Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/70cb80-4e6d-46a5-b1b4-4e3f4d68f682/1/DkayGfO7JIkj0aP3u5tMKhfrqH0.roa
File: DkayGfO7JIkj0aP3u5tMKhfrqH0.roa (raw, json)
Hash identifier: SB2VJh36vskB6Jgns8zRjcE+4UksZV6puEKomuTZHlg=
Subject key identifier: 0E:46:B2:19:F3:BB:24:89:23:D1:A3:F7:BB:9B:4C:2A:17:EB:A8:7D
Certificate issuer: /CN=74267f3ecfcc61668e0501bca60ced6dd75d347c
Certificate serial: 019681B38E74C406DB30D78BDE618E07A573
Authority key identifier: 74:26:7F:3E:CF:CC:61:66:8E:05:01:BC:A6:0C:ED:6D:D7:5D:34:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dCZ_Ps_MYWaOBQG8pgztbdddNHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/70cb80-4e6d-46a5-b1b4-4e3f4d68f682/1/DkayGfO7JIkj0aP3u5tMKhfrqH0.roa
Signing time: Tue 29 Apr 2025 13:19:10 +0000
ROA not before: Tue 29 Apr 2025 13:19:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2263
IP address blocks: 192.44.77.0/24 maxlen: 24
192.108.118.0/24 maxlen: 24
192.108.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/70cb80-4e6d-46a5-b1b4-4e3f4d68f682/1/dCZ_Ps_MYWaOBQG8pgztbdddNHw.crl
rsync://rpki.ripe.net/repository/DEFAULT/67/70cb80-4e6d-46a5-b1b4-4e3f4d68f682/1/dCZ_Ps_MYWaOBQG8pgztbdddNHw.mft
rsync://rpki.ripe.net/repository/DEFAULT/dCZ_Ps_MYWaOBQG8pgztbdddNHw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 16:01:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:81:b3:8e:74:c4:06:db:30:d7:8b:de:61:8e:07:a5:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74267f3ecfcc61668e0501bca60ced6dd75d347c
Validity
Not Before: Apr 29 13:19:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0e46b219f3bb248923d1a3f7bb9b4c2a17eba87d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:50:92:3e:bf:13:41:e0:82:49:8c:83:84:2f:
3e:2f:e6:bc:9e:ff:74:19:23:bc:2f:fc:ec:49:22:
53:24:9a:32:fc:74:ff:d2:a4:f9:50:96:5f:4b:7c:
05:d8:00:16:d5:10:76:92:ee:7b:a1:07:2e:f6:ab:
67:3e:0c:95:3b:2a:10:56:4c:57:98:ea:2b:71:ff:
03:e4:37:02:93:4b:2b:c8:66:af:75:62:8b:7a:f4:
da:45:48:68:75:36:52:b6:cc:85:2b:61:13:36:5b:
4d:16:70:a1:f3:84:72:80:97:b0:90:3a:ff:0c:5b:
2a:f3:f6:45:5e:a7:91:e6:48:8a:e4:00:c9:68:20:
78:32:a5:66:1f:db:44:1f:7f:91:65:0c:2d:aa:5a:
10:d5:95:d5:11:7a:5b:00:04:71:5d:98:24:58:97:
a9:e0:d6:2e:85:f6:02:b0:2f:a0:3d:a6:7f:a5:bb:
29:79:80:39:3d:b3:49:83:bc:26:be:e3:1c:40:bc:
c6:eb:d0:bf:7a:35:62:9f:b9:4e:11:5a:6c:c6:48:
ad:90:6f:7b:a6:c4:8f:e3:ca:7e:97:87:5d:4d:d9:
25:39:09:9d:1d:34:cc:bc:ad:b6:1e:18:f9:a9:d5:
dc:15:62:ad:07:75:cc:54:ff:d5:5b:14:7c:44:cc:
8d:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:46:B2:19:F3:BB:24:89:23:D1:A3:F7:BB:9B:4C:2A:17:EB:A8:7D
X509v3 Authority Key Identifier:
keyid:74:26:7F:3E:CF:CC:61:66:8E:05:01:BC:A6:0C:ED:6D:D7:5D:34:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dCZ_Ps_MYWaOBQG8pgztbdddNHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/70cb80-4e6d-46a5-b1b4-4e3f4d68f682/1/DkayGfO7JIkj0aP3u5tMKhfrqH0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/70cb80-4e6d-46a5-b1b4-4e3f4d68f682/1/dCZ_Ps_MYWaOBQG8pgztbdddNHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.44.77.0/24
192.108.118.0/23
Signature Algorithm: sha256WithRSAEncryption
8c:36:25:2d:24:86:37:0d:85:71:da:44:dc:3d:b9:f0:c0:e8:
42:86:0c:b6:05:b1:75:ad:0c:2c:29:ea:66:be:52:9b:66:42:
47:b8:c3:9e:cf:bd:5a:b6:6e:dd:f2:c1:eb:d3:7a:13:77:a5:
d4:85:9b:6f:f6:73:0d:4a:c3:f9:b4:d2:78:6a:52:21:e1:8f:
3b:f5:99:af:4d:ee:14:b8:91:a3:30:57:45:b2:e4:22:8b:0c:
60:46:32:1a:f1:55:c4:d1:ce:c8:15:0d:df:87:b1:54:e4:ae:
29:03:d1:dd:56:87:d2:4c:3f:dd:27:f4:de:4a:86:a2:f8:42:
ca:ad:8c:e1:7c:db:2e:42:85:4e:f8:2d:90:8b:ab:8d:b9:aa:
e3:d4:92:a0:40:02:2a:5e:9a:75:29:85:68:45:e0:f4:ee:f7:
68:da:2d:2d:d7:33:25:78:d3:ba:7e:f6:17:14:43:6f:0e:dd:
29:83:b6:99:eb:3c:18:ef:bd:20:50:bd:58:74:6e:b2:a5:08:
53:97:78:2d:3d:dc:9e:63:1b:97:ec:7a:68:ef:e4:d4:64:92:
93:fc:c1:ec:81:02:3b:75:e6:cd:bd:73:a4:4e:11:a5:04:6d:
04:ab:6a:f4:a4:03:b7:19:30:81:76:c5:7f:f3:96:20:39:eb:
36:a6:f3:ca
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZaBs450xAbbMNeL3mGOB6VzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0MjY3ZjNlY2ZjYzYxNjY4ZTA1MDFiY2E2MGNlZDZkZDc1
ZDM0N2MwHhcNMjUwNDI5MTMxOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTQ2YjIxOWYzYmIyNDg5MjNkMWEzZjdiYjliNGMyYTE3ZWJhODdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0lCSPr8TQeCCSYyDhC8+L+a8nv90
GSO8L/zsSSJTJJoy/HT/0qT5UJZfS3wF2AAW1RB2ku57oQcu9qtnPgyVOyoQVkxX
mOorcf8D5DcCk0sryGavdWKLevTaRUhodTZStsyFK2ETNltNFnCh84RygJewkDr/
DFsq8/ZFXqeR5kiK5ADJaCB4MqVmH9tEH3+RZQwtqloQ1ZXVEXpbAARxXZgkWJep
4NYuhfYCsC+gPaZ/pbspeYA5PbNJg7wmvuMcQLzG69C/ejVin7lOEVpsxkitkG97
psSP48p+l4ddTdklOQmdHTTMvK22Hhj5qdXcFWKtB3XMVP/VWxR8RMyNvwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFA5GshnzuySJI9Gj97ubTCoX66h9MB8GA1UdIwQY
MBaAFHQmfz7PzGFmjgUBvKYM7W3XXTR8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZENaX1BzX01ZV2FPQlFHOHBnenRiZGRkTkh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny83MGNiODAtNGU2ZC00NmE1LWIxYjQt
NGUzZjRkNjhmNjgyLzEvRGtheUdmTzdKSWtqMGFQM3U1dE1LaGZycUgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny83MGNiODAtNGU2ZC00NmE1LWIxYjQtNGUzZjRkNjhmNjgy
LzEvZENaX1BzX01ZV2FPQlFHOHBnenRiZGRkTkh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwCxNAwQB
wGx2MA0GCSqGSIb3DQEBCwUAA4IBAQCMNiUtJIY3DYVx2kTcPbnwwOhChgy2BbF1
rQwsKepmvlKbZkJHuMOez71atm7d8sHr03oTd6XUhZtv9nMNSsP5tNJ4alIh4Y87
9ZmvTe4UuJGjMFdFsuQiiwxgRjIa8VXE0c7IFQ3fh7FU5K4pA9HdVofSTD/dJ/Te
Soai+ELKrYzhfNsuQoVO+C2Qi6uNuarj1JKgQAIqXpp1KYVoReD07vdo2i0t1zMl
eNO6fvYXFENvDt0pg7aZ6zwY770gUL1YdG6ypQhTl3gtPdyeYxuX7Hpo7+TUZJKT
/MHsgQI7debNvXOkThGlBG0Eq2r0pAO3GTCBdsV/85YgOes2pvPK
-----END CERTIFICATE-----
Generated at Mon Jun 9 00:34:15 2025 by rpki-client