Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/fb53d6-ada8-426d-99fb-c5cf4b3b1ca6/1/oZ7M5J6HpPSme6D2TdfG5_Zm_5g.roa
File: oZ7M5J6HpPSme6D2TdfG5_Zm_5g.roa (raw, json)
Hash identifier: 8k6SZEwbSYAoh3FpUOBzIDoo9yUrmYt/XSxxWhqtR38=
Subject key identifier: A1:9E:CC:E4:9E:87:A4:F4:A6:7B:A0:F6:4D:D7:C6:E7:F6:66:FF:98
Certificate issuer: /CN=04f46af885d1ccbb0c09b06870785b5e691787e1
Certificate serial: 019422FC40AA087A318B03B0E78E4177E23A
Authority key identifier: 04:F4:6A:F8:85:D1:CC:BB:0C:09:B0:68:70:78:5B:5E:69:17:87:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BPRq-IXRzLsMCbBocHhbXmkXh-E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/fb53d6-ada8-426d-99fb-c5cf4b3b1ca6/1/oZ7M5J6HpPSme6D2TdfG5_Zm_5g.roa
Signing time: Wed 01 Jan 2025 17:49:04 +0000
ROA not before: Wed 01 Jan 2025 17:49:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50272
IP address blocks: 91.235.60.0/22 maxlen: 22
91.235.60.0/23 maxlen: 23
91.235.62.0/24 maxlen: 24
195.238.234.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/fb53d6-ada8-426d-99fb-c5cf4b3b1ca6/1/BPRq-IXRzLsMCbBocHhbXmkXh-E.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/fb53d6-ada8-426d-99fb-c5cf4b3b1ca6/1/BPRq-IXRzLsMCbBocHhbXmkXh-E.mft
rsync://rpki.ripe.net/repository/DEFAULT/BPRq-IXRzLsMCbBocHhbXmkXh-E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 11:01:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:40:aa:08:7a:31:8b:03:b0:e7:8e:41:77:e2:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04f46af885d1ccbb0c09b06870785b5e691787e1
Validity
Not Before: Jan 1 17:49:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a19ecce49e87a4f4a67ba0f64dd7c6e7f666ff98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:23:b0:f7:f4:fa:23:8d:b4:3e:cf:66:03:f2:
51:05:16:b9:56:c4:24:c3:a6:3f:7f:c9:a0:d1:cf:
86:44:f0:88:a3:fc:31:bc:13:84:98:80:ea:66:97:
d2:6d:46:eb:0f:e6:21:8f:aa:6b:cb:ad:f5:ab:f6:
e4:07:fb:a1:fe:f8:10:a8:74:ad:5c:94:2c:f1:82:
e7:b0:87:80:35:1b:66:a4:0f:82:ba:1b:14:71:18:
94:65:7b:5a:b3:51:d1:ab:e9:f0:8c:91:c3:de:83:
b7:5f:d0:1b:da:82:b4:07:6f:6f:07:3b:e9:6b:26:
71:7a:a0:f8:fb:8a:67:3b:db:1a:86:79:d3:59:36:
ab:cc:de:a1:6e:47:a7:27:a2:b8:13:a8:ae:f4:13:
b2:ca:22:5e:8d:2d:72:6d:53:37:20:81:b6:fc:eb:
08:ff:0f:08:93:12:08:2b:ae:7c:57:2e:c6:9e:39:
64:a4:b8:99:5d:c0:37:22:2b:9d:29:6b:93:4f:8a:
79:72:5a:b4:97:96:9a:90:bc:67:59:b3:f5:32:17:
53:49:6a:f2:ab:dc:8e:a8:d7:59:3e:cc:91:7d:38:
59:4d:25:91:53:97:19:7b:16:19:dc:ad:f6:ec:46:
7a:3f:69:c9:a1:c7:f9:ed:37:f0:20:a8:ff:5c:25:
b3:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:9E:CC:E4:9E:87:A4:F4:A6:7B:A0:F6:4D:D7:C6:E7:F6:66:FF:98
X509v3 Authority Key Identifier:
keyid:04:F4:6A:F8:85:D1:CC:BB:0C:09:B0:68:70:78:5B:5E:69:17:87:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BPRq-IXRzLsMCbBocHhbXmkXh-E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/fb53d6-ada8-426d-99fb-c5cf4b3b1ca6/1/oZ7M5J6HpPSme6D2TdfG5_Zm_5g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/fb53d6-ada8-426d-99fb-c5cf4b3b1ca6/1/BPRq-IXRzLsMCbBocHhbXmkXh-E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.235.60.0/22
195.238.234.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:62:0b:f0:80:c9:65:85:63:e2:ad:c5:68:ba:d3:21:00:19:
3c:30:00:5a:83:74:06:60:a8:76:f3:5a:c2:bb:74:39:ef:cf:
aa:37:3f:0e:20:d9:9b:1f:52:89:23:43:f4:2b:25:dd:c2:05:
79:b1:52:53:b1:f0:03:29:9e:a0:72:db:ca:3c:77:8c:01:f7:
7c:72:bc:9e:8a:8f:20:a5:a3:ae:fe:59:59:b9:26:59:6d:9a:
f7:ce:25:ef:bb:d0:6c:1f:fe:0a:e6:59:58:20:9e:18:f9:31:
17:19:54:46:a3:bd:b9:63:5c:94:5e:95:a0:71:50:e7:69:83:
b7:90:4e:71:19:ae:eb:52:ae:af:b0:cf:8b:52:68:0b:e2:57:
cc:fd:9f:5c:40:d1:41:98:5c:fe:f6:a1:20:24:34:ae:f1:a4:
9e:d7:e5:90:4b:48:13:30:55:5e:85:c2:87:ff:f4:d8:e7:03:
56:8c:b5:e6:72:85:1c:26:cd:32:81:38:19:33:75:ec:7a:f3:
78:1f:44:3b:2f:d0:92:cd:a3:d3:e5:a1:70:e8:26:41:1f:fc:
8d:3f:78:4b:7c:cf:52:ca:91:e3:9c:15:03:7a:81:a1:ea:3c:
2e:df:d4:41:8c:9a:41:12:17:5a:37:27:29:19:3a:c7:77:ad:
4e:ae:f6:f3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQi/ECqCHoxiwOw545Bd+I6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0ZjQ2YWY4ODVkMWNjYmIwYzA5YjA2ODcwNzg1YjVlNjkx
Nzg3ZTEwHhcNMjUwMTAxMTc0OTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTllY2NlNDllODdhNGY0YTY3YmEwZjY0ZGQ3YzZlN2Y2NjZmZjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuSOw9/T6I420Ps9mA/JRBRa5VsQk
w6Y/f8mg0c+GRPCIo/wxvBOEmIDqZpfSbUbrD+Yhj6pry631q/bkB/uh/vgQqHSt
XJQs8YLnsIeANRtmpA+CuhsUcRiUZXtas1HRq+nwjJHD3oO3X9Ab2oK0B29vBzvp
ayZxeqD4+4pnO9sahnnTWTarzN6hbkenJ6K4E6iu9BOyyiJejS1ybVM3IIG2/OsI
/w8IkxIIK658Vy7GnjlkpLiZXcA3IiudKWuTT4p5clq0l5aakLxnWbP1MhdTSWry
q9yOqNdZPsyRfThZTSWRU5cZexYZ3K327EZ6P2nJocf57TfwIKj/XCWzFQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKGezOSeh6T0pnug9k3Xxuf2Zv+YMB8GA1UdIwQY
MBaAFAT0aviF0cy7DAmwaHB4W15pF4fhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlBScS1JWFJ6THNNQ2JCb2NIaGJYbWtYaC1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9mYjUzZDYtYWRhOC00MjZkLTk5ZmIt
YzVjZjRiM2IxY2E2LzEvb1o3TTVKNkhwUFNtZTZEMlRkZkc1X1ptXzVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9mYjUzZDYtYWRhOC00MjZkLTk5ZmItYzVjZjRiM2IxY2E2
LzEvQlBScS1JWFJ6THNNQ2JCb2NIaGJYbWtYaC1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW+s8AwQA
w+7qMA0GCSqGSIb3DQEBCwUAA4IBAQANYgvwgMllhWPircVoutMhABk8MABag3QG
YKh281rCu3Q578+qNz8OINmbH1KJI0P0KyXdwgV5sVJTsfADKZ6gctvKPHeMAfd8
cryeio8gpaOu/llZuSZZbZr3ziXvu9BsH/4K5llYIJ4Y+TEXGVRGo725Y1yUXpWg
cVDnaYO3kE5xGa7rUq6vsM+LUmgL4lfM/Z9cQNFBmFz+9qEgJDSu8aSe1+WQS0gT
MFVehcKH//TY5wNWjLXmcoUcJs0ygTgZM3XsevN4H0Q7L9CSzaPT5aFw6CZBH/yN
P3hLfM9SypHjnBUDeoGh6jwu39RBjJpBEhdaNycpGTrHd61Orvbz
-----END CERTIFICATE-----
Generated at Sat Apr 5 17:50:49 2025 by rpki-client