Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/9ea08a-1a99-4ee3-a3c4-8426aa1a6d2f/1/Ca4xXUzbyhsUcBXoNBEFebjIPUc.roa
File: Ca4xXUzbyhsUcBXoNBEFebjIPUc.roa (raw, json)
Hash identifier: ps+2L73QvXysU+0eZnonSgGSTE/hA5gLFzFQVCRF5nk=
Subject key identifier: 09:AE:31:5D:4C:DB:CA:1B:14:70:15:E8:34:11:05:79:B8:C8:3D:47
Certificate issuer: /CN=4a46ad8b510cf559485e3611555b8b439ef533bb
Certificate serial: 01942521749E8069B55521D2A1D38BBEC3EC
Authority key identifier: 4A:46:AD:8B:51:0C:F5:59:48:5E:36:11:55:5B:8B:43:9E:F5:33:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Skati1EM9VlIXjYRVVuLQ571M7s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/9ea08a-1a99-4ee3-a3c4-8426aa1a6d2f/1/Ca4xXUzbyhsUcBXoNBEFebjIPUc.roa
Signing time: Thu 02 Jan 2025 03:48:57 +0000
ROA not before: Thu 02 Jan 2025 03:48:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216016
IP address blocks: 217.23.208.0/24 maxlen: 24
2a14:300::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/9ea08a-1a99-4ee3-a3c4-8426aa1a6d2f/1/Skati1EM9VlIXjYRVVuLQ571M7s.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/9ea08a-1a99-4ee3-a3c4-8426aa1a6d2f/1/Skati1EM9VlIXjYRVVuLQ571M7s.mft
rsync://rpki.ripe.net/repository/DEFAULT/Skati1EM9VlIXjYRVVuLQ571M7s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:74:9e:80:69:b5:55:21:d2:a1:d3:8b:be:c3:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a46ad8b510cf559485e3611555b8b439ef533bb
Validity
Not Before: Jan 2 03:48:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=09ae315d4cdbca1b147015e834110579b8c83d47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:7a:48:01:88:be:f5:50:f9:ea:69:0e:86:3f:
48:d5:8a:92:f7:f6:74:12:d8:8c:97:92:cd:70:28:
dd:cd:aa:34:93:88:d1:16:78:ca:5a:8d:2c:7b:4e:
56:fd:f6:5c:21:ba:3a:ea:48:1e:d4:a9:87:f0:e9:
87:c6:8d:58:b1:80:44:9f:53:8f:fe:2a:7e:35:95:
23:62:d5:c3:38:ea:c2:5e:37:28:a3:ae:64:56:e9:
28:9f:02:a3:b3:50:ed:28:c1:42:ff:15:1c:7f:c6:
28:d5:e8:c0:77:8d:96:17:6b:33:4b:d8:55:cf:05:
31:a2:ce:38:e9:66:a4:70:c7:80:39:40:2b:4c:68:
7a:13:6e:39:9e:98:26:81:32:32:ba:15:3b:4d:69:
60:b4:84:9a:75:b6:af:e3:9c:16:c7:10:b7:a1:2e:
22:3f:17:29:2e:8b:f5:64:4b:00:d5:74:96:2d:09:
19:fc:07:96:35:fb:9c:c4:01:65:97:14:e4:1f:35:
24:04:72:19:1c:0f:29:fc:d1:74:22:37:8e:3e:b8:
84:27:f3:f0:2c:16:0e:c9:cf:6c:14:1e:45:6a:fd:
ca:57:45:4c:d5:6d:67:e3:16:55:ea:6b:c0:97:6c:
96:63:88:38:2d:70:70:4f:be:8c:8d:3d:6a:29:ab:
bc:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:AE:31:5D:4C:DB:CA:1B:14:70:15:E8:34:11:05:79:B8:C8:3D:47
X509v3 Authority Key Identifier:
keyid:4A:46:AD:8B:51:0C:F5:59:48:5E:36:11:55:5B:8B:43:9E:F5:33:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Skati1EM9VlIXjYRVVuLQ571M7s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/9ea08a-1a99-4ee3-a3c4-8426aa1a6d2f/1/Ca4xXUzbyhsUcBXoNBEFebjIPUc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/9ea08a-1a99-4ee3-a3c4-8426aa1a6d2f/1/Skati1EM9VlIXjYRVVuLQ571M7s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.23.208.0/24
