Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/_8ReHy1opoJcm9qRdYJbpw7qjNI.roa
File: _8ReHy1opoJcm9qRdYJbpw7qjNI.roa (raw, json)
Hash identifier: ql1+cj9w0ZDx72LSXcKgPYRImU6BBsiQjNIkj7n8ST0=
Subject key identifier: FF:C4:5E:1F:2D:68:A6:82:5C:9B:DA:91:75:82:5B:A7:0E:EA:8C:D2
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01942824B7E8A654E59AFD38E9F6F0967077
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/_8ReHy1opoJcm9qRdYJbpw7qjNI.roa
Signing time: Thu 02 Jan 2025 17:51:22 +0000
ROA not before: Thu 02 Jan 2025 17:51:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209043
IP address blocks: 91.92.26.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 00:57:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:b7:e8:a6:54:e5:9a:fd:38:e9:f6:f0:96:70:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 17:51:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ffc45e1f2d68a6825c9bda9175825ba70eea8cd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:2a:03:61:ad:40:80:6c:b1:dd:46:91:f0:c7:
3b:7e:ab:0b:be:ce:d5:00:22:c5:64:37:9c:8d:02:
43:39:8b:dd:59:68:7a:78:6b:60:84:71:8c:cb:8b:
95:fc:38:49:7c:d1:6b:1f:9d:5e:2f:d2:91:34:9c:
26:43:e9:c7:40:e2:ae:b9:fa:5d:ad:8d:f7:d6:a7:
53:d5:a0:cc:5b:df:f9:db:f0:81:8a:f4:04:a6:56:
93:96:2d:85:23:fa:7f:cb:d1:47:a6:91:83:67:df:
37:21:78:4c:5f:fc:de:eb:86:e8:ca:50:e0:95:38:
3c:2a:81:85:b3:d9:9d:59:be:e7:1b:3f:c2:b4:67:
9a:ee:57:e1:3e:2a:7d:21:a8:1a:c0:16:8b:51:3e:
56:11:90:dd:0a:aa:ff:bb:65:f5:86:d5:01:0e:36:
c7:d4:0c:2a:e4:8d:22:a4:9f:89:53:a9:a0:b8:aa:
82:b2:54:54:9e:40:76:b6:39:f2:7d:73:ee:d4:d6:
22:78:8e:c5:62:71:bf:8b:61:26:02:2c:de:67:b7:
64:3d:0f:57:18:89:0a:6d:5f:d9:d1:50:0f:13:c0:
89:61:76:4f:f3:ec:fb:ca:16:32:eb:48:a7:41:8d:
5d:ef:6c:8f:3e:5a:54:3f:f7:5f:20:ac:61:d2:80:
97:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:C4:5E:1F:2D:68:A6:82:5C:9B:DA:91:75:82:5B:A7:0E:EA:8C:D2
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/_8ReHy1opoJcm9qRdYJbpw7qjNI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.92.26.0/24
Signature Algorithm: sha256WithRSAEncryption
82:5c:ef:27:09:dc:99:9f:79:c3:c5:4c:1c:da:20:40:e2:77:
16:39:95:f5:a5:9f:35:cb:85:d6:b6:ce:b9:ed:17:fe:3e:65:
b6:73:7f:6a:fb:c1:7c:87:31:49:e7:67:fa:2c:f9:0e:42:c9:
12:3c:52:a5:b2:3c:35:6a:c9:21:f9:71:1b:15:6e:d5:06:c4:
0b:47:f6:93:26:6a:54:6a:5e:9a:b7:33:bf:77:b5:d2:69:c3:
5e:2a:7e:87:0b:19:53:a4:e1:f9:03:e0:c0:f5:13:b9:ca:96:
ee:19:55:66:e5:62:be:6a:14:be:c4:1b:bf:b1:e7:11:0c:66:
14:a4:91:f6:32:4f:d0:99:f5:6c:99:6f:86:ca:d6:52:31:06:
0f:9b:0b:b6:17:15:4a:4f:b2:40:5d:6a:72:22:74:fe:35:7e:
56:a9:79:fb:46:a5:c0:42:48:59:7d:5b:aa:6c:e6:ad:02:a8:
a5:d4:7f:69:52:87:15:ff:69:5e:5f:03:33:5e:f8:11:3b:92:
36:dc:f4:18:bc:de:33:d0:5f:43:97:04:38:52:8c:7e:f2:4a:
ea:af:1e:a4:8f:eb:78:cf:3f:d7:ba:52:fe:3a:ea:25:49:74:
da:fa:aa:91:cb:95:5c:8e:99:73:7c:7c:d2:1a:7b:76:68:e2:
f6:2b:3c:f5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJLfoplTlmv046fbwlnB3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMTAyMTc1MTIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmM0NWUxZjJkNjhhNjgyNWM5YmRhOTE3NTgyNWJhNzBlZWE4Y2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAryoDYa1AgGyx3UaR8Mc7fqsLvs7V
ACLFZDecjQJDOYvdWWh6eGtghHGMy4uV/DhJfNFrH51eL9KRNJwmQ+nHQOKuufpd
rY331qdT1aDMW9/52/CBivQEplaTli2FI/p/y9FHppGDZ983IXhMX/ze64boylDg
lTg8KoGFs9mdWb7nGz/CtGea7lfhPip9IagawBaLUT5WEZDdCqr/u2X1htUBDjbH
1Awq5I0ipJ+JU6mguKqCslRUnkB2tjnyfXPu1NYieI7FYnG/i2EmAizeZ7dkPQ9X
GIkKbV/Z0VAPE8CJYXZP8+z7yhYy60inQY1d72yPPlpUP/dfIKxh0oCXDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP/EXh8taKaCXJvakXWCW6cO6ozSMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvXzhSZUh5MW9wb0pjbTlxUmRZSmJwdzdxak5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW1waMA0G
CSqGSIb3DQEBCwUAA4IBAQCCXO8nCdyZn3nDxUwc2iBA4ncWOZX1pZ81y4XWts65
7Rf+PmW2c39q+8F8hzFJ52f6LPkOQskSPFKlsjw1askh+XEbFW7VBsQLR/aTJmpU
al6atzO/d7XSacNeKn6HCxlTpOH5A+DA9RO5ypbuGVVm5WK+ahS+xBu/secRDGYU
pJH2Mk/QmfVsmW+GytZSMQYPmwu2FxVKT7JAXWpyInT+NX5WqXn7RqXAQkhZfVuq
bOatAqil1H9pUocV/2leXwMzXvgRO5I23PQYvN4z0F9DlwQ4Uox+8krqrx6kj+t4
zz/XulL+OuolSXTa+qqRy5VcjplzfHzSGnt2aOL2Kzz1
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:17:06 2025 by rpki-client