Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/a99355-2d01-4da5-8e73-1bc552c00dd7/1/kkhZtXnFFbbyksJB3tfkXPoindU.roa
File: kkhZtXnFFbbyksJB3tfkXPoindU.roa (raw, json)
Hash identifier: AnX+QPeb1iA6tYHpW/GJq8CbkdKou5XvPzQURX4/+g0=
Subject key identifier: 92:48:59:B5:79:C5:15:B6:F2:92:C2:41:DE:D7:E4:5C:FA:22:9D:D5
Certificate issuer: /CN=10953e607670ff738eee6a6b577d8c8b2804e1e1
Certificate serial: 01942067F841956BDEFAC531FC97CF5C1398
Authority key identifier: 10:95:3E:60:76:70:FF:73:8E:EE:6A:6B:57:7D:8C:8B:28:04:E1:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EJU-YHZw_3OO7mprV32MiygE4eE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/a99355-2d01-4da5-8e73-1bc552c00dd7/1/kkhZtXnFFbbyksJB3tfkXPoindU.roa
Signing time: Wed 01 Jan 2025 05:47:52 +0000
ROA not before: Wed 01 Jan 2025 05:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 176.124.224.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/a99355-2d01-4da5-8e73-1bc552c00dd7/1/EJU-YHZw_3OO7mprV32MiygE4eE.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/a99355-2d01-4da5-8e73-1bc552c00dd7/1/EJU-YHZw_3OO7mprV32MiygE4eE.mft
rsync://rpki.ripe.net/repository/DEFAULT/EJU-YHZw_3OO7mprV32MiygE4eE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 19:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:f8:41:95:6b:de:fa:c5:31:fc:97:cf:5c:13:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=10953e607670ff738eee6a6b577d8c8b2804e1e1
Validity
Not Before: Jan 1 05:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=924859b579c515b6f292c241ded7e45cfa229dd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:db:88:8b:63:af:7d:16:43:ef:db:c6:3b:65:
e3:13:e6:77:0f:f1:aa:a2:27:dc:51:54:e9:2e:70:
73:ed:5d:18:a1:35:27:5e:b6:fe:74:f9:75:71:f7:
87:ea:af:68:8e:40:bb:06:ca:13:88:5d:33:45:e1:
53:b3:9a:65:84:d6:3f:f3:07:81:d7:2d:5b:f9:72:
a1:9c:ee:52:c2:91:0a:5f:20:c1:63:75:e8:3a:c7:
56:6f:d6:30:d8:db:0c:fc:06:f2:fb:b3:5f:25:d6:
5c:fd:66:13:94:22:78:51:b7:d7:91:69:2b:da:f4:
d2:2c:7b:ff:0c:9f:f4:7f:15:ee:ee:d8:8b:b0:d7:
39:3c:e0:8b:eb:ad:5a:a1:4d:29:b2:4b:44:b8:4b:
ee:71:05:6a:1d:d6:a1:ee:3f:c1:2c:19:84:38:99:
3d:37:15:7f:e4:f6:f4:58:1b:aa:e8:4c:9a:57:a6:
f5:70:00:66:4f:e9:89:88:e1:ac:a4:6c:bd:1e:fe:
c3:09:09:90:a5:44:bc:d6:32:6f:ec:07:e0:41:2c:
18:4f:9c:d3:cf:c4:16:d4:11:46:81:ff:9f:30:ee:
5d:60:ec:56:86:82:a3:30:2d:d1:ff:99:15:ac:32:
b9:4d:89:10:b0:71:f9:3c:18:7d:de:36:41:a7:fc:
46:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:48:59:B5:79:C5:15:B6:F2:92:C2:41:DE:D7:E4:5C:FA:22:9D:D5
X509v3 Authority Key Identifier:
