Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/f35406-d8c4-4f5c-92ac-256da95d1345/1/REM4mLJG7EnsBgBtsv162D0wKhg.roa
File: REM4mLJG7EnsBgBtsv162D0wKhg.roa (raw, json)
Hash identifier: lvlcTJIeXHpqeTqGfZTwiMwS8+bWAY5YDqELcR5epC0=
Subject key identifier: 44:43:38:98:B2:46:EC:49:EC:06:00:6D:B2:FD:7A:D8:3D:30:2A:18
Certificate issuer: /CN=91381bc969de6adc3d1ddc0eb89bdeeace9805cd
Certificate serial: 019427B690BDCCAC480321EB1320D0E6F866
Authority key identifier: 91:38:1B:C9:69:DE:6A:DC:3D:1D:DC:0E:B8:9B:DE:EA:CE:98:05:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kTgbyWneatw9HdwOuJve6s6YBc0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/f35406-d8c4-4f5c-92ac-256da95d1345/1/REM4mLJG7EnsBgBtsv162D0wKhg.roa
Signing time: Thu 02 Jan 2025 15:51:03 +0000
ROA not before: Thu 02 Jan 2025 15:51:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12213
IP address blocks: 185.143.78.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/f35406-d8c4-4f5c-92ac-256da95d1345/1/kTgbyWneatw9HdwOuJve6s6YBc0.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/f35406-d8c4-4f5c-92ac-256da95d1345/1/kTgbyWneatw9HdwOuJve6s6YBc0.mft
rsync://rpki.ripe.net/repository/DEFAULT/kTgbyWneatw9HdwOuJve6s6YBc0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 18:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:90:bd:cc:ac:48:03:21:eb:13:20:d0:e6:f8:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91381bc969de6adc3d1ddc0eb89bdeeace9805cd
Validity
Not Before: Jan 2 15:51:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=44433898b246ec49ec06006db2fd7ad83d302a18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:0e:25:0b:3f:54:16:a4:92:65:1f:af:c1:bc:
1b:4b:e6:17:0f:c4:24:c5:f7:55:43:5e:32:78:e4:
1b:25:f7:f5:fd:6f:7d:04:dc:2d:70:58:39:c4:c3:
92:39:ca:03:08:4e:e7:95:81:8d:b0:46:4a:a4:d4:
02:2c:6e:0c:82:22:cc:8d:9c:00:db:fb:2c:ab:b4:
46:9e:bf:d6:46:9a:8e:d7:94:3c:8a:7a:40:d5:e0:
6d:b4:9b:46:49:c1:eb:dc:bf:20:71:b3:30:0c:76:
2d:c6:d1:c6:e6:0c:1e:6c:cc:e6:0d:6c:87:e3:ca:
22:70:af:36:6d:38:ce:eb:a7:c8:7d:13:2a:b9:eb:
6c:a9:3f:70:fd:2b:fb:92:ee:b6:4e:3e:1e:62:b6:
e6:60:9f:b3:77:33:8c:e9:99:c6:85:e2:97:bb:cc:
1e:c2:a6:5f:c3:af:7c:b4:b3:a6:23:1c:01:1e:fb:
16:22:38:9c:33:b5:1e:aa:98:48:40:3c:38:9c:a6:
41:ee:61:2a:b2:d5:01:6f:1f:59:9d:fd:4e:09:e7:
da:b8:76:45:2c:15:4b:b9:fe:36:d2:6a:8a:21:b2:
e9:8d:3f:2c:dc:f1:d8:5b:97:14:4e:26:bd:4e:d8:
b1:82:f1:90:44:e0:72:2c:63:45:54:0b:82:27:45:
85:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:43:38:98:B2:46:EC:49:EC:06:00:6D:B2:FD:7A:D8:3D:30:2A:18
X509v3 Authority Key Identifier:
