Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/g9Hs1uIFeelsIxcu9-JFATbg5r0.roa
File: g9Hs1uIFeelsIxcu9-JFATbg5r0.roa (raw, json)
Hash identifier: i1uLdd6dy3tsCAr6HgKPaDpJNpr4x+g5kpnEdrNnrzs=
Subject key identifier: 83:D1:EC:D6:E2:05:79:E9:6C:23:17:2E:F7:E2:45:01:36:E0:E6:BD
Certificate issuer: /CN=01f3ef3e0ea95a975537d5c25d93cb76af687234
Certificate serial: 019422FB3C226C15E29685D1497BD459D592
Authority key identifier: 01:F3:EF:3E:0E:A9:5A:97:55:37:D5:C2:5D:93:CB:76:AF:68:72:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/g9Hs1uIFeelsIxcu9-JFATbg5r0.roa
Signing time: Wed 01 Jan 2025 17:47:57 +0000
ROA not before: Wed 01 Jan 2025 17:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49209
IP address blocks: 5.10.141.0/24 maxlen: 24
95.130.195.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:3c:22:6c:15:e2:96:85:d1:49:7b:d4:59:d5:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01f3ef3e0ea95a975537d5c25d93cb76af687234
Validity
Not Before: Jan 1 17:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=83d1ecd6e20579e96c23172ef7e2450136e0e6bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:21:86:bb:0f:5f:61:fa:e3:a6:47:ac:db:23:
4d:d1:8d:ba:c7:79:ba:e2:9d:f5:7e:0d:16:f7:b1:
9b:db:65:f7:ac:cc:a4:cc:7d:b4:f1:7c:e3:e4:bf:
8a:de:c6:34:da:6f:e7:fc:da:a9:b7:8f:04:bc:25:
de:7e:fb:44:be:70:cb:b5:07:cb:7e:e7:a3:ec:c0:
78:0b:8d:57:19:79:70:77:2e:bd:76:96:a3:a1:d5:
9e:09:c7:49:e0:c5:d5:d1:84:17:63:3e:99:43:71:
33:b5:ae:26:15:7e:c4:05:94:91:eb:08:7d:0d:b9:
43:91:1b:9c:61:00:be:44:9e:d3:a8:ae:4c:9a:a7:
5b:18:1a:e1:a1:c0:88:09:70:bd:be:1b:4d:9e:a8:
57:fa:d3:2b:82:13:ac:8f:e5:4c:83:ca:f7:fe:9e:
b3:5f:15:fb:a3:34:96:de:15:e8:23:b2:12:f6:a5:
e5:36:5c:a7:07:4f:15:b8:b2:73:27:5d:ba:a1:6b:
d6:41:be:91:aa:e0:a9:19:79:ff:1e:a6:b1:2b:ba:
91:4b:57:3d:ea:4e:14:15:a3:eb:53:c9:0a:d6:20:
f9:49:55:e8:22:68:b8:83:e2:17:db:1b:43:aa:17:
fd:81:65:45:83:df:33:b7:76:7a:62:37:1d:bb:13:
1a:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:D1:EC:D6:E2:05:79:E9:6C:23:17:2E:F7:E2:45:01:36:E0:E6:BD
X509v3 Authority Key Identifier:
keyid:01:F3:EF:3E:0E:A9:5A:97:55:37:D5:C2:5D:93:CB:76:AF:68:72:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/g9Hs1uIFeelsIxcu9-JFATbg5r0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.141.0/24
95.130.195.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:31:af:37:4d:91:3f:ac:49:05:f8:74:f8:65:86:c4:ad:42:
3c:3d:e1:4c:c9:93:f6:15:64:2f:75:2d:fd:b8:14:0f:f7:da:
09:4b:ad:e5:8d:8f:77:76:47:c4:bc:b6:f3:69:36:95:c1:a1:
50:30:54:a9:67:aa:89:b7:6d:cf:e6:bb:75:a0:80:5f:ae:7c:
91:b4:f1:2e:62:de:5d:cb:32:49:d9:aa:d3:13:1f:c6:57:ac:
97:90:24:6e:ad:0d:40:aa:60:ca:9b:76:04:43:5c:cc:08:56:
0b:43:a8:ef:a3:ea:21:24:47:23:37:dd:07:d4:e7:fb:8f:3d:
bb:f0:97:d6:ad:50:cd:8c:32:45:a6:dd:de:64:a2:30:2e:4c:
97:48:79:e9:98:82:f3:08:ef:32:ac:be:d9:91:e1:1b:cd:20:
c0:34:50:67:57:32:de:96:1a:0f:26:c2:a6:93:ee:a4:6e:b2:
11:9c:2e:21:a1:c4:59:01:13:32:24:e3:e1:24:ee:64:27:f2:
a4:e5:f4:0b:b9:e5:17:2c:90:13:28:3f:f4:88:d7:92:e3:94:
66:a1:61:fe:c5:e4:2a:b7:6a:57:fe:5f:08:f6:ed:0f:33:55:
1b:81:da:47:64:c1:e2:73:15:9b:ad:df:0f:5a:cf:ee:7d:0d:
b1:73:6c:39
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQi+zwibBXiloXRSXvUWdWSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxZjNlZjNlMGVhOTVhOTc1NTM3ZDVjMjVkOTNjYjc2YWY2
ODcyMzQwHhcNMjUwMTAxMTc0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2QxZWNkNmUyMDU3OWU5NmMyMzE3MmVmN2UyNDUwMTM2ZTBlNmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7yGGuw9fYfrjpkes2yNN0Y26x3m6
4p31fg0W97Gb22X3rMykzH208Xzj5L+K3sY02m/n/Nqpt48EvCXefvtEvnDLtQfL
fuej7MB4C41XGXlwdy69dpajodWeCcdJ4MXV0YQXYz6ZQ3Ezta4mFX7EBZSR6wh9
DblDkRucYQC+RJ7TqK5MmqdbGBrhocCICXC9vhtNnqhX+tMrghOsj+VMg8r3/p6z
XxX7ozSW3hXoI7IS9qXlNlynB08VuLJzJ126oWvWQb6RquCpGXn/HqaxK7qRS1c9
6k4UFaPrU8kK1iD5SVXoImi4g+IX2xtDqhf9gWVFg98zt3Z6YjcduxMayQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIPR7NbiBXnpbCMXLvfiRQE24Oa9MB8GA1UdIwQY
MBaAFAHz7z4OqVqXVTfVwl2Ty3avaHI0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWZQdlBnNnBXcGRWTjlYQ1haUExkcTlvY2pRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84NDE3YTAtMDc3Ny00NDZlLTk3ZTEt
MzUzYjNhNjMzYWRhLzEvZzlIczF1SUZlZWxzSXhjdTktSkZBVGJnNXIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84NDE3YTAtMDc3Ny00NDZlLTk3ZTEtMzUzYjNhNjMzYWRh
LzEvQWZQdlBnNnBXcGRWTjlYQ1haUExkcTlvY2pRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABQqNAwQA
X4LDMA0GCSqGSIb3DQEBCwUAA4IBAQBqMa83TZE/rEkF+HT4ZYbErUI8PeFMyZP2
FWQvdS39uBQP99oJS63ljY93dkfEvLbzaTaVwaFQMFSpZ6qJt23P5rt1oIBfrnyR
tPEuYt5dyzJJ2arTEx/GV6yXkCRurQ1AqmDKm3YEQ1zMCFYLQ6jvo+ohJEcjN90H
1Of7jz278JfWrVDNjDJFpt3eZKIwLkyXSHnpmILzCO8yrL7ZkeEbzSDANFBnVzLe
lhoPJsKmk+6kbrIRnC4hocRZARMyJOPhJO5kJ/Kk5fQLueUXLJATKD/0iNeS45Rm
oWH+xeQqt2pX/l8I9u0PM1UbgdpHZMHicxWbrd8PWs/ufQ2xc2w5
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:10:46 2025 by rpki-client