Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/eaT289O4FWfLSNPSCfCVS50JLdA.roa
File: eaT289O4FWfLSNPSCfCVS50JLdA.roa (raw, json)
Hash identifier: 6Ydw1aV3kTAxyagbcZrClYDAIJBPqjkvUlwgRk8W+YE=
Subject key identifier: 79:A4:F6:F3:D3:B8:15:67:CB:48:D3:D2:09:F0:95:4B:9D:09:2D:D0
Certificate issuer: /CN=af5e93f902354ce4804b4cb049cf68b20f76aeb2
Certificate serial: 01941F8C22BC46C6CC1241A47ADB0A06E834
Authority key identifier: AF:5E:93:F9:02:35:4C:E4:80:4B:4C:B0:49:CF:68:B2:0F:76:AE:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r16T-QI1TOSAS0ywSc9osg92rrI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/eaT289O4FWfLSNPSCfCVS50JLdA.roa
Signing time: Wed 01 Jan 2025 01:47:45 +0000
ROA not before: Wed 01 Jan 2025 01:47:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49367
IP address blocks: 91.230.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/r16T-QI1TOSAS0ywSc9osg92rrI.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/r16T-QI1TOSAS0ywSc9osg92rrI.mft
rsync://rpki.ripe.net/repository/DEFAULT/r16T-QI1TOSAS0ywSc9osg92rrI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:22:bc:46:c6:cc:12:41:a4:7a:db:0a:06:e8:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af5e93f902354ce4804b4cb049cf68b20f76aeb2
Validity
Not Before: Jan 1 01:47:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=79a4f6f3d3b81567cb48d3d209f0954b9d092dd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:ea:ca:0f:ff:36:66:55:b9:f6:03:3a:22:8b:
fd:b9:d6:b1:b1:fa:b6:f6:99:91:76:6d:8d:78:1b:
8e:68:a7:b5:ed:8e:9c:03:3e:9f:68:43:a6:70:42:
16:5f:ad:dd:9c:35:bb:8d:ca:95:90:32:d8:09:92:
c7:b4:c5:ee:1e:3e:20:31:7f:c4:5a:ca:0f:c1:04:
dc:9d:3a:3b:85:a9:aa:46:04:18:88:4d:38:5d:04:
b4:af:7b:58:09:2c:59:53:17:dc:c8:98:d7:b6:d7:
61:d7:69:2d:f4:1b:b8:f0:e3:eb:41:ca:28:fa:34:
62:8b:ce:06:5a:1d:9c:c7:05:03:30:9f:25:06:19:
da:c4:b3:97:4a:73:41:d9:2b:fe:1c:26:39:da:5f:
2b:8f:8f:6b:34:03:bf:88:e7:05:15:2a:3b:31:f5:
a8:b1:f6:8d:0e:59:be:40:02:55:87:b4:12:7c:5e:
aa:0c:61:47:f7:8f:6c:d5:d5:34:54:85:31:42:fd:
dd:b8:33:45:58:1a:9a:92:20:74:36:11:2f:66:7d:
d3:f4:2e:e9:f2:b2:e0:83:5f:1e:28:5b:15:fb:83:
bd:1f:a5:99:6e:40:f9:ac:c5:59:da:c6:35:e6:fa:
d0:cf:8b:de:ec:d4:4c:73:2b:7e:e0:de:a9:28:72:
d3:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:A4:F6:F3:D3:B8:15:67:CB:48:D3:D2:09:F0:95:4B:9D:09:2D:D0
X509v3 Authority Key Identifier:
keyid:AF:5E:93:F9:02:35:4C:E4:80:4B:4C:B0:49:CF:68:B2:0F:76:AE:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r16T-QI1TOSAS0ywSc9osg92rrI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/eaT289O4FWfLSNPSCfCVS50JLdA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/r16T-QI1TOSAS0ywSc9osg92rrI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.247.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:18:60:be:b3:4c:0e:62:50:aa:f1:9e:46:22:94:40:90:83:
