Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/8d798a-73d7-44ba-97db-f84b60521df5/1/_Q23PPlL8v2niGzmSooSDUdLWSk.roa
File: _Q23PPlL8v2niGzmSooSDUdLWSk.roa (raw, json)
Hash identifier: 8JwVrSvS2kxaZsRD1vVjitt0fjw3hWWmjxqgx0yIUoc=
Subject key identifier: FD:0D:B7:3C:F9:4B:F2:FD:A7:88:6C:E6:4A:8A:12:0D:47:4B:59:29
Certificate issuer: /CN=5056712ccfa877abb760cb77e27041774cb04739
Certificate serial: 0194274797D5A34B22779B3631AD74D013FB
Authority key identifier: 50:56:71:2C:CF:A8:77:AB:B7:60:CB:77:E2:70:41:77:4C:B0:47:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UFZxLM-od6u3YMt34nBBd0ywRzk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/8d798a-73d7-44ba-97db-f84b60521df5/1/_Q23PPlL8v2niGzmSooSDUdLWSk.roa
Signing time: Thu 02 Jan 2025 13:49:50 +0000
ROA not before: Thu 02 Jan 2025 13:49:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198863
IP address blocks: 91.240.2.0/23 maxlen: 23
91.240.2.0/24 maxlen: 24
185.198.132.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/8d798a-73d7-44ba-97db-f84b60521df5/1/UFZxLM-od6u3YMt34nBBd0ywRzk.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/8d798a-73d7-44ba-97db-f84b60521df5/1/UFZxLM-od6u3YMt34nBBd0ywRzk.mft
rsync://rpki.ripe.net/repository/DEFAULT/UFZxLM-od6u3YMt34nBBd0ywRzk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:97:d5:a3:4b:22:77:9b:36:31:ad:74:d0:13:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5056712ccfa877abb760cb77e27041774cb04739
Validity
Not Before: Jan 2 13:49:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fd0db73cf94bf2fda7886ce64a8a120d474b5929
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:1d:35:14:a4:fd:de:3a:fd:1a:11:66:aa:81:
d3:8a:ee:03:30:61:f0:bf:5d:58:77:57:3d:17:ea:
aa:34:01:46:fa:cd:a2:2c:d8:01:b1:a4:a8:9b:fd:
9b:8f:2a:6b:b7:2d:0c:87:85:23:ee:50:1e:2a:90:
fc:45:61:34:43:56:e5:fa:42:08:80:d9:4e:4b:15:
fd:b1:58:d7:df:c4:b6:38:d0:1b:00:c5:4a:63:6f:
2a:88:a7:85:97:8e:e5:9f:c6:25:1e:79:a6:c7:1e:
70:49:13:ef:a2:37:37:00:42:ce:7a:bb:28:20:50:
bf:b7:9c:51:81:4e:5a:76:38:17:f7:42:9e:1c:c2:
61:39:c1:32:fd:73:2d:53:4e:8b:65:d4:e6:a3:1a:
0f:57:4b:70:e0:72:b9:f5:fe:45:ce:5a:67:09:93:
12:88:97:e1:99:00:a8:33:72:b4:d9:52:df:6b:51:
f0:84:ea:3d:5b:81:29:63:ed:b7:8f:09:05:36:cf:
12:32:dd:06:94:36:06:65:f9:41:d3:7f:eb:b6:c7:
23:c0:e4:e5:e1:ac:87:1c:21:b8:df:b1:31:fd:24:
ef:7b:29:b1:32:5f:53:df:cf:4f:e3:01:d3:d8:22:
20:16:75:66:4e:58:19:e7:0f:dc:d2:e3:fb:fe:01:
82:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:0D:B7:3C:F9:4B:F2:FD:A7:88:6C:E6:4A:8A:12:0D:47:4B:59:29
X509v3 Authority Key Identifier:
keyid:50:56:71:2C:CF:A8:77:AB:B7:60:CB:77:E2:70:41:77:4C:B0:47:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UFZxLM-od6u3YMt34nBBd0ywRzk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/8d798a-73d7-44ba-97db-f84b60521df5/1/_Q23PPlL8v2niGzmSooSDUdLWSk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/8d798a-73d7-44ba-97db-f84b60521df5/1/UFZxLM-od6u3YMt34nBBd0ywRzk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.240.2.0/23
