Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/5aa448-643f-4aee-90d9-f47e169266c2/1/AJpGZf7C_I95XvnEwSe9K3FDGt0.roa
File: AJpGZf7C_I95XvnEwSe9K3FDGt0.roa (raw, json)
Hash identifier: T5OJTQQkO73ctxzV2JbKKhv+8POHWZi8kiMMxjjvYx8=
Subject key identifier: 00:9A:46:65:FE:C2:FC:8F:79:5E:F9:C4:C1:27:BD:2B:71:43:1A:DD
Certificate issuer: /CN=dbc950098436281cee542a1e74546551e1e55283
Certificate serial: 019427488054B64CB1288BA56C7CFA0CB50F
Authority key identifier: DB:C9:50:09:84:36:28:1C:EE:54:2A:1E:74:54:65:51:E1:E5:52:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/28lQCYQ2KBzuVCoedFRlUeHlUoM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/5aa448-643f-4aee-90d9-f47e169266c2/1/AJpGZf7C_I95XvnEwSe9K3FDGt0.roa
Signing time: Thu 02 Jan 2025 13:50:50 +0000
ROA not before: Thu 02 Jan 2025 13:50:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34762
IP address blocks: 185.116.72.0/22 maxlen: 24
2a0d:5040::/32 maxlen: 32
2a0d:5041::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/5aa448-643f-4aee-90d9-f47e169266c2/1/28lQCYQ2KBzuVCoedFRlUeHlUoM.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/5aa448-643f-4aee-90d9-f47e169266c2/1/28lQCYQ2KBzuVCoedFRlUeHlUoM.mft
rsync://rpki.ripe.net/repository/DEFAULT/28lQCYQ2KBzuVCoedFRlUeHlUoM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 23:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:80:54:b6:4c:b1:28:8b:a5:6c:7c:fa:0c:b5:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbc950098436281cee542a1e74546551e1e55283
Validity
Not Before: Jan 2 13:50:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=009a4665fec2fc8f795ef9c4c127bd2b71431add
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:c5:6d:b9:1f:20:57:bf:28:70:b1:4a:60:d5:
38:1c:e0:92:70:7c:93:ca:78:77:ad:ee:a5:9b:22:
0d:08:98:a2:50:b5:3b:5e:be:a8:a0:21:7c:8e:9b:
0d:5c:79:31:29:0f:6a:73:92:5d:f7:7d:e3:71:a3:
3c:85:73:d6:5e:4f:6d:0a:6a:6d:a9:4f:b9:86:e0:
ad:b3:4e:60:4c:3d:57:01:ea:cf:26:38:dc:9f:20:
26:4b:21:d4:8a:1e:66:a5:0d:41:eb:d9:07:ea:b4:
c9:86:97:d8:cd:70:cc:f9:6d:96:8f:ed:fa:3f:06:
89:04:92:27:b0:26:6a:05:c1:c6:24:58:97:ae:b2:
42:17:fb:da:35:5f:d4:f1:72:f5:72:0c:d6:ff:5e:
23:4a:25:eb:13:1b:df:9c:be:23:05:6f:8b:9c:32:
b4:3b:a8:0d:ce:e0:e5:12:4c:bd:9d:16:20:89:e5:
43:aa:b8:7d:74:f3:95:81:6c:80:a0:f7:34:e0:00:
83:d5:be:22:66:2a:76:2e:aa:95:e0:f2:16:b6:d5:
7c:06:38:cd:0e:ac:0d:a2:c5:81:96:17:8e:c3:e1:
54:3b:62:ce:11:98:40:04:52:81:d5:7a:35:12:c4:
9f:05:59:1c:46:57:93:1c:fb:3b:50:ba:61:44:bf:
5b:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:9A:46:65:FE:C2:FC:8F:79:5E:F9:C4:C1:27:BD:2B:71:43:1A:DD
X509v3 Authority Key Identifier:
keyid:DB:C9:50:09:84:36:28:1C:EE:54:2A:1E:74:54:65:51:E1:E5:52:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/28lQCYQ2KBzuVCoedFRlUeHlUoM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/5aa448-643f-4aee-90d9-f47e169266c2/1/AJpGZf7C_I95XvnEwSe9K3FDGt0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/5aa448-643f-4aee-90d9-f47e169266c2/1/28lQCYQ2KBzuVCoedFRlUeHlUoM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.116.72.0/22
IPv6:
2a0d:5040::/31
Signature Algorithm: sha256WithRSAEncryption
1a:a3:76:68:c4:ec:d0:11:d7:08:13:30:47:d6:30:98:c4:c8:
e7:f2:47:15:33:79:fa:cd:e3:80:5a:80:60:72:c1:a8:50:7d:
b9:08:70:ba:7f:56:08:5e:6b:c8:b4:ed:29:86:a0:26:b2:d4:
32:e8:6b:f1:dd:1b:39:b2:06:d2:43:d5:b5:0f:7b:2c:bc:a4:
69:7c:31:c5:9c:c9:c1:a9:99:0a:82:ed:36:a4:66:4c:3c:ee:
23:6b:70:dd:ca:24:69:d5:a8:12:e5:b6:04:d0:08:e0:b7:f4:
d3:5a:62:03:25:1f:70:9c:7a:63:a5:ee:ec:90:af:c2:da:dc:
6d:ae:da:37:40:04:f6:db:45:49:60:21:48:30:a6:53:ab:4c:
05:a0:16:2a:72:14:4b:43:1f:f5:fa:ab:f3:0a:c6:fe:05:f7:
eb:88:95:7e:a3:ee:0a:39:63:c8:29:0a:e9:c1:1f:5b:6d:f6:
09:d5:ca:04:ee:d6:59:c4:01:0c:6c:7e:60:05:62:aa:00:12:
b8:c4:3b:61:84:08:98:1e:39:ac:be:e6:62:d8:03:76:8e:27:
dd:c2:4e:04:5f:b5:dd:b7:aa:98:c2:ae:bc:83:a4:fa:cb:29:
ef:65:4e:67:ad:2b:45:aa:33:92:fa:46:70:12:7a:e8:4e:d8:
ac:82:a9:73
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQnSIBUtkyxKIulbHz6DLUPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiYzk1MDA5ODQzNjI4MWNlZTU0MmExZTc0NTQ2NTUxZTFl
NTUyODMwHhcNMjUwMTAyMTM1MDUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDlhNDY2NWZlYzJmYzhmNzk1ZWY5YzRjMTI3YmQyYjcxNDMxYWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgsVtuR8gV78ocLFKYNU4HOCScHyT
ynh3re6lmyINCJiiULU7Xr6ooCF8jpsNXHkxKQ9qc5Jd933jcaM8hXPWXk9tCmpt
qU+5huCts05gTD1XAerPJjjcnyAmSyHUih5mpQ1B69kH6rTJhpfYzXDM+W2Wj+36
PwaJBJInsCZqBcHGJFiXrrJCF/vaNV/U8XL1cgzW/14jSiXrExvfnL4jBW+LnDK0
O6gNzuDlEky9nRYgieVDqrh9dPOVgWyAoPc04ACD1b4iZip2LqqV4PIWttV8BjjN
DqwNosWBlheOw+FUO2LOEZhABFKB1Xo1EsSfBVkcRleTHPs7ULphRL9bUQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFACaRmX+wvyPeV75xMEnvStxQxrdMB8GA1UdIwQY
MBaAFNvJUAmENigc7lQqHnRUZVHh5VKDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjhsUUNZUTJLQnp1VkNvZWRGUmxVZUhsVW9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi81YWE0NDgtNjQzZi00YWVlLTkwZDkt
ZjQ3ZTE2OTI2NmMyLzEvQUpwR1pmN0NfSTk1WHZuRXdTZTlLM0ZER3QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi81YWE0NDgtNjQzZi00YWVlLTkwZDktZjQ3ZTE2OTI2NmMy
LzEvMjhsUUNZUTJLQnp1VkNvZWRGUmxVZUhsVW9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXRIMA0E
AgACMAcDBQEqDVBAMA0GCSqGSIb3DQEBCwUAA4IBAQAao3ZoxOzQEdcIEzBH1jCY
xMjn8kcVM3n6zeOAWoBgcsGoUH25CHC6f1YIXmvItO0phqAmstQy6Gvx3Rs5sgbS
Q9W1D3ssvKRpfDHFnMnBqZkKgu02pGZMPO4ja3DdyiRp1agS5bYE0Ajgt/TTWmID
JR9wnHpjpe7skK/C2txtrto3QAT220VJYCFIMKZTq0wFoBYqchRLQx/1+qvzCsb+
BffriJV+o+4KOWPIKQrpwR9bbfYJ1coE7tZZxAEMbH5gBWKqABK4xDthhAiYHjms
vuZi2AN2jifdwk4EX7Xdt6qYwq68g6T6yynvZU5nrStFqjOS+kZwEnroTtisgqlz
-----END CERTIFICATE-----
Generated at Tue Apr 8 06:01:04 2025 by rpki-client