Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/119d34-407a-429e-9056-7628cbaf0ec8/1/kD0NYEJpgxaFFDcqPxx98oDLF4A.roa
File: kD0NYEJpgxaFFDcqPxx98oDLF4A.roa (raw, json)
Hash identifier: kEfgwntStfXPUtLxcdJZBEv9NrzPqg0tH8aS2VZkZpA=
Subject key identifier: 90:3D:0D:60:42:69:83:16:85:14:37:2A:3F:1C:7D:F2:80:CB:17:80
Certificate issuer: /CN=ab98a8263e063b8a7bd3d7180e7a4aa64953441c
Certificate serial: 0194221FCEED2C8FCCC3932132E2F6150DE9
Authority key identifier: AB:98:A8:26:3E:06:3B:8A:7B:D3:D7:18:0E:7A:4A:A6:49:53:44:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q5ioJj4GO4p709cYDnpKpklTRBw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/119d34-407a-429e-9056-7628cbaf0ec8/1/kD0NYEJpgxaFFDcqPxx98oDLF4A.roa
Signing time: Wed 01 Jan 2025 13:48:17 +0000
ROA not before: Wed 01 Jan 2025 13:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214898
IP address blocks: 145.250.0.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/119d34-407a-429e-9056-7628cbaf0ec8/1/q5ioJj4GO4p709cYDnpKpklTRBw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/119d34-407a-429e-9056-7628cbaf0ec8/1/q5ioJj4GO4p709cYDnpKpklTRBw.mft
rsync://rpki.ripe.net/repository/DEFAULT/q5ioJj4GO4p709cYDnpKpklTRBw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 20:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:ce:ed:2c:8f:cc:c3:93:21:32:e2:f6:15:0d:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab98a8263e063b8a7bd3d7180e7a4aa64953441c
Validity
Not Before: Jan 1 13:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=903d0d60426983168514372a3f1c7df280cb1780
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:67:3f:b1:e6:55:24:41:18:85:0d:ef:56:37:
b7:a2:4c:58:e9:53:b8:b3:e8:c2:2e:2c:04:df:aa:
36:f3:8d:30:e1:13:5b:6a:05:b5:47:0e:33:26:8c:
c4:11:d6:b8:9a:1f:8b:f5:e1:9c:3e:43:58:aa:64:
ef:5c:1f:fe:aa:79:7e:fb:99:75:e7:64:0d:07:06:
39:3e:8c:15:12:64:b5:24:e4:eb:73:ad:7a:eb:b7:
d9:85:69:c2:91:26:d6:f9:d6:06:25:cf:e4:6a:39:
7b:e8:be:ef:8f:db:02:e5:fa:34:92:f8:02:59:b6:
b9:01:e4:83:30:33:fc:0d:2b:ff:f7:87:1c:82:42:
7b:ce:07:1b:90:9e:aa:0b:c6:5a:14:58:6f:69:59:
7c:09:77:b0:e9:00:04:63:d8:67:ed:3d:e1:86:09:
f8:94:d8:46:5c:12:1e:12:af:27:c0:3c:e5:72:84:
00:13:b0:99:8b:b2:f6:cb:23:b9:fe:ad:4a:6a:81:
04:a7:42:30:3a:1a:9e:c2:e9:24:38:1f:41:b7:f5:
20:ff:ec:e6:fd:70:69:fe:47:45:ed:97:1f:6c:f4:
18:79:40:00:3a:df:e6:1f:3f:d8:7c:8d:3c:15:e5:
cf:46:9d:7e:12:de:82:37:16:80:c3:2c:bb:27:fa:
30:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:3D:0D:60:42:69:83:16:85:14:37:2A:3F:1C:7D:F2:80:CB:17:80
X509v3 Authority Key Identifier:
