Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f76a83-ae09-411f-ae9f-5386a79ade80/1/l7zqJyhx90KkIt187BTrR3I9Tv0.roa
File: l7zqJyhx90KkIt187BTrR3I9Tv0.roa (raw, json)
Hash identifier: uTJRzkaxY5dJDi+eLwZbT+EnLtQwTVbj1dknQK+ofuQ=
Subject key identifier: 97:BC:EA:27:28:71:F7:42:A4:22:DD:7C:EC:14:EB:47:72:3D:4E:FD
Certificate issuer: /CN=a1dca44b4ab54533f8b5196cf92d68deb8fcc5e2
Certificate serial: 019427B5C7383B46B3F8D24C2AF0EBEA7E7B
Authority key identifier: A1:DC:A4:4B:4A:B5:45:33:F8:B5:19:6C:F9:2D:68:DE:B8:FC:C5:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/odykS0q1RTP4tRls-S1o3rj8xeI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f76a83-ae09-411f-ae9f-5386a79ade80/1/l7zqJyhx90KkIt187BTrR3I9Tv0.roa
Signing time: Thu 02 Jan 2025 15:50:11 +0000
ROA not before: Thu 02 Jan 2025 15:50:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57643
IP address blocks: 91.235.20.0/22 maxlen: 22
91.235.24.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/f76a83-ae09-411f-ae9f-5386a79ade80/1/odykS0q1RTP4tRls-S1o3rj8xeI.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/f76a83-ae09-411f-ae9f-5386a79ade80/1/odykS0q1RTP4tRls-S1o3rj8xeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/odykS0q1RTP4tRls-S1o3rj8xeI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 13:43:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:c7:38:3b:46:b3:f8:d2:4c:2a:f0:eb:ea:7e:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1dca44b4ab54533f8b5196cf92d68deb8fcc5e2
Validity
Not Before: Jan 2 15:50:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=97bcea272871f742a422dd7cec14eb47723d4efd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:e0:28:4f:d2:8e:17:1b:39:e5:c4:c4:67:77:
e6:e3:88:83:be:77:c3:28:04:3a:c5:cf:41:ed:1e:
99:16:5c:8b:47:5a:54:b4:5a:a0:d5:a2:9f:df:e8:
e8:ba:ec:69:95:98:1d:f8:25:d3:b3:08:e4:51:bf:
15:9b:ea:af:73:f0:41:64:54:a1:96:fd:9c:a4:a2:
b2:0e:4c:64:4d:ae:63:bc:b6:0f:b2:4d:31:f8:ca:
d0:fb:bf:37:09:5b:6c:40:93:cf:3d:fc:dc:80:eb:
f9:02:7a:54:fa:fd:44:e7:bc:36:de:35:fc:ef:72:
ed:12:d3:40:93:91:d3:61:16:d6:e7:f8:47:38:10:
e8:da:83:2a:3d:ee:d3:f8:2d:22:19:bb:fc:92:4d:
74:70:b3:c3:0e:a6:36:e3:21:70:e5:40:c9:bc:64:
c3:f2:c4:b3:0a:72:75:54:ff:77:61:c8:f3:88:85:
60:b9:eb:92:27:2c:8f:61:e3:24:3d:40:33:85:68:
59:e7:13:6d:9f:3f:7c:91:4a:15:71:d5:4c:a7:6a:
a9:ec:a8:2a:95:38:ed:c3:a2:95:51:26:81:b6:d4:
f0:2b:41:6e:6f:27:8d:fb:f6:f5:a9:6f:34:53:81:
c7:8c:cc:34:02:b1:c6:04:32:82:e2:00:e1:69:e7:
6a:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:BC:EA:27:28:71:F7:42:A4:22:DD:7C:EC:14:EB:47:72:3D:4E:FD
X509v3 Authority Key Identifier:
