Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/f94f78-f262-4207-8f18-8df8af3001bc/1/IxOqwAb5p9dGa_HRX24kdOjfFck.roa
File: IxOqwAb5p9dGa_HRX24kdOjfFck.roa (raw, json)
Hash identifier: SR5p/m9D2w/+wuXEjhXAlH0RCe9LK6nM5QAphTSSeCE=
Subject key identifier: 23:13:AA:C0:06:F9:A7:D7:46:6B:F1:D1:5F:6E:24:74:E8:DF:15:C9
Certificate issuer: /CN=38506d80ab592de7be0a331bbf4fa0068d41408a
Certificate serial: 01942143CC40B370B528C3189618FA6AAAFB
Authority key identifier: 38:50:6D:80:AB:59:2D:E7:BE:0A:33:1B:BF:4F:A0:06:8D:41:40:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OFBtgKtZLee-CjMbv0-gBo1BQIo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/f94f78-f262-4207-8f18-8df8af3001bc/1/IxOqwAb5p9dGa_HRX24kdOjfFck.roa
Signing time: Wed 01 Jan 2025 09:47:58 +0000
ROA not before: Wed 01 Jan 2025 09:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57136
IP address blocks: 91.230.248.0/24 maxlen: 24
194.102.117.0/24 maxlen: 24
194.105.143.0/24 maxlen: 24
194.126.205.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/f94f78-f262-4207-8f18-8df8af3001bc/1/OFBtgKtZLee-CjMbv0-gBo1BQIo.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/f94f78-f262-4207-8f18-8df8af3001bc/1/OFBtgKtZLee-CjMbv0-gBo1BQIo.mft
rsync://rpki.ripe.net/repository/DEFAULT/OFBtgKtZLee-CjMbv0-gBo1BQIo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:cc:40:b3:70:b5:28:c3:18:96:18:fa:6a:aa:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38506d80ab592de7be0a331bbf4fa0068d41408a
Validity
Not Before: Jan 1 09:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2313aac006f9a7d7466bf1d15f6e2474e8df15c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:9d:c1:39:e2:e9:ed:2e:6b:07:bf:79:49:a5:
1b:0c:2b:c1:2a:ef:23:df:8e:c9:65:78:e9:68:95:
7d:d8:36:aa:ed:c5:39:bb:b8:23:b4:b3:75:00:40:
ff:61:1d:fa:44:8e:ed:ab:5c:f8:9c:1e:d6:ff:a4:
88:fc:fd:71:aa:29:63:d8:fb:84:e7:e5:5a:55:78:
6b:6b:cb:57:25:38:b6:2d:ad:b1:b6:9e:0a:25:bb:
58:e8:e5:9d:73:32:6e:b4:0d:4a:3a:c9:e8:5f:81:
1f:74:ec:62:18:5f:62:a3:92:78:8b:8c:b1:79:de:
89:4c:2b:30:c3:d7:a2:3c:29:16:2f:0c:8f:1e:b1:
8e:c1:e0:72:29:30:1a:0a:f8:b9:d8:02:b1:61:b2:
4a:87:ff:27:4e:10:3f:c5:66:52:f7:6b:fe:e1:db:
92:de:c1:81:9c:46:e0:45:7e:76:53:27:2f:b2:5a:
ab:09:4a:a7:16:c0:07:5e:06:07:98:6f:7e:95:bc:
03:c2:a4:b9:7b:41:7e:1b:59:bd:f5:56:47:46:1d:
55:7f:47:03:0a:b7:a6:0a:44:17:25:e2:9a:8c:c9:
34:d9:8b:49:01:a5:d5:8b:87:8c:65:5f:07:ad:1f:
16:78:b4:a6:31:56:ca:b2:b9:bd:c2:37:f9:1c:c6:
47:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:13:AA:C0:06:F9:A7:D7:46:6B:F1:D1:5F:6E:24:74:E8:DF:15:C9
X509v3 Authority Key Identifier:
keyid:38:50:6D:80:AB:59:2D:E7:BE:0A:33:1B:BF:4F:A0:06:8D:41:40:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OFBtgKtZLee-CjMbv0-gBo1BQIo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/f94f78-f262-4207-8f18-8df8af3001bc/1/IxOqwAb5p9dGa_HRX24kdOjfFck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/f94f78-f262-4207-8f18-8df8af3001bc/1/OFBtgKtZLee-CjMbv0-gBo1BQIo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.248.0/24
