Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/15f690-5add-470d-a286-33bdc73ed0ea/1/mDn_ek0LdNpvLytd6eLimQlfMOA.roa
File: mDn_ek0LdNpvLytd6eLimQlfMOA.roa (raw, json)
Hash identifier: k3ggKWgy0oimppyNKUN+UMdt+c+CO5ZzgliWJ2+YYxU=
Subject key identifier: 98:39:FF:7A:4D:0B:74:DA:6F:2F:2B:5D:E9:E2:E2:99:09:5F:30:E0
Certificate issuer: /CN=090e592a2e0d427a09aa2de1b9baf08ccd14f0a0
Certificate serial: 01941F8C9140CD1580AF5B16899C92891369
Authority key identifier: 09:0E:59:2A:2E:0D:42:7A:09:AA:2D:E1:B9:BA:F0:8C:CD:14:F0:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CQ5ZKi4NQnoJqi3hubrwjM0U8KA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/15f690-5add-470d-a286-33bdc73ed0ea/1/mDn_ek0LdNpvLytd6eLimQlfMOA.roa
Signing time: Wed 01 Jan 2025 01:48:13 +0000
ROA not before: Wed 01 Jan 2025 01:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209181
IP address blocks: 199.244.101.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/15f690-5add-470d-a286-33bdc73ed0ea/1/CQ5ZKi4NQnoJqi3hubrwjM0U8KA.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/15f690-5add-470d-a286-33bdc73ed0ea/1/CQ5ZKi4NQnoJqi3hubrwjM0U8KA.mft
rsync://rpki.ripe.net/repository/DEFAULT/CQ5ZKi4NQnoJqi3hubrwjM0U8KA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:91:40:cd:15:80:af:5b:16:89:9c:92:89:13:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=090e592a2e0d427a09aa2de1b9baf08ccd14f0a0
Validity
Not Before: Jan 1 01:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9839ff7a4d0b74da6f2f2b5de9e2e299095f30e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:0b:2a:1a:93:93:3c:a0:66:ca:c6:c2:17:c1:
fd:da:ed:d5:13:31:91:ca:58:0b:34:c2:be:eb:c2:
80:be:8e:ca:c9:df:d8:18:ab:89:b2:c1:f7:95:de:
99:ef:bc:f8:69:fe:21:c3:d3:2e:bd:fd:58:5b:a2:
13:50:57:80:48:bf:6f:99:1a:3b:5b:b4:b9:94:2f:
24:6a:fe:db:33:98:27:d4:34:ec:90:be:9d:2e:ef:
8e:14:c9:76:28:ac:d6:d3:af:3e:98:6a:f4:8c:6d:
bc:9d:86:c3:49:9b:37:0c:b0:fe:e9:b1:1d:fe:07:
16:e3:82:0a:f8:07:5a:72:cb:cd:0e:be:9f:74:d8:
38:45:20:7a:9e:4f:f5:e0:be:f8:0c:1a:08:44:0a:
57:64:43:0a:b2:bd:70:59:e4:23:16:4b:c7:50:8d:
fa:7c:7c:42:d7:20:50:1f:2e:9d:b6:cd:60:b2:c6:
0a:27:55:9f:de:06:b8:1a:55:8e:fe:f8:a7:05:a7:
54:41:01:f5:fb:58:7b:a0:24:56:fe:47:dc:f7:ba:
55:a6:be:7e:21:8c:bd:76:95:d0:d6:8c:7a:ad:2f:
00:cb:d2:29:80:78:d8:15:41:c8:31:89:30:ae:c2:
df:6d:12:4c:16:20:d1:6e:29:19:8a:66:1f:34:3c:
a3:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:39:FF:7A:4D:0B:74:DA:6F:2F:2B:5D:E9:E2:E2:99:09:5F:30:E0
X509v3 Authority Key Identifier:
keyid:09:0E:59:2A:2E:0D:42:7A:09:AA:2D:E1:B9:BA:F0:8C:CD:14:F0:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CQ5ZKi4NQnoJqi3hubrwjM0U8KA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/15f690-5add-470d-a286-33bdc73ed0ea/1/mDn_ek0LdNpvLytd6eLimQlfMOA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/15f690-5add-470d-a286-33bdc73ed0ea/1/CQ5ZKi4NQnoJqi3hubrwjM0U8KA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.244.101.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:8f:60:44:d7:8c:16:7a:25:ad:c9:1d:39:79:50:80:66:11:
e9:4d:db:69:89:09:8e:fa:7f:49:31:cf:0d:fe:aa:35:48:9d:
b0:55:04:59:aa:d7:cc:af:fc:12:9a:98:8a:01:6c:d8:3f:4f:
9c:55:b3:ef:f5:12:ec:30:0b:78:4f:10:5c:b6:21:2a:49:38:
4a:87:e3:f4:e7:c1:71:f3:16:6d:e0:95:a9:fe:d8:bc:1f:6b:
b5:40:7d:d6:e5:fb:69:3a:14:8b:40:1f:e3:05:34:69:2b:98:
11:c8:e0:c9:cf:09:c7:46:11:36:82:a8:e3:9c:36:3a:9f:8e:
13:e5:f8:5f:06:c3:49:f9:2f:00:84:f7:8a:65:83:0a:d0:15:
0a:77:bb:b2:e4:f5:91:28:33:4a:3c:54:a1:04:2f:b5:87:cd:
df:1f:cd:d3:6a:2d:4b:4b:77:b2:1c:ca:e9:c7:27:24:2a:c9:
8d:32:40:e3:fa:4b:9b:b6:7e:36:0b:17:a0:f0:d7:9e:1d:13:
e9:48:36:45:68:8d:d8:8f:aa:71:e4:61:80:ce:e0:b3:f0:20:
c9:b8:00:95:50:bf:0c:56:ea:14:a6:76:4b:18:82:ea:c5:ba:
9f:8c:f9:4b:b8:7a:dc:46:66:9d:49:b9:50:2d:9e:2e:66:d4:
40:67:64:55
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjJFAzRWAr1sWiZySiRNpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MGU1OTJhMmUwZDQyN2EwOWFhMmRlMWI5YmFmMDhjY2Qx
NGYwYTAwHhcNMjUwMTAxMDE0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODM5ZmY3YTRkMGI3NGRhNmYyZjJiNWRlOWUyZTI5OTA5NWYzMGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxAsqGpOTPKBmysbCF8H92u3VEzGR
ylgLNMK+68KAvo7Kyd/YGKuJssH3ld6Z77z4af4hw9Muvf1YW6ITUFeASL9vmRo7
W7S5lC8kav7bM5gn1DTskL6dLu+OFMl2KKzW068+mGr0jG28nYbDSZs3DLD+6bEd
/gcW44IK+AdacsvNDr6fdNg4RSB6nk/14L74DBoIRApXZEMKsr1wWeQjFkvHUI36
fHxC1yBQHy6dts1gssYKJ1Wf3ga4GlWO/vinBadUQQH1+1h7oCRW/kfc97pVpr5+
IYy9dpXQ1ox6rS8Ay9IpgHjYFUHIMYkwrsLfbRJMFiDRbikZimYfNDyj+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJg5/3pNC3Taby8rXeni4pkJXzDgMB8GA1UdIwQY
MBaAFAkOWSouDUJ6Caot4bm68IzNFPCgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1E1WktpNE5Rbm9KcWkzaHVicndqTTBVOEtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS8xNWY2OTAtNWFkZC00NzBkLWEyODYt
MzNiZGM3M2VkMGVhLzEvbURuX2VrMExkTnB2THl0ZDZlTGltUWxmTU9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS8xNWY2OTAtNWFkZC00NzBkLWEyODYtMzNiZGM3M2VkMGVh
LzEvQ1E1WktpNE5Rbm9KcWkzaHVicndqTTBVOEtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAx/RlMA0G
CSqGSIb3DQEBCwUAA4IBAQClj2BE14wWeiWtyR05eVCAZhHpTdtpiQmO+n9JMc8N
/qo1SJ2wVQRZqtfMr/wSmpiKAWzYP0+cVbPv9RLsMAt4TxBctiEqSThKh+P058Fx
8xZt4JWp/ti8H2u1QH3W5ftpOhSLQB/jBTRpK5gRyODJzwnHRhE2gqjjnDY6n44T
5fhfBsNJ+S8AhPeKZYMK0BUKd7uy5PWRKDNKPFShBC+1h83fH83Tai1LS3eyHMrp
xyckKsmNMkDj+kubtn42Cxeg8NeeHRPpSDZFaI3Yj6px5GGAzuCz8CDJuACVUL8M
VuoUpnZLGILqxbqfjPlLuHrcRmadSblQLZ4uZtRAZ2RV
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:32:38 2025 by rpki-client