Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/24a47d-6a4d-4e15-a238-7740b3d6905e/1/yyEfKYzfWifnZltk7ctCY5A-44M.roa
File: yyEfKYzfWifnZltk7ctCY5A-44M.roa (raw, json)
Hash identifier: Bx/CCORj4vVt+Qie6xpQv8J6eghjTLCeuziTvvg5CUE=
Subject key identifier: CB:21:1F:29:8C:DF:5A:27:E7:66:5B:64:ED:CB:42:63:90:3E:E3:83
Certificate issuer: /CN=96f1977cf17fe4e1de2f16293c669f44d5bd7433
Certificate serial: 01942444E9D93C533E025DE47CD1A75FC04B
Authority key identifier: 96:F1:97:7C:F1:7F:E4:E1:DE:2F:16:29:3C:66:9F:44:D5:BD:74:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lvGXfPF_5OHeLxYpPGafRNW9dDM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/24a47d-6a4d-4e15-a238-7740b3d6905e/1/yyEfKYzfWifnZltk7ctCY5A-44M.roa
Signing time: Wed 01 Jan 2025 23:48:03 +0000
ROA not before: Wed 01 Jan 2025 23:48:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58347
IP address blocks: 91.103.142.0/24 maxlen: 24
193.135.12.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/24a47d-6a4d-4e15-a238-7740b3d6905e/1/lvGXfPF_5OHeLxYpPGafRNW9dDM.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/24a47d-6a4d-4e15-a238-7740b3d6905e/1/lvGXfPF_5OHeLxYpPGafRNW9dDM.mft
rsync://rpki.ripe.net/repository/DEFAULT/lvGXfPF_5OHeLxYpPGafRNW9dDM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:e9:d9:3c:53:3e:02:5d:e4:7c:d1:a7:5f:c0:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96f1977cf17fe4e1de2f16293c669f44d5bd7433
Validity
Not Before: Jan 1 23:48:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cb211f298cdf5a27e7665b64edcb4263903ee383
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:23:2c:b8:c5:9d:53:b1:bb:35:82:87:49:31:
ee:9b:00:1d:7c:2a:9c:35:fe:6f:a6:8f:45:dd:94:
c7:81:eb:fa:46:f1:ec:72:7a:e9:0e:ce:1e:5f:5c:
bb:c3:e5:c2:ec:73:94:eb:8f:8c:00:48:8f:6b:d4:
85:5b:1b:61:64:25:b1:d7:74:e3:8c:9e:f1:d4:a2:
5b:22:23:6d:6b:11:11:1b:11:da:72:7e:a7:5a:cb:
00:91:d7:04:1c:f5:ec:a8:87:d8:ef:a4:51:a6:6c:
c3:ac:99:e7:7d:b8:d7:d7:88:04:71:cd:20:5d:5a:
7c:45:9f:93:63:cc:18:e1:80:d3:02:0f:18:9c:f3:
1e:05:fc:ef:d8:74:55:03:16:d2:31:80:b6:17:58:
78:c8:44:2a:c0:3c:a5:5f:98:3b:39:17:19:ef:87:
ef:bc:9c:a9:e4:b9:79:26:c1:08:f5:da:16:61:78:
be:fb:84:27:50:54:39:d0:8c:ac:91:02:0f:ed:62:
e2:3b:ae:15:28:d4:53:a8:e4:36:b8:fd:f5:17:11:
19:2d:e9:7d:e1:b9:1b:b0:47:b6:1e:4e:5b:97:7e:
61:fb:e4:3f:da:ec:af:19:ff:c0:fc:28:fa:c1:e5:
8b:ee:ff:fa:ef:ff:0a:dd:7a:ba:98:33:09:91:33:
00:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:21:1F:29:8C:DF:5A:27:E7:66:5B:64:ED:CB:42:63:90:3E:E3:83
X509v3 Authority Key Identifier:
keyid:96:F1:97:7C:F1:7F:E4:E1:DE:2F:16:29:3C:66:9F:44:D5:BD:74:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lvGXfPF_5OHeLxYpPGafRNW9dDM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/24a47d-6a4d-4e15-a238-7740b3d6905e/1/yyEfKYzfWifnZltk7ctCY5A-44M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/24a47d-6a4d-4e15-a238-7740b3d6905e/1/lvGXfPF_5OHeLxYpPGafRNW9dDM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.103.142.0/24
