Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/EK9evWWptfTu2aHkiyllXbS1No4.roa
File: EK9evWWptfTu2aHkiyllXbS1No4.roa (raw, json)
Hash identifier: V3jHdGXUoBbsaq7f1CIdAuyXSZFTcjoc7sEjge+mkAM=
Subject key identifier: 10:AF:5E:BD:65:A9:B5:F4:EE:D9:A1:E4:8B:29:65:5D:B4:B5:36:8E
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 01942827554245919656A8F7A061B8C717BA
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/EK9evWWptfTu2aHkiyllXbS1No4.roa
Signing time: Thu 02 Jan 2025 17:54:13 +0000
ROA not before: Thu 02 Jan 2025 17:54:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 23470
IP address blocks: 91.209.228.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.mft
rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:55:42:45:91:96:56:a8:f7:a0:61:b8:c7:17:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jan 2 17:54:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=10af5ebd65a9b5f4eed9a1e48b29655db4b5368e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:f8:55:37:6a:5b:8e:13:e7:fe:ed:52:7b:1d:
ea:bc:b6:98:12:d9:4e:12:f3:ee:6d:88:e3:06:ff:
4d:55:cc:3c:91:0b:bd:8e:bc:ba:00:41:d7:4e:99:
f3:78:30:70:0e:70:99:67:aa:37:4a:91:9c:d6:be:
b2:9b:53:24:87:d5:08:dd:42:b4:61:8b:c4:39:7c:
1b:49:99:db:93:af:22:cb:66:5f:c3:0a:ce:81:18:
0d:58:02:c5:5f:dd:92:b3:cc:25:01:e1:7b:7a:2b:
c5:b5:77:93:85:b9:35:22:27:de:47:43:3d:85:39:
7e:13:aa:30:26:99:0f:d4:2c:35:21:22:fb:6d:16:
16:e3:5f:ca:e1:a4:96:51:4b:5e:91:8b:75:9d:f5:
db:2f:4d:34:a4:a4:74:b7:e0:24:34:57:bb:58:9d:
17:6b:57:73:28:33:75:71:40:c2:b8:d7:83:a2:e2:
92:08:70:ff:f7:78:d0:05:e1:62:b6:e5:56:60:05:
d5:30:56:cc:2f:93:01:7e:55:f9:26:99:db:ca:06:
af:3f:03:74:eb:31:04:0e:11:19:9e:38:37:06:01:
80:fd:39:82:24:2b:df:63:d2:7f:14:e4:a1:5c:15:
38:f2:b6:bd:83:3a:d6:49:44:38:dd:72:97:ee:ad:
d7:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:AF:5E:BD:65:A9:B5:F4:EE:D9:A1:E4:8B:29:65:5D:B4:B5:36:8E
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/EK9evWWptfTu2aHkiyllXbS1No4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.228.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:77:83:c9:ee:f2:9b:aa:b3:dd:15:bf:81:d5:44:b3:d0:a7:
58:f7:77:fa:a2:32:23:de:a2:1e:dc:53:dc:0f:d7:93:61:b4:
f5:e2:09:5e:3e:70:7e:52:2d:6b:f3:cc:3c:4d:47:44:13:d9:
bc:ef:fd:ad:05:2c:c0:55:5f:ea:1a:3d:e8:b6:74:aa:7e:4d:
a0:8a:40:75:37:cb:61:48:7e:b8:26:9d:f9:0c:98:de:fc:11:
13:db:27:b6:9c:f4:f6:12:f6:54:e9:16:0d:dd:3c:87:ca:d9:
77:29:cd:2d:2d:9f:6a:c3:7c:71:8d:4f:7c:c2:fb:a6:97:6f:
ed:5b:8b:75:2a:60:e6:64:65:5c:9d:6c:ef:31:ea:b8:84:a3:
a9:fd:83:e8:a0:c5:c0:2e:88:14:99:85:18:01:60:82:60:6f:
a9:05:0b:4e:87:7c:e1:51:10:23:bc:17:a6:85:c2:fd:c9:03:
ff:93:46:ab:2c:77:b2:e9:77:c2:d1:eb:cf:27:c2:71:6f:b6:
03:cd:2a:85:25:c4:0d:30:b0:00:26:c4:ac:24:a5:fb:52:38:
97:05:69:46:c6:14:3f:42:9e:17:f1:83:3c:24:db:b1:e8:16:
aa:db:f6:70:12:91:b7:27:05:42:8e:5d:ec:f0:ed:4a:53:98:
65:61:bd:38
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJ1VCRZGWVqj3oGG4xxe6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjUwMTAyMTc1NDEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGFmNWViZDY1YTliNWY0ZWVkOWExZTQ4YjI5NjU1ZGI0YjUzNjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovhVN2pbjhPn/u1Sex3qvLaYEtlO
EvPubYjjBv9NVcw8kQu9jry6AEHXTpnzeDBwDnCZZ6o3SpGc1r6ym1Mkh9UI3UK0
YYvEOXwbSZnbk68iy2ZfwwrOgRgNWALFX92Ss8wlAeF7eivFtXeThbk1IifeR0M9
hTl+E6owJpkP1Cw1ISL7bRYW41/K4aSWUUtekYt1nfXbL000pKR0t+AkNFe7WJ0X
a1dzKDN1cUDCuNeDouKSCHD/93jQBeFituVWYAXVMFbML5MBflX5JpnbygavPwN0
6zEEDhEZnjg3BgGA/TmCJCvfY9J/FOShXBU48ra9gzrWSUQ43XKX7q3XLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBCvXr1lqbX07tmh5IspZV20tTaOMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvRUs5ZXZXV3B0ZlR1MmFIa2l5bGxYYlMxTm80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9HkMA0G
CSqGSIb3DQEBCwUAA4IBAQB6d4PJ7vKbqrPdFb+B1USz0KdY93f6ojIj3qIe3FPc
D9eTYbT14glePnB+Ui1r88w8TUdEE9m87/2tBSzAVV/qGj3otnSqfk2gikB1N8th
SH64Jp35DJje/BET2ye2nPT2EvZU6RYN3TyHytl3Kc0tLZ9qw3xxjU98wvuml2/t
W4t1KmDmZGVcnWzvMeq4hKOp/YPooMXALogUmYUYAWCCYG+pBQtOh3zhURAjvBem
hcL9yQP/k0arLHey6XfC0evPJ8Jxb7YDzSqFJcQNMLAAJsSsJKX7UjiXBWlGxhQ/
Qp4X8YM8JNux6Baq2/ZwEpG3JwVCjl3s8O1KU5hlYb04
-----END CERTIFICATE-----
Generated at Wed Feb 5 12:55:29 2025 by rpki-client