Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/ca4471-34d0-4816-81d1-8bf5b1ed1209/1/0386LGj4Sidbyca8KneFkNR54TI.roa
File: 0386LGj4Sidbyca8KneFkNR54TI.roa (raw, json)
Hash identifier: jcV5FqK/anJpS83+3AC/ntYQGRcWnZsS3JRi5ZH9EXg=
Subject key identifier: D3:7F:3A:2C:68:F8:4A:27:5B:C9:C6:BC:2A:77:85:90:D4:79:E1:32
Certificate issuer: /CN=b93da91f1f53634272c5911087ce66cbad3614a3
Certificate serial: 01942368E10E5FD3AE1325DBE25ABD4AD298
Authority key identifier: B9:3D:A9:1F:1F:53:63:42:72:C5:91:10:87:CE:66:CB:AD:36:14:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uT2pHx9TY0JyxZEQh85my602FKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/ca4471-34d0-4816-81d1-8bf5b1ed1209/1/0386LGj4Sidbyca8KneFkNR54TI.roa
Signing time: Wed 01 Jan 2025 19:47:43 +0000
ROA not before: Wed 01 Jan 2025 19:47:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50905
IP address blocks: 91.216.23.0/24 maxlen: 24
193.33.214.0/24 maxlen: 24
193.33.215.0/24 maxlen: 24
2001:67c:24b0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/ca4471-34d0-4816-81d1-8bf5b1ed1209/1/uT2pHx9TY0JyxZEQh85my602FKM.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/ca4471-34d0-4816-81d1-8bf5b1ed1209/1/uT2pHx9TY0JyxZEQh85my602FKM.mft
rsync://rpki.ripe.net/repository/DEFAULT/uT2pHx9TY0JyxZEQh85my602FKM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:68:e1:0e:5f:d3:ae:13:25:db:e2:5a:bd:4a:d2:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b93da91f1f53634272c5911087ce66cbad3614a3
Validity
Not Before: Jan 1 19:47:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d37f3a2c68f84a275bc9c6bc2a778590d479e132
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:1a:a1:22:98:7d:b4:be:21:1e:f9:7f:20:92:
7d:ca:12:2b:c6:3c:b3:3e:ba:ed:90:af:70:c0:60:
93:eb:97:9b:43:b8:1d:39:ab:1d:33:c3:32:c6:a9:
7a:c6:c3:ef:b2:d8:46:e7:48:75:9c:0f:3e:6d:d4:
e0:6d:6f:a9:5f:1a:74:61:68:51:e4:1c:ca:9f:94:
40:4c:60:6f:eb:07:8e:e1:f0:cc:f7:36:e9:fe:c1:
1c:7c:f2:cd:b4:67:7f:2c:d3:77:79:47:61:29:1d:
f5:3f:af:49:71:31:9a:24:3c:64:bd:1e:9f:0e:6d:
04:a6:51:87:7f:0c:5e:4b:2f:4c:6d:c7:0d:af:03:
bf:6f:9b:68:df:1b:11:7a:b8:00:26:15:93:e9:4e:
09:ff:b5:ef:8d:6d:06:c6:91:2f:58:87:ec:50:d6:
56:12:ec:e4:81:cb:07:e0:c3:64:5b:1f:db:a6:0b:
19:84:19:ca:36:8e:e2:87:c4:e4:81:28:a8:98:54:
65:b2:c1:4d:3f:3c:4a:ca:75:07:be:e0:30:bc:79:
75:a5:6b:70:10:c9:81:9b:bf:30:6f:80:95:31:ce:
ca:7e:0e:59:1a:c6:a1:49:85:3c:50:79:d4:fa:53:
61:8b:38:e1:d2:4a:0e:cc:25:ea:be:37:b8:06:ec:
75:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:7F:3A:2C:68:F8:4A:27:5B:C9:C6:BC:2A:77:85:90:D4:79:E1:32
X509v3 Authority Key Identifier:
keyid:B9:3D:A9:1F:1F:53:63:42:72:C5:91:10:87:CE:66:CB:AD:36:14:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uT2pHx9TY0JyxZEQh85my602FKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/ca4471-34d0-4816-81d1-8bf5b1ed1209/1/0386LGj4Sidbyca8KneFkNR54TI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/ca4471-34d0-4816-81d1-8bf5b1ed1209/1/uT2pHx9TY0JyxZEQh85my602FKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.23.0/24
