Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/AAp8UMA41huGd85S4qJH_OEUHw4.roa
File: AAp8UMA41huGd85S4qJH_OEUHw4.roa (raw, json)
Hash identifier: e9+7RmVC2MVMgbobhP4MTkCRfMlk48lefLgIWcUTGlo=
Subject key identifier: 00:0A:7C:50:C0:38:D6:1B:86:77:CE:52:E2:A2:47:FC:E1:14:1F:0E
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0195460F00585C6AA81ABEA72EDD80BB1E4D
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/AAp8UMA41huGd85S4qJH_OEUHw4.roa
Signing time: Thu 27 Feb 2025 06:19:02 +0000
ROA not before: Thu 27 Feb 2025 06:19:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214668
IP address blocks: 45.8.92.0/24 maxlen: 24
81.161.238.0/24 maxlen: 24
193.37.41.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 00:57:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:46:0f:00:58:5c:6a:a8:1a:be:a7:2e:dd:80:bb:1e:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 27 06:19:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=000a7c50c038d61b8677ce52e2a247fce1141f0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:de:e6:f2:e9:72:fe:ec:11:18:c5:1a:12:6a:
c9:fa:1e:c4:6d:c4:de:96:b9:a0:c2:ed:d0:9c:8c:
97:63:5e:d4:99:30:3c:c9:21:c1:c2:ed:c4:d3:36:
f1:74:7d:f5:28:28:05:9d:7e:91:cf:a7:6c:ca:78:
71:a5:d0:08:0d:e4:1a:48:39:ee:67:90:e9:0d:2b:
7a:01:4e:1e:77:17:52:0d:98:a4:f8:40:7a:82:ce:
80:5f:e1:79:a3:6b:a8:78:e7:66:30:c9:90:45:d8:
f5:6c:59:1f:d8:92:23:e9:f3:e8:ff:4a:7b:7d:86:
23:e2:e3:7a:70:5f:86:c5:65:e4:9f:fb:b1:63:6f:
1e:4e:48:fd:de:49:7b:97:fb:63:cb:1b:30:c0:b6:
b7:bc:4c:0e:c6:62:df:fd:cd:64:ef:cf:06:c0:0e:
f4:f1:18:ea:91:ee:f3:53:a5:b1:02:39:33:e9:18:
f0:9f:6f:16:51:81:e9:ab:a4:2b:7e:93:c5:a2:16:
e5:5a:68:d7:f7:b8:b3:13:2a:ef:ea:ed:9b:ac:a5:
a1:34:b5:04:84:b3:c5:6f:cc:83:44:64:83:ad:c5:
bc:78:fb:17:ee:88:c2:2c:b3:96:d7:65:ac:c9:a3:
79:ba:61:1f:2d:ca:de:87:79:17:d5:bb:a5:69:c5:
74:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:0A:7C:50:C0:38:D6:1B:86:77:CE:52:E2:A2:47:FC:E1:14:1F:0E
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/AAp8UMA41huGd85S4qJH_OEUHw4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.92.0/24
81.161.238.0/24
193.37.41.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:a4:ea:3c:f4:10:db:96:9f:ba:aa:18:5d:f5:2a:2f:1b:ff:
2f:67:f4:2f:23:37:c2:cb:50:a9:5a:7b:a3:8d:07:43:fc:64:
2e:28:17:6d:e7:eb:c5:4d:f4:a2:e0:cf:e2:24:61:0b:01:dd:
ba:5c:a7:16:ba:ac:cc:0d:57:59:5f:d9:56:50:91:d2:c6:dc:
4b:f0:ae:c9:f4:f7:2b:5e:fc:f5:1d:19:14:dd:5f:46:5b:64:
74:1b:1a:6c:3c:3f:a6:53:95:dd:6c:cc:49:85:f4:9d:fd:19:
64:16:79:bf:c1:7f:00:3d:8c:d1:3b:59:a2:a5:68:06:05:4e:
db:86:d1:fa:3d:9e:5f:45:56:fa:fb:9a:18:65:c3:ce:03:eb:
db:00:f9:50:98:98:77:a9:a8:97:b1:81:bd:5c:eb:d6:75:c0:
13:18:56:57:11:32:99:28:39:6d:ab:f9:b3:37:16:95:72:48:
e5:12:0a:96:da:de:95:dd:82:de:3c:ea:2d:47:b9:a3:e2:10:
7b:73:dc:23:7a:69:e1:8f:2e:95:35:28:2a:7b:71:d9:af:da:
8e:4a:f4:77:f3:32:de:c9:90:a9:cf:45:d1:6e:51:19:c2:23:
82:8f:51:ea:15:e7:33:e2:2b:73:de:87:11:34:f9:74:93:e4:
4d:19:06:2e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZVGDwBYXGqoGr6nLt2Aux5NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMjI3MDYxOTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDBhN2M1MGMwMzhkNjFiODY3N2NlNTJlMmEyNDdmY2UxMTQxZjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjN7m8uly/uwRGMUaEmrJ+h7EbcTe
lrmgwu3QnIyXY17UmTA8ySHBwu3E0zbxdH31KCgFnX6Rz6dsynhxpdAIDeQaSDnu
Z5DpDSt6AU4edxdSDZik+EB6gs6AX+F5o2uoeOdmMMmQRdj1bFkf2JIj6fPo/0p7
fYYj4uN6cF+GxWXkn/uxY28eTkj93kl7l/tjyxswwLa3vEwOxmLf/c1k788GwA70
8Rjqke7zU6WxAjkz6Rjwn28WUYHpq6QrfpPFohblWmjX97izEyrv6u2brKWhNLUE
hLPFb8yDRGSDrcW8ePsX7ojCLLOW12WsyaN5umEfLcreh3kX1bulacV05wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAAKfFDAONYbhnfOUuKiR/zhFB8OMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvQUFwOFVNQTQxaHVHZDg1UzRxSkhfT0VVSHc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALQhcAwQA
UaHuAwQAwSUpMA0GCSqGSIb3DQEBCwUAA4IBAQBLpOo89BDblp+6qhhd9SovG/8v
Z/QvIzfCy1CpWnujjQdD/GQuKBdt5+vFTfSi4M/iJGELAd26XKcWuqzMDVdZX9lW
UJHSxtxL8K7J9PcrXvz1HRkU3V9GW2R0GxpsPD+mU5XdbMxJhfSd/RlkFnm/wX8A
PYzRO1mipWgGBU7bhtH6PZ5fRVb6+5oYZcPOA+vbAPlQmJh3qaiXsYG9XOvWdcAT
GFZXETKZKDltq/mzNxaVckjlEgqW2t6V3YLePOotR7mj4hB7c9wjemnhjy6VNSgq
e3HZr9qOSvR38zLeyZCpz0XRblEZwiOCj1HqFecz4itz3ocRNPl0k+RNGQYu
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:58:39 2025 by rpki-client