Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/AfKRqLSzH6502idiDx6FWbmMGUs.roa
File: AfKRqLSzH6502idiDx6FWbmMGUs.roa (raw, json)
Hash identifier: 7n4MiMOQ4bPTurFY5QVijQVZeMHF92INkEsS41lcYhI=
Subject key identifier: 01:F2:91:A8:B4:B3:1F:AE:74:DA:27:62:0F:1E:85:59:B9:8C:19:4B
Certificate issuer: /CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Certificate serial: 0194228D9C7D257B4EC47F5F1656DC0805DC
Authority key identifier: 8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/AfKRqLSzH6502idiDx6FWbmMGUs.roa
Signing time: Wed 01 Jan 2025 15:48:13 +0000
ROA not before: Wed 01 Jan 2025 15:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34684
IP address blocks: 212.252.135.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.mft
rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 02:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:9c:7d:25:7b:4e:c4:7f:5f:16:56:dc:08:05:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Validity
Not Before: Jan 1 15:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=01f291a8b4b31fae74da27620f1e8559b98c194b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:96:81:28:3e:8f:61:f4:74:2a:6a:e0:3d:f2:
0e:33:27:b6:09:d5:ac:78:27:85:70:87:10:1a:8e:
53:5c:90:dc:66:ad:65:e6:e4:14:db:6d:51:41:05:
4f:e2:64:b3:f4:76:d8:91:7d:7b:05:4b:11:90:36:
c6:32:01:d4:f0:f0:b2:b5:c4:34:27:61:7e:37:6c:
09:6b:97:f8:86:b5:f3:90:18:92:35:58:09:b9:a2:
7e:dd:33:28:24:f5:b4:8a:da:41:d5:e9:aa:65:22:
79:8a:f6:af:c5:22:24:ed:4d:c5:a1:48:35:d0:e9:
6b:eb:84:0d:5e:69:55:5d:ce:95:05:42:80:b2:05:
ad:94:9a:46:99:f8:7c:94:a4:44:d0:a6:2a:f1:98:
f3:f3:05:5c:c3:d9:8e:13:d3:71:49:35:6a:b4:bd:
dc:ee:96:6b:cc:19:f4:52:c8:46:17:1c:01:0f:32:
fa:a0:eb:11:da:b7:44:59:90:9f:4a:85:e5:88:b8:
64:71:69:38:d4:78:b6:f3:0f:5b:f4:04:d1:99:65:
98:e3:70:7c:82:c3:32:33:62:f0:80:ff:c6:23:87:
98:ee:68:21:15:51:ea:dd:72:61:1f:2d:f5:3c:9b:
01:32:5f:d1:37:1c:5c:f7:65:e9:58:12:78:6b:27:
25:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:F2:91:A8:B4:B3:1F:AE:74:DA:27:62:0F:1E:85:59:B9:8C:19:4B
X509v3 Authority Key Identifier:
keyid:8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/AfKRqLSzH6502idiDx6FWbmMGUs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.252.135.0/24
Signature Algorithm: sha256WithRSAEncryption
46:68:1a:f1:ff:86:6e:73:84:8e:fe:97:b5:01:be:4c:cb:dc:
df:28:6e:c4:de:5d:44:41:a0:95:e6:36:b9:88:ba:be:c8:c2:
f8:36:71:a3:a4:b8:af:df:07:9e:91:da:b1:8a:8a:ea:8b:4a:
35:af:af:72:03:d9:44:dd:64:e3:80:a2:60:9a:f8:4d:cb:b3:
8f:39:6f:04:23:0a:f9:c8:8d:c3:84:5f:d3:75:a2:54:14:f1:
f9:32:9f:5b:e2:7c:43:60:6c:87:5c:a9:e9:9b:fa:88:bc:19:
32:81:4c:2f:4b:27:c0:9c:71:5b:14:b8:c6:b9:94:03:66:6d:
c9:82:ba:ab:1d:a0:f4:2c:14:57:47:0a:cc:08:d5:5e:f6:68:
1d:5f:79:90:93:b6:4a:6f:96:f9:ea:cd:0f:42:0a:e6:44:f7:
c5:27:19:3b:27:0b:29:21:f9:7d:7a:91:d7:2d:e3:68:d3:9b:
a4:d1:a8:a1:bf:d8:c1:22:fa:98:ee:c6:b9:b7:64:aa:c7:e1:
71:92:af:7d:88:38:a7:eb:48:0b:28:25:9e:5b:e1:40:92:d5:
c7:c0:ba:60:b1:01:fc:0e:51:31:2c:a5:bc:5e:e1:9f:47:6d:
45:cd:85:3a:14:41:11:99:6b:c0:67:fd:57:49:c8:42:ef:6d:
c4:06:1d:bf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijZx9JXtOxH9fFlbcCAXcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkNTljNDMyM2Y3NjdjZTRmZmM4NWRhYWQyMDhiOTBjMDRm
YmQzZTkwHhcNMjUwMTAxMTU0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWYyOTFhOGI0YjMxZmFlNzRkYTI3NjIwZjFlODU1OWI5OGMxOTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJaBKD6PYfR0KmrgPfIOMye2CdWs
eCeFcIcQGo5TXJDcZq1l5uQU221RQQVP4mSz9HbYkX17BUsRkDbGMgHU8PCytcQ0
J2F+N2wJa5f4hrXzkBiSNVgJuaJ+3TMoJPW0itpB1emqZSJ5ivavxSIk7U3FoUg1
0Olr64QNXmlVXc6VBUKAsgWtlJpGmfh8lKRE0KYq8Zjz8wVcw9mOE9NxSTVqtL3c
7pZrzBn0UshGFxwBDzL6oOsR2rdEWZCfSoXliLhkcWk41Hi28w9b9ATRmWWY43B8
gsMyM2LwgP/GI4eY7mghFVHq3XJhHy31PJsBMl/RNxxc92XpWBJ4ayclzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAHykai0sx+udNonYg8ehVm5jBlLMB8GA1UdIwQY
MBaAFI1ZxDI/dnzk/8hdqtIIuQwE+9PpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUt
ZjJiZTlmNmM2NjRjLzEvQWZLUnFMU3pINjUwMmlkaUR4NkZXYm1NR1VzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUtZjJiZTlmNmM2NjRj
LzEvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1PyHMA0G
CSqGSIb3DQEBCwUAA4IBAQBGaBrx/4Zuc4SO/pe1Ab5My9zfKG7E3l1EQaCV5ja5
iLq+yML4NnGjpLiv3weekdqxiorqi0o1r69yA9lE3WTjgKJgmvhNy7OPOW8EIwr5
yI3DhF/TdaJUFPH5Mp9b4nxDYGyHXKnpm/qIvBkygUwvSyfAnHFbFLjGuZQDZm3J
grqrHaD0LBRXRwrMCNVe9mgdX3mQk7ZKb5b56s0PQgrmRPfFJxk7JwspIfl9epHX
LeNo05uk0aihv9jBIvqY7sa5t2Sqx+Fxkq99iDin60gLKCWeW+FAktXHwLpgsQH8
DlExLKW8XuGfR21FzYU6FEERmWvAZ/1XSchC723EBh2/
-----END CERTIFICATE-----
Generated at Wed Apr 9 09:34:14 2025 by rpki-client