193.33.214.0/23
IPv6:
2001:67c:24b0::/48
Signature Algorithm: sha256WithRSAEncryption
56:f2:c6:96:30:68:0b:42:84:e4:67:61:6b:b7:a1:a5:34:8c:
e7:7e:87:86:20:30:1c:cc:a0:54:a8:93:b4:a7:08:4a:bd:9a:
a5:bc:09:ee:8d:df:45:aa:c8:50:73:13:28:66:b3:f3:a3:bf:
e3:0c:68:3a:07:f1:fd:2b:e5:7c:fc:0e:4c:5f:a0:a7:99:5b:
92:4f:42:60:4e:cf:63:12:22:bb:3c:39:c5:cd:41:84:43:ec:
cc:ab:90:0e:9d:b8:f7:b4:da:7c:cd:c2:47:c2:7f:51:87:da:
78:f1:e5:6b:0c:e5:3c:71:73:73:d1:2d:48:ee:c6:30:05:88:
d5:07:e1:47:41:59:d4:66:ca:a0:5f:bb:20:a0:52:c6:68:30:
cd:98:0c:e9:83:cc:de:ac:a9:30:b6:c8:7b:28:59:31:fa:7a:
e1:1d:3a:46:df:66:e3:61:df:50:19:c2:3c:29:d9:9b:80:d9:
11:28:52:59:bf:66:7d:aa:dd:64:39:ba:8b:e4:ce:dd:79:51:
f2:ec:da:cb:06:d8:04:fb:c1:6f:77:8f:23:f8:ff:75:66:90:
2a:e4:ff:84:7b:43:31:f5:8d:fe:8e:67:e0:f8:e5:3b:ef:9b:
60:fe:c6:12:55:be:40:67:9e:38:80:1c:c8:ef:92:55:68:11:
2e:f5:75:89
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQjaOEOX9OuEyXb4lq9StKYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5M2RhOTFmMWY1MzYzNDI3MmM1OTExMDg3Y2U2NmNiYWQz
NjE0YTMwHhcNMjUwMTAxMTk0NzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzdmM2EyYzY4Zjg0YTI3NWJjOWM2YmMyYTc3ODU5MGQ0NzllMTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3BqhIph9tL4hHvl/IJJ9yhIrxjyz
PrrtkK9wwGCT65ebQ7gdOasdM8Myxql6xsPvsthG50h1nA8+bdTgbW+pXxp0YWhR
5BzKn5RATGBv6weO4fDM9zbp/sEcfPLNtGd/LNN3eUdhKR31P69JcTGaJDxkvR6f
Dm0EplGHfwxeSy9MbccNrwO/b5to3xsRergAJhWT6U4J/7XvjW0GxpEvWIfsUNZW
EuzkgcsH4MNkWx/bpgsZhBnKNo7ih8TkgSiomFRlssFNPzxKynUHvuAwvHl1pWtw
EMmBm78wb4CVMc7Kfg5ZGsahSYU8UHnU+lNhizjh0koOzCXqvje4Bux1PQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFNN/Oixo+EonW8nGvCp3hZDUeeEyMB8GA1UdIwQY
MBaAFLk9qR8fU2NCcsWREIfOZsutNhSjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVQycEh4OVRZMEp5eFpFUWg4NW15NjAyRktNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9jYTQ0NzEtMzRkMC00ODE2LTgxZDEt
OGJmNWIxZWQxMjA5LzEvMDM4NkxHajRTaWRieWNhOEtuZUZrTlI1NFRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9jYTQ0NzEtMzRkMC00ODE2LTgxZDEtOGJmNWIxZWQxMjA5
LzEvdVQycEh4OVRZMEp5eFpFUWg4NW15NjAyRktNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAW9gXAwQB
wSHWMA8EAgACMAkDBwAgAQZ8JLAwDQYJKoZIhvcNAQELBQADggEBAFbyxpYwaAtC
hORnYWu3oaU0jOd+h4YgMBzMoFSok7SnCEq9mqW8Ce6N30WqyFBzEyhms/Ojv+MM
aDoH8f0r5Xz8DkxfoKeZW5JPQmBOz2MSIrs8OcXNQYRD7MyrkA6duPe02nzNwkfC
f1GH2njx5WsM5Txxc3PRLUjuxjAFiNUH4UdBWdRmyqBfuyCgUsZoMM2YDOmDzN6s
qTC2yHsoWTH6euEdOkbfZuNh31AZwjwp2ZuA2REoUlm/Zn2q3WQ5uovkzt15UfLs
2ssG2AT7wW93jyP4/3VmkCrk/4R7QzH1jf6OZ+D45Tvvm2D+xhJVvkBnnjiAHMjv
klVoES71dYk=
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:56:55 2025 by rpki-client