Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/55bf9f-240f-49bb-b30e-604b201e65f8/1/9Kz1Fv2LSuY0LF68m4kI6oOM2Ic.roa
File: 9Kz1Fv2LSuY0LF68m4kI6oOM2Ic.roa (raw, json)
Hash identifier: DpVOkbfjr2aYG9vMgOAPUEe4A9rj3lmXccI6AqDsxmk=
Subject key identifier: F4:AC:F5:16:FD:8B:4A:E6:34:2C:5E:BC:9B:89:08:EA:83:8C:D8:87
Certificate issuer: /CN=473ddbc4bb381dbef24d2ff8b4e1f23f2ddf40cc
Certificate serial: 019423691746AB35A6D0A4479E6DBB5BA34C
Authority key identifier: 47:3D:DB:C4:BB:38:1D:BE:F2:4D:2F:F8:B4:E1:F2:3F:2D:DF:40:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rz3bxLs4Hb7yTS_4tOHyPy3fQMw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/55bf9f-240f-49bb-b30e-604b201e65f8/1/9Kz1Fv2LSuY0LF68m4kI6oOM2Ic.roa
Signing time: Wed 01 Jan 2025 19:47:57 +0000
ROA not before: Wed 01 Jan 2025 19:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 54253
IP address blocks: 185.69.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/55bf9f-240f-49bb-b30e-604b201e65f8/1/Rz3bxLs4Hb7yTS_4tOHyPy3fQMw.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/55bf9f-240f-49bb-b30e-604b201e65f8/1/Rz3bxLs4Hb7yTS_4tOHyPy3fQMw.mft
rsync://rpki.ripe.net/repository/DEFAULT/Rz3bxLs4Hb7yTS_4tOHyPy3fQMw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 10 Mar 2025 13:01:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:17:46:ab:35:a6:d0:a4:47:9e:6d:bb:5b:a3:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=473ddbc4bb381dbef24d2ff8b4e1f23f2ddf40cc
Validity
Not Before: Jan 1 19:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f4acf516fd8b4ae6342c5ebc9b8908ea838cd887
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:fb:b1:c3:46:a1:12:dc:ba:89:5b:8a:73:91:
a1:25:67:f4:97:bd:1d:98:34:5c:18:c7:e3:a0:01:
27:bc:07:52:d0:1f:21:d3:7c:92:b6:92:b8:1a:a9:
60:cd:c6:04:90:70:b7:49:4d:f9:65:e7:dd:0b:b7:
5e:ea:21:e9:d0:bd:79:cc:c6:80:86:86:f7:f4:8b:
b3:13:b0:d3:8f:3d:37:65:74:12:4c:ab:c4:01:77:
36:87:16:dc:ab:d7:ec:4c:ff:85:d3:03:38:bc:65:
c0:d8:b3:07:b1:ce:db:13:4f:53:b8:4e:08:6a:a9:
ff:17:a5:f5:b2:ce:3b:9a:cc:97:8f:f7:c9:37:59:
16:eb:23:1c:45:b7:05:a5:8b:64:6f:5a:03:14:99:
a6:2b:37:31:a6:3d:6f:1d:cd:26:b3:dc:29:2e:ac:
b0:7e:b5:c3:11:24:b0:df:4f:5e:e9:fa:37:ff:85:
75:cc:27:77:64:58:b8:d5:08:d4:2e:d3:29:cd:40:
eb:6f:2e:11:0f:18:32:e2:ea:44:eb:7f:47:6d:a3:
99:74:5d:8d:24:7f:78:e3:1d:55:1a:e1:57:a0:6b:
4a:0d:8d:30:5b:f9:84:fb:7d:56:ec:19:6e:44:24:
7a:40:12:eb:87:24:57:37:6a:93:6d:5e:1c:3b:fc:
83:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:AC:F5:16:FD:8B:4A:E6:34:2C:5E:BC:9B:89:08:EA:83:8C:D8:87
X509v3 Authority Key Identifier:
