Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/081bd4-1210-4021-a864-b50cf5f2aa22/1/1Di0Xz_MpkFSCrXwieDlABcYUOY.roa
File: 1Di0Xz_MpkFSCrXwieDlABcYUOY.roa (raw, json)
Hash identifier: e9+8w6PzwdqZ5DMc28fcl3/6JCrUHirDY/ShA9oFLww=
Subject key identifier: D4:38:B4:5F:3F:CC:A6:41:52:0A:B5:F0:89:E0:E5:00:17:18:50:E6
Certificate issuer: /CN=83c103d65a54d6af1efba6ac3e63722028af2bb1
Certificate serial: 019420D6366BA8C2B3EC84CBA2905D7C1770
Authority key identifier: 83:C1:03:D6:5A:54:D6:AF:1E:FB:A6:AC:3E:63:72:20:28:AF:2B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g8ED1lpU1q8e-6asPmNyICivK7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/081bd4-1210-4021-a864-b50cf5f2aa22/1/1Di0Xz_MpkFSCrXwieDlABcYUOY.roa
Signing time: Wed 01 Jan 2025 07:48:16 +0000
ROA not before: Wed 01 Jan 2025 07:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206570
IP address blocks: 66.22.239.0/24 maxlen: 24
66.22.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/46/081bd4-1210-4021-a864-b50cf5f2aa22/1/g8ED1lpU1q8e-6asPmNyICivK7E.crl
rsync://rpki.ripe.net/repository/DEFAULT/46/081bd4-1210-4021-a864-b50cf5f2aa22/1/g8ED1lpU1q8e-6asPmNyICivK7E.mft
rsync://rpki.ripe.net/repository/DEFAULT/g8ED1lpU1q8e-6asPmNyICivK7E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 18:34:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:36:6b:a8:c2:b3:ec:84:cb:a2:90:5d:7c:17:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83c103d65a54d6af1efba6ac3e63722028af2bb1
Validity
Not Before: Jan 1 07:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d438b45f3fcca641520ab5f089e0e500171850e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:fd:fc:a2:9c:94:ee:fa:01:36:3e:eb:39:57:
42:60:f1:b9:50:92:ff:ef:55:e5:d8:3e:73:b2:ab:
58:10:eb:7f:89:3f:40:43:fd:3e:2c:f2:d6:17:0c:
98:15:fe:77:1e:a0:45:00:b3:1e:5a:6f:e0:41:67:
56:a1:20:e7:5e:bc:40:83:51:1a:d9:e1:e4:89:91:
ba:24:71:cd:4e:26:cc:3a:e0:4c:aa:a2:54:ec:b0:
ba:81:e7:66:b6:51:d5:06:b0:a4:0c:a0:26:33:bc:
43:28:a7:3d:ba:5c:5f:29:a9:5d:2b:86:db:df:21:
2d:28:9e:56:a0:cc:30:0d:37:fd:5b:9b:f5:04:a7:
1a:ce:45:9d:08:9c:54:85:06:ab:38:c8:3e:ac:6f:
6a:41:c1:bf:0a:c0:6e:a1:c1:ab:d0:a5:5e:90:43:
9b:c7:5e:52:79:a9:b9:6e:e4:09:8a:da:c8:0e:c5:
6d:28:a7:43:66:56:9d:df:96:84:81:f7:7e:fb:05:
17:ed:3f:fe:95:83:32:62:69:f0:28:8a:37:d3:85:
9e:d2:40:f7:b5:59:98:f5:9b:50:cf:1b:03:9f:a8:
38:a6:83:4b:8c:93:c9:9e:e6:a7:61:9f:8e:e9:5d:
8d:1a:b8:a4:4f:2e:67:55:2b:56:43:a9:bd:ee:4d:
76:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:38:B4:5F:3F:CC:A6:41:52:0A:B5:F0:89:E0:E5:00:17:18:50:E6
X509v3 Authority Key Identifier:
