Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/9fe53d-eb4e-4e6b-9022-e322087870d2/1/izDgJyT_jFs6Afm1vFmx3IUq128.roa
File: izDgJyT_jFs6Afm1vFmx3IUq128.roa (raw, json)
Hash identifier: +piNMelo8kmyTOhWUH5qriIcmuElNVknleJSz/MJ2T8=
Subject key identifier: 8B:30:E0:27:24:FF:8C:5B:3A:01:F9:B5:BC:59:B1:DC:85:2A:D7:6F
Certificate issuer: /CN=8ff85eff2448c73646e354afea641bcf79e7c7f9
Certificate serial: 01942369E168B0943A9253E779B740FF50A7
Authority key identifier: 8F:F8:5E:FF:24:48:C7:36:46:E3:54:AF:EA:64:1B:CF:79:E7:C7:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j_he_yRIxzZG41Sv6mQbz3nnx_k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/9fe53d-eb4e-4e6b-9022-e322087870d2/1/izDgJyT_jFs6Afm1vFmx3IUq128.roa
Signing time: Wed 01 Jan 2025 19:48:48 +0000
ROA not before: Wed 01 Jan 2025 19:48:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197838
IP address blocks: 91.228.8.0/23 maxlen: 23
94.154.16.0/21 maxlen: 21
2001:678:a74::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/9fe53d-eb4e-4e6b-9022-e322087870d2/1/j_he_yRIxzZG41Sv6mQbz3nnx_k.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/9fe53d-eb4e-4e6b-9022-e322087870d2/1/j_he_yRIxzZG41Sv6mQbz3nnx_k.mft
rsync://rpki.ripe.net/repository/DEFAULT/j_he_yRIxzZG41Sv6mQbz3nnx_k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 22:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:e1:68:b0:94:3a:92:53:e7:79:b7:40:ff:50:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ff85eff2448c73646e354afea641bcf79e7c7f9
Validity
Not Before: Jan 1 19:48:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8b30e02724ff8c5b3a01f9b5bc59b1dc852ad76f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f0:7b:b5:25:3e:47:71:a5:bf:f5:73:82:a6:
64:4b:86:5d:cb:c2:60:5b:ba:93:59:91:1c:ca:39:
ed:0a:78:0d:f4:1c:c5:2b:a5:c5:3d:d6:57:a2:88:
48:5c:2b:fc:91:e8:4e:8a:3e:7e:8c:3f:4e:b7:4c:
f3:63:57:93:f3:10:70:42:ca:49:6e:34:d8:7c:8f:
62:39:c7:8b:ec:dd:b2:fb:f4:aa:fa:78:4f:91:8f:
7c:81:14:98:49:00:a0:d2:12:f3:03:bb:8f:07:11:
19:a0:cf:04:46:00:2d:a7:75:ac:23:ae:57:84:d6:
9a:2c:c4:b5:b8:2a:7e:5d:8e:96:ae:35:6d:85:30:
fd:d5:de:38:b6:9d:c6:6c:5d:54:36:54:d8:e7:9b:
de:3a:3f:14:9e:94:c6:39:93:06:4d:a5:ea:c2:1d:
8d:93:b4:e0:ef:f8:17:0a:b1:03:0c:1b:c2:e6:b5:
fe:35:af:a0:9e:f9:58:ce:31:72:ca:32:22:74:3c:
6a:b6:f9:f9:ac:ef:10:ee:7b:48:37:3e:f2:3d:66:
83:bd:60:ad:ab:80:1e:ee:57:ba:ec:c7:83:d0:01:
8a:13:4b:f4:bc:bb:e8:cb:f7:e2:12:ac:ca:0d:e8:
3e:64:7d:25:f6:07:e3:43:b6:d2:48:6b:da:0a:f9:
e0:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:30:E0:27:24:FF:8C:5B:3A:01:F9:B5:BC:59:B1:DC:85:2A:D7:6F
X509v3 Authority Key Identifier:
keyid:8F:F8:5E:FF:24:48:C7:36:46:E3:54:AF:EA:64:1B:CF:79:E7:C7:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j_he_yRIxzZG41Sv6mQbz3nnx_k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/9fe53d-eb4e-4e6b-9022-e322087870d2/1/izDgJyT_jFs6Afm1vFmx3IUq128.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/9fe53d-eb4e-4e6b-9022-e322087870d2/1/j_he_yRIxzZG41Sv6mQbz3nnx_k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.8.0/23
94.154.16.0/21
IPv6:
2001:678:a74::/48
Signature Algorithm: sha256WithRSAEncryption
7e:9e:d8:1a:b4:85:e8:51:70:e2:63:d7:16:a1:8e:09:e1:15:
8d:ac:0b:de:de:bb:14:73:b1:d7:e5:9b:46:74:e9:fb:d9:79:
0c:17:70:3f:0d:36:e0:c1:cb:9b:54:48:16:32:82:fe:11:32:
55:52:ac:da:06:54:df:7a:4d:18:b9:fd:7b:a6:89:fe:ae:d7:
3e:64:ee:6a:9f:15:76:c2:14:5b:f4:32:ff:89:ec:bd:b8:d4:
80:ec:f5:20:08:f1:91:8d:ac:bb:0d:39:40:61:ee:dc:e1:ad:
af:10:61:4b:cf:bd:4d:59:01:da:1e:f3:57:bf:51:33:53:3f:
ea:80:03:23:c9:f4:92:76:4c:f3:71:96:ed:05:0c:97:85:db:
d1:b8:51:08:42:bf:5f:6e:37:ff:41:5d:c6:67:be:69:c0:cb:
9e:07:f8:d4:02:30:1e:88:c6:cc:d6:34:a3:a7:0a:b4:03:7b:
72:f9:f4:7c:7c:70:c0:f2:1a:92:b6:d9:f1:91:46:a2:02:a2:
e3:05:53:3b:8c:71:2b:03:37:ae:1e:d4:81:e0:18:67:13:17:
b9:20:42:bf:a2:73:48:a6:d1:81:12:bb:57:70:e0:53:12:b1:
88:37:cf:d2:2e:33:05:df:55:b1:3b:8a:e3:36:cc:55:4b:05:
b6:92:94:5e
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQjaeFosJQ6klPnebdA/1CnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmZjg1ZWZmMjQ0OGM3MzY0NmUzNTRhZmVhNjQxYmNmNzll
N2M3ZjkwHhcNMjUwMTAxMTk0ODQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjMwZTAyNzI0ZmY4YzViM2EwMWY5YjViYzU5YjFkYzg1MmFkNzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfB7tSU+R3Glv/VzgqZkS4Zdy8Jg
W7qTWZEcyjntCngN9BzFK6XFPdZXoohIXCv8kehOij5+jD9Ot0zzY1eT8xBwQspJ
bjTYfI9iOceL7N2y+/Sq+nhPkY98gRSYSQCg0hLzA7uPBxEZoM8ERgAtp3WsI65X
hNaaLMS1uCp+XY6WrjVthTD91d44tp3GbF1UNlTY55veOj8UnpTGOZMGTaXqwh2N
k7Tg7/gXCrEDDBvC5rX+Na+gnvlYzjFyyjIidDxqtvn5rO8Q7ntINz7yPWaDvWCt
q4Ae7le67MeD0AGKE0v0vLvoy/fiEqzKDeg+ZH0l9gfjQ7bSSGvaCvngzQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFIsw4Cck/4xbOgH5tbxZsdyFKtdvMB8GA1UdIwQY
MBaAFI/4Xv8kSMc2RuNUr+pkG89558f5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQval9oZV95Ukl4elpHNDFTdjZtUWJ6M25ueF9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC85ZmU1M2QtZWI0ZS00ZTZiLTkwMjIt
ZTMyMjA4Nzg3MGQyLzEvaXpEZ0p5VF9qRnM2QWZtMXZGbXgzSVVxMTI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC85ZmU1M2QtZWI0ZS00ZTZiLTkwMjItZTMyMjA4Nzg3MGQy
LzEval9oZV95Ukl4elpHNDFTdjZtUWJ6M25ueF9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBW+QIAwQD
XpoQMA8EAgACMAkDBwAgAQZ4CnQwDQYJKoZIhvcNAQELBQADggEBAH6e2Bq0hehR
cOJj1xahjgnhFY2sC97euxRzsdflm0Z06fvZeQwXcD8NNuDBy5tUSBYygv4RMlVS
rNoGVN96TRi5/Xumif6u1z5k7mqfFXbCFFv0Mv+J7L241IDs9SAI8ZGNrLsNOUBh
7tzhra8QYUvPvU1ZAdoe81e/UTNTP+qAAyPJ9JJ2TPNxlu0FDJeF29G4UQhCv19u
N/9BXcZnvmnAy54H+NQCMB6IxszWNKOnCrQDe3L59Hx8cMDyGpK22fGRRqICouMF
UzuMcSsDN64e1IHgGGcTF7kgQr+ic0im0YESu1dw4FMSsYg3z9IuMwXfVbE7iuM2
zFVLBbaSlF4=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:53:51 2025 by rpki-client