Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/5e935b-2340-4806-b33b-faca0eb3357d/1/1-LEezNtaqjy169gIk46UkSGODnI.roa
File: 1-LEezNtaqjy169gIk46UkSGODnI.roa (raw, json)
Hash identifier: FRFupvefU0HUQnLO8y2fwT4i2INskAlpIVZPmaI9wtE=
Subject key identifier: F8:B1:1E:CC:DB:5A:AA:3C:B5:EB:D8:08:93:8E:94:91:21:8E:0E:72
Certificate issuer: /CN=46fbcfc13d4d5ff6d37c226f11e121204c367d17
Certificate serial: 01942143AF6E5FFCFD79D7C62E1D164377E1
Authority key identifier: 46:FB:CF:C1:3D:4D:5F:F6:D3:7C:22:6F:11:E1:21:20:4C:36:7D:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RvvPwT1NX_bTfCJvEeEhIEw2fRc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/5e935b-2340-4806-b33b-faca0eb3357d/1/1-LEezNtaqjy169gIk46UkSGODnI.roa
Signing time: Wed 01 Jan 2025 09:47:51 +0000
ROA not before: Wed 01 Jan 2025 09:47:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61241
IP address blocks: 185.161.172.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/5e935b-2340-4806-b33b-faca0eb3357d/1/RvvPwT1NX_bTfCJvEeEhIEw2fRc.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/5e935b-2340-4806-b33b-faca0eb3357d/1/RvvPwT1NX_bTfCJvEeEhIEw2fRc.mft
rsync://rpki.ripe.net/repository/DEFAULT/RvvPwT1NX_bTfCJvEeEhIEw2fRc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:af:6e:5f:fc:fd:79:d7:c6:2e:1d:16:43:77:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46fbcfc13d4d5ff6d37c226f11e121204c367d17
Validity
Not Before: Jan 1 09:47:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f8b11eccdb5aaa3cb5ebd808938e9491218e0e72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:72:15:d1:59:1c:8b:0c:7e:7c:4a:27:88:c7:
66:72:ff:92:fc:e0:8f:8f:9d:3c:70:15:8c:52:24:
33:ae:03:c8:54:6d:33:60:eb:d4:8e:2a:b0:16:f1:
73:c4:18:19:c9:4d:42:76:e4:05:76:b4:7e:33:3e:
46:80:e6:00:76:47:b6:18:21:ad:18:89:37:5d:ea:
5c:10:cd:27:62:f0:a9:75:36:d4:55:3f:cc:6c:8b:
e2:6f:63:c9:2f:fd:0b:12:03:fe:aa:d1:25:5c:34:
88:87:2f:75:97:96:d2:7d:f6:da:31:d1:e7:b3:5d:
c1:ab:27:95:31:05:1b:51:66:28:36:2a:82:6e:40:
67:2a:19:ca:ee:4f:6a:c8:a5:88:8f:63:ae:a5:9f:
c3:2a:66:bb:fd:63:84:f2:12:8c:a3:78:b8:9c:aa:
98:8b:3f:06:1d:9d:51:2a:81:25:43:96:3d:6e:14:
70:03:84:ce:8a:38:d3:28:4d:58:a9:b5:2c:3f:27:
9d:56:79:e1:98:ad:9d:8a:f1:76:80:41:2d:c0:8f:
83:d7:45:a2:39:0f:08:f3:aa:8e:e6:a2:9c:d0:03:
07:11:32:b6:a0:fc:32:9a:9e:c2:47:1e:80:1a:17:
9a:4f:32:4b:48:78:7f:15:54:c7:be:d0:eb:e5:71:
28:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:B1:1E:CC:DB:5A:AA:3C:B5:EB:D8:08:93:8E:94:91:21:8E:0E:72
X509v3 Authority Key Identifier:
keyid:46:FB:CF:C1:3D:4D:5F:F6:D3:7C:22:6F:11:E1:21:20:4C:36:7D:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RvvPwT1NX_bTfCJvEeEhIEw2fRc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5e935b-2340-4806-b33b-faca0eb3357d/1/1-LEezNtaqjy169gIk46UkSGODnI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5e935b-2340-4806-b33b-faca0eb3357d/1/RvvPwT1NX_bTfCJvEeEhIEw2fRc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.161.172.0/23