194.102.117.0/24
194.105.143.0/24
194.126.205.0/24
Signature Algorithm: sha256WithRSAEncryption
09:48:36:3d:b6:d4:2b:48:e2:b0:39:16:1b:d1:98:93:90:dd:
74:3b:33:67:fa:7a:b3:ae:85:00:24:48:15:34:54:ac:37:ca:
75:99:db:c2:20:5e:36:6b:f3:d0:f9:97:80:89:7b:46:b2:45:
99:3c:b6:04:51:e7:27:3d:61:92:c5:dc:d0:fe:99:90:f9:6b:
d8:04:b0:8a:0e:f6:27:9c:5f:2f:aa:89:7b:49:73:70:ab:49:
4a:5d:15:8e:61:17:1e:65:bd:a1:63:e1:bd:ff:10:0c:f7:0e:
5e:ee:6e:e9:a6:2d:09:73:c5:10:7d:62:d6:28:74:b7:c6:b9:
cd:d7:d1:b1:64:c8:90:13:b4:00:1f:71:d8:c0:f2:24:0d:03:
4e:98:b3:27:48:c1:22:d9:30:79:68:31:64:5d:23:fb:9d:a8:
31:79:8e:1c:e7:83:23:7b:e3:ec:91:fe:c3:02:af:27:3a:e5:
f2:a8:d4:2a:cd:3f:34:42:ff:73:8f:7b:f8:73:0a:97:e5:69:
5c:86:c9:bf:aa:c2:74:68:32:74:6c:cf:1a:9c:87:dc:5c:1b:
b8:33:09:2d:9b:1e:85:76:aa:e9:59:b2:c4:3d:fd:97:70:ce:
e8:91:05:56:0b:8a:41:c6:c6:21:ca:92:7c:07:3c:7c:1b:9d:
48:fa:0f:84
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQhQ8xAs3C1KMMYlhj6aqr7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NTA2ZDgwYWI1OTJkZTdiZTBhMzMxYmJmNGZhMDA2OGQ0
MTQwOGEwHhcNMjUwMTAxMDk0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzEzYWFjMDA2ZjlhN2Q3NDY2YmYxZDE1ZjZlMjQ3NGU4ZGYxNWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAup3BOeLp7S5rB795SaUbDCvBKu8j
347JZXjpaJV92Daq7cU5u7gjtLN1AED/YR36RI7tq1z4nB7W/6SI/P1xqilj2PuE
5+VaVXhra8tXJTi2La2xtp4KJbtY6OWdczJutA1KOsnoX4EfdOxiGF9io5J4i4yx
ed6JTCsww9eiPCkWLwyPHrGOweByKTAaCvi52AKxYbJKh/8nThA/xWZS92v+4duS
3sGBnEbgRX52UycvslqrCUqnFsAHXgYHmG9+lbwDwqS5e0F+G1m99VZHRh1Vf0cD
CremCkQXJeKajMk02YtJAaXVi4eMZV8HrR8WeLSmMVbKsrm9wjf5HMZH3wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCMTqsAG+afXRmvx0V9uJHTo3xXJMB8GA1UdIwQY
MBaAFDhQbYCrWS3nvgozG79PoAaNQUCKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0ZCdGdLdFpMZWUtQ2pNYnYwLWdCbzFCUUlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9mOTRmNzgtZjI2Mi00MjA3LThmMTgt
OGRmOGFmMzAwMWJjLzEvSXhPcXdBYjVwOWRHYV9IUlgyNGtkT2pmRmNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9mOTRmNzgtZjI2Mi00MjA3LThmMTgtOGRmOGFmMzAwMWJj
LzEvT0ZCdGdLdFpMZWUtQ2pNYnYwLWdCbzFCUUlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW+b4AwQA
wmZ1AwQAwmmPAwQAwn7NMA0GCSqGSIb3DQEBCwUAA4IBAQAJSDY9ttQrSOKwORYb
0ZiTkN10OzNn+nqzroUAJEgVNFSsN8p1mdvCIF42a/PQ+ZeAiXtGskWZPLYEUecn
PWGSxdzQ/pmQ+WvYBLCKDvYnnF8vqol7SXNwq0lKXRWOYRceZb2hY+G9/xAM9w5e
7m7ppi0Jc8UQfWLWKHS3xrnN19GxZMiQE7QAH3HYwPIkDQNOmLMnSMEi2TB5aDFk
XSP7nagxeY4c54Mje+Pskf7DAq8nOuXyqNQqzT80Qv9zj3v4cwqX5Wlchsm/qsJ0
aDJ0bM8anIfcXBu4Mwktmx6FdqrpWbLEPf2XcM7okQVWC4pBxsYhypJ8Bzx8G51I
+g+E
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:32:41 2025 by rpki-client