Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/M7HIqk0flh1NiuPIpaSW5PgfHyw.roa
File: M7HIqk0flh1NiuPIpaSW5PgfHyw.roa (raw, json)
Hash identifier: 8v8odK6qZb3IS3sz2hAuSt8zmgS73uaaUBEaikeyRYo=
Subject key identifier: 33:B1:C8:AA:4D:1F:96:1D:4D:8A:E3:C8:A5:A4:96:E4:F8:1F:1F:2C
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 01942369A55D5043D7A6B5F684C01D6C012C
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/M7HIqk0flh1NiuPIpaSW5PgfHyw.roa
Signing time: Wed 01 Jan 2025 19:48:33 +0000
ROA not before: Wed 01 Jan 2025 19:48:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57098
IP address blocks: 31.14.18.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:a5:5d:50:43:d7:a6:b5:f6:84:c0:1d:6c:01:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Jan 1 19:48:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=33b1c8aa4d1f961d4d8ae3c8a5a496e4f81f1f2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:a1:03:dd:84:53:4e:99:3d:bb:3f:01:40:11:
ae:71:56:78:73:ae:bc:c6:83:0b:8d:5e:b3:13:37:
19:78:1c:43:d5:61:51:af:d2:a3:b7:97:d5:74:55:
96:13:ab:94:bc:9b:f3:b8:8a:2e:53:0b:5f:70:92:
0e:eb:6b:eb:d8:6c:58:cc:b0:9a:ec:c2:6b:ce:fe:
da:8c:ba:d0:84:f7:59:f8:5a:3a:ab:af:9e:4e:2d:
ac:0f:27:a3:69:45:65:96:d4:66:94:07:5f:8f:af:
8b:f7:b6:49:29:d2:97:57:6f:ae:aa:c1:af:0f:63:
dc:a1:72:73:8f:c0:4c:d0:8c:f1:97:a2:39:61:c1:
8d:d2:d7:a6:af:28:37:2c:e8:87:d3:3a:ea:b8:24:
9f:5f:a4:05:20:6a:ca:b1:42:65:e1:46:fd:e1:6d:
52:99:17:8d:b6:4d:1a:1b:c0:ec:d6:be:bd:1e:b5:
96:9a:e4:b5:5a:ad:04:a5:86:08:50:d5:53:b7:12:
32:4f:7d:f0:6d:57:63:d2:af:cc:38:b9:88:d8:03:
52:e8:8e:7e:0d:7c:f0:0c:d0:5c:13:71:80:98:b5:
21:fe:8e:20:69:5f:8b:08:5b:30:0b:b4:e3:8b:5c:
14:87:95:0d:b7:0f:f1:67:e8:b7:62:f1:0a:6c:a1:
fd:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:B1:C8:AA:4D:1F:96:1D:4D:8A:E3:C8:A5:A4:96:E4:F8:1F:1F:2C
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/M7HIqk0flh1NiuPIpaSW5PgfHyw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.18.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:e9:0e:b5:36:96:b2:5c:8e:6b:3e:c4:05:1a:27:66:6d:03:
ab:62:ee:ea:ff:76:ec:8a:50:ac:e8:a9:e8:24:b0:d0:eb:aa:
87:d1:3f:34:30:fc:2c:8e:e9:f4:ff:a2:9e:23:b6:44:77:4e:
fd:7a:ca:cd:08:2c:26:dc:ad:64:ea:a0:ad:92:8a:98:5f:d6:
d4:31:f9:6c:4f:2e:b0:eb:1f:08:b0:db:18:a2:44:dc:e2:42:
42:85:33:66:07:fb:d1:cc:13:4b:d0:d0:39:a8:b4:2f:e8:74:
72:54:c3:79:81:78:0e:f7:a4:53:76:06:6e:d1:5e:cd:12:d2:
fd:bb:b6:f9:47:39:13:d8:e2:a1:df:53:42:f2:c8:e1:21:de:
7d:ab:f3:e8:e2:da:72:bb:a9:e6:a2:7d:6f:ab:31:ef:f1:a1:
9e:e6:1b:87:fd:df:12:82:1a:b4:1e:0c:81:40:62:2e:f2:c4:
0e:be:c8:89:54:e4:67:42:a6:ab:ae:16:3b:bf:4c:e7:ff:e8:
9d:97:f4:af:4b:90:21:34:33:d3:83:9e:b0:08:69:0b:44:56:
ed:ab:16:4b:b0:41:ee:a9:bf:39:8d:44:b3:64:74:97:7d:d5:
80:92:2f:87:8a:f8:a8:85:36:00:01:50:d4:8c:ad:4e:30:fd:
33:71:f1:1f
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQjaaVdUEPXprX2hMAdbAEsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjUwMTAxMTk0ODMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2IxYzhhYTRkMWY5NjFkNGQ4YWUzYzhhNWE0OTZlNGY4MWYxZjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsKED3YRTTpk9uz8BQBGucVZ4c668
xoMLjV6zEzcZeBxD1WFRr9Kjt5fVdFWWE6uUvJvzuIouUwtfcJIO62vr2GxYzLCa
7MJrzv7ajLrQhPdZ+Fo6q6+eTi2sDyejaUVlltRmlAdfj6+L97ZJKdKXV2+uqsGv
D2PcoXJzj8BM0Izxl6I5YcGN0temryg3LOiH0zrquCSfX6QFIGrKsUJl4Ub94W1S
mReNtk0aG8Ds1r69HrWWmuS1Wq0EpYYIUNVTtxIyT33wbVdj0q/MOLmI2ANS6I5+
DXzwDNBcE3GAmLUh/o4gaV+LCFswC7Tji1wUh5UNtw/xZ+i3YvEKbKH9XQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFDOxyKpNH5YdTYrjyKWkluT4Hx8sMB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL003SElxazBmbGgxTml1UElwYVNXNVBnZkh5dy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAfDhIw
DQYJKoZIhvcNAQELBQADggEBAJvpDrU2lrJcjms+xAUaJ2ZtA6ti7ur/duyKUKzo
qegksNDrqofRPzQw/CyO6fT/op4jtkR3Tv16ys0ILCbcrWTqoK2Siphf1tQx+WxP
LrDrHwiw2xiiRNziQkKFM2YH+9HME0vQ0DmotC/odHJUw3mBeA73pFN2Bm7RXs0S
0v27tvlHORPY4qHfU0LyyOEh3n2r8+ji2nK7qeaifW+rMe/xoZ7mG4f93xKCGrQe
DIFAYi7yxA6+yIlU5GdCpquuFju/TOf/6J2X9K9LkCE0M9ODnrAIaQtEVu2rFkuw
Qe6pvzmNRLNkdJd91YCSL4eK+KiFNgABUNSMrU4w/TNx8R8=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:40:57 2025 by rpki-client