Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/9POJJAxObFR-JJwyTPmhLMNbg3Y.roa
File: 9POJJAxObFR-JJwyTPmhLMNbg3Y.roa (raw, json)
Hash identifier: CBY/nGNn0/p/G3X2picmAlTUNNl038hJexJljpsILZY=
Subject key identifier: F4:F3:89:24:0C:4E:6C:54:7E:24:9C:32:4C:F9:A1:2C:C3:5B:83:76
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0195CE9A8E2F626C42E10E21CFACC6F83BFA
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/9POJJAxObFR-JJwyTPmhLMNbg3Y.roa
Signing time: Tue 25 Mar 2025 18:39:50 +0000
ROA not before: Tue 25 Mar 2025 18:39:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214271
IP address blocks: 93.123.13.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 00:57:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ce:9a:8e:2f:62:6c:42:e1:0e:21:cf:ac:c6:f8:3b:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 25 18:39:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f4f389240c4e6c547e249c324cf9a12cc35b8376
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:11:78:57:43:4a:27:ad:cf:ca:1d:f8:e7:08:
be:15:c6:51:7f:1d:a3:6d:d8:80:7e:57:84:69:10:
00:13:0f:bd:ef:02:0b:fb:4f:81:e0:21:74:e3:a4:
0e:88:24:8f:b4:18:ef:22:ab:23:33:43:fd:2e:45:
06:ed:c9:f1:72:27:19:ad:e8:8e:5e:33:da:b3:22:
e7:ba:0b:38:33:85:ef:57:03:27:15:18:6f:57:c8:
01:63:21:e8:bc:87:97:d8:51:95:93:76:82:28:d7:
83:be:ae:49:05:d5:26:94:6c:68:a4:f4:61:65:91:
2f:66:e7:63:48:14:1f:42:fa:55:00:24:91:04:e0:
76:88:8b:cc:8e:e1:b2:61:07:ab:ae:60:17:55:fe:
0a:a0:44:32:b3:ad:16:36:5e:67:f8:15:b1:09:c1:
03:63:56:1e:35:f3:6a:af:93:47:aa:58:0b:52:bd:
13:8a:6c:dc:63:51:1e:c9:e4:a0:3d:95:07:0d:99:
22:e4:7b:d5:b5:24:fc:f8:67:23:da:8c:0b:dc:cc:
04:3d:7b:08:19:9f:51:d9:08:42:d5:b4:b7:96:52:
c4:c4:9a:e7:c5:7c:01:cc:1d:49:ae:83:30:70:b6:
ad:77:a6:c5:ba:89:5c:5d:0c:9e:70:11:70:3c:8d:
d7:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:F3:89:24:0C:4E:6C:54:7E:24:9C:32:4C:F9:A1:2C:C3:5B:83:76
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/9POJJAxObFR-JJwyTPmhLMNbg3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.123.13.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:63:de:19:80:3a:26:11:ab:1f:11:ff:b6:3b:be:63:7d:ba:
04:20:58:23:47:f9:fd:f5:3c:37:6d:82:8e:93:cc:3c:d9:98:
3f:6a:52:4c:a3:3b:49:04:05:ee:e5:a1:a4:5f:16:eb:0e:30:
b2:25:29:f2:38:a7:10:34:f2:bc:1f:cd:65:c1:2d:f4:e4:c0:
e7:14:d7:69:34:35:1a:86:c0:c3:c3:80:6d:d7:45:76:9c:89:
61:6f:b9:01:e7:1a:cf:60:9f:4f:8c:73:f3:c2:96:fa:0e:32:
e3:4c:77:36:4f:ca:e7:e8:b8:a7:5f:50:bb:02:37:4d:64:4b:
cd:f8:15:af:fe:c2:07:32:07:ab:ee:f9:3c:02:95:fd:4a:c6:
d1:3a:12:90:d1:29:39:6a:cb:ba:76:03:c1:58:02:ea:e1:e2:
22:87:3d:be:5d:aa:f2:e1:7c:a1:7d:9c:8d:b4:6f:c3:16:5e:
1b:18:f9:f4:1b:29:81:89:a3:d5:c4:3b:7e:4d:fe:39:c7:90:
2b:e0:25:95:16:92:4a:d6:e6:4c:f0:f7:52:dd:75:3e:b9:c6:
ad:16:dd:a7:75:b7:e8:44:58:5e:69:ab:17:19:60:af:64:7d:
ba:55:6c:7c:21:ca:f4:e8:1f:ea:ef:c6:e3:66:c9:19:4d:8d:
15:a6:d1:69
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZXOmo4vYmxC4Q4hz6zG+Dv6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMzI1MTgzOTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGYzODkyNDBjNGU2YzU0N2UyNDljMzI0Y2Y5YTEyY2MzNWI4Mzc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRF4V0NKJ63Pyh345wi+FcZRfx2j
bdiAfleEaRAAEw+97wIL+0+B4CF046QOiCSPtBjvIqsjM0P9LkUG7cnxcicZreiO
XjPasyLnugs4M4XvVwMnFRhvV8gBYyHovIeX2FGVk3aCKNeDvq5JBdUmlGxopPRh
ZZEvZudjSBQfQvpVACSRBOB2iIvMjuGyYQerrmAXVf4KoEQys60WNl5n+BWxCcED
Y1YeNfNqr5NHqlgLUr0TimzcY1EeyeSgPZUHDZki5HvVtST8+Gcj2owL3MwEPXsI
GZ9R2QhC1bS3llLExJrnxXwBzB1JroMwcLatd6bFuolcXQyecBFwPI3X7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPTziSQMTmxUfiScMkz5oSzDW4N2MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvOVBPSkpBeE9iRlItSkp3eVRQbWhMTU5iZzNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXXsNMA0G
CSqGSIb3DQEBCwUAA4IBAQB+Y94ZgDomEasfEf+2O75jfboEIFgjR/n99Tw3bYKO
k8w82Zg/alJMoztJBAXu5aGkXxbrDjCyJSnyOKcQNPK8H81lwS305MDnFNdpNDUa
hsDDw4Bt10V2nIlhb7kB5xrPYJ9PjHPzwpb6DjLjTHc2T8rn6LinX1C7AjdNZEvN
+BWv/sIHMger7vk8ApX9SsbROhKQ0Sk5asu6dgPBWALq4eIihz2+Xary4XyhfZyN
tG/DFl4bGPn0GymBiaPVxDt+Tf45x5Ar4CWVFpJK1uZM8PdS3XU+ucatFt2ndbfo
RFheaasXGWCvZH26VWx8Icr06B/q78bjZskZTY0VptFp
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:14:46 2025 by rpki-client