185.198.132.0/22
Signature Algorithm: sha256WithRSAEncryption
51:8b:06:aa:c0:1e:5f:08:0e:fc:dc:c6:2d:bc:b0:48:0d:2f:
23:7b:c5:b1:bd:d3:b5:cd:57:1e:32:82:14:1e:44:3d:14:2c:
38:5c:d4:ac:73:cd:47:bb:39:82:0d:c9:aa:6f:3d:f1:31:15:
fd:44:0a:b6:a2:92:ee:90:3c:8c:5e:fd:40:0b:af:ce:af:13:
25:e0:62:01:9c:ec:bb:1e:b3:7f:7e:9c:5e:d6:b5:97:7d:31:
0b:3b:aa:65:8d:69:fe:22:35:9e:73:a8:f1:01:15:47:89:5f:
73:74:98:a4:74:79:0a:0c:94:47:9f:3f:45:df:25:70:d0:df:
16:63:6c:a5:4a:2f:87:ce:35:69:1c:75:19:5d:3c:79:d7:5c:
be:64:20:a2:35:4e:ef:67:de:08:75:98:73:c1:4b:6d:b2:7f:
33:8f:14:7a:9a:71:7b:9a:28:39:f2:74:16:ca:05:2b:6e:da:
73:8b:f0:95:0b:bf:dc:1f:40:c7:44:38:52:59:74:8d:d0:72:
21:53:83:58:22:ef:0b:bb:02:ff:a9:ff:9d:09:df:2f:b4:73:
fb:f3:71:6d:f6:b8:59:5b:63:b2:ab:8d:a6:0f:d3:02:36:fe:
82:64:7a:2e:9e:5e:76:15:64:4f:07:3f:79:2a:1c:99:3b:41:
3e:06:6e:53
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQnR5fVo0sid5s2Ma100BP7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNTY3MTJjY2ZhODc3YWJiNzYwY2I3N2UyNzA0MTc3NGNi
MDQ3MzkwHhcNMjUwMTAyMTM0OTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDBkYjczY2Y5NGJmMmZkYTc4ODZjZTY0YThhMTIwZDQ3NGI1OTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzB01FKT93jr9GhFmqoHTiu4DMGHw
v11Yd1c9F+qqNAFG+s2iLNgBsaSom/2bjyprty0Mh4Uj7lAeKpD8RWE0Q1bl+kII
gNlOSxX9sVjX38S2ONAbAMVKY28qiKeFl47ln8YlHnmmxx5wSRPvojc3AELOerso
IFC/t5xRgU5adjgX90KeHMJhOcEy/XMtU06LZdTmoxoPV0tw4HK59f5FzlpnCZMS
iJfhmQCoM3K02VLfa1HwhOo9W4EpY+23jwkFNs8SMt0GlDYGZflB03/rtscjwOTl
4ayHHCG437Ex/STveymxMl9T389P4wHT2CIgFnVmTlgZ5w/c0uP7/gGCIQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFP0Ntzz5S/L9p4hs5kqKEg1HS1kpMB8GA1UdIwQY
MBaAFFBWcSzPqHert2DLd+JwQXdMsEc5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUZaeExNLW9kNnUzWU10MzRuQkJkMHl3UnprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS84ZDc5OGEtNzNkNy00NGJhLTk3ZGIt
Zjg0YjYwNTIxZGY1LzEvX1EyM1BQbEw4djJuaUd6bVNvb1NEVWRMV1NrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS84ZDc5OGEtNzNkNy00NGJhLTk3ZGItZjg0YjYwNTIxZGY1
LzEvVUZaeExNLW9kNnUzWU10MzRuQkJkMHl3UnprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW/ACAwQC
ucaEMA0GCSqGSIb3DQEBCwUAA4IBAQBRiwaqwB5fCA783MYtvLBIDS8je8WxvdO1
zVceMoIUHkQ9FCw4XNSsc81HuzmCDcmqbz3xMRX9RAq2opLukDyMXv1AC6/OrxMl
4GIBnOy7HrN/fpxe1rWXfTELO6pljWn+IjWec6jxARVHiV9zdJikdHkKDJRHnz9F
3yVw0N8WY2ylSi+HzjVpHHUZXTx511y+ZCCiNU7vZ94IdZhzwUttsn8zjxR6mnF7
mig58nQWygUrbtpzi/CVC7/cH0DHRDhSWXSN0HIhU4NYIu8LuwL/qf+dCd8vtHP7
83Ft9rhZW2Oyq42mD9MCNv6CZHounl52FWRPBz95KhyZO0E+Bm5T
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:50:31 2025 by rpki-client