Signature Algorithm: sha256WithRSAEncryption
31:af:aa:85:0e:66:52:e8:41:f7:1b:0f:72:b9:e5:18:53:82:
00:4c:9a:ec:f6:15:0b:f9:85:b3:64:66:9e:cb:64:d5:07:de:
c4:5b:b2:6d:0b:ce:2d:79:a1:11:aa:61:50:65:da:37:a4:f6:
6d:92:17:ab:52:49:41:42:24:c7:43:5f:b9:3f:5b:01:e4:d4:
52:52:b4:9a:24:9b:0b:d2:5f:10:25:00:7e:53:0d:55:84:9e:
be:09:27:7c:7c:24:fc:4e:2d:83:a8:1c:ff:32:ff:ad:35:38:
6d:7b:98:62:ea:35:1b:3b:76:9b:e5:68:22:79:4e:ae:07:7c:
c7:7b:42:d2:66:4a:c9:3d:5d:96:e8:83:93:a4:13:18:e8:52:
a8:c5:dc:c8:c9:07:cb:78:2e:0e:9e:fd:f0:38:45:0f:51:6a:
cb:3a:dc:b5:db:07:9b:fc:9c:43:b1:97:61:ff:94:81:62:18:
f9:4a:ed:d9:e8:97:a8:ee:15:bc:67:7a:55:e6:d9:c0:f4:ad:
19:92:9e:d7:ed:1f:4a:6d:e1:ad:f5:1b:e6:ca:37:b0:6a:ed:
55:42:22:1a:f0:34:a7:98:c3:62:d5:76:61:72:f2:f5:02:0f:
6c:83:a2:bd:61:ee:4b:0e:8b:ed:0f:41:24:96:56:d8:45:3c:
c1:71:c9:ba
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQhQ69uX/z9edfGLh0WQ3fhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2ZmJjZmMxM2Q0ZDVmZjZkMzdjMjI2ZjExZTEyMTIwNGMz
NjdkMTcwHhcNMjUwMTAxMDk0NzUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGIxMWVjY2RiNWFhYTNjYjVlYmQ4MDg5MzhlOTQ5MTIxOGUwZTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHIV0Vkciwx+fEoniMdmcv+S/OCP
j508cBWMUiQzrgPIVG0zYOvUjiqwFvFzxBgZyU1CduQFdrR+Mz5GgOYAdke2GCGt
GIk3XepcEM0nYvCpdTbUVT/MbIvib2PJL/0LEgP+qtElXDSIhy91l5bSffbaMdHn
s13BqyeVMQUbUWYoNiqCbkBnKhnK7k9qyKWIj2OupZ/DKma7/WOE8hKMo3i4nKqY
iz8GHZ1RKoElQ5Y9bhRwA4TOijjTKE1YqbUsPyedVnnhmK2divF2gEEtwI+D10Wi
OQ8I86qO5qKc0AMHETK2oPwymp7CRx6AGheaTzJLSHh/FVTHvtDr5XEojwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPixHszbWqo8tevYCJOOlJEhjg5yMB8GA1UdIwQY
MBaAFEb7z8E9TV/203wibxHhISBMNn0XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnZ2UHdUMU5YX2JUZkNKdkVlRWhJRXcyZlJjLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS81ZTkzNWItMjM0MC00ODA2LWIzM2It
ZmFjYTBlYjMzNTdkLzEvMS1MRWV6TnRhcWp5MTY5Z0lrNDZVa1NHT0RuSS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMTEvNWU5MzViLTIzNDAtNDgwNi1iMzNiLWZhY2EwZWIzMzU3
ZC8xL1J2dlB3VDFOWF9iVGZDSnZFZUVoSUV3MmZSYy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbmhrDAN
BgkqhkiG9w0BAQsFAAOCAQEAMa+qhQ5mUuhB9xsPcrnlGFOCAEya7PYVC/mFs2Rm
nstk1QfexFuybQvOLXmhEaphUGXaN6T2bZIXq1JJQUIkx0NfuT9bAeTUUlK0miSb
C9JfECUAflMNVYSevgknfHwk/E4tg6gc/zL/rTU4bXuYYuo1Gzt2m+VoInlOrgd8
x3tC0mZKyT1dluiDk6QTGOhSqMXcyMkHy3guDp798DhFD1FqyzrctdsHm/ycQ7GX
Yf+UgWIY+Urt2eiXqO4VvGd6VebZwPStGZKe1+0fSm3hrfUb5so3sGrtVUIiGvA0
p5jDYtV2YXLy9QIPbIOivWHuSw6L7Q9BJJZW2EU8wXHJug==
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:50:54 2025 by rpki-client