Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/1-bXCmOO7MByRB2cKGxFoBtApB44.roa
File: 1-bXCmOO7MByRB2cKGxFoBtApB44.roa (raw, json)
Hash identifier: KZk+Kqf5DP/YwFWz5wHR4Ho4S84kOAwSuXiZDD4nq80=
Subject key identifier: F9:B5:C2:98:E3:BB:30:1C:91:07:67:0A:1B:11:68:06:D0:29:07:8E
Certificate issuer: /CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Certificate serial: 0194228D9594C0BCE98F02E9563DEA6D8B21
Authority key identifier: 8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/1-bXCmOO7MByRB2cKGxFoBtApB44.roa
Signing time: Wed 01 Jan 2025 15:48:11 +0000
ROA not before: Wed 01 Jan 2025 15:48:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5458
IP address blocks: 212.252.33.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.mft
rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 07:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:95:94:c0:bc:e9:8f:02:e9:56:3d:ea:6d:8b:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Validity
Not Before: Jan 1 15:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f9b5c298e3bb301c9107670a1b116806d029078e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:59:e6:2b:d0:99:a0:f4:04:0f:e0:94:7d:6f:
18:04:0c:a3:e8:6a:17:be:97:b2:e6:85:47:dd:80:
2e:ac:cb:39:fe:2c:fc:d5:4e:91:bb:4f:33:98:99:
45:d1:60:e1:f0:f3:de:d5:65:a8:8d:e9:db:47:18:
d0:32:54:ae:aa:b2:16:e9:66:00:7d:2e:b7:64:c1:
0b:67:9a:65:e0:bd:43:9a:f4:3b:0d:5d:d7:80:ad:
c3:98:31:a8:ad:0a:f2:a3:f5:48:4e:45:8d:7c:46:
9f:1b:25:ee:f6:e9:3a:80:5e:d1:8a:7c:4a:11:e1:
0a:20:ea:26:53:2e:06:53:f4:cf:7e:04:e9:04:31:
50:c6:3d:56:70:e4:3b:21:0c:d5:45:4e:13:47:2c:
27:6b:74:f5:43:0f:1e:52:32:69:e3:9a:23:73:04:
9a:64:de:20:d2:dc:07:f1:d6:0b:0b:9e:ad:09:f1:
9b:1c:60:cf:bb:f7:18:5e:95:87:7b:08:01:e2:cf:
be:c7:fa:12:c8:75:3f:70:a3:0f:31:ae:64:97:4f:
ab:9b:5e:2e:8d:cb:6c:b2:b2:01:7d:40:8b:8f:ad:
9f:90:59:66:22:fb:10:bb:01:0a:dc:ff:e3:f3:66:
8d:81:34:b6:fd:76:2d:1c:ba:66:2c:7d:10:8d:6e:
ac:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:B5:C2:98:E3:BB:30:1C:91:07:67:0A:1B:11:68:06:D0:29:07:8E
X509v3 Authority Key Identifier:
keyid:8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/1-bXCmOO7MByRB2cKGxFoBtApB44.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.252.33.0/24
Signature Algorithm: sha256WithRSAEncryption
64:45:50:b0:8b:26:28:bc:3c:a4:dc:04:af:ee:c5:41:48:50:
8e:cd:1a:c6:7c:41:c9:73:07:87:5b:ff:80:05:49:d4:2c:5f:
53:56:32:48:2b:71:3e:e5:d4:0f:b3:cb:67:40:9f:06:cc:20:
5e:f7:ba:a8:a6:76:b2:a4:6e:45:3a:d2:b3:c9:47:85:02:dd:
15:a8:de:50:98:0f:9d:b6:e8:ee:6b:04:05:e8:cf:ce:36:03:
09:a1:63:ba:ec:c0:8b:f0:46:6b:86:f0:4e:19:48:e5:61:f9:
8b:84:12:04:f9:02:56:38:b0:45:dc:83:1f:81:7e:a3:0f:83:
a7:75:e2:1b:30:88:2d:2f:32:f2:d1:26:8d:90:a5:3c:9e:f1:
47:36:6c:44:b2:d3:e6:57:2c:c1:fd:b0:c5:1b:21:86:4d:03:
88:77:84:4f:3b:c8:a6:d3:3c:75:43:18:4f:4c:63:51:41:3b:
02:e1:70:a7:4b:5d:5b:af:b3:62:34:21:7d:82:0f:1a:af:88:
58:fd:f9:d2:e1:34:a9:26:8b:c1:4f:49:30:89:07:b2:99:50:
ff:9c:25:31:7f:8a:53:31:a7:89:87:95:1a:0d:a9:5f:df:87:
83:0d:ee:2b:a2:ec:36:05:9c:c7:be:73:7a:7d:ef:ed:e4:1e:
cf:f8:12:7f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQijZWUwLzpjwLpVj3qbYshMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkNTljNDMyM2Y3NjdjZTRmZmM4NWRhYWQyMDhiOTBjMDRm
YmQzZTkwHhcNMjUwMTAxMTU0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWI1YzI5OGUzYmIzMDFjOTEwNzY3MGExYjExNjgwNmQwMjkwNzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAplnmK9CZoPQED+CUfW8YBAyj6GoX
vpey5oVH3YAurMs5/iz81U6Ru08zmJlF0WDh8PPe1WWojenbRxjQMlSuqrIW6WYA
fS63ZMELZ5pl4L1DmvQ7DV3XgK3DmDGorQryo/VITkWNfEafGyXu9uk6gF7RinxK
EeEKIOomUy4GU/TPfgTpBDFQxj1WcOQ7IQzVRU4TRywna3T1Qw8eUjJp45ojcwSa
ZN4g0twH8dYLC56tCfGbHGDPu/cYXpWHewgB4s++x/oSyHU/cKMPMa5kl0+rm14u
jctssrIBfUCLj62fkFlmIvsQuwEK3P/j82aNgTS2/XYtHLpmLH0QjW6stwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPm1wpjjuzAckQdnChsRaAbQKQeOMB8GA1UdIwQY
MBaAFI1ZxDI/dnzk/8hdqtIIuQwE+9PpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUt
ZjJiZTlmNmM2NjRjLzEvMS1iWENtT083TUJ5UkIyY0tHeEZvQnRBcEI0NC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNjYvZjA5ZWNmLWU4MDUtNDE1OC1iMzE1LWYyYmU5ZjZjNjY0
Yy8xL2pWbkVNajkyZk9UX3lGMnEwZ2k1REFUNzAtay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANT8ITAN
BgkqhkiG9w0BAQsFAAOCAQEAZEVQsIsmKLw8pNwEr+7FQUhQjs0axnxByXMHh1v/
gAVJ1CxfU1YySCtxPuXUD7PLZ0CfBswgXve6qKZ2sqRuRTrSs8lHhQLdFajeUJgP
nbbo7msEBejPzjYDCaFjuuzAi/BGa4bwThlI5WH5i4QSBPkCVjiwRdyDH4F+ow+D
p3XiGzCILS8y8tEmjZClPJ7xRzZsRLLT5lcswf2wxRshhk0DiHeETzvIptM8dUMY
T0xjUUE7AuFwp0tdW6+zYjQhfYIPGq+IWP350uE0qSaLwU9JMIkHsplQ/5wlMX+K
UzGniYeVGg2pX9+Hgw3uK6LsNgWcx75zen3v7eQez/gSfw==
-----END CERTIFICATE-----
Generated at Wed Apr 9 13:03:51 2025 by rpki-client