Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/RiQ7M8SaiOdEp_NcF7-2inWBt0g.roa
File: RiQ7M8SaiOdEp_NcF7-2inWBt0g.roa (raw, json)
Hash identifier: j3K4cUO5KOWx5w8H4gMjOSUHHmLAy5M+F2CfOvc4NA4=
Subject key identifier: 46:24:3B:33:C4:9A:88:E7:44:A7:F3:5C:17:BF:B6:8A:75:81:B7:48
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 019423699B3DFA61F02BB5532C685DD7CBF9
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/RiQ7M8SaiOdEp_NcF7-2inWBt0g.roa
Signing time: Wed 01 Jan 2025 19:48:30 +0000
ROA not before: Wed 01 Jan 2025 19:48:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49410
IP address blocks: 86.105.231.0/24 maxlen: 24
93.115.1.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:9b:3d:fa:61:f0:2b:b5:53:2c:68:5d:d7:cb:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Jan 1 19:48:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=46243b33c49a88e744a7f35c17bfb68a7581b748
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:42:32:d5:c0:d7:f4:0d:88:5d:50:38:3c:91:
26:ee:21:2d:28:95:a5:5a:89:60:9a:86:50:9e:78:
35:3c:25:a3:52:eb:57:be:ee:8d:b8:25:23:28:a9:
1a:35:0b:58:2a:dc:fb:97:e9:8b:5e:1a:40:e7:fd:
0f:72:26:1b:05:bf:cb:31:76:6d:4d:af:6d:58:45:
10:16:a1:ff:9a:5f:30:3b:7f:55:ca:05:35:3a:82:
fe:48:a0:b5:7e:6e:97:03:a3:81:40:e7:d0:69:41:
29:4d:d8:6e:9c:ba:24:a2:ba:8e:d4:3d:85:37:fd:
90:c6:cf:b8:b5:f4:33:ed:64:9c:47:60:27:ed:6a:
cd:92:ca:c8:53:e5:08:fa:c3:c3:ed:9c:af:2c:25:
e1:6b:c9:20:9b:28:4c:51:32:ac:d1:ad:47:04:c7:
58:3c:72:97:85:dd:7a:fe:81:6f:66:d9:2d:1d:a0:
7a:80:ec:7d:17:65:c3:74:ef:5d:af:1e:3b:4e:ef:
15:e5:87:45:28:b4:5b:90:f3:0e:4e:c2:c4:7a:ec:
a0:38:44:ae:49:b8:e8:5e:aa:c0:e1:b4:d3:d3:22:
0f:ff:e7:d9:ce:bd:71:b7:4f:2a:9e:e5:d1:f6:50:
a1:71:b0:19:34:83:76:c1:47:69:72:28:43:49:0f:
de:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:24:3B:33:C4:9A:88:E7:44:A7:F3:5C:17:BF:B6:8A:75:81:B7:48
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/RiQ7M8SaiOdEp_NcF7-2inWBt0g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.105.231.0/24
93.115.1.0/24
Signature Algorithm: sha256WithRSAEncryption
28:a7:47:3b:86:6f:2c:c2:11:a8:ac:62:23:8f:e2:71:bc:d5:
15:f0:a6:14:0b:95:7f:16:84:f0:38:43:b3:e0:90:6c:b6:50:
8d:16:7a:d7:57:ba:59:9a:4a:28:b4:aa:bb:59:c3:25:4f:d6:
d6:a3:8a:80:16:84:29:6f:ae:c7:cf:51:9f:33:9b:b4:c6:e0:
56:55:16:49:e3:08:71:68:f0:d9:0e:53:19:23:35:cb:74:02:
f3:21:b0:ce:36:b9:d7:77:b2:23:45:a1:74:39:bd:4b:bb:5c:
3e:0a:aa:5a:f1:9d:db:31:27:e6:84:82:4a:d7:2d:11:11:eb:
32:43:ba:f7:af:6e:26:8f:38:9a:da:ea:9e:58:ca:f3:3d:3d:
ec:09:e9:8b:5f:a2:76:09:bc:c1:7d:77:04:f3:4e:6a:b8:a4:
d1:ae:00:55:c8:24:8e:cc:fc:48:32:7c:a2:98:c2:10:4b:48:
7b:52:fb:45:2e:54:0f:19:4e:9d:66:26:38:8b:f9:b7:aa:70:
48:ae:80:81:6f:23:47:63:72:55:97:4d:6f:8d:f9:2d:28:e1:
36:8d:0c:84:28:6d:d9:5b:fa:20:45:b4:0f:cf:9e:ca:f3:b1:
55:da:2e:fe:79:80:df:6e:b7:d7:e9:f6:d7:60:df:63:79:f0:
f5:eb:b0:bd
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQjaZs9+mHwK7VTLGhd18v5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjUwMTAxMTk0ODMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjI0M2IzM2M0OWE4OGU3NDRhN2YzNWMxN2JmYjY4YTc1ODFiNzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUIy1cDX9A2IXVA4PJEm7iEtKJWl
WolgmoZQnng1PCWjUutXvu6NuCUjKKkaNQtYKtz7l+mLXhpA5/0PciYbBb/LMXZt
Ta9tWEUQFqH/ml8wO39VygU1OoL+SKC1fm6XA6OBQOfQaUEpTdhunLokorqO1D2F
N/2Qxs+4tfQz7WScR2An7WrNksrIU+UI+sPD7ZyvLCXha8kgmyhMUTKs0a1HBMdY
PHKXhd16/oFvZtktHaB6gOx9F2XDdO9drx47Tu8V5YdFKLRbkPMOTsLEeuygOESu
SbjoXqrA4bTT0yIP/+fZzr1xt08qnuXR9lChcbAZNIN2wUdpcihDSQ/egwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFEYkOzPEmojnRKfzXBe/top1gbdIMB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL1JpUTdNOFNhaU9kRXBfTmNGNy0yaW5XQnQwZy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBABWaecD
BABdcwEwDQYJKoZIhvcNAQELBQADggEBACinRzuGbyzCEaisYiOP4nG81RXwphQL
lX8WhPA4Q7PgkGy2UI0WetdXulmaSii0qrtZwyVP1tajioAWhClvrsfPUZ8zm7TG
4FZVFknjCHFo8NkOUxkjNct0AvMhsM42udd3siNFoXQ5vUu7XD4KqlrxndsxJ+aE
gkrXLRER6zJDuvevbiaPOJra6p5YyvM9PewJ6YtfonYJvMF9dwTzTmq4pNGuAFXI
JI7M/EgyfKKYwhBLSHtS+0UuVA8ZTp1mJjiL+beqcEiugIFvI0djclWXTW+N+S0o
4TaNDIQobdlb+iBFtA/PnsrzsVXaLv55gN9ut9fp9tdg32N58PXrsL0=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:43:06 2025 by rpki-client