Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/kNcVhQpRqGRKtRoApGjZuA5ACHo.roa
File: kNcVhQpRqGRKtRoApGjZuA5ACHo.roa (raw, json)
Hash identifier: EghVSyPoJOgbCHk/V4h5/7YBe1j1EcoGI/60cjBIYNw=
Subject key identifier: 90:D7:15:85:0A:51:A8:64:4A:B5:1A:00:A4:68:D9:B8:0E:40:08:7A
Certificate issuer: /CN=ac1f721b7b7e6d049fbfe520e1ca89c1ca256813
Certificate serial: 019427B3F0F8274E34F8594C6E815FBC0683
Authority key identifier: AC:1F:72:1B:7B:7E:6D:04:9F:BF:E5:20:E1:CA:89:C1:CA:25:68:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rB9yG3t-bQSfv-Ug4cqJwcolaBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/kNcVhQpRqGRKtRoApGjZuA5ACHo.roa
Signing time: Thu 02 Jan 2025 15:48:11 +0000
ROA not before: Thu 02 Jan 2025 15:48:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47624
IP address blocks: 91.206.138.0/24 maxlen: 24
91.206.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/rB9yG3t-bQSfv-Ug4cqJwcolaBM.crl
rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/rB9yG3t-bQSfv-Ug4cqJwcolaBM.mft
rsync://rpki.ripe.net/repository/DEFAULT/rB9yG3t-bQSfv-Ug4cqJwcolaBM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Mar 2025 03:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b3:f0:f8:27:4e:34:f8:59:4c:6e:81:5f:bc:06:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac1f721b7b7e6d049fbfe520e1ca89c1ca256813
Validity
Not Before: Jan 2 15:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=90d715850a51a8644ab51a00a468d9b80e40087a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:9a:2e:93:76:48:55:68:7a:31:3d:3f:e6:5c:
ad:27:05:b1:59:43:df:b3:06:8c:b0:23:0b:19:87:
b9:9c:a2:a2:1d:73:fe:93:73:b1:ee:d9:7d:15:51:
fe:9e:c9:69:ef:d3:07:75:17:de:48:d0:46:d4:cf:
07:13:cf:2e:6b:dd:92:25:48:66:c9:86:8a:92:c6:
3c:e7:17:06:57:4e:19:2e:23:a2:ce:c3:f9:c6:6e:
62:0b:9b:ba:3a:68:50:8a:a6:b1:ca:e9:b8:69:b8:
09:8d:b8:72:52:da:96:c6:f4:f3:3b:5c:50:f4:81:
64:1c:a8:43:06:47:2e:ee:2d:cd:72:e3:b6:c4:02:
03:b0:82:e9:b2:60:62:ef:89:99:12:63:87:ec:d2:
42:41:cd:f8:53:c4:af:e9:7b:97:cc:95:f9:23:7e:
e8:7e:25:26:ca:eb:98:7a:19:3f:3b:bd:0d:f8:49:
a6:05:7c:36:96:c4:12:61:e3:19:ad:6e:0b:19:40:
53:ad:e6:2f:97:e2:e3:f8:85:11:61:f4:8e:ea:1c:
4c:14:ac:d4:4e:cb:d1:61:4e:53:b4:aa:6e:ab:14:
d4:7a:fa:e7:98:46:f2:8b:22:ec:09:52:6e:9f:ee:
df:c5:7d:21:80:25:82:aa:eb:8b:58:22:62:66:0a:
d5:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:D7:15:85:0A:51:A8:64:4A:B5:1A:00:A4:68:D9:B8:0E:40:08:7A
X509v3 Authority Key Identifier:
keyid:AC:1F:72:1B:7B:7E:6D:04:9F:BF:E5:20:E1:CA:89:C1:CA:25:68:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rB9yG3t-bQSfv-Ug4cqJwcolaBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/kNcVhQpRqGRKtRoApGjZuA5ACHo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/rB9yG3t-bQSfv-Ug4cqJwcolaBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.138.0/23
