Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/0HguKUZZaxTgFUylLnQnIsZ4s7c.roa
File: 0HguKUZZaxTgFUylLnQnIsZ4s7c.roa (raw, json)
Hash identifier: hRm10AP8bgO8HKp18RhmP/ymQFLt9LDSzhjuKQFhgxQ=
Subject key identifier: D0:78:2E:29:46:59:6B:14:E0:15:4C:A5:2E:74:27:22:C6:78:B3:B7
Certificate issuer: /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial: 019420D5C6662EAAE5C7183B71B9A1D34AF7
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/0HguKUZZaxTgFUylLnQnIsZ4s7c.roa
Signing time: Wed 01 Jan 2025 07:47:48 +0000
ROA not before: Wed 01 Jan 2025 07:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 26548
IP address blocks: 91.229.104.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.mft
rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:c6:66:2e:aa:e5:c7:18:3b:71:b9:a1:d3:4a:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Validity
Not Before: Jan 1 07:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d0782e2946596b14e0154ca52e742722c678b3b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:0d:a4:93:ea:da:57:93:8d:ed:75:a0:ce:06:
6c:30:bc:12:c6:67:be:b5:59:8e:93:56:bd:cb:4c:
90:35:c7:16:c6:5f:1d:0e:e7:02:19:78:e6:b6:a9:
5d:44:f1:ee:f2:e8:79:9b:94:1f:fe:1a:41:67:fa:
e8:c8:91:6c:1e:84:a7:de:38:35:58:c2:e6:ee:83:
8d:1e:0d:4a:49:8c:84:49:73:f9:f8:1b:ee:af:5b:
29:d4:de:f7:24:cf:70:7a:99:6e:07:26:9a:13:4d:
83:f6:12:66:d1:0f:87:06:63:53:3b:ad:04:22:1d:
1f:8d:3b:35:d3:31:44:07:9f:02:1a:9f:25:34:da:
a5:c9:8c:03:3c:2b:78:09:27:98:89:c7:03:03:71:
d5:8d:55:e3:04:41:7f:67:20:e1:66:ee:98:0a:da:
ad:ab:0f:22:16:c4:17:83:ec:c5:18:0b:0a:46:db:
b1:97:35:cb:68:3b:0f:cd:66:89:ab:51:44:ac:ad:
2c:c5:c9:af:e6:4e:8a:44:3b:2a:bb:f8:e9:4f:30:
6f:3c:69:9b:a0:dd:e7:0e:d4:5f:d6:40:db:c7:df:
9a:df:bf:6c:a3:90:e6:0d:1e:56:eb:a5:39:92:6b:
3c:af:60:33:d9:1a:48:fb:66:6b:16:83:fb:98:f6:
89:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:78:2E:29:46:59:6B:14:E0:15:4C:A5:2E:74:27:22:C6:78:B3:B7
X509v3 Authority Key Identifier:
keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/0HguKUZZaxTgFUylLnQnIsZ4s7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.229.104.0/23
Signature Algorithm: sha256WithRSAEncryption
a4:d5:ab:79:ed:35:55:61:58:41:d3:b4:bb:de:c1:d0:9b:cb:
b8:0f:1a:d0:4d:5c:ac:e7:45:49:b7:4d:e1:87:63:f5:be:09:
8a:fc:ef:27:5a:6d:04:1c:d6:ef:b1:99:3b:e9:2b:e0:b9:6c:
5f:3a:21:fa:2d:3d:aa:7e:77:75:96:5a:85:ba:6e:5b:2b:bc:
82:3b:89:11:26:8b:f5:20:bf:48:b4:51:e2:0a:17:bc:d3:d5:
b7:8a:80:c2:0e:2d:a5:1f:79:de:4f:6b:ec:b7:60:1d:0f:df:
ba:df:41:9e:89:09:d9:8d:ac:1e:00:6f:67:6f:85:1c:8e:28:
cb:04:36:53:01:01:74:cc:7c:b7:28:b0:89:08:bc:65:a7:be:
b7:ed:2a:7a:ab:29:dc:a7:91:dd:52:15:af:bb:1f:7f:17:e5:
93:59:1c:60:5f:1b:8d:af:1f:19:f3:1b:2e:42:02:85:d3:54:
e6:3d:ff:81:7d:8a:80:e4:fb:42:c6:3d:89:28:98:03:2e:ff:
6b:20:7d:10:c0:85:5c:94:6f:ca:3c:0d:ee:3a:73:45:69:85:
9a:9a:39:02:07:98:78:31:fa:62:74:69:3d:cf:d6:0e:24:de:
64:a8:57:6c:a3:23:ee:2a:1b:ea:9a:e4:35:fd:98:83:ca:7a:
dc:1d:aa:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1cZmLqrlxxg7cbmh00r3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjUwMTAxMDc0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDc4MmUyOTQ2NTk2YjE0ZTAxNTRjYTUyZTc0MjcyMmM2NzhiM2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqw2kk+raV5ON7XWgzgZsMLwSxme+
tVmOk1a9y0yQNccWxl8dDucCGXjmtqldRPHu8uh5m5Qf/hpBZ/royJFsHoSn3jg1
WMLm7oONHg1KSYyESXP5+Bvur1sp1N73JM9wepluByaaE02D9hJm0Q+HBmNTO60E
Ih0fjTs10zFEB58CGp8lNNqlyYwDPCt4CSeYiccDA3HVjVXjBEF/ZyDhZu6YCtqt
qw8iFsQXg+zFGAsKRtuxlzXLaDsPzWaJq1FErK0sxcmv5k6KRDsqu/jpTzBvPGmb
oN3nDtRf1kDbx9+a379so5DmDR5W66U5kms8r2Az2RpI+2ZrFoP7mPaJuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNB4LilGWWsU4BVMpS50JyLGeLO3MB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvMEhndUtVWlpheFRnRlV5bExuUW5Jc1o0czdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW+VoMA0G
CSqGSIb3DQEBCwUAA4IBAQCk1at57TVVYVhB07S73sHQm8u4DxrQTVys50VJt03h
h2P1vgmK/O8nWm0EHNbvsZk76SvguWxfOiH6LT2qfnd1llqFum5bK7yCO4kRJov1
IL9ItFHiChe809W3ioDCDi2lH3neT2vst2AdD9+630GeiQnZjaweAG9nb4UcjijL
BDZTAQF0zHy3KLCJCLxlp7637Sp6qyncp5HdUhWvux9/F+WTWRxgXxuNrx8Z8xsu
QgKF01TmPf+BfYqA5PtCxj2JKJgDLv9rIH0QwIVclG/KPA3uOnNFaYWamjkCB5h4
MfpidGk9z9YOJN5kqFdsoyPuKhvqmuQ1/ZiDynrcHaom
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:36:45 2025 by rpki-client