Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/06W9eLANTvxhoKSfb3pzqCMf72E.roa
File: 06W9eLANTvxhoKSfb3pzqCMf72E.roa (raw, json)
Hash identifier: wfeKANqOQX/EwAdjZsDmpNt61tXpesIpKWC5px6t9Z0=
Subject key identifier: D3:A5:BD:78:B0:0D:4E:FC:61:A0:A4:9F:6F:7A:73:A8:23:1F:EF:61
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0194258FC3F9EF35B2C4932F11335860D039
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/06W9eLANTvxhoKSfb3pzqCMf72E.roa
Signing time: Thu 02 Jan 2025 05:49:26 +0000
ROA not before: Thu 02 Jan 2025 05:49:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57016
IP address blocks: 31.148.160.0/21 maxlen: 24
95.46.80.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:c3:f9:ef:35:b2:c4:93:2f:11:33:58:60:d0:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 05:49:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d3a5bd78b00d4efc61a0a49f6f7a73a8231fef61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:61:b5:70:e1:9a:32:0f:9c:57:d9:fb:32:a6:
7e:f3:8e:34:4b:49:1f:7f:cb:39:75:1f:01:b3:5d:
ef:38:f0:5d:0b:2c:c1:7b:79:cb:53:14:89:c7:91:
9b:e0:27:b8:44:ff:ec:42:c8:e5:f0:12:66:94:60:
38:61:3b:41:33:b4:7d:6d:51:15:ff:87:28:b7:43:
18:ba:1e:31:d0:94:76:07:52:f6:c6:5c:28:ed:1b:
57:83:9e:38:1d:db:3b:e6:00:53:f5:02:e4:8a:9d:
75:7c:14:de:47:8c:c4:cb:27:6e:c4:bb:8b:9c:fc:
34:f7:a9:24:bf:1b:2b:3c:88:6a:c6:7a:b0:f4:3d:
33:7b:34:78:53:bb:37:69:2a:06:26:15:4c:02:53:
0f:68:7a:02:e8:50:1e:55:99:3f:8c:05:83:ce:e7:
bb:ad:25:a4:fd:ad:97:0a:7e:87:85:be:c7:e9:38:
7d:a9:81:34:c8:4a:e4:b2:13:61:10:97:25:d9:74:
5b:56:02:78:29:ca:be:52:21:90:87:f2:51:c6:97:
b1:73:88:ba:5f:4c:b0:71:4d:1c:77:50:1b:a3:09:
c7:6f:95:f2:b0:dc:8d:d4:75:38:0f:81:da:3e:c0:
69:79:c8:ac:fc:8a:f0:ea:da:42:88:c0:0e:4d:9c:
c7:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:A5:BD:78:B0:0D:4E:FC:61:A0:A4:9F:6F:7A:73:A8:23:1F:EF:61
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/06W9eLANTvxhoKSfb3pzqCMf72E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.160.0/21
95.46.80.0/20
Signature Algorithm: sha256WithRSAEncryption
5a:3c:20:9c:e1:e4:86:f1:25:43:71:ca:28:d4:fe:98:30:25:
ad:06:33:5b:42:47:22:a0:91:e7:93:46:e1:d7:51:32:58:ce:
16:04:cf:0c:b8:a3:f1:a2:2d:66:90:e3:7e:db:c6:d1:17:0c:
19:0d:19:3b:48:ef:9f:3a:74:a1:27:f4:f0:17:1b:d4:c7:59:
2a:b5:8d:5a:5b:bd:a7:ac:42:7a:71:69:11:36:71:ab:6c:cc:
f7:0f:96:96:e1:f1:6e:0e:cc:e7:bb:eb:b0:d4:49:70:ff:b4:
6e:ab:10:d8:a9:72:cb:2e:29:b6:5b:26:1d:ab:24:9c:5e:f8:
7d:54:e9:93:b9:4a:f9:86:22:e4:3a:29:7e:68:be:a8:40:a5:
20:e7:f0:e4:27:78:a1:28:13:55:c1:c2:c7:84:3f:02:df:e3:
ff:05:59:ee:a0:da:9a:d1:a0:cc:66:4b:39:5c:32:8d:a9:63:
51:86:d7:e9:d9:5b:87:1c:bb:7d:aa:0f:a8:e0:e0:01:b1:a1:
bb:60:ff:38:3f:56:93:7c:c8:e1:28:de:78:e9:dc:15:33:73:
f1:38:82:7a:05:11:01:7e:d5:0c:80:1f:e8:66:47:66:a9:75:
95:62:8d:96:9a:e1:9e:40:2a:71:4b:d8:7f:56:b0:f2:da:fe:
52:4c:da:60
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQlj8P57zWyxJMvETNYYNA5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwMTAyMDU0OTI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2E1YmQ3OGIwMGQ0ZWZjNjFhMGE0OWY2ZjdhNzNhODIzMWZlZjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2G1cOGaMg+cV9n7MqZ+8440S0kf
f8s5dR8Bs13vOPBdCyzBe3nLUxSJx5Gb4Ce4RP/sQsjl8BJmlGA4YTtBM7R9bVEV
/4cot0MYuh4x0JR2B1L2xlwo7RtXg544Hds75gBT9QLkip11fBTeR4zEyyduxLuL
nPw096kkvxsrPIhqxnqw9D0zezR4U7s3aSoGJhVMAlMPaHoC6FAeVZk/jAWDzue7
rSWk/a2XCn6Hhb7H6Th9qYE0yErkshNhEJcl2XRbVgJ4Kcq+UiGQh/JRxpexc4i6
X0ywcU0cd1AbownHb5XysNyN1HU4D4HaPsBpecis/Irw6tpCiMAOTZzHBwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNOlvXiwDU78YaCkn296c6gjH+9hMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvMDZXOWVMQU5Udnhob0tTZmIzcHpxQ01mNzJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDH5SgAwQE
Xy5QMA0GCSqGSIb3DQEBCwUAA4IBAQBaPCCc4eSG8SVDccoo1P6YMCWtBjNbQkci
oJHnk0bh11EyWM4WBM8MuKPxoi1mkON+28bRFwwZDRk7SO+fOnShJ/TwFxvUx1kq
tY1aW72nrEJ6cWkRNnGrbMz3D5aW4fFuDsznu+uw1Elw/7RuqxDYqXLLLim2WyYd
qyScXvh9VOmTuUr5hiLkOil+aL6oQKUg5/DkJ3ihKBNVwcLHhD8C3+P/BVnuoNqa
0aDMZks5XDKNqWNRhtfp2VuHHLt9qg+o4OABsaG7YP84P1aTfMjhKN546dwVM3Px
OIJ6BREBftUMgB/oZkdmqXWVYo2WmuGeQCpxS9h/VrDy2v5STNpg
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:03:32 2025 by rpki-client