Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/baWixGmdwdkSX9TDGN-Qlb4lmGA.roa
File: baWixGmdwdkSX9TDGN-Qlb4lmGA.roa (raw, json)
Hash identifier: GhZuR5USZpNa0EDpXlmYqKRP7MC168zFvx0Rz6R/PK0=
Subject key identifier: 6D:A5:A2:C4:69:9D:C1:D9:12:5F:D4:C3:18:DF:90:95:BE:25:98:60
Certificate issuer: /CN=722a8c1d311895016108ffbd14575c77cc28773a
Certificate serial: 0194266B6127654C94F98EF384F96BFD8914
Authority key identifier: 72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/baWixGmdwdkSX9TDGN-Qlb4lmGA.roa
Signing time: Thu 02 Jan 2025 09:49:18 +0000
ROA not before: Thu 02 Jan 2025 09:49:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199760
IP address blocks: 109.160.38.0/24 maxlen: 24
109.160.39.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.mft
rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 13:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:61:27:65:4c:94:f9:8e:f3:84:f9:6b:fd:89:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=722a8c1d311895016108ffbd14575c77cc28773a
Validity
Not Before: Jan 2 09:49:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6da5a2c4699dc1d9125fd4c318df9095be259860
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:cc:2f:5a:3a:79:0c:1c:47:03:58:ff:77:32:
10:1d:5a:02:77:82:65:dc:c8:bb:01:bd:5c:b9:a4:
d0:32:08:3c:4e:9e:4c:a3:d9:be:20:d7:b7:10:f6:
34:9d:54:ec:64:bb:59:46:94:a8:6d:86:01:32:c7:
cd:d1:46:e5:b7:f7:cf:68:48:81:0e:49:1d:f8:ba:
e2:d2:ea:bc:19:2e:95:56:0c:a3:cd:f2:c6:2c:ae:
ae:e8:45:0c:f3:91:6d:82:6d:0d:1e:1c:9e:b7:09:
2e:54:08:03:ed:ee:08:07:94:df:e6:69:5d:52:4a:
28:e0:24:ad:27:2e:b2:53:94:9e:14:69:91:b1:04:
ae:18:b0:61:92:c3:d6:75:ed:80:44:cf:51:85:57:
db:5f:5e:e3:64:90:dd:38:95:f9:fb:51:7c:5b:a5:
71:a1:95:c9:41:2d:52:1a:46:ce:f9:d0:e2:8b:de:
7b:74:19:61:96:ec:b6:e0:e7:7b:c6:49:09:44:69:
32:d3:98:5e:9e:ea:fa:da:8c:66:a3:e7:47:4b:93:
4b:e5:87:f1:0b:6f:3a:e0:b5:ea:25:87:f0:2b:bd:
b0:8f:75:44:01:3f:8e:ef:0d:99:a0:b5:46:21:90:
3f:19:f7:b7:46:28:1e:62:a0:6e:b5:d6:97:5b:13:
32:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:A5:A2:C4:69:9D:C1:D9:12:5F:D4:C3:18:DF:90:95:BE:25:98:60
X509v3 Authority Key Identifier:
keyid:72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/baWixGmdwdkSX9TDGN-Qlb4lmGA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.160.38.0/23
Signature Algorithm: sha256WithRSAEncryption
3f:80:55:7a:38:e4:d3:b3:b3:88:55:fd:b7:6c:88:ab:28:d8:
dd:8c:66:6f:86:70:3c:06:7d:25:d1:15:db:9c:93:d8:86:ab:
42:10:a6:2e:fa:39:b1:89:85:55:5e:4e:ce:5c:8f:05:e3:5f:
88:53:ae:57:08:8f:f8:3d:ed:7d:0f:95:82:b7:1f:2a:b0:29:
a6:94:a9:9e:81:15:3c:35:41:4d:85:59:00:63:31:32:4b:a0:
75:a0:22:66:d2:38:fa:09:cd:56:2c:7d:91:9d:80:e1:c2:4c:
8c:66:09:f8:c0:dc:55:7a:b1:b2:d7:5d:88:20:0e:fa:15:e7:
16:cd:25:81:12:c7:2e:02:8c:77:b1:b8:41:d5:0a:8d:86:29:
64:81:0c:41:61:a9:c4:e6:d6:0e:55:33:67:6a:65:a5:3e:85:
21:7b:3f:2b:89:f9:5d:d5:c3:13:8a:da:8c:19:7c:75:10:97:
68:d7:ad:31:5e:6a:b9:13:ba:c4:81:87:67:fa:4e:94:1b:94:
cf:73:91:dd:af:96:92:53:16:13:39:b2:28:7e:f0:0b:0b:27:
be:70:08:cf:26:d7:0b:de:d5:a2:50:3d:22:79:bc:2b:73:d7:
76:ca:81:4e:0f:16:c3:5f:43:16:f6:b1:fa:e1:7d:4e:1e:a4:
fb:40:d9:8d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQma2EnZUyU+Y7zhPlr/YkUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMmE4YzFkMzExODk1MDE2MTA4ZmZiZDE0NTc1Yzc3Y2My
ODc3M2EwHhcNMjUwMTAyMDk0OTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGE1YTJjNDY5OWRjMWQ5MTI1ZmQ0YzMxOGRmOTA5NWJlMjU5ODYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0swvWjp5DBxHA1j/dzIQHVoCd4Jl
3Mi7Ab1cuaTQMgg8Tp5Mo9m+INe3EPY0nVTsZLtZRpSobYYBMsfN0Ublt/fPaEiB
Dkkd+Lri0uq8GS6VVgyjzfLGLK6u6EUM85Ftgm0NHhyetwkuVAgD7e4IB5Tf5mld
Ukoo4CStJy6yU5SeFGmRsQSuGLBhksPWde2ARM9RhVfbX17jZJDdOJX5+1F8W6Vx
oZXJQS1SGkbO+dDii957dBlhluy24Od7xkkJRGky05henur62oxmo+dHS5NL5Yfx
C2864LXqJYfwK72wj3VEAT+O7w2ZoLVGIZA/Gfe3RigeYqButdaXWxMy7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG2losRpncHZEl/UwxjfkJW+JZhgMB8GA1UdIwQY
MBaAFHIqjB0xGJUBYQj/vRRXXHfMKHc6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYt
YTU1OGVlNjU0MzFmLzEvYmFXaXhHbWR3ZGtTWDlUREdOLVFsYjRsbUdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYtYTU1OGVlNjU0MzFm
LzEvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBbaAmMA0G
CSqGSIb3DQEBCwUAA4IBAQA/gFV6OOTTs7OIVf23bIirKNjdjGZvhnA8Bn0l0RXb
nJPYhqtCEKYu+jmxiYVVXk7OXI8F41+IU65XCI/4Pe19D5WCtx8qsCmmlKmegRU8
NUFNhVkAYzEyS6B1oCJm0jj6Cc1WLH2RnYDhwkyMZgn4wNxVerGy112IIA76FecW
zSWBEscuAox3sbhB1QqNhilkgQxBYanE5tYOVTNnamWlPoUhez8rifld1cMTitqM
GXx1EJdo160xXmq5E7rEgYdn+k6UG5TPc5Hdr5aSUxYTObIofvALCye+cAjPJtcL
3tWiUD0iebwrc9d2yoFODxbDX0MW9rH64X1OHqT7QNmN
-----END CERTIFICATE-----
Generated at Sat Apr 5 23:18:45 2025 by rpki-client