keyid:91:38:1B:C9:69:DE:6A:DC:3D:1D:DC:0E:B8:9B:DE:EA:CE:98:05:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kTgbyWneatw9HdwOuJve6s6YBc0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/f35406-d8c4-4f5c-92ac-256da95d1345/1/REM4mLJG7EnsBgBtsv162D0wKhg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/f35406-d8c4-4f5c-92ac-256da95d1345/1/kTgbyWneatw9HdwOuJve6s6YBc0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.143.78.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:f4:1d:3a:01:79:b9:0a:08:af:fe:e9:1a:92:6a:af:00:87:
6f:4b:c2:bf:e4:ec:49:94:28:ae:b7:3c:1c:b8:8c:91:11:dc:
ed:ea:9a:ec:14:8e:3f:07:43:e0:a5:52:95:7e:c5:60:dc:45:
ed:9f:9c:43:dd:f8:54:1a:3e:27:dd:cf:37:05:f4:b1:65:ac:
a3:e3:1a:fc:43:65:ef:d6:cf:61:a6:01:48:19:e5:a2:9b:c0:
1f:b1:74:2b:1d:74:27:b9:a7:88:d2:26:ce:eb:25:89:e0:4c:
bb:87:f6:47:cb:e8:06:20:bb:2f:02:3e:9d:61:de:ba:16:81:
00:06:a3:62:05:2a:46:02:55:96:97:37:77:f2:2e:4c:fc:73:
dc:22:db:b6:ee:6b:00:7d:2e:9a:02:0d:c5:31:9e:a7:2b:b9:
5b:5e:68:94:8b:49:53:1b:f0:45:38:0c:2b:5c:34:d7:1c:aa:
d4:04:eb:50:0a:51:d5:91:82:e2:da:07:e8:0f:08:8c:07:be:
42:3e:9a:6f:e4:93:bb:10:64:9d:c0:82:70:55:54:b7:2d:3f:
d8:0d:96:06:a7:07:ed:52:41:14:ea:17:e9:24:04:f1:5f:fb:
79:95:03:17:2f:c8:e6:ad:06:01:f2:fe:94:a9:d4:93:c5:55:
59:fa:33:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntpC9zKxIAyHrEyDQ5vhmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxMzgxYmM5NjlkZTZhZGMzZDFkZGMwZWI4OWJkZWVhY2U5
ODA1Y2QwHhcNMjUwMTAyMTU1MTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDQzMzg5OGIyNDZlYzQ5ZWMwNjAwNmRiMmZkN2FkODNkMzAyYTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1g4lCz9UFqSSZR+vwbwbS+YXD8Qk
xfdVQ14yeOQbJff1/W99BNwtcFg5xMOSOcoDCE7nlYGNsEZKpNQCLG4MgiLMjZwA
2/ssq7RGnr/WRpqO15Q8inpA1eBttJtGScHr3L8gcbMwDHYtxtHG5gwebMzmDWyH
48oicK82bTjO66fIfRMquetsqT9w/Sv7ku62Tj4eYrbmYJ+zdzOM6ZnGheKXu8we
wqZfw698tLOmIxwBHvsWIjicM7UeqphIQDw4nKZB7mEqstUBbx9Znf1OCefauHZF
LBVLuf420mqKIbLpjT8s3PHYW5cUTia9TtixgvGQROByLGNFVAuCJ0WF/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFERDOJiyRuxJ7AYAbbL9etg9MCoYMB8GA1UdIwQY
MBaAFJE4G8lp3mrcPR3cDrib3urOmAXNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1RnYnlXbmVhdHc5SGR3T3VKdmU2czZZQmMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9mMzU0MDYtZDhjNC00ZjVjLTkyYWMt
MjU2ZGE5NWQxMzQ1LzEvUkVNNG1MSkc3RW5zQmdCdHN2MTYyRDB3S2hnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9mMzU0MDYtZDhjNC00ZjVjLTkyYWMtMjU2ZGE5NWQxMzQ1
LzEva1RnYnlXbmVhdHc5SGR3T3VKdmU2czZZQmMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuY9OMA0G
CSqGSIb3DQEBCwUAA4IBAQCa9B06AXm5Cgiv/ukakmqvAIdvS8K/5OxJlCiutzwc
uIyREdzt6prsFI4/B0PgpVKVfsVg3EXtn5xD3fhUGj4n3c83BfSxZayj4xr8Q2Xv
1s9hpgFIGeWim8AfsXQrHXQnuaeI0ibO6yWJ4Ey7h/ZHy+gGILsvAj6dYd66FoEA
BqNiBSpGAlWWlzd38i5M/HPcItu27msAfS6aAg3FMZ6nK7lbXmiUi0lTG/BFOAwr
XDTXHKrUBOtQClHVkYLi2gfoDwiMB75CPppv5JO7EGSdwIJwVVS3LT/YDZYGpwft
UkEU6hfpJATxX/t5lQMXL8jmrQYB8v6UqdSTxVVZ+jMb
-----END CERTIFICATE-----
Generated at Sun Apr 13 02:57:08 2025 by rpki-client