Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/8dyq9Auc-9FDLFJxVGzCEYNfVRU.roa
File: 8dyq9Auc-9FDLFJxVGzCEYNfVRU.roa (raw, json)
Hash identifier: eUqfRTfQta2piYQ1AAeQ7is3YWViINBmtrA5zzpoVGc=
Subject key identifier: F1:DC:AA:F4:0B:9C:FB:D1:43:2C:52:71:54:6C:C2:11:83:5F:55:15
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0196C3CF158377BDFBC52B1FD56EA3CFFC30
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/8dyq9Auc-9FDLFJxVGzCEYNfVRU.roa
Signing time: Mon 12 May 2025 09:24:10 +0000
ROA not before: Mon 12 May 2025 09:24:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213361
IP address blocks: 146.120.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 22:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c3:cf:15:83:77:bd:fb:c5:2b:1f:d5:6e:a3:cf:fc:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: May 12 09:24:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f1dcaaf40b9cfbd1432c5271546cc211835f5515
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:5b:55:f9:62:25:2f:10:6a:86:1b:71:4f:f8:
b8:f1:4e:9c:2c:ef:be:29:73:44:9f:57:78:8a:17:
68:ec:be:da:c1:2b:52:69:38:0b:11:50:36:d0:2b:
5c:2b:44:e5:96:18:30:79:6d:42:0b:a7:ac:a9:24:
01:11:15:5d:73:1e:26:39:2c:84:1f:52:a0:20:4c:
9e:3d:3b:50:c3:1f:7c:55:5f:d1:22:d4:93:6a:ed:
5d:60:17:57:91:58:bb:0d:27:e3:2d:ed:cf:dc:35:
60:7d:bb:cf:a0:72:b1:e4:b1:94:88:fc:32:90:21:
e8:2b:55:2f:f5:36:85:ec:6a:2f:d4:c6:4d:ea:e4:
ff:0e:e1:59:e1:a9:c3:35:17:f2:09:5f:e2:92:6a:
14:dc:e4:c9:58:e1:5b:a2:21:4b:d7:fb:bb:0c:10:
8f:8f:07:4f:1e:e4:c7:ba:c5:64:a4:8f:11:9e:ac:
6f:41:26:9a:ba:9b:31:e7:a2:83:5e:df:58:2a:6e:
c7:7c:f4:16:54:df:79:12:0d:6c:3d:d8:a3:c7:b5:
f8:c8:5b:4e:21:93:b4:3f:d0:9e:d5:de:37:40:d3:
3e:cd:76:ce:46:c4:9c:32:a7:f6:e2:ef:99:f6:b0:
de:0a:48:89:8d:e6:9a:63:96:29:bd:44:36:3f:e0:
90:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:DC:AA:F4:0B:9C:FB:D1:43:2C:52:71:54:6C:C2:11:83:5F:55:15
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/8dyq9Auc-9FDLFJxVGzCEYNfVRU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.120.243.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:31:bb:d2:bf:f2:ee:4c:54:fe:23:a8:4c:be:33:c4:e4:4f:
46:6d:82:a1:6f:ed:a0:61:79:db:ad:c1:9a:c3:ad:25:f6:14:
c3:25:c3:ec:45:f5:4a:dd:65:52:ca:fb:02:db:b1:42:49:fc:
32:54:46:00:86:62:83:c5:18:06:6c:27:0b:6d:a0:fe:00:b1:
d4:96:25:6d:bc:1a:cd:df:79:9a:31:86:4b:90:69:84:e3:0b:
60:93:4e:3d:b7:71:5b:c8:ce:e8:ef:bf:c5:1b:6b:3c:bc:33:
41:c6:14:d1:32:96:90:ed:de:53:25:40:5d:bc:7c:50:8b:e5:
91:b0:0d:1e:56:b6:9a:8a:bb:32:db:17:dc:82:8d:5e:62:1d:
43:d2:5b:0f:6f:02:6c:6e:1b:38:08:bf:37:f6:74:e9:ef:5f:
43:6f:83:9c:df:38:0e:b7:0a:7a:fe:47:90:b3:8c:75:03:da:
e4:b9:df:bb:ea:c5:fe:94:1d:0b:1b:a5:c2:5c:fc:80:44:b0:
c6:98:5c:ad:b6:a0:eb:c8:80:aa:de:86:ed:56:2f:af:26:dd:
e2:11:06:93:bf:fc:f0:5d:68:f2:d4:50:1a:19:da:73:0c:b1:
41:87:92:6d:6c:61:e8:c1:a6:9b:22:5e:03:85:ef:7e:66:bb:
d8:7d:24:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZbDzxWDd737xSsf1W6jz/wwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwNTEyMDkyNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWRjYWFmNDBiOWNmYmQxNDMyYzUyNzE1NDZjYzIxMTgzNWY1NTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoltV+WIlLxBqhhtxT/i48U6cLO++
KXNEn1d4ihdo7L7awStSaTgLEVA20CtcK0TllhgweW1CC6esqSQBERVdcx4mOSyE
H1KgIEyePTtQwx98VV/RItSTau1dYBdXkVi7DSfjLe3P3DVgfbvPoHKx5LGUiPwy
kCHoK1Uv9TaF7Gov1MZN6uT/DuFZ4anDNRfyCV/ikmoU3OTJWOFboiFL1/u7DBCP
jwdPHuTHusVkpI8RnqxvQSaaupsx56KDXt9YKm7HfPQWVN95Eg1sPdijx7X4yFtO
IZO0P9Ce1d43QNM+zXbORsScMqf24u+Z9rDeCkiJjeaaY5YpvUQ2P+CQRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPHcqvQLnPvRQyxScVRswhGDX1UVMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvOGR5cTlBdWMtOUZETEZKeFZHekNFWU5mVlJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAknjzMA0G
CSqGSIb3DQEBCwUAA4IBAQArMbvSv/LuTFT+I6hMvjPE5E9GbYKhb+2gYXnbrcGa
w60l9hTDJcPsRfVK3WVSyvsC27FCSfwyVEYAhmKDxRgGbCcLbaD+ALHUliVtvBrN
33maMYZLkGmE4wtgk049t3FbyM7o77/FG2s8vDNBxhTRMpaQ7d5TJUBdvHxQi+WR
sA0eVraairsy2xfcgo1eYh1D0lsPbwJsbhs4CL839nTp719Db4Oc3zgOtwp6/keQ
s4x1A9rkud+76sX+lB0LG6XCXPyARLDGmFyttqDryICq3obtVi+vJt3iEQaTv/zw
XWjy1FAaGdpzDLFBh5JtbGHowaabIl4Dhe9+ZrvYfSSa
-----END CERTIFICATE-----
Generated at Fri Jun 6 09:35:10 2025 by rpki-client