Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/c26458-fda8-4f0a-957a-7756438544ca/1/_x95g2yEdSVb-Lb5ljfHjKYUyw0.roa
File: _x95g2yEdSVb-Lb5ljfHjKYUyw0.roa (raw, json)
Hash identifier: L85gnjbHLm0XHThSRWvyfg5dYAHvXuHbicBvmefIvAU=
Subject key identifier: FF:1F:79:83:6C:84:75:25:5B:F8:B6:F9:96:37:C7:8C:A6:14:CB:0D
Certificate issuer: /CN=030b00e6074502e6538391feab18358281a3279b
Certificate serial: 0194BBBA74F9321306A81DF11565A65980BE
Authority key identifier: 03:0B:00:E6:07:45:02:E6:53:83:91:FE:AB:18:35:82:81:A3:27:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AwsA5gdFAuZTg5H-qxg1goGjJ5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/c26458-fda8-4f0a-957a-7756438544ca/1/_x95g2yEdSVb-Lb5ljfHjKYUyw0.roa
Signing time: Fri 31 Jan 2025 09:39:06 +0000
ROA not before: Fri 31 Jan 2025 09:39:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197840
IP address blocks: 91.227.216.0/22 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/c26458-fda8-4f0a-957a-7756438544ca/1/AwsA5gdFAuZTg5H-qxg1goGjJ5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/c26458-fda8-4f0a-957a-7756438544ca/1/AwsA5gdFAuZTg5H-qxg1goGjJ5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/AwsA5gdFAuZTg5H-qxg1goGjJ5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:bb:ba:74:f9:32:13:06:a8:1d:f1:15:65:a6:59:80:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=030b00e6074502e6538391feab18358281a3279b
Validity
Not Before: Jan 31 09:39:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ff1f79836c8475255bf8b6f99637c78ca614cb0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:50:f5:23:5b:6f:ea:4c:cc:d0:42:3d:f9:cb:
94:b9:0d:0e:e0:8e:80:f0:7f:30:b6:f9:3d:35:a2:
b3:eb:37:20:24:d6:30:00:bb:bd:06:b8:66:69:e5:
40:71:33:42:ec:93:d8:9c:22:bf:cd:51:7a:7e:43:
5e:5d:ef:e0:41:61:c5:bc:1c:69:db:8c:ba:30:f9:
20:d3:92:1b:09:af:96:2d:72:b4:be:a6:03:8e:c9:
6a:c3:32:c0:5b:9d:63:4a:66:bb:57:c0:2c:c8:45:
c8:1b:35:3c:4a:96:ac:56:c1:31:bb:c6:81:2b:43:
d8:ed:7f:c6:8a:07:cc:a1:1e:39:d4:8e:74:c1:af:
ee:b9:ad:78:90:1a:e2:d3:ed:82:8a:ab:cb:3e:ca:
64:8f:ed:b2:36:0a:5f:00:cb:ca:7e:07:47:8f:85:
bf:d3:9a:3b:0d:d7:07:09:d3:3a:0b:02:b5:40:e0:
2b:83:f6:ad:44:f8:7c:00:f5:bf:83:cc:d5:48:ac:
71:22:93:f9:1b:94:70:16:57:82:86:e2:20:f2:4f:
46:b0:bd:8e:40:f5:b5:ba:80:48:01:ca:5d:66:56:
a9:c1:c2:a3:b2:f8:22:97:32:41:f2:04:31:ee:d2:
8c:ef:52:d2:2d:cb:b2:69:4e:2f:37:19:4e:9a:80:
be:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:1F:79:83:6C:84:75:25:5B:F8:B6:F9:96:37:C7:8C:A6:14:CB:0D
X509v3 Authority Key Identifier:
keyid:03:0B:00:E6:07:45:02:E6:53:83:91:FE:AB:18:35:82:81:A3:27:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AwsA5gdFAuZTg5H-qxg1goGjJ5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/c26458-fda8-4f0a-957a-7756438544ca/1/_x95g2yEdSVb-Lb5ljfHjKYUyw0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/c26458-fda8-4f0a-957a-7756438544ca/1/AwsA5gdFAuZTg5H-qxg1goGjJ5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.227.216.0/22
