Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/03x9EKQSw96hw_B90voE0vIVPmM.roa
File: 03x9EKQSw96hw_B90voE0vIVPmM.roa (raw, json)
Hash identifier: srukJkOyyAOOAPegbV8bSszY04jSSwfLuR0OXFp6lKU=
Subject key identifier: D3:7C:7D:10:A4:12:C3:DE:A1:C3:F0:7D:D2:FA:04:D2:F2:15:3E:63
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01942824BF84514E1565E76BD54F4F9E63FE
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/03x9EKQSw96hw_B90voE0vIVPmM.roa
Signing time: Thu 02 Jan 2025 17:51:24 +0000
ROA not before: Thu 02 Jan 2025 17:51:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212755
IP address blocks: 84.54.50.0/24 maxlen: 24
194.55.227.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 00:57:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:bf:84:51:4e:15:65:e7:6b:d5:4f:4f:9e:63:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 17:51:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d37c7d10a412c3dea1c3f07dd2fa04d2f2153e63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:5f:6f:6b:bf:c4:ac:1e:82:72:64:ba:29:8b:
37:bf:35:73:6d:72:fe:c7:05:16:96:38:dd:25:4f:
ae:67:f2:80:71:3d:47:cc:9c:01:23:5f:de:84:97:
16:c7:40:00:bc:ea:a4:32:ca:b4:48:fd:1e:7d:65:
7a:3a:bc:00:cf:44:5c:b2:1a:36:c4:68:ce:6e:d0:
f9:59:2d:31:0e:92:d9:bb:5f:95:f4:26:b3:de:56:
58:09:fa:9d:49:1f:d8:cc:88:d5:2b:60:3c:26:4c:
75:21:89:d3:70:e9:a4:9f:1d:b3:a0:4e:84:2c:a8:
9a:d7:a5:7c:ec:23:22:76:c1:ca:01:3b:6d:28:16:
e2:3c:45:e2:d6:52:98:8b:38:95:fe:f7:c4:c1:e6:
51:d1:d6:7b:68:cf:d7:02:3f:83:9a:b8:d7:6d:7a:
17:f8:78:fb:f0:ce:a2:56:70:25:10:2b:b4:99:f1:
16:bd:12:fc:c0:09:af:39:a9:e1:e7:38:8c:12:f4:
06:94:d3:69:7d:15:2c:6b:f2:c4:2a:3d:1a:69:c4:
0d:16:3e:71:f5:9e:05:c4:77:a3:2a:db:b0:25:a0:
c5:93:f4:bd:0a:1d:a8:4f:b3:f1:9e:46:65:70:ad:
c9:b9:2a:ee:e6:c2:70:ea:f3:dc:28:9e:8e:c3:9e:
ef:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:7C:7D:10:A4:12:C3:DE:A1:C3:F0:7D:D2:FA:04:D2:F2:15:3E:63
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/03x9EKQSw96hw_B90voE0vIVPmM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.54.50.0/24
194.55.227.0/24
Signature Algorithm: sha256WithRSAEncryption
76:2f:95:f0:09:2b:b9:b2:b0:0f:5d:2b:b4:8c:d8:8e:c6:c2:
b3:ba:d9:36:c8:ea:e5:c4:4e:bb:7d:d2:87:8c:eb:9a:79:9d:
b4:52:13:4b:91:8a:b8:f2:ee:72:ba:0f:92:fb:42:26:01:c2:
ee:58:a4:3f:ba:91:f3:96:11:38:b9:db:31:f0:de:32:da:72:
fe:f2:c5:15:aa:94:e7:d1:ca:fd:3c:90:29:88:9a:e8:8d:99:
18:e4:d2:d3:ce:36:58:fa:7c:8d:b2:49:b5:d8:15:d3:e4:c3:
c1:46:dd:49:4c:21:49:e1:9a:e5:29:46:ea:9f:7d:04:fd:1d:
a4:ad:a6:b8:9a:3c:cb:e0:74:46:c1:1e:ac:3d:40:4d:33:07:
9f:23:0b:a4:4b:ec:95:2a:3c:b3:c0:59:b5:eb:71:4f:64:f3:
b2:fe:af:3e:94:e0:74:ac:00:76:ce:90:de:72:1c:4f:a0:3a:
e4:69:95:1f:6c:f2:34:79:d3:7c:f4:3c:24:67:50:c5:28:74:
f0:6e:dd:c3:7f:76:a6:03:39:28:fb:18:e9:53:76:08:c9:95:
1c:a8:dc:d8:dd:cb:ae:b6:16:32:24:59:8d:f6:9e:15:4b:1e:
14:e7:61:72:f8:df:5d:b2:e7:f5:c8:74:cd:ea:1a:1f:aa:98:
31:52:7d:0f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQoJL+EUU4VZedr1U9PnmP+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMTAyMTc1MTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzdjN2QxMGE0MTJjM2RlYTFjM2YwN2RkMmZhMDRkMmYyMTUzZTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoV9va7/ErB6CcmS6KYs3vzVzbXL+
xwUWljjdJU+uZ/KAcT1HzJwBI1/ehJcWx0AAvOqkMsq0SP0efWV6OrwAz0Rcsho2
xGjObtD5WS0xDpLZu1+V9Caz3lZYCfqdSR/YzIjVK2A8Jkx1IYnTcOmknx2zoE6E
LKia16V87CMidsHKATttKBbiPEXi1lKYiziV/vfEweZR0dZ7aM/XAj+DmrjXbXoX
+Hj78M6iVnAlECu0mfEWvRL8wAmvOanh5ziMEvQGlNNpfRUsa/LEKj0aacQNFj5x
9Z4FxHejKtuwJaDFk/S9Ch2oT7PxnkZlcK3JuSru5sJw6vPcKJ6Ow57vWwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNN8fRCkEsPeocPwfdL6BNLyFT5jMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMDN4OUVLUVN3OTZod19COTB2b0UwdklWUG1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVDYyAwQA
wjfjMA0GCSqGSIb3DQEBCwUAA4IBAQB2L5XwCSu5srAPXSu0jNiOxsKzutk2yOrl
xE67fdKHjOuaeZ20UhNLkYq48u5yug+S+0ImAcLuWKQ/upHzlhE4udsx8N4y2nL+
8sUVqpTn0cr9PJApiJrojZkY5NLTzjZY+nyNskm12BXT5MPBRt1JTCFJ4ZrlKUbq
n30E/R2kraa4mjzL4HRGwR6sPUBNMwefIwukS+yVKjyzwFm163FPZPOy/q8+lOB0
rAB2zpDechxPoDrkaZUfbPI0edN89DwkZ1DFKHTwbt3Df3amAzko+xjpU3YIyZUc
qNzY3cuuthYyJFmN9p4VSx4U52Fy+N9dsuf1yHTN6hofqpgxUn0P
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:11:54 2025 by rpki-client