Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/1Y7K4blWAZHGgkz6cGb5ZoPSCOM.roa
File: 1Y7K4blWAZHGgkz6cGb5ZoPSCOM.roa (raw, json)
Hash identifier: XIDyWuMbZXIO1KkLIX18XoZbD/SowG9R10QeiAHlybg=
Subject key identifier: D5:8E:CA:E1:B9:56:01:91:C6:82:4C:FA:70:66:F9:66:83:D2:08:E3
Certificate issuer: /CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Certificate serial: 019427B619724CC810A7FD2E7809566FB688
Authority key identifier: 21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/1Y7K4blWAZHGgkz6cGb5ZoPSCOM.roa
Signing time: Thu 02 Jan 2025 15:50:33 +0000
ROA not before: Thu 02 Jan 2025 15:50:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202001
IP address blocks: 147.234.34.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.crl
rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.mft
rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 21:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:19:72:4c:c8:10:a7:fd:2e:78:09:56:6f:b6:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Validity
Not Before: Jan 2 15:50:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d58ecae1b9560191c6824cfa7066f96683d208e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:5e:39:f5:e2:4a:ee:70:67:68:07:5c:43:84:
03:40:a6:c1:33:f3:e6:69:90:c9:3a:a6:a5:7a:ec:
ac:1d:c9:4c:7c:1f:06:93:22:53:bb:b8:05:a5:de:
5e:7b:5c:3e:1d:2a:db:63:c2:db:d7:2b:91:4c:6e:
8a:ed:f1:c4:23:20:59:7f:f7:8b:7e:d3:fb:00:03:
09:17:50:31:43:d9:d3:e9:40:88:b9:47:98:79:3c:
9d:65:77:81:83:f4:9e:ab:da:65:b8:88:34:01:7f:
f0:61:62:2c:76:c5:70:e1:d6:d4:36:39:47:1b:8c:
b5:81:d1:16:58:b0:50:9d:2e:d4:e6:31:1b:3c:30:
c4:73:1c:59:96:d3:c3:40:9c:0e:2e:f7:8a:19:5a:
e4:0b:5d:76:80:07:29:c3:48:89:a1:f3:13:f7:27:
54:d6:2e:44:2f:bc:55:69:ce:c3:46:65:3a:77:60:
6f:72:ae:0a:34:06:97:9b:b6:48:7e:8d:c6:a3:63:
80:4b:58:31:ed:81:69:f0:ce:bc:46:20:98:66:9a:
b2:49:95:72:55:88:11:0d:3c:bd:6b:42:43:b9:29:
7b:0a:a1:d6:19:6b:e1:c8:4d:77:14:4a:0d:9c:4b:
c3:16:82:03:c3:d2:32:af:6a:a5:91:7a:a3:c2:e4:
8c:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:8E:CA:E1:B9:56:01:91:C6:82:4C:FA:70:66:F9:66:83:D2:08:E3
X509v3 Authority Key Identifier:
keyid:21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/1Y7K4blWAZHGgkz6cGb5ZoPSCOM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.234.34.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:01:ab:d5:4a:f7:60:19:b6:0a:9c:5f:4a:c7:3f:10:68:21:
34:b3:1a:85:d9:e4:14:3d:e4:c5:c9:fc:34:93:fe:8c:dc:d8:
1e:f8:c7:14:5b:6d:51:6b:42:b5:f6:d7:71:ad:01:c7:04:ca:
16:2f:8d:92:d2:20:fc:a7:de:b4:58:b5:ac:ac:58:f1:1a:ce:
3e:d9:ef:f7:23:12:1a:7b:af:95:90:cb:e3:d0:e4:28:9d:d6:
51:65:a6:91:0d:b8:93:2a:a9:15:a5:c8:5e:cd:25:76:c9:72:
8c:52:4f:c6:5e:e1:ca:a0:56:ea:2c:67:c4:88:cb:b8:91:b0:
a8:1d:09:f7:b0:df:42:8b:5c:e2:7a:d9:f7:8c:a5:ea:87:cf:
78:5f:3a:68:bd:c1:8b:46:ac:5a:08:b6:5b:2a:1e:35:b5:cc:
06:6e:04:1f:a2:42:03:08:5a:f3:8b:f1:8d:f6:47:8c:5a:48:
c7:0d:0c:f5:c2:5d:5d:73:6d:1b:cc:ed:dc:af:1b:9c:92:a0:
a8:c2:92:5d:f7:f4:71:b0:7a:7a:0b:fc:16:4c:f8:2f:4f:1f:
d7:d7:ff:11:8b:c9:9f:c5:84:d6:c7:68:5b:a1:26:93:ed:c5:
47:08:d3:57:dd:84:fa:b1:56:be:4c:17:e5:2d:d2:87:73:43:
2b:c1:f2:10
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnthlyTMgQp/0ueAlWb7aIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYmFkNzRlN2Y2YzA5NDlhMjczNmE1NzQ3ODQ5NmQ3ZDhi
NDUwZTYwHhcNMjUwMTAyMTU1MDMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNThlY2FlMWI5NTYwMTkxYzY4MjRjZmE3MDY2Zjk2NjgzZDIwOGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl1459eJK7nBnaAdcQ4QDQKbBM/Pm
aZDJOqaleuysHclMfB8GkyJTu7gFpd5ee1w+HSrbY8Lb1yuRTG6K7fHEIyBZf/eL
ftP7AAMJF1AxQ9nT6UCIuUeYeTydZXeBg/Seq9pluIg0AX/wYWIsdsVw4dbUNjlH
G4y1gdEWWLBQnS7U5jEbPDDEcxxZltPDQJwOLveKGVrkC112gAcpw0iJofMT9ydU
1i5EL7xVac7DRmU6d2Bvcq4KNAaXm7ZIfo3Go2OAS1gx7YFp8M68RiCYZpqySZVy
VYgRDTy9a0JDuSl7CqHWGWvhyE13FEoNnEvDFoIDw9Iyr2qlkXqjwuSMTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNWOyuG5VgGRxoJM+nBm+WaD0gjjMB8GA1UdIwQY
MBaAFCG6105/bAlJonNqV0eEltfYtFDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQt
NDQzMzIyOWE4NDczLzEvMVk3SzRibFdBWkhHZ2t6NmNHYjVab1BTQ09NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQtNDQzMzIyOWE4NDcz
LzEvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAk+oiMA0G
CSqGSIb3DQEBCwUAA4IBAQAeAavVSvdgGbYKnF9Kxz8QaCE0sxqF2eQUPeTFyfw0
k/6M3Nge+McUW21Ra0K19tdxrQHHBMoWL42S0iD8p960WLWsrFjxGs4+2e/3IxIa
e6+VkMvj0OQondZRZaaRDbiTKqkVpchezSV2yXKMUk/GXuHKoFbqLGfEiMu4kbCo
HQn3sN9Ci1zietn3jKXqh894XzpovcGLRqxaCLZbKh41tcwGbgQfokIDCFrzi/GN
9keMWkjHDQz1wl1dc20bzO3crxuckqCowpJd9/RxsHp6C/wWTPgvTx/X1/8Ri8mf
xYTWx2hboSaT7cVHCNNX3YT6sVa+TBflLdKHc0MrwfIQ
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:34:10 2025 by rpki-client