Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/b8c13d-e7d3-4aa9-a911-ed64805977f0/1/T7qjUpuFek2HO0YlRj5-k5NdZXM.roa
File: T7qjUpuFek2HO0YlRj5-k5NdZXM.roa (raw, json)
Hash identifier: mMiY1pDTZBZHtZK+AEVkPiyRFIi1wbnQYRg+XFOmlGk=
Subject key identifier: 4F:BA:A3:52:9B:85:7A:4D:87:3B:46:25:46:3E:7E:93:93:5D:65:73
Certificate issuer: /CN=ca942b2706761c2ba753289783edf985e338f177
Certificate serial: 0194266BFE57E3FA627217B1FFED77FF804C
Authority key identifier: CA:94:2B:27:06:76:1C:2B:A7:53:28:97:83:ED:F9:85:E3:38:F1:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ypQrJwZ2HCunUyiXg-35heM48Xc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/b8c13d-e7d3-4aa9-a911-ed64805977f0/1/T7qjUpuFek2HO0YlRj5-k5NdZXM.roa
Signing time: Thu 02 Jan 2025 09:49:59 +0000
ROA not before: Thu 02 Jan 2025 09:49:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212542
IP address blocks: 91.233.100.0/24 maxlen: 24
195.189.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/b8c13d-e7d3-4aa9-a911-ed64805977f0/1/ypQrJwZ2HCunUyiXg-35heM48Xc.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/b8c13d-e7d3-4aa9-a911-ed64805977f0/1/ypQrJwZ2HCunUyiXg-35heM48Xc.mft
rsync://rpki.ripe.net/repository/DEFAULT/ypQrJwZ2HCunUyiXg-35heM48Xc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:fe:57:e3:fa:62:72:17:b1:ff:ed:77:ff:80:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca942b2706761c2ba753289783edf985e338f177
Validity
Not Before: Jan 2 09:49:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4fbaa3529b857a4d873b4625463e7e93935d6573
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ae:00:38:32:20:75:08:0c:66:b8:be:f0:88:
3c:3f:08:93:3a:03:c2:c2:a5:33:60:e4:4c:42:69:
d7:f4:43:c0:d3:74:9c:38:d4:74:ff:e2:ed:55:b7:
e7:7c:1d:81:6f:5d:6d:5e:98:d5:02:a2:5f:16:ab:
6c:5e:89:ea:26:8b:ad:14:17:4a:8b:29:20:ac:e5:
42:4c:0e:aa:e1:82:7e:1f:4a:1a:a6:e3:de:35:16:
96:b6:d8:24:1f:4f:57:22:c9:56:6a:5c:e9:b7:28:
73:7e:af:c6:da:b1:b1:03:b1:5b:08:0e:83:24:be:
29:9a:31:68:c0:08:c8:d9:ab:fb:b8:3b:cc:77:23:
89:e3:7e:37:44:47:71:84:12:aa:36:13:6f:7b:9e:
81:ac:90:55:f9:ae:d0:ab:2c:d1:4b:ae:23:0e:68:
56:2a:86:f4:47:ea:94:37:cc:0d:7a:23:00:f3:43:
47:53:f3:8f:e4:34:7c:5c:68:12:ab:bb:f4:74:e6:
3e:21:d6:32:8d:7b:1a:11:05:96:89:9b:18:21:e0:
3b:67:a8:ac:15:72:eb:77:89:71:61:8d:0f:c3:5f:
c7:fc:4e:ab:c3:b5:6d:46:e8:a4:4a:de:da:7a:3a:
c0:d9:ab:88:69:30:f4:10:35:43:34:08:88:ea:0a:
8d:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:BA:A3:52:9B:85:7A:4D:87:3B:46:25:46:3E:7E:93:93:5D:65:73
X509v3 Authority Key Identifier:
keyid:CA:94:2B:27:06:76:1C:2B:A7:53:28:97:83:ED:F9:85:E3:38:F1:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ypQrJwZ2HCunUyiXg-35heM48Xc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/b8c13d-e7d3-4aa9-a911-ed64805977f0/1/T7qjUpuFek2HO0YlRj5-k5NdZXM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/b8c13d-e7d3-4aa9-a911-ed64805977f0/1/ypQrJwZ2HCunUyiXg-35heM48Xc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.233.100.0/24