f1:51:c6:f6:27:07:82:89:4b:60:99:fa:a3:5d:81:03:40:6b:
d4:58:e9:75:5c:bc:bb:82:28:40:dc:61:8e:15:d4:2d:c2:6f:
ff:f3:2a:c5:ea:68:15:e0:a0:69:e0:b5:f2:9d:00:17:d9:0c:
9a:17:77:10:40:b4:a9:6f:ca:fb:ce:18:0b:11:40:73:83:1b:
8f:20:fa:35:a0:95:1a:63:45:60:92:14:02:da:ba:df:90:5f:
88:72:60:2f:b2:87:56:02:cc:bf:97:e9:2f:ea:1f:e5:37:54:
9d:86:2c:ab:96:85:9f:44:e8:9d:a3:f3:c5:61:31:4a:28:21:
77:2c:78:b6:72:49:37:f9:32:30:69:90:b4:d5:df:e0:5e:47:
34:33:8d:86:96:38:ca:ee:02:6e:af:28:88:47:0c:93:f5:a2:
2b:73:36:1a:7b:59:29:fb:b5:a1:cf:35:e5:50:35:8e:9b:46:
2a:b0:c6:ac:52:0e:46:e1:75:73:24:59:7d:8b:02:2c:97:f3:
17:3a:d2:82:ea:76:6a:d9:de:b3:03:94:15:61:dd:7f:df:e0:
96:24:d8:eb:5f:f4:2e:31:8b:61:21:be:db:21:93:0a:b5:84:
45:c6:18:75
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjCK8RsbMEkGketsKBug0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNWU5M2Y5MDIzNTRjZTQ4MDRiNGNiMDQ5Y2Y2OGIyMGY3
NmFlYjIwHhcNMjUwMTAxMDE0NzQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWE0ZjZmM2QzYjgxNTY3Y2I0OGQzZDIwOWYwOTU0YjlkMDkyZGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0urKD/82ZlW59gM6Iov9udaxsfq2
9pmRdm2NeBuOaKe17Y6cAz6faEOmcEIWX63dnDW7jcqVkDLYCZLHtMXuHj4gMX/E
WsoPwQTcnTo7hamqRgQYiE04XQS0r3tYCSxZUxfcyJjXttdh12kt9Bu48OPrQcoo
+jRii84GWh2cxwUDMJ8lBhnaxLOXSnNB2Sv+HCY52l8rj49rNAO/iOcFFSo7MfWo
sfaNDlm+QAJVh7QSfF6qDGFH949s1dU0VIUxQv3duDNFWBqakiB0NhEvZn3T9C7p
8rLgg18eKFsV+4O9H6WZbkD5rMVZ2sY15vrQz4ve7NRMcyt+4N6pKHLT6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHmk9vPTuBVny0jT0gnwlUudCS3QMB8GA1UdIwQY
MBaAFK9ek/kCNUzkgEtMsEnPaLIPdq6yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjE2VC1RSTFUT1NBUzB5d1NjOW9zZzkycnJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9mNDAwNGItZDYwMi00NzVkLTkzMWIt
N2UwNWFkMDE5MGNlLzEvZWFUMjg5TzRGV2ZMU05QU0NmQ1ZTNTBKTGRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9mNDAwNGItZDYwMi00NzVkLTkzMWItN2UwNWFkMDE5MGNl
LzEvcjE2VC1RSTFUT1NBUzB5d1NjOW9zZzkycnJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+b3MA0G
CSqGSIb3DQEBCwUAA4IBAQA9GGC+s0wOYlCq8Z5GIpRAkIPxUcb2JweCiUtgmfqj
XYEDQGvUWOl1XLy7gihA3GGOFdQtwm//8yrF6mgV4KBp4LXynQAX2QyaF3cQQLSp
b8r7zhgLEUBzgxuPIPo1oJUaY0VgkhQC2rrfkF+IcmAvsodWAsy/l+kv6h/lN1Sd
hiyrloWfROido/PFYTFKKCF3LHi2ckk3+TIwaZC01d/gXkc0M42GljjK7gJuryiI
RwyT9aIrczYae1kp+7WhzzXlUDWOm0YqsMasUg5G4XVzJFl9iwIsl/MXOtKC6nZq
2d6zA5QVYd1/3+CWJNjrX/QuMYthIb7bIZMKtYRFxhh1
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:02:00 2025 by rpki-client