Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/41e287-50b4-46ef-82cc-ca3b7278dde2/1/iRWK7zhmEqe5kSfNzw4pTeBGjvE.roa
File: iRWK7zhmEqe5kSfNzw4pTeBGjvE.roa (raw, json)
Hash identifier: x9g5RUDfgJ6Mixu1OZfai6p4BgXIl99taX8ijSdqumo=
Subject key identifier: 89:15:8A:EF:38:66:12:A7:B9:91:27:CD:CF:0E:29:4D:E0:46:8E:F1
Certificate issuer: /CN=b69cb709934b99f689dd1e99d72c1b000fd872c5
Certificate serial: 0194266B2E43E6BA944E2419AE5679DD3D31
Authority key identifier: B6:9C:B7:09:93:4B:99:F6:89:DD:1E:99:D7:2C:1B:00:0F:D8:72:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tpy3CZNLmfaJ3R6Z1ywbAA_YcsU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/41e287-50b4-46ef-82cc-ca3b7278dde2/1/iRWK7zhmEqe5kSfNzw4pTeBGjvE.roa
Signing time: Thu 02 Jan 2025 09:49:05 +0000
ROA not before: Thu 02 Jan 2025 09:49:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 38926
IP address blocks: 5.44.160.0/21 maxlen: 24
185.105.68.0/22 maxlen: 24
193.169.64.0/23 maxlen: 24
195.114.114.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/41e287-50b4-46ef-82cc-ca3b7278dde2/1/tpy3CZNLmfaJ3R6Z1ywbAA_YcsU.crl
rsync://rpki.ripe.net/repository/DEFAULT/0a/41e287-50b4-46ef-82cc-ca3b7278dde2/1/tpy3CZNLmfaJ3R6Z1ywbAA_YcsU.mft
rsync://rpki.ripe.net/repository/DEFAULT/tpy3CZNLmfaJ3R6Z1ywbAA_YcsU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:2e:43:e6:ba:94:4e:24:19:ae:56:79:dd:3d:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b69cb709934b99f689dd1e99d72c1b000fd872c5
Validity
Not Before: Jan 2 09:49:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=89158aef386612a7b99127cdcf0e294de0468ef1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:68:6c:9f:99:e8:71:c9:10:1b:50:9c:80:08:
dd:36:c4:bf:b7:07:1d:4c:7c:64:14:af:7b:3d:38:
c4:91:8f:2e:dd:c3:00:e7:2d:5f:00:7b:d1:6d:89:
ff:64:8b:b8:da:f5:8a:97:91:16:b8:29:98:b3:56:
30:5f:f0:e8:b2:cd:a5:68:27:cb:83:8e:7b:a7:13:
f9:79:72:db:a2:9c:fb:5c:50:d2:c4:20:41:06:1c:
7d:54:96:cc:16:25:f6:8e:9d:06:3a:80:02:08:d4:
b7:17:31:00:91:0f:70:64:82:dc:ef:55:d0:6d:ba:
72:3f:ac:c5:c3:fc:e7:d6:52:bb:8b:c6:b8:88:84:
41:d0:04:f3:3e:4f:ea:3c:9a:b1:5e:22:5d:09:c3:
eb:ae:e4:a3:65:d1:fe:d1:37:d8:61:10:0d:5c:63:
52:39:98:d8:c5:7d:44:f5:af:b3:3d:62:73:4e:0c:
d5:52:7a:4e:d7:b5:ac:ea:9d:3b:b7:a4:87:77:f2:
61:ea:94:d6:cb:dd:13:0e:00:3a:db:52:34:3a:9b:
7c:e7:f0:31:ec:50:f4:fc:d6:46:11:6a:4a:c8:38:
4a:2d:83:fa:54:47:21:39:98:a8:5a:a7:c1:38:ac:
22:e3:66:f9:5c:11:90:b6:b9:6a:74:84:15:4f:a8:
c9:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:15:8A:EF:38:66:12:A7:B9:91:27:CD:CF:0E:29:4D:E0:46:8E:F1
X509v3 Authority Key Identifier:
keyid:B6:9C:B7:09:93:4B:99:F6:89:DD:1E:99:D7:2C:1B:00:0F:D8:72:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tpy3CZNLmfaJ3R6Z1ywbAA_YcsU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/41e287-50b4-46ef-82cc-ca3b7278dde2/1/iRWK7zhmEqe5kSfNzw4pTeBGjvE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/41e287-50b4-46ef-82cc-ca3b7278dde2/1/tpy3CZNLmfaJ3R6Z1ywbAA_YcsU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.160.0/21
