Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a7ef4d-dc44-4faf-9513-e9c9132836ff/1/kwXEh1Xh-2K2CVYqtcC-AT6Gb_U.roa
File: kwXEh1Xh-2K2CVYqtcC-AT6Gb_U.roa (raw, json)
Hash identifier: dIfLEvdyhBW74zPx42unz5ShPnUU/ehc/8slF8xgQRY=
Subject key identifier: 93:05:C4:87:55:E1:FB:62:B6:09:56:2A:B5:C0:BE:01:3E:86:6F:F5
Certificate issuer: /CN=0dd441c3ffae829842249e944b03851081f4d9e0
Certificate serial: 01941FFA43BC4655974F13DD7C2B30C6EEC6
Authority key identifier: 0D:D4:41:C3:FF:AE:82:98:42:24:9E:94:4B:03:85:10:81:F4:D9:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DdRBw_-ugphCJJ6USwOFEIH02eA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a7ef4d-dc44-4faf-9513-e9c9132836ff/1/kwXEh1Xh-2K2CVYqtcC-AT6Gb_U.roa
Signing time: Wed 01 Jan 2025 03:48:02 +0000
ROA not before: Wed 01 Jan 2025 03:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44016
IP address blocks: 91.235.168.0/24 maxlen: 24
193.23.60.0/24 maxlen: 24
2001:67c:2d78::/48 maxlen: 48
2a09:8400::/29 maxlen: 48
2a0f:75c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/a7ef4d-dc44-4faf-9513-e9c9132836ff/1/DdRBw_-ugphCJJ6USwOFEIH02eA.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/a7ef4d-dc44-4faf-9513-e9c9132836ff/1/DdRBw_-ugphCJJ6USwOFEIH02eA.mft
rsync://rpki.ripe.net/repository/DEFAULT/DdRBw_-ugphCJJ6USwOFEIH02eA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 23:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:43:bc:46:55:97:4f:13:dd:7c:2b:30:c6:ee:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0dd441c3ffae829842249e944b03851081f4d9e0
Validity
Not Before: Jan 1 03:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9305c48755e1fb62b609562ab5c0be013e866ff5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:e4:20:38:fd:26:dc:30:56:d4:40:55:ce:7a:
ce:77:08:da:b7:f7:84:00:55:7e:cd:6d:a2:63:69:
94:f5:b0:7c:a0:ec:a7:38:fa:1a:1e:e4:51:17:57:
97:81:6f:41:e8:aa:aa:08:95:de:32:28:dd:84:86:
11:b0:59:78:ab:bf:78:6a:44:59:09:81:d1:70:33:
92:9a:e6:90:00:34:17:ee:9a:f9:a8:5d:8b:b9:f5:
21:b9:74:17:32:f6:7f:e0:d9:8a:1b:2e:b0:89:74:
66:07:92:11:02:b1:63:50:8c:99:1c:d1:e9:4f:5c:
37:79:e4:60:a1:3a:92:43:7b:e4:1a:fc:42:3e:f8:
69:85:2d:eb:23:83:f0:51:3c:de:a3:88:a9:43:48:
7f:18:4c:6c:3b:85:31:24:e3:d6:40:69:2c:2c:bb:
79:48:a5:71:97:32:b6:c1:ea:fb:82:61:34:3b:be:
ec:e2:12:a9:84:73:2a:ba:bb:20:00:52:97:7d:78:
4d:ca:17:c0:35:98:ed:de:a2:fb:78:67:fd:94:9d:
4b:53:94:4d:56:c9:e7:dc:0a:e2:6c:1b:d1:f3:57:
84:5b:93:fc:56:12:ba:39:d8:3c:14:ec:f0:f3:43:
1e:5b:d3:34:61:f4:dd:ef:35:69:00:40:fd:db:77:
1d:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:05:C4:87:55:E1:FB:62:B6:09:56:2A:B5:C0:BE:01:3E:86:6F:F5
X509v3 Authority Key Identifier:
keyid:0D:D4:41:C3:FF:AE:82:98:42:24:9E:94:4B:03:85:10:81:F4:D9:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DdRBw_-ugphCJJ6USwOFEIH02eA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a7ef4d-dc44-4faf-9513-e9c9132836ff/1/kwXEh1Xh-2K2CVYqtcC-AT6Gb_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a7ef4d-dc44-4faf-9513-e9c9132836ff/1/DdRBw_-ugphCJJ6USwOFEIH02eA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.235.168.0/24