keyid:A1:DC:A4:4B:4A:B5:45:33:F8:B5:19:6C:F9:2D:68:DE:B8:FC:C5:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/odykS0q1RTP4tRls-S1o3rj8xeI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f76a83-ae09-411f-ae9f-5386a79ade80/1/l7zqJyhx90KkIt187BTrR3I9Tv0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f76a83-ae09-411f-ae9f-5386a79ade80/1/odykS0q1RTP4tRls-S1o3rj8xeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.235.20.0-91.235.25.255
Signature Algorithm: sha256WithRSAEncryption
39:45:60:24:65:57:19:7c:9e:f8:0b:b6:10:38:41:eb:a9:ff:
d5:90:6c:d6:1c:00:21:6d:6b:e9:56:99:c4:1e:34:5f:d1:b9:
d7:1a:8d:4c:71:e6:08:7b:3e:f2:1b:9d:77:56:c0:53:31:7d:
c9:6f:76:db:16:16:a0:4d:9e:46:f2:05:b7:d8:71:a9:3f:b2:
2c:2a:1a:1c:0b:2e:40:49:a3:3b:15:69:3f:98:d3:de:8b:b8:
6c:45:ca:9b:20:0a:4c:0b:6b:0d:87:46:9b:12:f7:f4:5b:55:
db:a0:d3:46:28:f6:20:4a:b9:f9:41:ef:d7:0a:2f:9a:99:de:
eb:4a:48:1c:fe:9e:63:36:c2:c8:cf:e0:c9:87:fb:fe:f8:20:
65:01:a7:99:ef:ed:71:66:63:de:4c:22:1c:64:30:21:9e:0f:
bc:da:89:cd:44:dc:4a:14:22:dd:65:78:44:a8:6b:a4:5d:12:
d6:96:e7:20:c8:64:cd:b1:19:ee:0e:24:a4:4f:c9:e2:8b:42:
06:c6:a2:be:da:8b:b1:be:d6:60:58:ed:7a:42:80:25:d4:f0:
fc:0d:f6:b2:bb:53:d4:ed:ae:de:ee:f7:de:dd:5a:dc:1f:e2:
10:45:83:27:e9:5b:fd:bd:c2:df:75:59:51:8a:3a:d0:41:e2:
fc:93:cc:6c
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQntcc4O0az+NJMKvDr6n57MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExZGNhNDRiNGFiNTQ1MzNmOGI1MTk2Y2Y5MmQ2OGRlYjhm
Y2M1ZTIwHhcNMjUwMTAyMTU1MDExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2JjZWEyNzI4NzFmNzQyYTQyMmRkN2NlYzE0ZWI0NzcyM2Q0ZWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy+AoT9KOFxs55cTEZ3fm44iDvnfD
KAQ6xc9B7R6ZFlyLR1pUtFqg1aKf3+jouuxplZgd+CXTswjkUb8Vm+qvc/BBZFSh
lv2cpKKyDkxkTa5jvLYPsk0x+MrQ+783CVtsQJPPPfzcgOv5AnpU+v1E57w23jX8
73LtEtNAk5HTYRbW5/hHOBDo2oMqPe7T+C0iGbv8kk10cLPDDqY24yFw5UDJvGTD
8sSzCnJ1VP93YcjziIVgueuSJyyPYeMkPUAzhWhZ5xNtnz98kUoVcdVMp2qp7Kgq
lTjtw6KVUSaBttTwK0FubyeN+/b1qW80U4HHjMw0ArHGBDKC4gDhaedqxQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJe86icocfdCpCLdfOwU60dyPU79MB8GA1UdIwQY
MBaAFKHcpEtKtUUz+LUZbPktaN64/MXiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2R5a1MwcTFSVFA0dFJscy1TMW8zcmo4eGVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mNzZhODMtYWUwOS00MTFmLWFlOWYt
NTM4NmE3OWFkZTgwLzEvbDd6cUp5aHg5MEtrSXQxODdCVHJSM0k5VHYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mNzZhODMtYWUwOS00MTFmLWFlOWYtNTM4NmE3OWFkZTgw
LzEvb2R5a1MwcTFSVFA0dFJscy1TMW8zcmo4eGVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAJb6xQD
BAFb6xgwDQYJKoZIhvcNAQELBQADggEBADlFYCRlVxl8nvgLthA4Qeup/9WQbNYc
ACFta+lWmcQeNF/RudcajUxx5gh7PvIbnXdWwFMxfclvdtsWFqBNnkbyBbfYcak/
siwqGhwLLkBJozsVaT+Y096LuGxFypsgCkwLaw2HRpsS9/RbVdug00Yo9iBKuflB
79cKL5qZ3utKSBz+nmM2wsjP4MmH+/74IGUBp5nv7XFmY95MIhxkMCGeD7zaic1E
3EoUIt1leESoa6RdEtaW5yDIZM2xGe4OJKRPyeKLQgbGor7ai7G+1mBY7XpCgCXU
8PwN9rK7U9Ttrt7u997dWtwf4hBFgyfpW/29wt91WVGKOtBB4vyTzGw=
-----END CERTIFICATE-----
Generated at Tue Apr 8 20:07:15 2025 by rpki-client