193.135.12.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:3f:a6:15:09:2f:35:f3:75:9b:85:01:72:5e:ee:de:68:ec:
78:a9:50:1f:3f:a6:77:54:53:be:01:34:99:26:63:31:6e:a4:
4e:73:f4:01:a0:48:6d:26:45:dd:22:83:0a:77:6d:08:1e:8a:
c5:cf:c6:c2:73:58:b7:27:3c:cc:c4:0d:e0:df:67:64:9a:3e:
91:55:b0:af:3e:0d:19:b4:8c:d8:9a:ed:80:11:cb:cc:e1:80:
85:bf:07:23:d2:2f:65:1c:dd:c8:fe:58:96:05:dc:c0:70:03:
04:64:bb:a1:74:07:5d:e0:1c:15:13:16:84:8f:f4:2d:39:09:
be:06:7d:b2:6d:55:0f:96:6c:67:75:12:04:2d:51:94:a8:31:
81:a8:55:a1:98:7e:02:31:19:40:97:e7:ac:51:85:cf:ce:63:
34:3a:88:75:05:0b:71:16:99:5d:43:ad:03:06:35:f2:2c:22:
e1:93:65:3d:d4:c3:43:8f:5a:7e:b0:16:f8:5d:45:9c:cd:af:
b4:5e:cf:be:76:7b:e2:51:68:9a:7a:64:85:fb:a6:df:56:3d:
59:21:85:59:f2:3f:d0:07:6a:80:87:d3:c0:2f:ac:ad:4d:52:
ec:9f:12:5b:57:6a:1e:af:98:25:70:55:a3:c4:3a:b9:1a:c4:
07:41:66:86
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQkROnZPFM+Al3kfNGnX8BLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2ZjE5NzdjZjE3ZmU0ZTFkZTJmMTYyOTNjNjY5ZjQ0ZDVi
ZDc0MzMwHhcNMjUwMTAxMjM0ODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjIxMWYyOThjZGY1YTI3ZTc2NjViNjRlZGNiNDI2MzkwM2VlMzgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtiMsuMWdU7G7NYKHSTHumwAdfCqc
Nf5vpo9F3ZTHgev6RvHscnrpDs4eX1y7w+XC7HOU64+MAEiPa9SFWxthZCWx13Tj
jJ7x1KJbIiNtaxERGxHacn6nWssAkdcEHPXsqIfY76RRpmzDrJnnfbjX14gEcc0g
XVp8RZ+TY8wY4YDTAg8YnPMeBfzv2HRVAxbSMYC2F1h4yEQqwDylX5g7ORcZ74fv
vJyp5Ll5JsEI9doWYXi++4QnUFQ50IyskQIP7WLiO64VKNRTqOQ2uP31FxEZLel9
4bkbsEe2Hk5bl35h++Q/2uyvGf/A/Cj6weWL7v/67/8K3Xq6mDMJkTMAcwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMshHymM31on52ZbZO3LQmOQPuODMB8GA1UdIwQY
MBaAFJbxl3zxf+Th3i8WKTxmn0TVvXQzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHZHWGZQRl81T0hlTHhZcFBHYWZSTlc5ZERNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8yNGE0N2QtNmE0ZC00ZTE1LWEyMzgt
Nzc0MGIzZDY5MDVlLzEveXlFZktZemZXaWZuWmx0azdjdENZNUEtNDRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8yNGE0N2QtNmE0ZC00ZTE1LWEyMzgtNzc0MGIzZDY5MDVl
LzEvbHZHWGZQRl81T0hlTHhZcFBHYWZSTlc5ZERNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW2eOAwQA
wYcMMA0GCSqGSIb3DQEBCwUAA4IBAQCwP6YVCS8183WbhQFyXu7eaOx4qVAfP6Z3
VFO+ATSZJmMxbqROc/QBoEhtJkXdIoMKd20IHorFz8bCc1i3JzzMxA3g32dkmj6R
VbCvPg0ZtIzYmu2AEcvM4YCFvwcj0i9lHN3I/liWBdzAcAMEZLuhdAdd4BwVExaE
j/QtOQm+Bn2ybVUPlmxndRIELVGUqDGBqFWhmH4CMRlAl+esUYXPzmM0Ooh1BQtx
FpldQ60DBjXyLCLhk2U91MNDj1p+sBb4XUWcza+0Xs++dnviUWiaemSF+6bfVj1Z
IYVZ8j/QB2qAh9PAL6ytTVLsnxJbV2oer5glcFWjxDq5GsQHQWaG
-----END CERTIFICATE-----
Generated at Fri Apr 18 16:08:40 2025 by rpki-client