193.23.60.0/24
IPv6:
2001:67c:2d78::/48
2a09:8400::/29
2a0f:75c0::/29
Signature Algorithm: sha256WithRSAEncryption
85:7f:0a:04:24:e9:ef:43:2a:e8:09:bf:9d:39:a9:01:39:76:
b5:82:42:83:e4:6b:72:5b:b9:aa:64:df:2e:ed:b6:66:fb:f1:
f6:9f:78:6f:8d:8b:9b:e9:f1:d1:33:bf:c0:6e:e0:c8:63:43:
c3:e0:d1:b9:c3:eb:fe:d5:06:71:f3:42:5a:40:6f:8f:86:f3:
58:ac:77:9f:31:1a:4a:3b:96:02:67:fe:d2:a4:b4:f1:cc:35:
08:bc:28:dd:ab:90:42:1b:a3:39:68:db:79:36:50:13:b7:97:
39:42:d3:d9:37:86:95:01:b8:d2:53:72:56:22:63:50:e0:cf:
41:00:d7:6e:6a:a0:60:1a:5c:7d:4b:ec:71:c1:de:87:f4:b5:
2b:bf:05:05:ce:23:2d:72:59:6a:3e:6a:0e:ac:b9:0e:58:75:
c9:d2:f6:d0:a6:96:f1:bf:2d:a6:64:87:07:ed:49:36:9e:db:
0e:44:a6:be:77:25:8e:80:b2:d5:3e:4d:1f:6d:f1:8a:ea:82:
27:91:be:38:88:24:af:2b:ab:ba:fd:82:63:92:23:44:18:62:
65:71:51:16:7f:a7:ab:0e:f0:13:10:6d:c4:60:a3:5a:53:e8:
5a:56:a4:1d:d9:c5:ad:6b:e8:fe:32:31:83:d1:56:30:27:42:
ae:0b:d5:41
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAZQf+kO8RlWXTxPdfCswxu7GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkZDQ0MWMzZmZhZTgyOTg0MjI0OWU5NDRiMDM4NTEwODFm
NGQ5ZTAwHhcNMjUwMTAxMDM0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzA1YzQ4NzU1ZTFmYjYyYjYwOTU2MmFiNWMwYmUwMTNlODY2ZmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4OQgOP0m3DBW1EBVznrOdwjat/eE
AFV+zW2iY2mU9bB8oOynOPoaHuRRF1eXgW9B6KqqCJXeMijdhIYRsFl4q794akRZ
CYHRcDOSmuaQADQX7pr5qF2LufUhuXQXMvZ/4NmKGy6wiXRmB5IRArFjUIyZHNHp
T1w3eeRgoTqSQ3vkGvxCPvhphS3rI4PwUTzeo4ipQ0h/GExsO4UxJOPWQGksLLt5
SKVxlzK2wer7gmE0O77s4hKphHMqursgAFKXfXhNyhfANZjt3qL7eGf9lJ1LU5RN
Vsnn3AribBvR81eEW5P8VhK6Odg8FOzw80MeW9M0YfTd7zVpAED923cdCwIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFJMFxIdV4ftitglWKrXAvgE+hm/1MB8GA1UdIwQY
MBaAFA3UQcP/roKYQiSelEsDhRCB9NngMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGRSQndfLXVncGhDSko2VVN3T0ZFSUgwMmVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hN2VmNGQtZGM0NC00ZmFmLTk1MTMt
ZTljOTEzMjgzNmZmLzEva3dYRWgxWGgtMksyQ1ZZcXRjQy1BVDZHYl9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9hN2VmNGQtZGM0NC00ZmFmLTk1MTMtZTljOTEzMjgzNmZm
LzEvRGRSQndfLXVncGhDSko2VVN3T0ZFSUgwMmVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzASBAIAATAMAwQAW+uoAwQA
wRc8MB0EAgACMBcDBwAgAQZ8LXgDBQMqCYQAAwUDKg91wDANBgkqhkiG9w0BAQsF
AAOCAQEAhX8KBCTp70Mq6Am/nTmpATl2tYJCg+Rrclu5qmTfLu22Zvvx9p94b42L
m+nx0TO/wG7gyGNDw+DRucPr/tUGcfNCWkBvj4bzWKx3nzEaSjuWAmf+0qS08cw1
CLwo3auQQhujOWjbeTZQE7eXOULT2TeGlQG40lNyViJjUODPQQDXbmqgYBpcfUvs
ccHeh/S1K78FBc4jLXJZaj5qDqy5Dlh1ydL20KaW8b8tpmSHB+1JNp7bDkSmvncl
joCy1T5NH23xiuqCJ5G+OIgkryuruv2CY5IjRBhiZXFRFn+nqw7wExBtxGCjWlPo
WlakHdnFrWvo/jIxg9FWMCdCrgvVQQ==
-----END CERTIFICATE-----
Generated at Sun Apr 13 05:34:14 2025 by rpki-client