keyid:10:95:3E:60:76:70:FF:73:8E:EE:6A:6B:57:7D:8C:8B:28:04:E1:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EJU-YHZw_3OO7mprV32MiygE4eE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/a99355-2d01-4da5-8e73-1bc552c00dd7/1/kkhZtXnFFbbyksJB3tfkXPoindU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/a99355-2d01-4da5-8e73-1bc552c00dd7/1/EJU-YHZw_3OO7mprV32MiygE4eE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.124.224.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:67:c3:9e:10:e9:cb:6d:15:0d:e5:a4:bf:8c:9c:20:b6:57:
80:d8:42:b0:2d:df:1a:7f:ec:7e:7a:0c:28:a7:67:41:61:78:
af:ef:cf:b2:81:13:87:d0:8d:91:8c:53:11:d1:5c:a1:f0:d1:
68:cd:4d:bd:a4:df:a2:48:65:cc:c1:6f:ba:12:7b:ea:91:5a:
d3:00:f7:11:b3:db:da:05:e9:c4:88:56:da:05:dc:67:63:7d:
77:61:f3:38:d2:46:bf:dd:f0:64:85:24:f5:44:a4:61:06:23:
c9:20:44:a9:89:a9:31:cf:e3:98:0e:e3:48:47:cd:ee:46:0e:
6a:74:ee:9f:b6:75:0c:2e:0f:5a:f7:72:76:3b:08:30:a8:08:
31:57:f5:6a:b1:8d:bd:90:e5:58:f5:af:a5:ff:ac:43:66:ed:
d5:61:6c:02:56:9f:f4:99:ee:75:5b:05:ac:4f:3f:84:ed:c2:
bf:82:7d:13:2f:82:09:39:4d:42:67:75:cc:01:8d:c0:4e:f3:
79:4e:d7:4d:05:d3:cf:a5:6c:d3:26:cf:c8:6e:56:7a:84:64:
47:4b:93:63:d8:c5:2a:04:12:61:70:f9:92:a6:a7:ad:d2:14:
26:61:ad:cf:f2:bc:46:4b:41:ba:42:bc:5e:c8:3f:62:de:95:
db:44:e8:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgZ/hBlWve+sUx/JfPXBOYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwOTUzZTYwNzY3MGZmNzM4ZWVlNmE2YjU3N2Q4YzhiMjgw
NGUxZTEwHhcNMjUwMTAxMDU0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjQ4NTliNTc5YzUxNWI2ZjI5MmMyNDFkZWQ3ZTQ1Y2ZhMjI5ZGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyNuIi2OvfRZD79vGO2XjE+Z3D/Gq
oifcUVTpLnBz7V0YoTUnXrb+dPl1cfeH6q9ojkC7BsoTiF0zReFTs5plhNY/8weB
1y1b+XKhnO5SwpEKXyDBY3XoOsdWb9Yw2NsM/Aby+7NfJdZc/WYTlCJ4UbfXkWkr
2vTSLHv/DJ/0fxXu7tiLsNc5POCL661aoU0psktEuEvucQVqHdah7j/BLBmEOJk9
NxV/5Pb0WBuq6EyaV6b1cABmT+mJiOGspGy9Hv7DCQmQpUS81jJv7AfgQSwYT5zT
z8QW1BFGgf+fMO5dYOxWhoKjMC3R/5kVrDK5TYkQsHH5PBh93jZBp/xGvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJJIWbV5xRW28pLCQd7X5Fz6Ip3VMB8GA1UdIwQY
MBaAFBCVPmB2cP9zju5qa1d9jIsoBOHhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUpVLVlIWndfM09PN21wclYzMk1peWdFNGVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9hOTkzNTUtMmQwMS00ZGE1LThlNzMt
MWJjNTUyYzAwZGQ3LzEva2toWnRYbkZGYmJ5a3NKQjN0ZmtYUG9pbmRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9hOTkzNTUtMmQwMS00ZGE1LThlNzMtMWJjNTUyYzAwZGQ3
LzEvRUpVLVlIWndfM09PN21wclYzMk1peWdFNGVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsHzgMA0G
CSqGSIb3DQEBCwUAA4IBAQBqZ8OeEOnLbRUN5aS/jJwgtleA2EKwLd8af+x+egwo
p2dBYXiv78+ygROH0I2RjFMR0Vyh8NFozU29pN+iSGXMwW+6EnvqkVrTAPcRs9va
BenEiFbaBdxnY313YfM40ka/3fBkhST1RKRhBiPJIESpiakxz+OYDuNIR83uRg5q
dO6ftnUMLg9a93J2OwgwqAgxV/VqsY29kOVY9a+l/6xDZu3VYWwCVp/0me51WwWs
Tz+E7cK/gn0TL4IJOU1CZ3XMAY3ATvN5TtdNBdPPpWzTJs/IblZ6hGRHS5Nj2MUq
BBJhcPmSpqet0hQmYa3P8rxGS0G6QrxeyD9i3pXbROhm
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:43:16 2025 by rpki-client