Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1-AfO0jNbRSHDdQYR2HHHLcPLDds.roa
File: 1-AfO0jNbRSHDdQYR2HHHLcPLDds.roa (raw, json)
Hash identifier: hJwh1mNL7XaptkFiJyGsN9oQAuKqbywdUIZSArHe5dk=
Subject key identifier: F8:07:CE:D2:33:5B:45:21:C3:75:06:11:D8:71:C7:2D:C3:CB:0D:DB
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01942824E3D25D90CEB73D86F579B0BB2DFB
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1-AfO0jNbRSHDdQYR2HHHLcPLDds.roa
Signing time: Thu 02 Jan 2025 17:51:33 +0000
ROA not before: Thu 02 Jan 2025 17:51:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 192.124.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 13:21:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:e3:d2:5d:90:ce:b7:3d:86:f5:79:b0:bb:2d:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 2 17:51:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f807ced2335b4521c3750611d871c72dc3cb0ddb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:3a:9f:09:dd:e1:77:0f:81:54:e4:34:35:23:
a3:70:58:a2:d3:b0:6b:bd:b1:e3:04:6b:5a:9d:9a:
5e:ab:2d:6a:cc:25:cb:65:68:3f:5a:5b:e4:3a:f6:
44:29:5a:28:69:2f:90:e7:07:7d:dc:5b:ef:66:71:
cf:70:fa:da:e3:68:54:d4:52:3b:22:df:c2:9f:0f:
61:2f:9a:21:d7:51:c2:52:9c:f0:19:45:8f:a7:1f:
f9:11:57:b9:20:2e:18:38:4c:64:0c:55:bc:8a:ac:
32:65:27:8a:38:a4:97:bb:91:2b:e4:23:49:28:27:
6c:d4:71:40:b5:0a:b1:3e:28:83:f3:36:86:82:77:
47:90:c3:f6:8f:b8:83:e3:43:8c:4d:20:b2:71:5f:
b4:c3:22:d0:a0:ce:d8:a0:94:b0:d7:70:ee:94:bc:
57:5c:40:cb:f3:6b:84:65:ed:6b:c4:f3:82:81:fa:
2f:58:dd:8a:3a:9b:57:c4:16:ca:56:d1:8d:bf:e9:
1f:9a:70:82:71:62:29:b9:09:cd:88:62:f3:5e:17:
6c:32:08:81:91:81:15:89:6c:39:a5:70:3a:b1:38:
bb:84:03:fd:4d:1a:73:ea:e3:c7:9c:d4:0c:8c:61:
90:9b:c8:76:49:19:f9:d2:56:7f:ee:1a:d3:fb:ce:
95:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:07:CE:D2:33:5B:45:21:C3:75:06:11:D8:71:C7:2D:C3:CB:0D:DB
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1-AfO0jNbRSHDdQYR2HHHLcPLDds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.175.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:51:80:6f:85:06:a9:37:1d:44:49:40:f7:0a:97:0c:4b:cf:
0c:af:a2:38:b7:71:dc:95:fc:42:a3:7b:20:d5:e7:e6:2c:b8:
46:2a:72:2b:db:06:f1:5e:25:99:76:9f:ce:a5:1f:e5:c5:99:
68:6c:b6:08:be:55:b2:0a:5e:cb:dd:c0:c7:a7:39:8a:48:0e:
d9:94:aa:02:26:1c:c4:e8:97:b4:f8:6a:aa:48:9c:01:a2:f9:
53:73:df:44:39:78:99:8d:92:09:80:4d:be:02:4e:ae:de:d5:
62:cc:8e:cc:92:df:a1:f6:ec:b7:31:c2:55:9e:5d:f7:0f:e2:
2e:82:4c:5f:a9:f8:d0:19:3d:86:01:53:1a:38:04:70:6e:23:
14:89:75:aa:ce:fe:55:3a:01:6b:9d:ca:de:a4:db:fc:31:65:
14:4f:7f:11:30:58:c1:5c:e3:c3:4a:b7:0f:9c:0c:04:85:d4:
6d:b7:8d:3d:a0:51:22:53:1f:8d:77:0e:44:50:30:1d:9c:b8:
2b:7d:af:18:be:1d:e8:71:3a:df:ac:76:8c:54:da:31:cc:89:
9e:7f:34:1e:50:2b:b4:9c:75:b7:79:ee:a0:49:22:c3:9b:b6:
ef:dc:af:6e:06:61:6e:60:0d:d9:22:10:39:14:40:5a:ed:b2:
eb:c5:4d:2d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQoJOPSXZDOtz2G9Xmwuy37MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwMTAyMTc1MTMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODA3Y2VkMjMzNWI0NTIxYzM3NTA2MTFkODcxYzcyZGMzY2IwZGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmTqfCd3hdw+BVOQ0NSOjcFii07Br
vbHjBGtanZpeqy1qzCXLZWg/WlvkOvZEKVooaS+Q5wd93FvvZnHPcPra42hU1FI7
It/Cnw9hL5oh11HCUpzwGUWPpx/5EVe5IC4YOExkDFW8iqwyZSeKOKSXu5Er5CNJ
KCds1HFAtQqxPiiD8zaGgndHkMP2j7iD40OMTSCycV+0wyLQoM7YoJSw13DulLxX
XEDL82uEZe1rxPOCgfovWN2KOptXxBbKVtGNv+kfmnCCcWIpuQnNiGLzXhdsMgiB
kYEViWw5pXA6sTi7hAP9TRpz6uPHnNQMjGGQm8h2SRn50lZ/7hrT+86VhQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPgHztIzW0Uhw3UGEdhxxy3Dyw3bMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMS1BZk8wak5iUlNIRGRRWVIySEhITGNQTERkcy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDAvZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0
My8xL05Xa1BYakxWeUdyeDRUU2RfVTZNN3JjT0dzYy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMB8rzAN
BgkqhkiG9w0BAQsFAAOCAQEAblGAb4UGqTcdRElA9wqXDEvPDK+iOLdx3JX8QqN7
INXn5iy4RipyK9sG8V4lmXafzqUf5cWZaGy2CL5Vsgpey93Ax6c5ikgO2ZSqAiYc
xOiXtPhqqkicAaL5U3PfRDl4mY2SCYBNvgJOrt7VYsyOzJLfofbstzHCVZ5d9w/i
LoJMX6n40Bk9hgFTGjgEcG4jFIl1qs7+VToBa53K3qTb/DFlFE9/ETBYwVzjw0q3
D5wMBIXUbbeNPaBRIlMfjXcORFAwHZy4K32vGL4d6HE636x2jFTaMcyJnn80HlAr
tJx1t3nuoEkiw5u279yvbgZhbmAN2SIQORRAWu2y68VNLQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:42:44 2025 by rpki-client