keyid:47:3D:DB:C4:BB:38:1D:BE:F2:4D:2F:F8:B4:E1:F2:3F:2D:DF:40:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rz3bxLs4Hb7yTS_4tOHyPy3fQMw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/55bf9f-240f-49bb-b30e-604b201e65f8/1/9Kz1Fv2LSuY0LF68m4kI6oOM2Ic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/55bf9f-240f-49bb-b30e-604b201e65f8/1/Rz3bxLs4Hb7yTS_4tOHyPy3fQMw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.69.0.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:c5:6a:5f:67:77:e1:e1:f4:ec:f8:c4:cc:01:8e:36:b0:02:
a8:75:26:1b:36:56:60:78:b0:b3:f4:f7:49:0e:f5:b8:40:b9:
9d:88:77:fc:81:98:aa:dd:16:2d:9d:91:23:89:36:97:87:0a:
c7:b2:ca:44:ba:5b:aa:a6:74:b9:ba:26:ed:bd:df:27:24:10:
72:f7:a0:b0:f7:7f:f5:00:c1:4c:44:ce:dd:9f:18:55:52:bb:
51:16:46:61:20:13:7c:23:08:99:7a:0f:bc:e5:18:77:c6:c4:
91:2e:ea:35:e9:32:cf:71:7b:dd:9c:01:29:cb:af:d3:f1:1f:
0d:9f:16:a5:1b:42:74:ff:c1:59:49:eb:74:6f:f8:b8:37:28:
d3:60:7a:fa:85:d8:75:f4:e8:02:73:b0:92:3a:33:48:68:31:
0d:90:3c:ea:a0:76:a3:39:50:25:44:bb:48:84:1f:76:1d:05:
38:0e:ca:5d:4b:3e:65:57:9a:29:c9:69:93:29:9f:89:ea:b3:
b9:4c:c1:3d:0e:2a:25:30:ad:c3:5e:96:4d:4a:bc:0e:cc:0e:
7f:b2:56:27:6b:15:33:74:22:ed:95:f9:5c:b5:06:12:90:67:
ea:9c:2c:a0:5e:e9:82:a6:f0:2c:40:35:37:01:34:26:0a:54:
13:08:d9:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjaRdGqzWm0KRHnm27W6NMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3M2RkYmM0YmIzODFkYmVmMjRkMmZmOGI0ZTFmMjNmMmRk
ZjQwY2MwHhcNMjUwMTAxMTk0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGFjZjUxNmZkOGI0YWU2MzQyYzVlYmM5Yjg5MDhlYTgzOGNkODg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5fuxw0ahEty6iVuKc5GhJWf0l70d
mDRcGMfjoAEnvAdS0B8h03yStpK4GqlgzcYEkHC3SU35ZefdC7de6iHp0L15zMaA
hob39IuzE7DTjz03ZXQSTKvEAXc2hxbcq9fsTP+F0wM4vGXA2LMHsc7bE09TuE4I
aqn/F6X1ss47msyXj/fJN1kW6yMcRbcFpYtkb1oDFJmmKzcxpj1vHc0ms9wpLqyw
frXDESSw309e6fo3/4V1zCd3ZFi41QjULtMpzUDrby4RDxgy4upE639HbaOZdF2N
JH944x1VGuFXoGtKDY0wW/mE+31W7BluRCR6QBLrhyRXN2qTbV4cO/yDxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPSs9Rb9i0rmNCxevJuJCOqDjNiHMB8GA1UdIwQY
MBaAFEc928S7OB2+8k0v+LTh8j8t30DMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnozYnhMczRIYjd5VFNfNHRPSHlQeTNmUU13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81NWJmOWYtMjQwZi00OWJiLWIzMGUt
NjA0YjIwMWU2NWY4LzEvOUt6MUZ2MkxTdVkwTEY2OG00a0k2b09NMkljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81NWJmOWYtMjQwZi00OWJiLWIzMGUtNjA0YjIwMWU2NWY4
LzEvUnozYnhMczRIYjd5VFNfNHRPSHlQeTNmUU13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuUUAMA0G
CSqGSIb3DQEBCwUAA4IBAQChxWpfZ3fh4fTs+MTMAY42sAKodSYbNlZgeLCz9PdJ
DvW4QLmdiHf8gZiq3RYtnZEjiTaXhwrHsspEuluqpnS5uibtvd8nJBBy96Cw93/1
AMFMRM7dnxhVUrtRFkZhIBN8IwiZeg+85Rh3xsSRLuo16TLPcXvdnAEpy6/T8R8N
nxalG0J0/8FZSet0b/i4NyjTYHr6hdh19OgCc7CSOjNIaDENkDzqoHajOVAlRLtI
hB92HQU4DspdSz5lV5opyWmTKZ+J6rO5TME9DiolMK3DXpZNSrwOzA5/slYnaxUz
dCLtlflctQYSkGfqnCygXumCpvAsQDU3ATQmClQTCNli
-----END CERTIFICATE-----
Generated at Sun Mar 9 19:00:38 2025 by rpki-client