Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/a8efdf-5cee-494b-be48-a371f2889138/1/SJfqIxwijuwzDWomUXLMaLkPe54.roa
File: SJfqIxwijuwzDWomUXLMaLkPe54.roa (raw, json)
Hash identifier: hJwzF9WKMllQghsjNYhVq3jDd69NqlMlN06DZcOFQjY=
Subject key identifier: 48:97:EA:23:1C:22:8E:EC:33:0D:6A:26:51:72:CC:68:B9:0F:7B:9E
Certificate issuer: /CN=34919204b7ac47424baabfb291bd3fc8fa9e05f6
Certificate serial: 019421B1BBC4315C67F3463117A6619BCCF0
Authority key identifier: 34:91:92:04:B7:AC:47:42:4B:AA:BF:B2:91:BD:3F:C8:FA:9E:05:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJGSBLesR0JLqr-ykb0_yPqeBfY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/a8efdf-5cee-494b-be48-a371f2889138/1/SJfqIxwijuwzDWomUXLMaLkPe54.roa
Signing time: Wed 01 Jan 2025 11:48:03 +0000
ROA not before: Wed 01 Jan 2025 11:48:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 680
IP address blocks: 194.49.61.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/a8efdf-5cee-494b-be48-a371f2889138/1/NJGSBLesR0JLqr-ykb0_yPqeBfY.crl
rsync://rpki.ripe.net/repository/DEFAULT/60/a8efdf-5cee-494b-be48-a371f2889138/1/NJGSBLesR0JLqr-ykb0_yPqeBfY.mft
rsync://rpki.ripe.net/repository/DEFAULT/NJGSBLesR0JLqr-ykb0_yPqeBfY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 05:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:bb:c4:31:5c:67:f3:46:31:17:a6:61:9b:cc:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34919204b7ac47424baabfb291bd3fc8fa9e05f6
Validity
Not Before: Jan 1 11:48:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4897ea231c228eec330d6a265172cc68b90f7b9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:14:36:b6:d6:73:37:b0:ef:6d:ab:90:3a:d0:
05:e9:c6:23:39:ec:ee:90:80:46:6c:6d:04:c8:02:
dc:bc:e9:d6:76:d2:b3:3f:f1:29:d1:16:12:ed:b9:
c7:d3:f5:20:80:2f:71:a3:5f:a0:a8:7b:59:93:79:
df:ae:16:b8:ab:cf:b5:cb:64:ac:81:d9:c9:9d:97:
bd:f2:0a:3a:dc:14:0e:e5:93:c8:90:d5:a2:51:97:
82:7a:4c:36:d9:b7:0a:d4:81:c2:30:46:37:28:ce:
e2:ce:77:d8:e9:86:9d:64:3d:d2:68:56:de:80:b0:
05:90:5e:e2:b3:18:f8:e4:4d:2b:99:e1:92:10:77:
fa:92:53:52:c5:ff:0c:cf:40:5a:16:23:46:70:a7:
f0:19:ff:cc:0b:2c:72:f9:9f:1a:c3:a7:95:04:ae:
a2:82:8b:e8:17:b1:18:15:16:7f:df:24:e2:da:8c:
28:5d:3c:8b:97:7e:43:52:2f:d8:68:4e:ce:a4:65:
e1:02:a0:7a:13:47:37:b4:2b:5a:4a:d6:04:22:00:
33:f2:8e:a5:91:58:62:7b:dd:e8:87:9a:00:74:75:
40:74:29:f2:4d:f0:52:dd:96:fd:f1:2a:55:5a:b2:
df:08:04:97:83:e4:04:2e:91:e5:3b:84:3e:08:e5:
b2:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:97:EA:23:1C:22:8E:EC:33:0D:6A:26:51:72:CC:68:B9:0F:7B:9E
X509v3 Authority Key Identifier:
