Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/BinZKeyg5gKkO8gwYJ0Ze8CeRxs.roa
File: BinZKeyg5gKkO8gwYJ0Ze8CeRxs.roa (raw, json)
Hash identifier: y9nENbUlBNsJYj+Cw11EQBzVD35m8OwMSWBUyRfdWao=
Subject key identifier: 06:29:D9:29:EC:A0:E6:02:A4:3B:C8:30:60:9D:19:7B:C0:9E:47:1B
Certificate issuer: /CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Certificate serial: 0194B350385AA8971EE0FCA4EBD112A0519D
Authority key identifier: D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/BinZKeyg5gKkO8gwYJ0Ze8CeRxs.roa
Signing time: Wed 29 Jan 2025 18:26:06 +0000
ROA not before: Wed 29 Jan 2025 18:26:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60949
IP address blocks: 109.105.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/2MYKDS1wqTN9C9pW0a1ZasH2nNo.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/2MYKDS1wqTN9C9pW0a1ZasH2nNo.mft
rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 08:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:b3:50:38:5a:a8:97:1e:e0:fc:a4:eb:d1:12:a0:51:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Validity
Not Before: Jan 29 18:26:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0629d929eca0e602a43bc830609d197bc09e471b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:2b:f2:31:a1:8e:33:fd:a4:52:4c:8c:c4:0a:
14:67:74:68:d5:52:68:6b:a7:c3:44:2d:74:1c:2f:
65:a6:02:cb:11:b4:6e:dd:5d:11:67:70:e1:bb:b0:
89:11:15:a7:85:f1:c7:9e:17:ed:43:0a:4e:62:b9:
0c:99:59:bc:af:36:07:48:db:ff:af:09:20:44:ac:
ad:c8:03:b0:eb:59:9e:69:5a:ac:67:12:ed:9e:03:
c3:b2:97:49:65:c7:34:11:f7:e0:c6:77:71:be:11:
fc:06:fb:aa:82:a5:6a:93:b7:2f:94:e5:f2:11:40:
ae:6f:4e:7c:30:43:61:3c:be:a8:0b:d3:f0:e6:0f:
4b:56:12:94:4f:fe:90:5d:3b:2d:2b:4a:cf:5c:a5:
20:c2:a7:48:c4:d2:c0:56:65:00:72:6c:c5:bf:33:
de:1e:f4:9f:01:3f:ca:1c:54:79:58:2b:f4:cd:b8:
34:3c:e6:11:d7:78:f5:e9:35:bc:1f:da:26:7e:d4:
02:d8:44:2a:19:d6:85:fc:2e:57:aa:25:b5:4d:bf:
b1:b6:c4:7d:29:20:5d:b2:ad:77:f9:08:9d:eb:a2:
0f:29:fe:71:cb:61:23:38:8d:72:df:41:59:cd:3b:
b9:39:89:6b:43:96:bd:ef:15:48:2c:ba:09:2c:97:
58:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:29:D9:29:EC:A0:E6:02:A4:3B:C8:30:60:9D:19:7B:C0:9E:47:1B
X509v3 Authority Key Identifier:
keyid:D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/BinZKeyg5gKkO8gwYJ0Ze8CeRxs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/2MYKDS1wqTN9C9pW0a1ZasH2nNo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.105.199.0/24
Signature Algorithm: sha256WithRSAEncryption
97:54:16:68:a1:ef:de:0d:e7:73:28:50:58:f9:31:ef:fb:f7:
7a:29:02:36:39:cf:6b:ae:23:69:8d:3a:5f:4b:ac:34:ac:f4:
7a:e2:94:53:5b:63:11:0e:ec:30:3f:20:cc:f6:4a:29:d9:70:
5a:b2:5e:6b:4f:3c:cc:a4:47:99:4f:e0:e7:f3:bb:d0:b8:a8:
cb:7b:d2:34:81:b5:8f:ec:88:26:0d:97:ad:9e:97:71:7c:39:
4a:3d:a2:05:3c:af:2e:dd:7d:94:57:d7:12:5f:9b:7e:fc:e9:
76:de:9f:95:74:d6:e1:19:9a:d0:bd:dd:04:be:e2:a3:e5:81:
ed:81:15:43:9d:62:1a:8e:b4:50:e9:98:dc:06:fe:bf:15:5c:
8c:dd:2c:01:4d:c6:bf:8c:31:d2:58:c3:2a:3f:83:f3:cb:36:
5f:68:71:3d:08:25:60:87:5e:17:0a:ce:ac:12:bc:83:03:e7:
c0:61:a4:17:77:62:73:53:52:e3:9c:88:12:ea:94:75:8d:d4:
d3:6a:9d:0d:18:df:80:5f:48:f6:0f:3e:c6:99:eb:7b:36:ef:
e4:75:03:0f:60:71:5a:fc:d1:4e:8c:2f:90:9f:a8:f5:9c:5b:
f1:d0:f7:c7:0e:69:b0:93:85:8d:bf:31:ee:fd:24:b5:9c:84:
f0:c6:96:a5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZSzUDhaqJce4Pyk69ESoFGdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4YzYwYTBkMmQ3MGE5MzM3ZDBiZGE1NmQxYWQ1OTZhYzFm
NjljZGEwHhcNMjUwMTI5MTgyNjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjI5ZDkyOWVjYTBlNjAyYTQzYmM4MzA2MDlkMTk3YmMwOWU0NzFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ivyMaGOM/2kUkyMxAoUZ3Ro1VJo
a6fDRC10HC9lpgLLEbRu3V0RZ3Dhu7CJERWnhfHHnhftQwpOYrkMmVm8rzYHSNv/
rwkgRKytyAOw61meaVqsZxLtngPDspdJZcc0EffgxndxvhH8BvuqgqVqk7cvlOXy
EUCub058MENhPL6oC9Pw5g9LVhKUT/6QXTstK0rPXKUgwqdIxNLAVmUAcmzFvzPe
HvSfAT/KHFR5WCv0zbg0POYR13j16TW8H9omftQC2EQqGdaF/C5XqiW1Tb+xtsR9
KSBdsq13+Qid66IPKf5xy2EjOI1y30FZzTu5OYlrQ5a97xVILLoJLJdYPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAYp2SnsoOYCpDvIMGCdGXvAnkcbMB8GA1UdIwQY
MBaAFNjGCg0tcKkzfQvaVtGtWWrB9pzaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUt
ZGQyOTRjMzc4ZjZjLzEvQmluWktleWc1Z0trTzhnd1lKMFplOENlUnhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUtZGQyOTRjMzc4ZjZj
LzEvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbWnHMA0G
CSqGSIb3DQEBCwUAA4IBAQCXVBZooe/eDedzKFBY+THv+/d6KQI2Oc9rriNpjTpf
S6w0rPR64pRTW2MRDuwwPyDM9kop2XBasl5rTzzMpEeZT+Dn87vQuKjLe9I0gbWP
7IgmDZetnpdxfDlKPaIFPK8u3X2UV9cSX5t+/Ol23p+VdNbhGZrQvd0EvuKj5YHt
gRVDnWIajrRQ6ZjcBv6/FVyM3SwBTca/jDHSWMMqP4PzyzZfaHE9CCVgh14XCs6s
EryDA+fAYaQXd2JzU1LjnIgS6pR1jdTTap0NGN+AX0j2Dz7Gmet7Nu/kdQMPYHFa
/NFOjC+Qn6j1nFvx0PfHDmmwk4WNvzHu/SS1nITwxpal
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:30:58 2025 by rpki-client