Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/f65960-b03c-498c-b6d5-60951e97588c/1/_ChMMh8gYkXb1ChgfB5-UeARN_8.roa
File: _ChMMh8gYkXb1ChgfB5-UeARN_8.roa (raw, json)
Hash identifier: IW3EVws4BqaOmIjFWi9xL7gifbvJ4hpYd+I96mfohIg=
Subject key identifier: FC:28:4C:32:1F:20:62:45:DB:D4:28:60:7C:1E:7E:51:E0:11:37:FF
Certificate issuer: /CN=1b368e70269de660cbc14df9c763b018788a1ffc
Certificate serial: 019428231504764404583E766508B351710B
Authority key identifier: 1B:36:8E:70:26:9D:E6:60:CB:C1:4D:F9:C7:63:B0:18:78:8A:1F:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GzaOcCad5mDLwU35x2OwGHiKH_w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/f65960-b03c-498c-b6d5-60951e97588c/1/_ChMMh8gYkXb1ChgfB5-UeARN_8.roa
Signing time: Thu 02 Jan 2025 17:49:35 +0000
ROA not before: Thu 02 Jan 2025 17:49:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1299
IP address blocks: 185.218.48.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/f65960-b03c-498c-b6d5-60951e97588c/1/GzaOcCad5mDLwU35x2OwGHiKH_w.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/f65960-b03c-498c-b6d5-60951e97588c/1/GzaOcCad5mDLwU35x2OwGHiKH_w.mft
rsync://rpki.ripe.net/repository/DEFAULT/GzaOcCad5mDLwU35x2OwGHiKH_w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 02:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:15:04:76:44:04:58:3e:76:65:08:b3:51:71:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b368e70269de660cbc14df9c763b018788a1ffc
Validity
Not Before: Jan 2 17:49:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fc284c321f206245dbd428607c1e7e51e01137ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:8c:55:d0:cf:79:a3:00:4a:a1:ac:b5:c4:06:
62:1b:03:ce:c4:c0:f3:86:db:04:14:ab:40:b5:66:
95:8a:eb:65:ac:9c:0b:ac:f9:52:b7:cb:e3:3e:a1:
c7:60:29:1b:ca:01:86:70:46:30:cd:fd:ff:00:a5:
f7:37:ab:75:8a:a4:7e:91:d2:bc:84:92:71:76:ef:
b1:d5:c4:86:15:1d:54:83:0f:17:52:96:d3:df:ad:
35:8d:4a:3c:18:a7:f1:df:83:ff:60:df:8c:3c:53:
2d:cd:b1:77:8c:2c:b0:e0:2b:b4:15:3f:06:42:3d:
0d:0d:38:67:37:5e:61:e6:ea:e4:90:6b:39:8d:bc:
7c:fa:59:98:8e:de:6e:8b:8c:db:24:30:7e:f4:dd:
f6:da:90:25:22:a5:8b:dd:db:81:3a:65:b3:b0:fb:
97:2e:9a:31:ee:12:69:62:d6:c4:95:87:6e:a9:39:
68:e5:0a:5e:7b:03:4b:02:8a:19:13:1b:9d:d0:ef:
33:94:ce:b8:0b:a3:33:8b:f4:99:be:09:9a:19:c8:
fc:f8:78:86:ba:e4:bc:ca:38:82:1e:e6:cd:d3:cb:
23:49:55:4e:18:54:e3:ed:b2:45:96:1d:64:62:95:
7d:ba:f7:d3:46:c0:8f:e7:9b:78:aa:e1:13:e9:79:
e5:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:28:4C:32:1F:20:62:45:DB:D4:28:60:7C:1E:7E:51:E0:11:37:FF
X509v3 Authority Key Identifier:
keyid:1B:36:8E:70:26:9D:E6:60:CB:C1:4D:F9:C7:63:B0:18:78:8A:1F:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GzaOcCad5mDLwU35x2OwGHiKH_w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/f65960-b03c-498c-b6d5-60951e97588c/1/_ChMMh8gYkXb1ChgfB5-UeARN_8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/f65960-b03c-498c-b6d5-60951e97588c/1/GzaOcCad5mDLwU35x2OwGHiKH_w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.218.48.0/22
Signature Algorithm: sha256WithRSAEncryption
26:a8:95:97:3f:a8:59:4f:91:22:54:fd:95:5c:4a:6b:aa:9b:
e8:11:e0:28:a4:48:f3:b8:86:d3:b1:8b:4f:11:3e:8f:06:30:
1f:df:1b:c1:3a:ff:0f:16:cc:85:b3:6a:0b:bd:7a:b6:ac:15:
f5:bc:d2:41:4d:ed:6b:5a:31:a3:14:5a:da:70:6d:48:a1:db:
ba:1c:64:a1:d0:7c:1b:a2:ed:32:b4:45:37:f3:1e:84:29:f1:
24:a8:ea:3b:8c:e5:38:c2:0d:2b:08:45:b2:49:f8:dd:60:13:
00:cd:1c:1f:af:3a:a1:08:fc:aa:10:5c:49:92:6c:a8:23:8b:
04:a6:51:6f:18:04:8a:f7:ca:98:57:4e:87:4a:7a:93:6d:21:
c1:d0:11:63:1e:a3:9a:f0:8c:c8:93:30:b7:c7:07:d6:dd:44:
c0:be:06:08:e8:d6:3a:01:23:81:ca:98:b9:9d:fd:93:94:9e:
5d:0b:3a:d2:b6:c3:e6:e2:38:e2:a6:6d:24:74:5a:ed:1f:fd:
1a:a8:dd:e8:df:32:b6:e1:9a:28:68:7c:dc:ea:e9:bc:3c:37:
06:69:be:14:60:af:1e:75:96:ac:f8:82:16:86:87:7f:1e:3b:
3b:20:16:36:21:5e:90:a3:9d:da:05:a0:b0:c6:f4:b9:3c:a2:
f9:71:70:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoIxUEdkQEWD52ZQizUXELMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMzY4ZTcwMjY5ZGU2NjBjYmMxNGRmOWM3NjNiMDE4Nzg4
YTFmZmMwHhcNMjUwMTAyMTc0OTM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzI4NGMzMjFmMjA2MjQ1ZGJkNDI4NjA3YzFlN2U1MWUwMTEzN2ZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4xV0M95owBKoay1xAZiGwPOxMDz
htsEFKtAtWaViutlrJwLrPlSt8vjPqHHYCkbygGGcEYwzf3/AKX3N6t1iqR+kdK8
hJJxdu+x1cSGFR1Ugw8XUpbT3601jUo8GKfx34P/YN+MPFMtzbF3jCyw4Cu0FT8G
Qj0NDThnN15h5urkkGs5jbx8+lmYjt5ui4zbJDB+9N322pAlIqWL3duBOmWzsPuX
Lpox7hJpYtbElYduqTlo5QpeewNLAooZExud0O8zlM64C6Mzi/SZvgmaGcj8+HiG
uuS8yjiCHubN08sjSVVOGFTj7bJFlh1kYpV9uvfTRsCP55t4quET6XnlWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPwoTDIfIGJF29QoYHweflHgETf/MB8GA1UdIwQY
MBaAFBs2jnAmneZgy8FN+cdjsBh4ih/8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3phT2NDYWQ1bURMd1UzNXgyT3dHSGlLSF93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9mNjU5NjAtYjAzYy00OThjLWI2ZDUt
NjA5NTFlOTc1ODhjLzEvX0NoTU1oOGdZa1hiMUNoZ2ZCNS1VZUFSTl84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9mNjU5NjAtYjAzYy00OThjLWI2ZDUtNjA5NTFlOTc1ODhj
LzEvR3phT2NDYWQ1bURMd1UzNXgyT3dHSGlLSF93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudowMA0G
CSqGSIb3DQEBCwUAA4IBAQAmqJWXP6hZT5EiVP2VXEprqpvoEeAopEjzuIbTsYtP
ET6PBjAf3xvBOv8PFsyFs2oLvXq2rBX1vNJBTe1rWjGjFFracG1Iodu6HGSh0Hwb
ou0ytEU38x6EKfEkqOo7jOU4wg0rCEWySfjdYBMAzRwfrzqhCPyqEFxJkmyoI4sE
plFvGASK98qYV06HSnqTbSHB0BFjHqOa8IzIkzC3xwfW3UTAvgYI6NY6ASOBypi5
nf2TlJ5dCzrStsPm4jjipm0kdFrtH/0aqN3o3zK24ZooaHzc6um8PDcGab4UYK8e
dZas+IIWhod/Hjs7IBY2IV6Qo53aBaCwxvS5PKL5cXBh
-----END CERTIFICATE-----
Generated at Sun Apr 6 09:37:47 2025 by rpki-client