Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/15f690-5add-470d-a286-33bdc73ed0ea/1/zYzxKNvhe6o0TwA72geMxA7neJY.roa
File: zYzxKNvhe6o0TwA72geMxA7neJY.roa (raw, json)
Hash identifier: 40MueLGTRXMqHBaO83q9/dqRBs6784OM0Nkp+d6Np9c=
Subject key identifier: CD:8C:F1:28:DB:E1:7B:AA:34:4F:00:3B:DA:07:8C:C4:0E:E7:78:96
Certificate issuer: /CN=090e592a2e0d427a09aa2de1b9baf08ccd14f0a0
Certificate serial: 01941F8C909CFE1A18E4BCBF89F8E86902CE
Authority key identifier: 09:0E:59:2A:2E:0D:42:7A:09:AA:2D:E1:B9:BA:F0:8C:CD:14:F0:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CQ5ZKi4NQnoJqi3hubrwjM0U8KA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/15f690-5add-470d-a286-33bdc73ed0ea/1/zYzxKNvhe6o0TwA72geMxA7neJY.roa
Signing time: Wed 01 Jan 2025 01:48:13 +0000
ROA not before: Wed 01 Jan 2025 01:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 63127
IP address blocks: 199.244.100.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/15f690-5add-470d-a286-33bdc73ed0ea/1/CQ5ZKi4NQnoJqi3hubrwjM0U8KA.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/15f690-5add-470d-a286-33bdc73ed0ea/1/CQ5ZKi4NQnoJqi3hubrwjM0U8KA.mft
rsync://rpki.ripe.net/repository/DEFAULT/CQ5ZKi4NQnoJqi3hubrwjM0U8KA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 16:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:90:9c:fe:1a:18:e4:bc:bf:89:f8:e8:69:02:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=090e592a2e0d427a09aa2de1b9baf08ccd14f0a0
Validity
Not Before: Jan 1 01:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cd8cf128dbe17baa344f003bda078cc40ee77896
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:37:ba:8a:ea:fd:17:1f:92:cf:ea:5a:e5:7e:
41:83:fd:d3:60:b8:9c:89:03:6f:0c:89:f8:15:bf:
dd:fe:44:a5:1a:cf:79:0f:68:6e:49:11:29:09:99:
ef:65:40:30:27:3b:bf:75:67:18:d6:8c:da:da:ff:
89:92:dd:77:2a:ef:cd:9f:25:ed:bf:14:a4:ad:b7:
86:fe:1e:50:b5:e8:f5:e9:37:4e:b7:bd:ea:e3:bd:
0c:bd:24:bd:4a:79:4b:fe:de:7a:8e:49:32:6e:db:
23:d8:16:04:eb:e4:71:f4:69:35:9b:a0:bc:95:c8:
be:68:e0:6d:2b:3f:53:3e:3e:36:21:04:06:06:6b:
eb:6c:7a:66:d4:b7:12:56:03:ae:87:13:31:99:70:
c8:a3:34:c9:7e:f6:47:2a:b0:7e:2e:57:66:e5:b2:
da:21:43:61:fe:48:89:65:ed:df:30:26:cc:9f:cf:
a7:d6:5a:d8:db:f5:c9:a7:df:da:17:45:4d:65:91:
10:bc:02:46:c6:f6:a3:3a:77:99:27:2f:45:a9:0e:
c7:bd:fb:bd:b1:d4:c3:02:3a:c2:7c:70:0d:18:58:
1e:8c:97:72:e3:9e:cf:53:33:46:a9:e5:a1:9e:17:
ea:e4:d7:94:ba:15:a6:c4:7b:f8:e0:fa:33:67:41:
a9:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:8C:F1:28:DB:E1:7B:AA:34:4F:00:3B:DA:07:8C:C4:0E:E7:78:96
X509v3 Authority Key Identifier:
keyid:09:0E:59:2A:2E:0D:42:7A:09:AA:2D:E1:B9:BA:F0:8C:CD:14:F0:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CQ5ZKi4NQnoJqi3hubrwjM0U8KA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/15f690-5add-470d-a286-33bdc73ed0ea/1/zYzxKNvhe6o0TwA72geMxA7neJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/15f690-5add-470d-a286-33bdc73ed0ea/1/CQ5ZKi4NQnoJqi3hubrwjM0U8KA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.244.100.0/24
Signature Algorithm: sha256WithRSAEncryption
41:88:f9:b6:eb:3d:35:e3:de:5d:01:67:2f:7d:f3:11:1c:d3:
9a:2a:3f:85:91:87:70:42:bb:b0:38:f8:e8:11:8e:ed:9a:c4:
86:0f:c3:68:de:ca:a1:77:4c:06:20:9a:7d:72:5b:f7:e5:b1:
71:18:c5:bb:0e:9e:8b:93:4e:69:9b:bb:fc:8c:63:a7:7d:40:
ff:b2:7a:6c:08:dd:1a:df:c8:1e:9c:03:1f:60:8d:ac:8d:c3:
2c:ca:df:2c:07:e8:45:86:7c:a1:33:b1:73:3b:7f:cc:e5:35:
11:73:05:50:7b:35:ee:80:1a:ea:62:23:7c:2d:e3:09:79:0c:
a3:58:da:d3:af:1b:c4:eb:57:a4:a4:20:f8:2c:ef:3f:a1:b7:
f2:63:d5:93:f2:7f:6b:f1:d1:d8:77:15:99:e4:72:8b:4d:06:
92:45:bb:40:06:a3:4e:82:35:fb:d9:47:bf:7a:fb:4f:15:89:
21:35:dc:42:b8:e8:de:a2:f7:17:63:55:b6:b5:aa:5d:c1:5b:
58:9c:0a:5e:6c:f8:f4:a7:07:75:3c:0d:73:4d:74:6c:29:cf:
44:69:9e:59:21:ea:9e:a1:59:70:71:5e:46:44:5b:e4:2b:76:
03:1b:6f:b3:ca:ff:eb:ba:3b:89:e5:2a:0b:42:25:1f:95:77:
97:75:f5:f4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjJCc/hoY5Ly/ifjoaQLOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MGU1OTJhMmUwZDQyN2EwOWFhMmRlMWI5YmFmMDhjY2Qx
NGYwYTAwHhcNMjUwMTAxMDE0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDhjZjEyOGRiZTE3YmFhMzQ0ZjAwM2JkYTA3OGNjNDBlZTc3ODk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqTe6iur9Fx+Sz+pa5X5Bg/3TYLic
iQNvDIn4Fb/d/kSlGs95D2huSREpCZnvZUAwJzu/dWcY1oza2v+Jkt13Ku/NnyXt
vxSkrbeG/h5Qtej16TdOt73q470MvSS9SnlL/t56jkkybtsj2BYE6+Rx9Gk1m6C8
lci+aOBtKz9TPj42IQQGBmvrbHpm1LcSVgOuhxMxmXDIozTJfvZHKrB+Lldm5bLa
IUNh/kiJZe3fMCbMn8+n1lrY2/XJp9/aF0VNZZEQvAJGxvajOneZJy9FqQ7Hvfu9
sdTDAjrCfHANGFgejJdy457PUzNGqeWhnhfq5NeUuhWmxHv44PozZ0GpnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM2M8Sjb4XuqNE8AO9oHjMQO53iWMB8GA1UdIwQY
MBaAFAkOWSouDUJ6Caot4bm68IzNFPCgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1E1WktpNE5Rbm9KcWkzaHVicndqTTBVOEtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS8xNWY2OTAtNWFkZC00NzBkLWEyODYt
MzNiZGM3M2VkMGVhLzEvell6eEtOdmhlNm8wVHdBNzJnZU14QTduZUpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS8xNWY2OTAtNWFkZC00NzBkLWEyODYtMzNiZGM3M2VkMGVh
LzEvQ1E1WktpNE5Rbm9KcWkzaHVicndqTTBVOEtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAx/RkMA0G
CSqGSIb3DQEBCwUAA4IBAQBBiPm26z01495dAWcvffMRHNOaKj+FkYdwQruwOPjo
EY7tmsSGD8No3sqhd0wGIJp9clv35bFxGMW7Dp6Lk05pm7v8jGOnfUD/snpsCN0a
38genAMfYI2sjcMsyt8sB+hFhnyhM7FzO3/M5TURcwVQezXugBrqYiN8LeMJeQyj
WNrTrxvE61ekpCD4LO8/obfyY9WT8n9r8dHYdxWZ5HKLTQaSRbtABqNOgjX72Ue/
evtPFYkhNdxCuOjeovcXY1W2tapdwVtYnApebPj0pwd1PA1zTXRsKc9EaZ5ZIeqe
oVlwcV5GRFvkK3YDG2+zyv/rujuJ5SoLQiUflXeXdfX0
-----END CERTIFICATE-----
Generated at Mon Apr 7 00:52:58 2025 by rpki-client