keyid:34:91:92:04:B7:AC:47:42:4B:AA:BF:B2:91:BD:3F:C8:FA:9E:05:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJGSBLesR0JLqr-ykb0_yPqeBfY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/a8efdf-5cee-494b-be48-a371f2889138/1/SJfqIxwijuwzDWomUXLMaLkPe54.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/a8efdf-5cee-494b-be48-a371f2889138/1/NJGSBLesR0JLqr-ykb0_yPqeBfY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.49.61.0/24
Signature Algorithm: sha256WithRSAEncryption
c9:04:b7:61:26:f1:d0:2a:d4:6a:cb:98:21:80:6b:1c:6e:51:
ea:3a:24:23:95:da:cd:e6:2c:6b:f1:4c:ad:33:ea:c4:45:d0:
92:df:e9:89:58:24:de:39:28:bd:2d:40:9b:dd:92:de:27:3a:
bc:7b:d3:8a:ed:6f:2d:ba:2f:2e:62:67:54:ae:0a:fd:b8:50:
db:de:7c:39:fa:0e:4b:70:5d:39:18:8a:f5:8c:68:38:48:4d:
08:fd:fe:57:61:e9:a3:ec:18:29:1c:14:57:56:58:f1:46:7e:
9c:c5:c8:c0:6e:bb:89:93:06:b0:fa:eb:9c:6c:d8:ee:59:af:
71:21:e0:09:f6:49:56:8e:c2:07:3c:c1:e2:6b:b5:ed:b2:37:
31:7d:0c:92:b7:20:ac:23:7d:ca:53:33:c8:9e:8d:52:58:7f:
e0:d5:ab:dd:1d:f3:3a:55:fb:5a:53:5b:22:ed:2e:f3:1d:1b:
c3:f9:b5:d3:fc:be:9e:da:08:eb:e1:34:90:a7:6c:ca:25:c3:
5d:39:5a:5b:93:08:76:92:b1:96:4d:83:d9:dd:2d:69:75:8c:
9f:bb:5c:ca:7b:49:e9:80:fa:fb:d8:09:be:80:b0:dd:49:2c:
82:d9:a5:f1:67:b3:69:9f:26:c0:3d:ab:3c:4f:08:76:4d:66:
38:88:c6:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsbvEMVxn80YxF6Zhm8zwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OTE5MjA0YjdhYzQ3NDI0YmFhYmZiMjkxYmQzZmM4ZmE5
ZTA1ZjYwHhcNMjUwMTAxMTE0ODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODk3ZWEyMzFjMjI4ZWVjMzMwZDZhMjY1MTcyY2M2OGI5MGY3YjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxQ2ttZzN7DvbauQOtAF6cYjOezu
kIBGbG0EyALcvOnWdtKzP/Ep0RYS7bnH0/UggC9xo1+gqHtZk3nfrha4q8+1y2Ss
gdnJnZe98go63BQO5ZPIkNWiUZeCekw22bcK1IHCMEY3KM7iznfY6YadZD3SaFbe
gLAFkF7isxj45E0rmeGSEHf6klNSxf8Mz0BaFiNGcKfwGf/MCyxy+Z8aw6eVBK6i
govoF7EYFRZ/3yTi2owoXTyLl35DUi/YaE7OpGXhAqB6E0c3tCtaStYEIgAz8o6l
kVhie93oh5oAdHVAdCnyTfBS3Zb98SpVWrLfCASXg+QELpHlO4Q+COWy+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEiX6iMcIo7sMw1qJlFyzGi5D3ueMB8GA1UdIwQY
MBaAFDSRkgS3rEdCS6q/spG9P8j6ngX2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkpHU0JMZXNSMEpMcXIteWtiMF95UHFlQmZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9hOGVmZGYtNWNlZS00OTRiLWJlNDgt
YTM3MWYyODg5MTM4LzEvU0pmcUl4d2lqdXd6RFdvbVVYTE1hTGtQZTU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9hOGVmZGYtNWNlZS00OTRiLWJlNDgtYTM3MWYyODg5MTM4
LzEvTkpHU0JMZXNSMEpMcXIteWtiMF95UHFlQmZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwjE9MA0G
CSqGSIb3DQEBCwUAA4IBAQDJBLdhJvHQKtRqy5ghgGscblHqOiQjldrN5ixr8Uyt
M+rERdCS3+mJWCTeOSi9LUCb3ZLeJzq8e9OK7W8tui8uYmdUrgr9uFDb3nw5+g5L
cF05GIr1jGg4SE0I/f5XYemj7BgpHBRXVljxRn6cxcjAbruJkwaw+uucbNjuWa9x
IeAJ9klWjsIHPMHia7XtsjcxfQyStyCsI33KUzPIno1SWH/g1avdHfM6VftaU1si
7S7zHRvD+bXT/L6e2gjr4TSQp2zKJcNdOVpbkwh2krGWTYPZ3S1pdYyfu1zKe0np
gPr72Am+gLDdSSyC2aXxZ7NpnybAPas8Twh2TWY4iMaa
-----END CERTIFICATE-----
Generated at Sat Apr 12 13:17:21 2025 by rpki-client