keyid:83:C1:03:D6:5A:54:D6:AF:1E:FB:A6:AC:3E:63:72:20:28:AF:2B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g8ED1lpU1q8e-6asPmNyICivK7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/081bd4-1210-4021-a864-b50cf5f2aa22/1/1Di0Xz_MpkFSCrXwieDlABcYUOY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/081bd4-1210-4021-a864-b50cf5f2aa22/1/g8ED1lpU1q8e-6asPmNyICivK7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
66.22.239.0-66.22.240.255
Signature Algorithm: sha256WithRSAEncryption
69:c7:83:b7:18:14:41:b9:ba:9a:d1:e8:a1:32:73:0d:91:68:
bd:45:0d:e9:5d:7f:24:21:d8:69:94:03:16:02:9d:12:0b:a7:
1e:4c:61:61:36:48:d8:cb:ae:64:35:15:e4:d2:a6:ea:6e:15:
ef:a6:94:bc:94:ba:ba:ac:02:ee:e1:d1:44:36:78:11:67:86:
98:fd:87:83:28:56:74:c2:de:a8:73:b4:5d:96:4b:5e:06:03:
42:62:ae:0d:a1:fc:2d:26:46:6f:12:5a:a1:7d:51:b2:60:a8:
32:37:07:6f:d4:75:47:15:79:3d:d3:2d:d8:32:b9:ee:94:8d:
cb:a5:eb:12:cf:af:2f:7a:b7:3f:04:fa:85:18:b2:78:6c:46:
c0:a1:20:99:21:c1:cf:ce:6f:d6:ba:de:bd:a9:81:0f:15:71:
11:4e:ca:b8:73:54:11:2a:17:a9:22:8c:c8:9a:b9:56:64:ce:
47:35:b0:71:3d:79:df:12:1c:aa:08:69:01:a1:08:23:6f:c0:
4f:73:49:c0:42:27:61:f9:ce:ca:52:d1:a1:d4:c8:12:90:bc:
b7:c0:e3:17:20:67:4e:df:ed:2f:10:65:21:56:5d:7a:9e:5b:
62:a4:e1:ad:d2:98:cb:c0:a3:3d:97:da:cb:43:59:74:b8:3c:
57:7b:7d:82
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQg1jZrqMKz7ITLopBdfBdwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzYzEwM2Q2NWE1NGQ2YWYxZWZiYTZhYzNlNjM3MjIwMjhh
ZjJiYjEwHhcNMjUwMTAxMDc0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDM4YjQ1ZjNmY2NhNjQxNTIwYWI1ZjA4OWUwZTUwMDE3MTg1MGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnf38opyU7voBNj7rOVdCYPG5UJL/
71Xl2D5zsqtYEOt/iT9AQ/0+LPLWFwyYFf53HqBFALMeWm/gQWdWoSDnXrxAg1Ea
2eHkiZG6JHHNTibMOuBMqqJU7LC6gedmtlHVBrCkDKAmM7xDKKc9ulxfKaldK4bb
3yEtKJ5WoMwwDTf9W5v1BKcazkWdCJxUhQarOMg+rG9qQcG/CsBuocGr0KVekEOb
x15Seam5buQJitrIDsVtKKdDZlad35aEgfd++wUX7T/+lYMyYmnwKIo304We0kD3
tVmY9ZtQzxsDn6g4poNLjJPJnuanYZ+O6V2NGrikTy5nVStWQ6m97k12UQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNQ4tF8/zKZBUgq18Ing5QAXGFDmMB8GA1UdIwQY
MBaAFIPBA9ZaVNavHvumrD5jciAoryuxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzhFRDFscFUxcThlLTZhc1BtTnlJQ2l2SzdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni8wODFiZDQtMTIxMC00MDIxLWE4NjQt
YjUwY2Y1ZjJhYTIyLzEvMURpMFh6X01wa0ZTQ3JYd2llRGxBQmNZVU9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni8wODFiZDQtMTIxMC00MDIxLWE4NjQtYjUwY2Y1ZjJhYTIy
LzEvZzhFRDFscFUxcThlLTZhc1BtTnlJQ2l2SzdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABCFu8D
BABCFvAwDQYJKoZIhvcNAQELBQADggEBAGnHg7cYFEG5uprR6KEycw2RaL1FDeld
fyQh2GmUAxYCnRILpx5MYWE2SNjLrmQ1FeTSpupuFe+mlLyUurqsAu7h0UQ2eBFn
hpj9h4MoVnTC3qhztF2WS14GA0Jirg2h/C0mRm8SWqF9UbJgqDI3B2/UdUcVeT3T
Ldgyue6Ujcul6xLPry96tz8E+oUYsnhsRsChIJkhwc/Ob9a63r2pgQ8VcRFOyrhz
VBEqF6kijMiauVZkzkc1sHE9ed8SHKoIaQGhCCNvwE9zScBCJ2H5zspS0aHUyBKQ
vLfA4xcgZ07f7S8QZSFWXXqeW2Kk4a3SmMvAoz2X2stDWXS4PFd7fYI=
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:25:01 2025 by rpki-client