Signature Algorithm: sha256WithRSAEncryption
2a:5c:6f:fa:18:d4:c6:1d:51:6b:33:f9:5c:d9:e9:3e:eb:b3:
bf:30:57:22:81:f1:d5:1d:c3:a2:46:f8:55:b0:d7:4d:07:27:
36:f6:76:15:06:a0:45:cc:0b:c7:f2:e2:2a:ee:d0:f3:cd:a1:
02:3e:a1:b4:a9:3d:9d:22:14:48:fc:80:03:d6:f1:a8:b4:fd:
2c:2c:34:56:5b:26:65:59:be:a9:dd:83:11:bf:6d:a3:55:32:
32:6c:d4:a2:32:7f:6e:29:ae:60:a0:32:b5:56:5c:aa:2f:f8:
6a:de:b8:e3:55:80:e3:8c:dd:5b:7e:f8:69:4a:74:e8:ae:4d:
7d:61:37:32:76:27:3c:d7:c5:fe:bb:c2:f4:cc:bb:ec:b2:e5:
a0:8a:33:9b:58:14:87:df:fe:1f:5e:89:de:a4:15:1b:85:8a:
0a:57:a7:6e:50:5e:a3:65:2e:38:6e:bb:25:ef:ee:56:b7:09:
71:23:1f:c9:28:01:d4:bc:7e:9a:62:7f:89:ca:7f:e5:da:83:
44:3b:07:20:b0:60:7c:2b:14:03:bb:13:3a:70:9a:a5:1a:a3:
51:02:dc:ef:6e:e9:a3:c4:07:ab:c7:9d:2b:09:83:94:b4:a4:
9a:f0:34:be:b5:90:c8:14:9e:11:74:c4:b1:a5:93:ef:8b:91:
46:11:96:17
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZS7unT5MhMGqB3xFWWmWYC+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzMGIwMGU2MDc0NTAyZTY1MzgzOTFmZWFiMTgzNTgyODFh
MzI3OWIwHhcNMjUwMTMxMDkzOTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjFmNzk4MzZjODQ3NTI1NWJmOGI2Zjk5NjM3Yzc4Y2E2MTRjYjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkFD1I1tv6kzM0EI9+cuUuQ0O4I6A
8H8wtvk9NaKz6zcgJNYwALu9BrhmaeVAcTNC7JPYnCK/zVF6fkNeXe/gQWHFvBxp
24y6MPkg05IbCa+WLXK0vqYDjslqwzLAW51jSma7V8AsyEXIGzU8SpasVsExu8aB
K0PY7X/GigfMoR451I50wa/uua14kBri0+2CiqvLPspkj+2yNgpfAMvKfgdHj4W/
05o7DdcHCdM6CwK1QOArg/atRPh8APW/g8zVSKxxIpP5G5RwFleChuIg8k9GsL2O
QPW1uoBIAcpdZlapwcKjsvgilzJB8gQx7tKM71LSLcuyaU4vNxlOmoC+fwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP8feYNshHUlW/i2+ZY3x4ymFMsNMB8GA1UdIwQY
MBaAFAMLAOYHRQLmU4OR/qsYNYKBoyebMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXdzQTVnZEZBdVpUZzVILXF4ZzFnb0dqSjVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC9jMjY0NTgtZmRhOC00ZjBhLTk1N2Et
Nzc1NjQzODU0NGNhLzEvX3g5NWcyeUVkU1ZiLUxiNWxqZkhqS1lVeXcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC9jMjY0NTgtZmRhOC00ZjBhLTk1N2EtNzc1NjQzODU0NGNh
LzEvQXdzQTVnZEZBdVpUZzVILXF4ZzFnb0dqSjVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW+PYMA0G
CSqGSIb3DQEBCwUAA4IBAQAqXG/6GNTGHVFrM/lc2ek+67O/MFcigfHVHcOiRvhV
sNdNByc29nYVBqBFzAvH8uIq7tDzzaECPqG0qT2dIhRI/IAD1vGotP0sLDRWWyZl
Wb6p3YMRv22jVTIybNSiMn9uKa5goDK1VlyqL/hq3rjjVYDjjN1bfvhpSnTork19
YTcydic818X+u8L0zLvssuWgijObWBSH3/4fXonepBUbhYoKV6duUF6jZS44brsl
7+5WtwlxIx/JKAHUvH6aYn+Jyn/l2oNEOwcgsGB8KxQDuxM6cJqlGqNRAtzvbumj
xAerx50rCYOUtKSa8DS+tZDIFJ4RdMSxpZPvi5FGEZYX
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:50:04 2025 by rpki-client