Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/35b020-a225-4dff-b172-d0818ef06659/1/sMrQzs33rrsyMFOFMFTjCINTzTQ.roa
File: sMrQzs33rrsyMFOFMFTjCINTzTQ.roa (raw, json)
Hash identifier: M0Ho0S0WzI5DOHL0C5sQ6HcQ5teNM3kvhCzMJa29/0U=
Subject key identifier: B0:CA:D0:CE:CD:F7:AE:BB:32:30:53:85:30:54:E3:08:83:53:CD:34
Certificate issuer: /CN=8ce8df39e3626087ae16f60ebe61acc8c6d13573
Certificate serial: 01941FFA0F99E08CE5944849694C3AC1612F
Authority key identifier: 8C:E8:DF:39:E3:62:60:87:AE:16:F6:0E:BE:61:AC:C8:C6:D1:35:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jOjfOeNiYIeuFvYOvmGsyMbRNXM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/35b020-a225-4dff-b172-d0818ef06659/1/sMrQzs33rrsyMFOFMFTjCINTzTQ.roa
Signing time: Wed 01 Jan 2025 03:47:49 +0000
ROA not before: Wed 01 Jan 2025 03:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59877
IP address blocks: 91.212.33.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/35b020-a225-4dff-b172-d0818ef06659/1/jOjfOeNiYIeuFvYOvmGsyMbRNXM.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/35b020-a225-4dff-b172-d0818ef06659/1/jOjfOeNiYIeuFvYOvmGsyMbRNXM.mft
rsync://rpki.ripe.net/repository/DEFAULT/jOjfOeNiYIeuFvYOvmGsyMbRNXM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:0f:99:e0:8c:e5:94:48:49:69:4c:3a:c1:61:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ce8df39e3626087ae16f60ebe61acc8c6d13573
Validity
Not Before: Jan 1 03:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b0cad0cecdf7aebb323053853054e3088353cd34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:7b:20:62:fc:05:ae:65:2a:a2:94:36:17:74:
91:23:6e:6a:53:9c:8c:6c:dc:56:e2:35:59:4c:59:
ab:f1:af:36:fb:2d:9b:22:b3:5a:0b:e7:63:54:15:
2e:03:a3:a4:78:75:ea:ef:33:5f:35:65:df:c6:1b:
0b:b5:d1:23:c8:0f:fb:63:83:76:c5:40:5e:a8:46:
f1:75:50:a3:48:bb:01:0e:e4:e2:d4:58:56:f2:7b:
77:dd:f7:f4:9b:05:9c:4f:fb:68:1c:ef:e9:83:64:
ce:f5:06:36:a2:25:9e:9f:06:f8:82:61:f0:15:fb:
38:6e:93:72:48:08:64:e7:52:25:31:ea:49:fd:9b:
51:c2:4b:cf:b5:11:a4:72:ec:35:cb:54:2b:4e:b2:
e5:0a:c5:3d:c4:26:ad:d9:c5:cb:d8:9f:76:d9:06:
6a:0b:d1:8a:90:f1:e4:ea:b6:b1:32:1b:c8:f5:64:
d7:e0:ff:32:24:b6:e1:4f:41:0d:68:42:96:46:13:
47:04:bb:04:3f:a3:e1:f2:5c:c6:93:d5:3a:a6:53:
a6:d5:3e:45:37:61:6c:fb:b3:e0:4c:7b:00:1e:d9:
10:a2:e5:a6:f5:7e:93:4b:b3:3f:8f:1e:3f:2b:5e:
1f:d3:f8:e6:bd:5a:49:13:45:3c:c6:b4:a0:ff:48:
b3:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:CA:D0:CE:CD:F7:AE:BB:32:30:53:85:30:54:E3:08:83:53:CD:34
X509v3 Authority Key Identifier:
keyid:8C:E8:DF:39:E3:62:60:87:AE:16:F6:0E:BE:61:AC:C8:C6:D1:35:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jOjfOeNiYIeuFvYOvmGsyMbRNXM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/35b020-a225-4dff-b172-d0818ef06659/1/sMrQzs33rrsyMFOFMFTjCINTzTQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/35b020-a225-4dff-b172-d0818ef06659/1/jOjfOeNiYIeuFvYOvmGsyMbRNXM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.212.33.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:86:a3:f3:ec:66:e1:ac:2f:c0:c5:52:98:20:24:e5:da:c8:
c8:65:6b:21:f1:5f:70:ee:1f:f3:d3:76:cd:03:3d:e1:83:75:
be:69:98:40:f8:22:0c:6b:f6:cb:e1:0d:4b:eb:0b:df:9a:bf:
6f:c0:69:b7:10:d3:ea:41:97:3a:48:b8:11:39:d9:ac:95:c2:
09:b3:cd:be:04:64:c8:22:db:48:e4:de:48:2d:7f:cc:78:f0:
15:82:96:76:bb:5f:ed:f3:64:74:86:41:0c:8c:75:d7:25:d3:
93:b2:58:4e:a6:5b:2e:23:e2:19:05:cb:1d:23:e3:cd:5e:b1:
a9:60:57:24:72:24:67:cb:1a:2f:c0:db:1b:6d:36:d1:60:52:
a7:d2:4e:f0:b2:34:71:b8:51:ab:17:3f:6c:c5:f9:61:60:1d:
11:e3:b1:11:2a:d4:f6:9b:a8:00:54:87:54:2b:d3:a4:9c:7f:
79:6f:7d:81:bc:b1:fa:dc:21:9f:83:a5:b9:12:c9:44:4f:b5:
b1:9a:31:9e:8c:d5:24:dd:0c:38:92:ca:91:cb:85:16:4a:a8:
01:79:01:52:f3:52:89:18:10:52:f5:18:0d:ce:51:78:d0:cb:
43:73:2c:01:22:41:59:83:09:41:f9:69:1b:23:0d:a1:b3:60:
a2:61:1e:cb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+g+Z4IzllEhJaUw6wWEvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjZThkZjM5ZTM2MjYwODdhZTE2ZjYwZWJlNjFhY2M4YzZk
MTM1NzMwHhcNMjUwMTAxMDM0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGNhZDBjZWNkZjdhZWJiMzIzMDUzODUzMDU0ZTMwODgzNTNjZDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXsgYvwFrmUqopQ2F3SRI25qU5yM
bNxW4jVZTFmr8a82+y2bIrNaC+djVBUuA6OkeHXq7zNfNWXfxhsLtdEjyA/7Y4N2
xUBeqEbxdVCjSLsBDuTi1FhW8nt33ff0mwWcT/toHO/pg2TO9QY2oiWenwb4gmHw
Ffs4bpNySAhk51IlMepJ/ZtRwkvPtRGkcuw1y1QrTrLlCsU9xCat2cXL2J922QZq
C9GKkPHk6raxMhvI9WTX4P8yJLbhT0ENaEKWRhNHBLsEP6Ph8lzGk9U6plOm1T5F
N2Fs+7PgTHsAHtkQouWm9X6TS7M/jx4/K14f0/jmvVpJE0U8xrSg/0izVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLDK0M7N9667MjBThTBU4wiDU800MB8GA1UdIwQY
MBaAFIzo3znjYmCHrhb2Dr5hrMjG0TVzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvak9qZk9lTmlZSWV1RnZZT3ZtR3N5TWJSTlhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8zNWIwMjAtYTIyNS00ZGZmLWIxNzIt
ZDA4MThlZjA2NjU5LzEvc01yUXpzMzNycnN5TUZPRk1GVGpDSU5UelRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8zNWIwMjAtYTIyNS00ZGZmLWIxNzItZDA4MThlZjA2NjU5
LzEvak9qZk9lTmlZSWV1RnZZT3ZtR3N5TWJSTlhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9QhMA0G
CSqGSIb3DQEBCwUAA4IBAQCthqPz7GbhrC/AxVKYICTl2sjIZWsh8V9w7h/z03bN
Az3hg3W+aZhA+CIMa/bL4Q1L6wvfmr9vwGm3ENPqQZc6SLgROdmslcIJs82+BGTI
IttI5N5ILX/MePAVgpZ2u1/t82R0hkEMjHXXJdOTslhOplsuI+IZBcsdI+PNXrGp
YFckciRnyxovwNsbbTbRYFKn0k7wsjRxuFGrFz9sxflhYB0R47ERKtT2m6gAVIdU
K9OknH95b32BvLH63CGfg6W5EslET7WxmjGejNUk3Qw4ksqRy4UWSqgBeQFS81KJ
GBBS9RgNzlF40MtDcywBIkFZgwlB+WkbIw2hs2CiYR7L
-----END CERTIFICATE-----
Generated at Thu Mar 13 07:07:31 2025 by rpki-client