Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/b52421-1a3d-48f5-949f-a329394698d2/1/9iL04rGDZoryywio-gmg9h9zCvU.roa
File: 9iL04rGDZoryywio-gmg9h9zCvU.roa (raw, json)
Hash identifier: gqClxkuVstSkbo5JxbBFKE2JBuMbwOG9F1HTwbBvxv0=
Subject key identifier: F6:22:F4:E2:B1:83:66:8A:F2:CB:08:A8:FA:09:A0:F6:1F:73:0A:F5
Certificate issuer: /CN=f210bac96aff25b2aa931c4297446be37ffe2ada
Certificate serial: 019473BB0F7F55D1F26A0437CA90A8B68325
Authority key identifier: F2:10:BA:C9:6A:FF:25:B2:AA:93:1C:42:97:44:6B:E3:7F:FE:2A:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8hC6yWr_JbKqkxxCl0Rr43_-Kto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/b52421-1a3d-48f5-949f-a329394698d2/1/9iL04rGDZoryywio-gmg9h9zCvU.roa
Signing time: Fri 17 Jan 2025 10:07:06 +0000
ROA not before: Fri 17 Jan 2025 10:07:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1103
IP address blocks: 130.37.0.0/16 maxlen: 24
192.31.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/b52421-1a3d-48f5-949f-a329394698d2/1/8hC6yWr_JbKqkxxCl0Rr43_-Kto.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/b52421-1a3d-48f5-949f-a329394698d2/1/8hC6yWr_JbKqkxxCl0Rr43_-Kto.mft
rsync://rpki.ripe.net/repository/DEFAULT/8hC6yWr_JbKqkxxCl0Rr43_-Kto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 07:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:73:bb:0f:7f:55:d1:f2:6a:04:37:ca:90:a8:b6:83:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f210bac96aff25b2aa931c4297446be37ffe2ada
Validity
Not Before: Jan 17 10:07:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f622f4e2b183668af2cb08a8fa09a0f61f730af5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:06:c5:19:30:f0:c4:c4:90:8f:56:79:9a:bb:
fa:1d:9f:f6:5e:a9:f6:04:b7:2a:f7:7e:f7:64:16:
98:4e:5c:5c:12:86:9a:4c:26:b0:27:40:7b:e9:10:
5a:6e:06:c2:69:93:4d:ed:3a:d0:85:07:22:59:3f:
6e:ad:dd:26:96:fd:5b:58:21:9f:8b:cc:6d:1a:b4:
40:c4:a5:12:dd:52:37:ce:38:d3:81:f1:67:6a:5d:
da:1f:1b:e4:37:43:b0:52:98:55:38:01:bc:46:e2:
55:0e:fc:9b:fe:60:0d:e0:1b:3c:ea:ed:f4:6b:77:
50:35:9c:43:d2:71:fe:17:2b:cf:22:80:64:bf:62:
1c:d8:4c:a8:d3:b7:0b:c0:25:f5:b6:eb:40:ad:c8:
eb:d8:5b:63:df:50:f8:e7:10:8c:9d:4d:36:8d:61:
e8:e5:1a:eb:90:75:0e:32:01:bb:0f:c8:13:6f:7f:
8b:dc:34:ec:30:85:56:db:95:89:21:1b:b6:a6:f3:
74:5c:83:47:77:67:2c:6a:43:54:a3:c6:6a:fb:0e:
46:da:08:f3:3d:3a:f7:da:cc:2d:e0:31:e7:8a:5e:
d7:8c:49:46:d7:74:6c:e4:00:83:cb:1d:18:74:1c:
85:22:2d:40:da:e3:f2:85:fa:f4:d4:d7:66:6b:fb:
aa:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:22:F4:E2:B1:83:66:8A:F2:CB:08:A8:FA:09:A0:F6:1F:73:0A:F5
X509v3 Authority Key Identifier:
keyid:F2:10:BA:C9:6A:FF:25:B2:AA:93:1C:42:97:44:6B:E3:7F:FE:2A:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8hC6yWr_JbKqkxxCl0Rr43_-Kto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/b52421-1a3d-48f5-949f-a329394698d2/1/9iL04rGDZoryywio-gmg9h9zCvU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/b52421-1a3d-48f5-949f-a329394698d2/1/8hC6yWr_JbKqkxxCl0Rr43_-Kto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.37.0.0/16
192.31.231.0/24
Signature Algorithm: sha256WithRSAEncryption
71:3f:eb:45:71:50:70:96:e8:88:33:8c:73:e5:b5:95:8e:01:
95:8c:d2:29:ea:d9:49:6f:e6:22:9a:00:60:33:7a:61:27:64:
69:25:fa:7d:d7:d2:8f:d5:92:2d:5f:15:3b:d6:ce:8d:70:09:
0e:8d:44:8b:2b:b7:0a:13:13:be:8d:ad:d8:16:96:f3:87:66:
55:ef:12:32:ad:58:ee:0d:6b:bd:39:8d:a3:5f:ed:15:e9:3e:
78:29:26:e6:f4:5f:b4:45:25:3b:c3:1c:e7:f0:7a:a8:70:2c:
33:de:35:d5:26:b4:f6:9b:6a:85:b3:df:98:e6:79:8a:df:32:
f2:8c:fb:33:3e:6f:bc:82:e6:23:ad:54:91:4f:8d:b6:49:99:
0a:80:07:ea:46:5e:a1:4c:e5:c0:74:26:d5:31:1e:7f:53:14:
6a:2c:b5:9e:cc:a2:4d:26:be:a5:e3:3a:94:1f:65:5a:88:76:
56:82:58:97:18:c6:d8:a3:48:19:4b:7f:02:d4:4a:d6:92:65:
ec:02:e9:71:93:d8:08:e0:9e:f2:f2:d4:46:e1:77:35:6c:c2:
a8:be:79:e6:80:b7:e3:c9:2e:78:12:8d:00:37:ff:08:d3:77:
44:eb:e6:1e:2e:d6:6c:7c:4b:00:c0:fb:bd:2e:c3:a9:ca:86:
34:22:0f:99
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgISAZRzuw9/VdHyagQ3ypCotoMlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyMTBiYWM5NmFmZjI1YjJhYTkzMWM0Mjk3NDQ2YmUzN2Zm
ZTJhZGEwHhcNMjUwMTE3MTAwNzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjIyZjRlMmIxODM2NjhhZjJjYjA4YThmYTA5YTBmNjFmNzMwYWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxQbFGTDwxMSQj1Z5mrv6HZ/2Xqn2
BLcq9373ZBaYTlxcEoaaTCawJ0B76RBabgbCaZNN7TrQhQciWT9urd0mlv1bWCGf
i8xtGrRAxKUS3VI3zjjTgfFnal3aHxvkN0OwUphVOAG8RuJVDvyb/mAN4Bs86u30
a3dQNZxD0nH+FyvPIoBkv2Ic2Eyo07cLwCX1tutArcjr2Ftj31D45xCMnU02jWHo
5RrrkHUOMgG7D8gTb3+L3DTsMIVW25WJIRu2pvN0XINHd2csakNUo8Zq+w5G2gjz
PTr32swt4DHnil7XjElG13Rs5ACDyx0YdByFIi1A2uPyhfr01Ndma/uq3wIDAQAB
o4ICDjCCAgowHQYDVR0OBBYEFPYi9OKxg2aK8ssIqPoJoPYfcwr1MB8GA1UdIwQY
MBaAFPIQuslq/yWyqpMcQpdEa+N//iraMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGhDNnlXcl9KYktxa3h4Q2wwUnI0M18tS3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9iNTI0MjEtMWEzZC00OGY1LTk0OWYt
YTMyOTM5NDY5OGQyLzEvOWlMMDRyR0Rab3J5eXdpby1nbWc5aDl6Q3ZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9iNTI0MjEtMWEzZC00OGY1LTk0OWYtYTMyOTM5NDY5OGQy
LzEvOGhDNnlXcl9KYktxa3h4Q2wwUnI0M18tS3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCQGCCsGAQUFBwEHAQH/BBUwEzARBAIAATALAwMAgiUDBADA
H+cwDQYJKoZIhvcNAQELBQADggEBAHE/60VxUHCW6IgzjHPltZWOAZWM0inq2Ulv
5iKaAGAzemEnZGkl+n3X0o/Vki1fFTvWzo1wCQ6NRIsrtwoTE76NrdgWlvOHZlXv
EjKtWO4Na705jaNf7RXpPngpJub0X7RFJTvDHOfweqhwLDPeNdUmtPabaoWz35jm
eYrfMvKM+zM+b7yC5iOtVJFPjbZJmQqAB+pGXqFM5cB0JtUxHn9TFGostZ7Mok0m
vqXjOpQfZVqIdlaCWJcYxtijSBlLfwLUStaSZewC6XGT2AjgnvLy1EbhdzVswqi+
eeaAt+PJLngSjQA3/wjTd0Tr5h4u1mx8SwDA+70uw6nKhjQiD5k=
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:52:27 2025 by rpki-client