keyid:AB:98:A8:26:3E:06:3B:8A:7B:D3:D7:18:0E:7A:4A:A6:49:53:44:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q5ioJj4GO4p709cYDnpKpklTRBw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/119d34-407a-429e-9056-7628cbaf0ec8/1/kD0NYEJpgxaFFDcqPxx98oDLF4A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/119d34-407a-429e-9056-7628cbaf0ec8/1/q5ioJj4GO4p709cYDnpKpklTRBw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.250.0.0/17
Signature Algorithm: sha256WithRSAEncryption
18:c6:c6:43:63:12:c9:7a:16:5e:99:41:f6:51:cb:50:e2:b2:
87:c8:17:79:05:d2:6b:c9:6b:2d:38:06:2d:7e:f7:84:36:4e:
a8:36:a3:4f:30:5a:84:15:d9:ce:e2:57:2a:22:ac:1d:1c:e3:
dc:b5:8f:53:12:35:eb:e5:02:aa:e5:02:89:c0:c9:e1:6a:72:
df:c4:cf:29:59:23:b5:2b:66:9f:8c:ee:eb:06:7e:01:16:98:
c2:86:b7:15:bc:88:0f:78:a0:2e:1f:58:e9:44:1f:72:c4:d5:
ed:8e:26:7f:da:c6:0e:5d:b6:b2:23:34:ce:ff:c6:2c:01:4d:
57:ab:00:ca:b2:11:f9:cc:72:19:28:4d:5f:ad:7e:da:5c:48:
e3:2e:e6:ae:53:e7:85:09:f7:73:ba:f0:27:e2:b1:95:aa:12:
3f:7f:88:22:cd:a7:c5:9e:59:18:cf:fc:96:b5:cd:1d:7c:c8:
13:b9:0f:35:e1:50:79:d7:3e:b8:74:c1:d1:bb:e5:6d:c9:d6:
45:65:5f:67:14:76:9f:bd:ab:4c:c8:2b:b3:0f:64:42:e4:5a:
41:aa:fa:28:ee:16:96:bb:40:c8:fa:30:3a:75:42:b5:aa:4f:
9b:27:42:46:7f:5d:a6:f6:07:63:5c:e7:3a:8a:e1:d0:4d:99:
fb:b7:d3:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH87tLI/Mw5MhMuL2FQ3pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiOThhODI2M2UwNjNiOGE3YmQzZDcxODBlN2E0YWE2NDk1
MzQ0MWMwHhcNMjUwMTAxMTM0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDNkMGQ2MDQyNjk4MzE2ODUxNDM3MmEzZjFjN2RmMjgwY2IxNzgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArWc/seZVJEEYhQ3vVje3okxY6VO4
s+jCLiwE36o2840w4RNbagW1Rw4zJozEEda4mh+L9eGcPkNYqmTvXB/+qnl++5l1
52QNBwY5PowVEmS1JOTrc61667fZhWnCkSbW+dYGJc/kajl76L7vj9sC5fo0kvgC
Wba5AeSDMDP8DSv/94ccgkJ7zgcbkJ6qC8ZaFFhvaVl8CXew6QAEY9hn7T3hhgn4
lNhGXBIeEq8nwDzlcoQAE7CZi7L2yyO5/q1KaoEEp0IwOhqewukkOB9Bt/Ug/+zm
/XBp/kdF7ZcfbPQYeUAAOt/mHz/YfI08FeXPRp1+Et6CNxaAwyy7J/oweQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJA9DWBCaYMWhRQ3Kj8cffKAyxeAMB8GA1UdIwQY
MBaAFKuYqCY+BjuKe9PXGA56SqZJU0QcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTVpb0pqNEdPNHA3MDljWURucEtwa2xUUkJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8xMTlkMzQtNDA3YS00MjllLTkwNTYt
NzYyOGNiYWYwZWM4LzEva0QwTllFSnBneGFGRkRjcVB4eDk4b0RMRjRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8xMTlkMzQtNDA3YS00MjllLTkwNTYtNzYyOGNiYWYwZWM4
LzEvcTVpb0pqNEdPNHA3MDljWURucEtwa2xUUkJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQHkfoAMA0G
CSqGSIb3DQEBCwUAA4IBAQAYxsZDYxLJehZemUH2UctQ4rKHyBd5BdJryWstOAYt
fveENk6oNqNPMFqEFdnO4lcqIqwdHOPctY9TEjXr5QKq5QKJwMnhanLfxM8pWSO1
K2afjO7rBn4BFpjChrcVvIgPeKAuH1jpRB9yxNXtjiZ/2sYOXbayIzTO/8YsAU1X
qwDKshH5zHIZKE1frX7aXEjjLuauU+eFCfdzuvAn4rGVqhI/f4gizafFnlkYz/yW
tc0dfMgTuQ814VB51z64dMHRu+VtydZFZV9nFHafvatMyCuzD2RC5FpBqvoo7haW
u0DI+jA6dUK1qk+bJ0JGf12m9gdjXOc6iuHQTZn7t9Nh
-----END CERTIFICATE-----
Generated at Wed Apr 23 02:31:49 2025 by rpki-client