Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/d7zRd6MptHTWJQgyfw6tgdDV_9A.roa
File: d7zRd6MptHTWJQgyfw6tgdDV_9A.roa (raw, json)
Hash identifier: oELlLX+h376OqFFHKdf5s0R3SvC5xRLsvCJ5JL8+PK4=
Subject key identifier: 77:BC:D1:77:A3:29:B4:74:D6:25:08:32:7F:0E:AD:81:D0:D5:FF:D0
Certificate issuer: /CN=af5e93f902354ce4804b4cb049cf68b20f76aeb2
Certificate serial: 01941F8C26CC316E7FE360A9AFA4B7451CCD
Authority key identifier: AF:5E:93:F9:02:35:4C:E4:80:4B:4C:B0:49:CF:68:B2:0F:76:AE:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r16T-QI1TOSAS0ywSc9osg92rrI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/d7zRd6MptHTWJQgyfw6tgdDV_9A.roa
Signing time: Wed 01 Jan 2025 01:47:46 +0000
ROA not before: Wed 01 Jan 2025 01:47:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212052
IP address blocks: 91.228.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/r16T-QI1TOSAS0ywSc9osg92rrI.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/r16T-QI1TOSAS0ywSc9osg92rrI.mft
rsync://rpki.ripe.net/repository/DEFAULT/r16T-QI1TOSAS0ywSc9osg92rrI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 19:01:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:26:cc:31:6e:7f:e3:60:a9:af:a4:b7:45:1c:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af5e93f902354ce4804b4cb049cf68b20f76aeb2
Validity
Not Before: Jan 1 01:47:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=77bcd177a329b474d62508327f0ead81d0d5ffd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:b9:15:97:8c:13:6c:8d:82:19:ee:ca:d0:50:
2e:44:2f:d9:6e:0d:64:13:58:4f:4f:f2:7c:20:12:
43:a1:7c:98:6e:91:80:ad:96:81:ac:2d:40:62:07:
9e:e4:c3:a2:ea:eb:6d:b1:8e:8c:1b:68:ef:05:b3:
bb:cd:24:32:31:87:ab:b2:63:6e:c5:e5:50:8d:64:
1d:56:88:7d:4e:99:9a:71:40:79:19:3b:49:ab:9b:
f8:4d:02:a6:ab:ef:d0:e2:86:1d:58:b1:38:dd:c5:
11:96:cf:a4:53:b4:a5:69:d1:d0:ad:7c:e5:1e:3f:
18:cf:b7:1e:2d:c9:be:e9:e2:f7:06:ed:d5:d1:d1:
49:57:f0:4b:eb:58:eb:de:45:ae:47:b0:6e:0d:15:
37:d7:da:ec:49:d5:43:01:be:76:31:6f:5e:0f:d1:
ff:ee:cb:27:50:78:b1:a8:04:2c:21:2c:82:99:4d:
92:99:84:17:98:d7:42:9f:9a:35:17:d5:51:70:f9:
23:df:d4:4f:3e:8d:cd:4d:ac:fb:b6:2f:20:df:df:
47:b3:46:89:f9:c6:5b:e9:cb:f6:cf:7d:1a:0a:89:
7d:69:b8:2a:ad:be:d9:9b:9a:2b:bb:aa:47:95:5f:
90:fd:c3:98:89:ca:22:9b:40:a0:92:3b:87:34:fb:
cb:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:BC:D1:77:A3:29:B4:74:D6:25:08:32:7F:0E:AD:81:D0:D5:FF:D0
X509v3 Authority Key Identifier:
keyid:AF:5E:93:F9:02:35:4C:E4:80:4B:4C:B0:49:CF:68:B2:0F:76:AE:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r16T-QI1TOSAS0ywSc9osg92rrI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/d7zRd6MptHTWJQgyfw6tgdDV_9A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/r16T-QI1TOSAS0ywSc9osg92rrI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.203.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:21:0f:2b:97:61:b3:39:33:52:6a:67:66:37:5f:93:b6:e9:
4f:3b:ed:6f:b4:4e:1d:26:84:f7:e0:e7:88:c7:9e:1b:f3:90:
cb:c1:dd:15:87:33:dd:33:cd:6b:ab:ff:42:71:d5:32:a9:66:
de:b8:79:5a:2c:6d:c7:43:08:5e:84:a3:96:20:a8:a4:b8:90:
25:aa:94:aa:47:6a:51:67:30:9c:60:fd:ca:0f:93:6f:b9:1e:
32:07:a8:a0:d2:5f:7f:c5:8a:48:7a:83:d5:60:b7:79:42:7a:
14:2a:11:02:ff:de:5f:41:0e:94:5d:6c:ff:38:cb:8a:93:c2:
8c:52:87:92:ae:b4:4d:67:64:1d:9c:af:d0:6d:8a:80:9a:77:
2e:af:36:8e:4b:65:5f:74:21:bf:87:9f:df:23:e5:94:b9:40:
f8:e1:e8:6e:ce:8b:5b:3b:6b:fd:92:0b:d8:21:db:c2:3a:80:
72:1f:3e:a7:75:67:dd:b4:fb:29:38:da:40:7d:fa:b9:aa:fb:
ae:65:36:f6:66:cf:fd:c7:ac:1f:de:49:bd:dc:b0:56:76:61:
be:ac:c9:07:e4:5a:ff:62:4b:99:71:07:5a:ea:3f:96:d5:b8:
fc:29:4a:10:78:fe:e9:e3:82:df:7d:11:70:cd:f1:11:cd:d5:
03:a9:04:b1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjCbMMW5/42Cpr6S3RRzNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNWU5M2Y5MDIzNTRjZTQ4MDRiNGNiMDQ5Y2Y2OGIyMGY3
NmFlYjIwHhcNMjUwMTAxMDE0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2JjZDE3N2EzMjliNDc0ZDYyNTA4MzI3ZjBlYWQ4MWQwZDVmZmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlrkVl4wTbI2CGe7K0FAuRC/Zbg1k
E1hPT/J8IBJDoXyYbpGArZaBrC1AYgee5MOi6uttsY6MG2jvBbO7zSQyMYersmNu
xeVQjWQdVoh9TpmacUB5GTtJq5v4TQKmq+/Q4oYdWLE43cURls+kU7SladHQrXzl
Hj8Yz7ceLcm+6eL3Bu3V0dFJV/BL61jr3kWuR7BuDRU319rsSdVDAb52MW9eD9H/
7ssnUHixqAQsISyCmU2SmYQXmNdCn5o1F9VRcPkj39RPPo3NTaz7ti8g399Hs0aJ
+cZb6cv2z30aCol9abgqrb7Zm5oru6pHlV+Q/cOYicoim0CgkjuHNPvLfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHe80XejKbR01iUIMn8OrYHQ1f/QMB8GA1UdIwQY
MBaAFK9ek/kCNUzkgEtMsEnPaLIPdq6yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjE2VC1RSTFUT1NBUzB5d1NjOW9zZzkycnJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9mNDAwNGItZDYwMi00NzVkLTkzMWIt
N2UwNWFkMDE5MGNlLzEvZDd6UmQ2TXB0SFRXSlFneWZ3NnRnZERWXzlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9mNDAwNGItZDYwMi00NzVkLTkzMWItN2UwNWFkMDE5MGNl
LzEvcjE2VC1RSTFUT1NBUzB5d1NjOW9zZzkycnJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+TLMA0G
CSqGSIb3DQEBCwUAA4IBAQAdIQ8rl2GzOTNSamdmN1+TtulPO+1vtE4dJoT34OeI
x54b85DLwd0VhzPdM81rq/9CcdUyqWbeuHlaLG3HQwhehKOWIKikuJAlqpSqR2pR
ZzCcYP3KD5NvuR4yB6ig0l9/xYpIeoPVYLd5QnoUKhEC/95fQQ6UXWz/OMuKk8KM
UoeSrrRNZ2QdnK/QbYqAmncurzaOS2VfdCG/h5/fI+WUuUD44ehuzotbO2v9kgvY
IdvCOoByHz6ndWfdtPspONpAffq5qvuuZTb2Zs/9x6wf3km93LBWdmG+rMkH5Fr/
YkuZcQda6j+W1bj8KUoQeP7p44LffRFwzfERzdUDqQSx
-----END CERTIFICATE-----
Generated at Tue Apr 8 02:10:32 2025 by rpki-client