195.189.240.0/24
Signature Algorithm: sha256WithRSAEncryption
69:c7:79:1d:ae:06:4f:f5:f2:3b:a3:e8:e2:a8:df:4c:80:4a:
8e:0d:b4:64:f8:a6:97:96:54:ac:06:10:0f:4a:ee:6e:4c:e1:
18:fa:22:6e:6a:8a:03:15:48:15:86:f0:19:ba:3f:2d:8b:d1:
01:69:f3:45:71:b1:97:d3:f2:9c:4e:05:6b:5a:f4:fc:9e:c5:
a9:84:98:b6:d9:63:f7:95:1c:01:8d:1c:39:4f:91:e8:29:c0:
bb:22:ea:78:6c:9e:9f:cb:28:91:f4:58:7f:e3:71:ac:b3:9f:
26:57:c3:59:2d:51:ab:97:d0:dd:90:71:2c:f9:e0:8a:01:41:
1b:4f:4e:78:d5:58:68:e5:56:63:ff:35:5d:59:5f:a7:8f:b4:
ad:c8:25:6d:12:1f:10:1f:68:66:df:05:71:e0:fd:70:01:d1:
d4:ad:93:dc:d9:a7:47:31:af:58:ab:a5:8f:23:56:ed:0c:0e:
16:b5:27:28:9f:51:cd:77:96:5f:b8:fb:0e:3f:b7:01:52:12:
f1:61:ba:57:3a:51:79:75:ee:2a:91:7f:26:7e:6d:ac:39:19:
e0:23:45:ee:18:31:f2:15:2d:23:b6:0b:4e:20:d8:21:53:c9:
fa:f8:da:74:1b:9b:72:4e:5b:62:d0:b7:f8:8a:24:1d:7a:7b:
5e:a0:54:f6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQma/5X4/pichex/+13/4BMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhOTQyYjI3MDY3NjFjMmJhNzUzMjg5NzgzZWRmOTg1ZTMz
OGYxNzcwHhcNMjUwMTAyMDk0OTU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmJhYTM1MjliODU3YTRkODczYjQ2MjU0NjNlN2U5MzkzNWQ2NTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApK4AODIgdQgMZri+8Ig8PwiTOgPC
wqUzYORMQmnX9EPA03ScONR0/+LtVbfnfB2Bb11tXpjVAqJfFqtsXonqJoutFBdK
iykgrOVCTA6q4YJ+H0oapuPeNRaWttgkH09XIslWalzptyhzfq/G2rGxA7FbCA6D
JL4pmjFowAjI2av7uDvMdyOJ4343REdxhBKqNhNve56BrJBV+a7QqyzRS64jDmhW
Kob0R+qUN8wNeiMA80NHU/OP5DR8XGgSq7v0dOY+IdYyjXsaEQWWiZsYIeA7Z6is
FXLrd4lxYY0Pw1/H/E6rw7VtRuikSt7aejrA2auIaTD0EDVDNAiI6gqNKwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE+6o1KbhXpNhztGJUY+fpOTXWVzMB8GA1UdIwQY
MBaAFMqUKycGdhwrp1Mol4Pt+YXjOPF3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXBRckp3WjJIQ3VuVXlpWGctMzVoZU00OFhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9iOGMxM2QtZTdkMy00YWE5LWE5MTEt
ZWQ2NDgwNTk3N2YwLzEvVDdxalVwdUZlazJITzBZbFJqNS1rNU5kWlhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9iOGMxM2QtZTdkMy00YWE5LWE5MTEtZWQ2NDgwNTk3N2Yw
LzEveXBRckp3WjJIQ3VuVXlpWGctMzVoZU00OFhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+lkAwQA
w73wMA0GCSqGSIb3DQEBCwUAA4IBAQBpx3kdrgZP9fI7o+jiqN9MgEqODbRk+KaX
llSsBhAPSu5uTOEY+iJuaooDFUgVhvAZuj8ti9EBafNFcbGX0/KcTgVrWvT8nsWp
hJi22WP3lRwBjRw5T5HoKcC7Iup4bJ6fyyiR9Fh/43Gss58mV8NZLVGrl9DdkHEs
+eCKAUEbT0541Vho5VZj/zVdWV+nj7StyCVtEh8QH2hm3wVx4P1wAdHUrZPc2adH
Ma9Yq6WPI1btDA4WtScon1HNd5ZfuPsOP7cBUhLxYbpXOlF5de4qkX8mfm2sORng
I0XuGDHyFS0jtgtOINghU8n6+Np0G5tyTlti0Lf4iiQdenteoFT2
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:49:41 2025 by rpki-client