79:62:ed:21:
b9:83:59:3e:1d:c4:17:f7:71:a4:fb:19:25:72:ed:28:6a:0c:
07:cd:51:18:94:34:f2:ee:a9:33:2c:7e:a7:b1:aa:76:d4:4e:
bb:2e:fc:63:38:c2:b3:e0:87:d9:79:95:f6:7f:86:b4:0d:9f:
c9:1c:ff:2e:b9:e1:09:e5:0f:85:54:d5:99:4b:51:ba:5b:38:
dc:d6:56:1c:08:1a:6c:f2:df:fc:12:44:f4:a2:59:7c:b7:81:
88:8f:90:1f:f4:c9:33:6c:be:d2:9a:c6:50:c3:0b:90:cc:61:
cc:02:46:a1:f9:af:44:68:aa:33:36:c1:75:42:52:e8:1f:b4:
0d:ec:95:91:37:7b:89:60:04:2e:8e:54:79:4b:f0:5f:56:4e:
49:20:dc:22:85:d7:e5:3d:d5:1d:cb:6b:50:35:55:8c:42:51:
eb:8a:1a:b3:3e:8c:0e:78:e5:e2:61:67:f7:5d:34:e5:26:a4:
da:11:e5:7b:2b:eb:c5:ad:17:73:22:65:0a:e8:4d:b3:d6:ab:
64:85:a6:e6
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQhskvN0fwa0OnnH6ATcWk0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4ZmUxOTA1Y2Q3YWYzNmU2M2FkYTYzNjZjMTQ3YjYxZDg1
YzlmMmIwHhcNMjUwMTAxMTE0ODQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDI4ZTIwNzI0NWU1NDAxNmQxOWU5ZDM4NWFlMDNmYmM3NTI0MDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmelVIWdk5pxX9qWVyBfPgavPh3cV
z4qQqcyoyQh4War50bqll8b2Yc2+mpcjty643tdiLiSGXQx9Y54gUbYzzqQq0odR
gXP9o9N8GTMkXQKtDJxS9Vqa5yPY6ZGeJz4m21vYUZLbcuXn1XWZdwBx/QHlbU0p
UlhAm3DdPh99jxGzaoCRHfmR8YfSHNv+ETOqIXkVTtrrzAcKs0G+tWuWefz0KHko
AA7X1Rq/RRsvJ+HriuKX7ENiq6pAfdT0yEClf93CofGB3VhAwyOA0Ff/zKJQS6U6
677AsidlFJGgcSTqIfbRpNgwlxzZ/Sy9FbaxTNeopvkuEMFm8xy3Y+1MJQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFA0o4gckXlQBbRnp04WuA/vHUkCQMB8GA1UdIwQY
MBaAFIj+GQXNevNuY62mNmwUe2HYXJ8rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVA0WkJjMTY4MjVqcmFZMmJCUjdZZGhjbnlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy8zMTk1MmEtNjA4Yy00NjhlLWEwMGUt
ZDYzM2FhNzBkZDY2LzEvRFNqaUJ5UmVWQUZ0R2VuVGhhNEQtOGRTUUpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy8zMTk1MmEtNjA4Yy00NjhlLWEwMGUtZDYzM2FhNzBkZDY2
LzEvaVA0WkJjMTY4MjVqcmFZMmJCUjdZZGhjbnlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAK5Y+wD
BAC5Y+4wDQYJKoZIhvcNAQELBQADggEBAI0KLjZvmEsVXMISbYak9vxNbLO0emhG
VwMix3ARPek3/qD61pFzBfpMSlsPsXzgc+RBeWLtIbmDWT4dxBf3caT7GSVy7Shq
DAfNURiUNPLuqTMsfqexqnbUTrsu/GM4wrPgh9l5lfZ/hrQNn8kc/y654QnlD4VU
1ZlLUbpbONzWVhwIGmzy3/wSRPSiWXy3gYiPkB/0yTNsvtKaxlDDC5DMYcwCRqH5
r0RoqjM2wXVCUugftA3slZE3e4lgBC6OVHlL8F9WTkkg3CKF1+U91R3La1A1VYxC
UeuKGrM+jA545eJhZ/ddNOUmpNoR5Xsr68WtF3MiZQroTbPWq2SFpuY=
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:32:10 2025 by rpki-client