Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/9vER9-yukrhkvHnBxomKuomagp4.roa
File: 9vER9-yukrhkvHnBxomKuomagp4.roa (raw, json)
Hash identifier: jBNNDKdnRqQ2Es6QOgNrQ9sD/2FohY3D2iVZ09dgZgk=
Subject key identifier: F6:F1:11:F7:EC:AE:92:B8:64:BC:79:C1:C6:89:8A:BA:89:9A:82:9E
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 01942827B99CEFFC82BA4E7D472379BD3391
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/9vER9-yukrhkvHnBxomKuomagp4.roa
Signing time: Thu 02 Jan 2025 17:54:39 +0000
ROA not before: Thu 02 Jan 2025 17:54:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30723
IP address blocks: 79.172.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.mft
rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 18:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:b9:9c:ef:fc:82:ba:4e:7d:47:23:79:bd:33:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Jan 2 17:54:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f6f111f7ecae92b864bc79c1c6898aba899a829e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:03:72:de:06:a4:2b:36:6f:83:4a:56:38:d4:
cb:93:1d:61:40:bc:82:1f:67:3a:5a:59:23:fe:34:
59:8a:65:84:ca:d2:80:2b:a6:6d:23:f1:b0:19:23:
b4:68:e6:1a:0f:a8:3f:a4:90:f0:9e:93:05:8f:b8:
22:1c:2f:a2:41:a8:08:a5:2a:cb:e4:02:02:5b:07:
cf:17:d0:5a:85:e0:da:45:70:15:3c:5d:52:5e:ed:
24:74:9d:5f:a5:49:55:42:60:2a:a6:97:f3:e7:13:
6c:0c:4f:1a:e5:53:35:14:60:ee:4a:4c:a0:d7:8e:
0b:0f:8b:8a:0c:9c:a3:1b:41:2f:eb:b4:94:55:fa:
60:49:56:83:d1:0d:60:ae:9f:bc:91:85:01:df:d6:
4d:e6:a7:09:77:01:59:93:ad:ed:ab:d9:53:e6:5e:
a5:26:7e:a2:1c:8a:61:08:f4:17:3a:dc:5b:09:39:
a0:15:16:db:a5:8e:55:7e:e0:bb:34:59:51:19:92:
51:b1:9e:01:c8:82:cd:04:a5:8f:5e:1c:f5:46:ab:
5d:d2:c8:07:55:d3:c2:e2:ae:e3:90:d1:7a:0f:f2:
ef:a2:28:ab:a9:db:2d:df:90:ce:3b:22:27:72:91:
3d:ce:16:78:cd:0f:5e:b2:f8:f0:fa:30:53:6d:6a:
7f:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:F1:11:F7:EC:AE:92:B8:64:BC:79:C1:C6:89:8A:BA:89:9A:82:9E
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/9vER9-yukrhkvHnBxomKuomagp4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.172.198.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:87:0c:52:b0:b8:ac:d8:e5:47:d8:07:c6:90:d4:b5:92:71:
1a:da:fd:c7:bb:06:72:22:ad:cd:d9:d9:d4:17:e0:0e:f6:cc:
d1:2c:e8:35:ee:be:17:86:46:3a:80:1c:56:34:e2:f0:06:e3:
4c:05:8e:6f:9d:9d:b4:1c:5f:13:7f:cc:fd:be:3b:df:6e:2f:
2d:84:e7:42:6c:5d:04:33:f9:f6:b9:ea:38:fa:4a:eb:a8:c3:
88:fd:3d:f6:7c:02:8a:28:1b:02:38:5c:dd:8f:0e:78:76:3c:
0a:49:47:2e:d9:4a:bb:4c:1f:1a:56:24:42:c3:0b:e8:ef:6a:
29:e1:bf:be:cd:3b:05:c8:84:a0:de:96:92:32:d9:20:a6:44:
60:a6:f5:f8:98:44:dc:f3:04:b6:a4:91:4c:eb:04:ce:94:ec:
13:a6:52:e6:12:61:23:ae:9c:d8:45:f0:46:4a:6a:40:85:d9:
57:df:f6:4a:a3:e2:e7:bd:6d:4d:47:46:69:65:bc:8c:d7:94:
fc:d0:a1:48:f6:6a:8c:ad:ea:ef:b0:ff:4f:31:fd:8b:68:16:
dc:02:31:76:12:08:72:2e:8d:86:9f:cc:f6:8b:1e:78:be:2d:
98:22:ba:df:82:3a:61:ab:b7:96:44:23:bc:0a:e6:ab:f2:d4:
02:19:af:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJ7mc7/yCuk59RyN5vTORMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjUwMTAyMTc1NDM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmYxMTFmN2VjYWU5MmI4NjRiYzc5YzFjNjg5OGFiYTg5OWE4MjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAugNy3gakKzZvg0pWONTLkx1hQLyC
H2c6Wlkj/jRZimWEytKAK6ZtI/GwGSO0aOYaD6g/pJDwnpMFj7giHC+iQagIpSrL
5AICWwfPF9BaheDaRXAVPF1SXu0kdJ1fpUlVQmAqppfz5xNsDE8a5VM1FGDuSkyg
144LD4uKDJyjG0Ev67SUVfpgSVaD0Q1grp+8kYUB39ZN5qcJdwFZk63tq9lT5l6l
Jn6iHIphCPQXOtxbCTmgFRbbpY5VfuC7NFlRGZJRsZ4ByILNBKWPXhz1Rqtd0sgH
VdPC4q7jkNF6D/Lvoiirqdst35DOOyIncpE9zhZ4zQ9esvjw+jBTbWp/1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPbxEffsrpK4ZLx5wcaJirqJmoKeMB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvOXZFUjkteXVrcmhrdkhuQnhvbUt1b21hZ3A0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAT6zGMA0G
CSqGSIb3DQEBCwUAA4IBAQAPhwxSsLis2OVH2AfGkNS1knEa2v3HuwZyIq3N2dnU
F+AO9szRLOg17r4XhkY6gBxWNOLwBuNMBY5vnZ20HF8Tf8z9vjvfbi8thOdCbF0E
M/n2ueo4+krrqMOI/T32fAKKKBsCOFzdjw54djwKSUcu2Uq7TB8aViRCwwvo72op
4b++zTsFyISg3paSMtkgpkRgpvX4mETc8wS2pJFM6wTOlOwTplLmEmEjrpzYRfBG
SmpAhdlX3/ZKo+LnvW1NR0ZpZbyM15T80KFI9mqMrervsP9PMf2LaBbcAjF2Eghy
Lo2Gn8z2ix54vi2YIrrfgjphq7eWRCO8Cuar8tQCGa+i
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:50:36 2025 by rpki-client