Signature Algorithm: sha256WithRSAEncryption
38:dd:e8:fd:7d:d4:df:26:82:72:c6:9f:61:91:83:c0:e4:6e:
69:29:48:ac:4d:57:92:df:bf:03:77:11:5a:d3:62:f7:6b:04:
00:69:59:85:51:06:47:a1:7c:e7:56:e0:43:98:21:31:0d:91:
d1:10:5a:da:ae:f7:27:0d:97:f3:25:7e:61:16:57:3e:14:6a:
d7:14:cb:b3:04:d2:d5:f6:8d:91:73:5b:2d:21:f7:c6:de:84:
b9:ac:2c:be:8b:13:3b:b6:31:65:73:a6:69:15:0b:04:f3:57:
cc:87:5a:be:89:15:0e:93:3b:40:bc:a6:f2:1e:99:e0:18:c7:
5e:2b:41:2d:8f:43:61:c2:5a:f1:34:b4:5a:f8:e1:a7:99:8a:
79:c2:f1:ab:22:c6:2e:d1:f7:5d:bd:33:d2:5e:6a:ba:1c:8d:
d4:31:ac:9b:a5:c5:a1:ee:6f:eb:49:74:f8:16:1f:fe:37:a0:
e6:02:07:27:81:96:9a:91:ae:73:0d:4a:4b:85:cf:9a:8a:21:
2d:6d:ae:fe:44:aa:61:c6:04:ea:89:87:97:49:e4:1f:a6:93:
27:bb:40:6a:32:41:08:64:90:f4:af:e6:bf:30:b2:c7:22:23:
83:bc:3b:a9:c9:9f:d1:14:f4:ec:f7:35:17:52:e7:2b:10:e3:
b4:3b:99:27
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQns/D4J040+FlMboFfvAaDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjMWY3MjFiN2I3ZTZkMDQ5ZmJmZTUyMGUxY2E4OWMxY2Ey
NTY4MTMwHhcNMjUwMTAyMTU0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGQ3MTU4NTBhNTFhODY0NGFiNTFhMDBhNDY4ZDliODBlNDAwODdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxpouk3ZIVWh6MT0/5lytJwWxWUPf
swaMsCMLGYe5nKKiHXP+k3Ox7tl9FVH+nslp79MHdRfeSNBG1M8HE88ua92SJUhm
yYaKksY85xcGV04ZLiOizsP5xm5iC5u6OmhQiqaxyum4abgJjbhyUtqWxvTzO1xQ
9IFkHKhDBkcu7i3NcuO2xAIDsILpsmBi74mZEmOH7NJCQc34U8Sv6XuXzJX5I37o
fiUmyuuYehk/O70N+EmmBXw2lsQSYeMZrW4LGUBTreYvl+Lj+IURYfSO6hxMFKzU
TsvRYU5TtKpuqxTUevrnmEbyiyLsCVJun+7fxX0hgCWCquuLWCJiZgrVRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJDXFYUKUahkSrUaAKRo2bgOQAh6MB8GA1UdIwQY
MBaAFKwfcht7fm0En7/lIOHKicHKJWgTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckI5eUczdC1iUVNmdi1VZzRjcUp3Y29sYUJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC81NmQyNjctMWM0My00N2M4LWFmYjIt
NjRkMjljODZiZjNlLzEva05jVmhRcFJxR1JLdFJvQXBHalp1QTVBQ0hvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC81NmQyNjctMWM0My00N2M4LWFmYjItNjRkMjljODZiZjNl
LzEvckI5eUczdC1iUVNmdi1VZzRjcUp3Y29sYUJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW86KMA0G
CSqGSIb3DQEBCwUAA4IBAQA43ej9fdTfJoJyxp9hkYPA5G5pKUisTVeS378DdxFa
02L3awQAaVmFUQZHoXznVuBDmCExDZHREFrarvcnDZfzJX5hFlc+FGrXFMuzBNLV
9o2Rc1stIffG3oS5rCy+ixM7tjFlc6ZpFQsE81fMh1q+iRUOkztAvKbyHpngGMde
K0Etj0NhwlrxNLRa+OGnmYp5wvGrIsYu0fddvTPSXmq6HI3UMaybpcWh7m/rSXT4
Fh/+N6DmAgcngZaaka5zDUpLhc+aiiEtba7+RKphxgTqiYeXSeQfppMnu0BqMkEI
ZJD0r+a/MLLHIiODvDupyZ/RFPTs9zUXUucrEOO0O5kn
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:57:27 2025 by rpki-client