185.105.68.0/22
193.169.64.0/23
195.114.114.0/23
Signature Algorithm: sha256WithRSAEncryption
7d:7a:21:b0:66:b5:65:2c:09:78:29:c8:18:38:0c:b9:cd:59:
8e:23:ba:ca:9c:09:bd:c3:87:65:c1:d3:b9:eb:a0:f5:de:b9:
b8:c6:7c:06:8a:b1:56:07:23:7c:1a:cd:32:71:35:e4:d7:49:
90:3b:b8:5e:88:35:fd:cf:01:5f:88:84:46:aa:dd:28:bf:09:
73:85:bf:1d:27:4f:65:06:47:9b:25:a1:cb:a7:5f:85:37:f1:
2c:3c:42:4f:94:4c:0f:e7:e0:38:cf:31:e9:1c:ba:f6:f8:12:
14:ac:ae:95:9f:01:c1:7e:31:6b:42:61:fe:1b:78:b3:dc:74:
0e:fa:df:0b:e4:ae:c7:d9:ab:1a:5e:87:f3:9c:ba:20:19:0c:
d6:57:eb:0b:c1:4d:e0:26:30:f4:ce:86:e6:f4:c6:31:9a:86:
e6:0e:74:59:a9:fb:56:5e:5d:2f:cf:ae:63:72:2a:2d:d8:cd:
0e:57:2c:e5:b5:69:de:57:7d:76:9f:bd:c0:3c:19:b6:41:d3:
5c:5b:06:30:d9:f0:3a:ad:f6:39:28:66:7e:4d:40:3c:ff:61:
0b:e3:7a:f6:62:1f:d0:df:e4:8d:62:c7:b3:b4:82:b7:35:37:
6c:07:e1:31:0e:7e:f4:b6:7e:05:4d:42:17:24:a8:71:1b:2c:
8a:a2:72:16
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQmay5D5rqUTiQZrlZ53T0xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2OWNiNzA5OTM0Yjk5ZjY4OWRkMWU5OWQ3MmMxYjAwMGZk
ODcyYzUwHhcNMjUwMTAyMDk0OTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTE1OGFlZjM4NjYxMmE3Yjk5MTI3Y2RjZjBlMjk0ZGUwNDY4ZWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlWhsn5nocckQG1CcgAjdNsS/twcd
THxkFK97PTjEkY8u3cMA5y1fAHvRbYn/ZIu42vWKl5EWuCmYs1YwX/Doss2laCfL
g457pxP5eXLbopz7XFDSxCBBBhx9VJbMFiX2jp0GOoACCNS3FzEAkQ9wZILc71XQ
bbpyP6zFw/zn1lK7i8a4iIRB0ATzPk/qPJqxXiJdCcPrruSjZdH+0TfYYRANXGNS
OZjYxX1E9a+zPWJzTgzVUnpO17Ws6p07t6SHd/Jh6pTWy90TDgA621I0Opt85/Ax
7FD0/NZGEWpKyDhKLYP6VEchOZioWqfBOKwi42b5XBGQtrlqdIQVT6jJEwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIkViu84ZhKnuZEnzc8OKU3gRo7xMB8GA1UdIwQY
MBaAFLactwmTS5n2id0emdcsGwAP2HLFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHB5M0NaTkxtZmFKM1I2WjF5d2JBQV9ZY3NVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS80MWUyODctNTBiNC00NmVmLTgyY2Mt
Y2EzYjcyNzhkZGUyLzEvaVJXSzd6aG1FcWU1a1NmTnp3NHBUZUJHanZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS80MWUyODctNTBiNC00NmVmLTgyY2MtY2EzYjcyNzhkZGUy
LzEvdHB5M0NaTkxtZmFKM1I2WjF5d2JBQV9ZY3NVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDBSygAwQC
uWlEAwQBwalAAwQBw3JyMA0GCSqGSIb3DQEBCwUAA4IBAQB9eiGwZrVlLAl4KcgY
OAy5zVmOI7rKnAm9w4dlwdO566D13rm4xnwGirFWByN8Gs0ycTXk10mQO7heiDX9
zwFfiIRGqt0ovwlzhb8dJ09lBkebJaHLp1+FN/EsPEJPlEwP5+A4zzHpHLr2+BIU
rK6VnwHBfjFrQmH+G3iz3HQO+t8L5K7H2asaXofznLogGQzWV+sLwU3gJjD0zobm
9MYxmobmDnRZqftWXl0vz65jciot2M0OVyzltWneV312n73APBm2QdNcWwYw2fA6
rfY5KGZ+TUA8/2EL43r2Yh/Q3+SNYseztIK3NTdsB+ExDn70tn4FTUIXJKhxGyyK
onIW
-----END CERTIFICATE-----
Generated at Tue Apr 22 13:14:34 2025 by rpki-client