IPv6:
2a14:300::/29
Signature Algorithm: sha256WithRSAEncryption
47:9b:3b:17:c2:d3:37:69:eb:fa:7d:47:30:1d:e1:f1:49:12:
7c:ce:2a:a1:9e:b0:d3:08:b8:b7:f1:9d:d1:6b:06:60:08:79:
f0:39:15:89:d5:6d:82:c2:37:50:4f:0a:3b:c6:42:ea:ff:71:
01:27:18:a3:8a:ee:b4:1a:6a:bb:8b:27:a4:20:b0:e5:1a:43:
4e:f0:21:df:91:63:c2:e4:eb:1c:72:ea:ee:d7:6f:b2:5a:d5:
f1:e9:23:72:fa:7e:28:07:98:82:5f:10:19:a2:86:a4:52:04:
9b:66:ea:75:d5:aa:be:bd:82:0e:73:8b:d9:6a:e5:9e:74:96:
54:7a:a4:be:cd:54:25:84:c1:0c:ee:74:6d:4a:25:31:ed:97:
26:b0:d3:08:3f:e6:14:da:ad:eb:fa:aa:98:a8:ad:3a:17:a0:
f6:d0:02:07:ab:ec:ca:9f:a8:83:77:3a:2f:c6:a9:b9:5c:d3:
4f:48:c0:f0:70:89:c9:ac:c6:d4:6b:75:07:09:37:8c:37:19:
6b:84:c7:d3:13:08:23:06:3b:ac:b4:cd:00:17:6a:9e:88:56:
53:86:e5:f9:b2:00:ff:0e:8b:1e:ff:99:b5:47:d4:64:c6:33:
82:1c:10:fc:e6:5c:b7:f9:45:84:16:d0:fa:f0:5c:25:b9:df:
d4:d9:39:4b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQlIXSegGm1VSHSodOLvsPsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNDZhZDhiNTEwY2Y1NTk0ODVlMzYxMTU1NWI4YjQzOWVm
NTMzYmIwHhcNMjUwMTAyMDM0ODU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWFlMzE1ZDRjZGJjYTFiMTQ3MDE1ZTgzNDExMDU3OWI4YzgzZDQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0HpIAYi+9VD56mkOhj9I1YqS9/Z0
EtiMl5LNcCjdzao0k4jRFnjKWo0se05W/fZcIbo66kge1KmH8OmHxo1YsYBEn1OP
/ip+NZUjYtXDOOrCXjcoo65kVukonwKjs1DtKMFC/xUcf8Yo1ejAd42WF2szS9hV
zwUxos446WakcMeAOUArTGh6E245npgmgTIyuhU7TWlgtISadbav45wWxxC3oS4i
PxcpLov1ZEsA1XSWLQkZ/AeWNfucxAFllxTkHzUkBHIZHA8p/NF0IjeOPriEJ/Pw
LBYOyc9sFB5Fav3KV0VM1W1n4xZV6mvAl2yWY4g4LXBwT76MjT1qKau8PwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAmuMV1M28obFHAV6DQRBXm4yD1HMB8GA1UdIwQY
MBaAFEpGrYtRDPVZSF42EVVbi0Oe9TO7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2thdGkxRU05VmxJWGpZUlZWdUxRNTcxTTdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS85ZWEwOGEtMWE5OS00ZWUzLWEzYzQt
ODQyNmFhMWE2ZDJmLzEvQ2E0eFhVemJ5aHNVY0JYb05CRUZlYmpJUFVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS85ZWEwOGEtMWE5OS00ZWUzLWEzYzQtODQyNmFhMWE2ZDJm
LzEvU2thdGkxRU05VmxJWGpZUlZWdUxRNTcxTTdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQA2RfQMA0E
AgACMAcDBQMqFAMAMA0GCSqGSIb3DQEBCwUAA4IBAQBHmzsXwtM3aev6fUcwHeHx
SRJ8ziqhnrDTCLi38Z3RawZgCHnwORWJ1W2CwjdQTwo7xkLq/3EBJxijiu60Gmq7
iyekILDlGkNO8CHfkWPC5Osccuru12+yWtXx6SNy+n4oB5iCXxAZooakUgSbZup1
1aq+vYIOc4vZauWedJZUeqS+zVQlhMEM7nRtSiUx7ZcmsNMIP+YU2q3r+qqYqK06
F6D20AIHq+zKn6iDdzovxqm5XNNPSMDwcInJrMbUa3UHCTeMNxlrhMfTEwgjBjus
tM0AF2qeiFZThuX5sgD/Dose/5m1R9RkxjOCHBD85ly3+UWEFtD68Fwlud/U2TlL
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:03:03 2025 by rpki-client