Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/e6a02e-0146-44a6-9dfc-d4209fc7f3c9/1/dldB0wg3sOKFlgEWz6LNxn-RMtU.roa
File: dldB0wg3sOKFlgEWz6LNxn-RMtU.roa (raw, json)
Hash identifier: A/mZd0VT9lvf5tIKF1PGUACWDIq15nwU2xObWbHt5Q0=
Subject key identifier: 76:57:41:D3:08:37:B0:E2:85:96:01:16:CF:A2:CD:C6:7F:91:32:D5
Certificate issuer: /CN=762c60af4d73725845ceaf0b7b585e7757066965
Certificate serial: 019424B3AF2C76E72B17A6347F00D0C9C474
Authority key identifier: 76:2C:60:AF:4D:73:72:58:45:CE:AF:0B:7B:58:5E:77:57:06:69:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dixgr01zclhFzq8Le1hed1cGaWU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/e6a02e-0146-44a6-9dfc-d4209fc7f3c9/1/dldB0wg3sOKFlgEWz6LNxn-RMtU.roa
Signing time: Thu 02 Jan 2025 01:49:03 +0000
ROA not before: Thu 02 Jan 2025 01:49:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13044
IP address blocks: 91.240.80.0/24 maxlen: 24
91.240.81.0/24 maxlen: 24
91.240.82.0/24 maxlen: 24
91.240.83.0/24 maxlen: 24
194.246.88.0/24 maxlen: 24
194.246.89.0/24 maxlen: 24
194.246.90.0/24 maxlen: 24
194.246.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/e6a02e-0146-44a6-9dfc-d4209fc7f3c9/1/dixgr01zclhFzq8Le1hed1cGaWU.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/e6a02e-0146-44a6-9dfc-d4209fc7f3c9/1/dixgr01zclhFzq8Le1hed1cGaWU.mft
rsync://rpki.ripe.net/repository/DEFAULT/dixgr01zclhFzq8Le1hed1cGaWU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 02:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:af:2c:76:e7:2b:17:a6:34:7f:00:d0:c9:c4:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=762c60af4d73725845ceaf0b7b585e7757066965
Validity
Not Before: Jan 2 01:49:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=765741d30837b0e285960116cfa2cdc67f9132d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:22:a0:97:76:b2:1d:9f:2b:6a:aa:62:57:2b:
c5:e0:e5:f7:ca:c6:d1:83:55:75:2d:5d:02:ef:8c:
9a:ff:af:f3:77:77:38:aa:26:d8:55:6d:7f:c0:a0:
0f:c4:a6:07:a7:23:88:4c:d7:4c:65:d0:e6:5a:d3:
7b:72:12:7b:cf:e8:4a:6b:bf:9f:30:13:7b:d7:f1:
f6:06:21:60:76:e2:6d:13:54:66:5b:91:45:5b:9e:
b7:a8:81:7a:36:fe:70:27:ad:95:13:cc:77:cb:25:
77:71:26:a1:71:dc:1f:98:53:8f:6c:61:d2:69:71:
44:e7:96:87:ff:d2:d5:26:45:03:78:7e:e9:b6:83:
01:17:c8:3a:08:f7:f7:e4:18:ba:b7:2b:17:cf:28:
98:0f:f1:6f:cc:46:e6:b9:3e:2d:53:4b:4f:cb:2e:
9e:d2:0a:fa:7a:3c:da:7e:44:d7:6c:1a:6c:de:9c:
e4:0c:e1:3b:46:75:76:f8:7b:66:25:53:34:3c:24:
bb:50:e5:76:6b:83:a0:03:33:2c:ef:94:ca:87:e6:
c4:9d:62:c9:0a:b2:d3:2b:26:03:80:48:dd:a0:be:
64:a6:15:e2:44:cf:03:76:85:d6:64:94:a9:e5:48:
0d:6e:83:e8:40:b1:b9:21:65:c7:bf:fc:63:53:5b:
97:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:57:41:D3:08:37:B0:E2:85:96:01:16:CF:A2:CD:C6:7F:91:32:D5
X509v3 Authority Key Identifier:
keyid:76:2C:60:AF:4D:73:72:58:45:CE:AF:0B:7B:58:5E:77:57:06:69:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dixgr01zclhFzq8Le1hed1cGaWU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/e6a02e-0146-44a6-9dfc-d4209fc7f3c9/1/dldB0wg3sOKFlgEWz6LNxn-RMtU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/e6a02e-0146-44a6-9dfc-d4209fc7f3c9/1/dixgr01zclhFzq8Le1hed1cGaWU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.240.80.0/22
194.246.88.0/22
Signature Algorithm: sha256WithRSAEncryption
3e:31:45:48:b6:c4:21:06:2e:c2:23:08:fb:8e:e9:6b:47:7c:
2a:ba:17:32:f2:1b:35:f3:0d:ab:97:77:46:45:f7:f2:8e:b7:
37:50:b1:6a:d8:04:33:25:05:66:bf:cf:89:78:38:0a:04:15:
d2:a8:a2:94:e2:1e:c7:3f:bc:1e:0d:31:74:00:f0:32:60:ae:
0c:6d:ca:d6:0e:78:50:80:a6:36:a7:a2:fc:9a:bb:c5:cc:2d:
7a:b4:da:30:73:b2:95:76:c9:77:98:ec:d3:33:81:d4:df:be:
22:40:e3:7e:44:81:4b:49:8c:4d:69:c9:b9:39:58:38:1b:0a:
c1:29:32:e8:58:77:87:1f:df:8c:d1:8e:26:75:6d:5c:8d:36:
a6:6c:5c:76:ce:f2:c4:6d:9c:b3:db:6e:df:41:38:7b:dc:a3:
38:f9:e4:46:ec:de:c6:b3:41:6f:25:a2:9b:7b:69:c4:8f:0f:
fc:6e:d6:d3:0a:bf:04:f3:09:34:64:b4:b6:bc:aa:99:e8:6b:
b9:54:57:62:cb:b8:bf:fd:da:bc:ee:52:11:c8:74:17:90:03:
ee:8e:a8:f8:6c:5a:36:50:c2:7f:a8:98:46:66:7b:64:d3:cf:
cc:2d:3c:4b:3f:0e:20:7f:40:fb:51:b6:54:a1:1a:e0:a3:78:
88:be:7f:98
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQks68sducrF6Y0fwDQycR0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2MmM2MGFmNGQ3MzcyNTg0NWNlYWYwYjdiNTg1ZTc3NTcw
NjY5NjUwHhcNMjUwMTAyMDE0OTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjU3NDFkMzA4MzdiMGUyODU5NjAxMTZjZmEyY2RjNjdmOTEzMmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAySKgl3ayHZ8raqpiVyvF4OX3ysbR
g1V1LV0C74ya/6/zd3c4qibYVW1/wKAPxKYHpyOITNdMZdDmWtN7chJ7z+hKa7+f
MBN71/H2BiFgduJtE1RmW5FFW563qIF6Nv5wJ62VE8x3yyV3cSahcdwfmFOPbGHS
aXFE55aH/9LVJkUDeH7ptoMBF8g6CPf35Bi6tysXzyiYD/FvzEbmuT4tU0tPyy6e
0gr6ejzafkTXbBps3pzkDOE7RnV2+HtmJVM0PCS7UOV2a4OgAzMs75TKh+bEnWLJ
CrLTKyYDgEjdoL5kphXiRM8DdoXWZJSp5UgNboPoQLG5IWXHv/xjU1uXdQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHZXQdMIN7DihZYBFs+izcZ/kTLVMB8GA1UdIwQY
MBaAFHYsYK9Nc3JYRc6vC3tYXndXBmllMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGl4Z3IwMXpjbGhGenE4TGUxaGVkMWNHYVdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9lNmEwMmUtMDE0Ni00NGE2LTlkZmMt
ZDQyMDlmYzdmM2M5LzEvZGxkQjB3ZzNzT0tGbGdFV3o2TE54bi1STXRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9lNmEwMmUtMDE0Ni00NGE2LTlkZmMtZDQyMDlmYzdmM2M5
LzEvZGl4Z3IwMXpjbGhGenE4TGUxaGVkMWNHYVdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW/BQAwQC
wvZYMA0GCSqGSIb3DQEBCwUAA4IBAQA+MUVItsQhBi7CIwj7julrR3wquhcy8hs1
8w2rl3dGRffyjrc3ULFq2AQzJQVmv8+JeDgKBBXSqKKU4h7HP7weDTF0APAyYK4M
bcrWDnhQgKY2p6L8mrvFzC16tNowc7KVdsl3mOzTM4HU374iQON+RIFLSYxNacm5
OVg4GwrBKTLoWHeHH9+M0Y4mdW1cjTambFx2zvLEbZyz227fQTh73KM4+eRG7N7G
s0FvJaKbe2nEjw/8btbTCr8E8wk0ZLS2vKqZ6Gu5VFdiy7i//dq87lIRyHQXkAPu
jqj4bFo2UMJ/qJhGZntk08/MLTxLPw4gf0D7UbZUoRrgo3iIvn+Y
-----END CERTIFICATE-----
Generated at Wed Apr 16 09:17:47 2025 by rpki-client