Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/40fe20-6ceb-45d6-aa11-ce59b0c54eea/1/C_P_x6vKlP69WHS2Io3yN0V9nik.roa
File: C_P_x6vKlP69WHS2Io3yN0V9nik.roa (raw, json)
Hash identifier: wJLlFgwQydtIFLoCnksnZpJrvv41uQQpAj8CsBJriq4=
Subject key identifier: 0B:F3:FF:C7:AB:CA:94:FE:BD:58:74:B6:22:8D:F2:37:45:7D:9E:29
Certificate issuer: /CN=136c4831597fe16e9ee2882d7b5a0df8a76e4f7f
Certificate serial: 019427B60DC1666877B41AFA92F5AAC0B043
Authority key identifier: 13:6C:48:31:59:7F:E1:6E:9E:E2:88:2D:7B:5A:0D:F8:A7:6E:4F:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E2xIMVl_4W6e4ogte1oN-KduT38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/40fe20-6ceb-45d6-aa11-ce59b0c54eea/1/C_P_x6vKlP69WHS2Io3yN0V9nik.roa
Signing time: Thu 02 Jan 2025 15:50:29 +0000
ROA not before: Thu 02 Jan 2025 15:50:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50270
IP address blocks: 109.233.0.0/21 maxlen: 24
2a02:2368::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/40fe20-6ceb-45d6-aa11-ce59b0c54eea/1/E2xIMVl_4W6e4ogte1oN-KduT38.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/40fe20-6ceb-45d6-aa11-ce59b0c54eea/1/E2xIMVl_4W6e4ogte1oN-KduT38.mft
rsync://rpki.ripe.net/repository/DEFAULT/E2xIMVl_4W6e4ogte1oN-KduT38.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 18:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:0d:c1:66:68:77:b4:1a:fa:92:f5:aa:c0:b0:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=136c4831597fe16e9ee2882d7b5a0df8a76e4f7f
Validity
Not Before: Jan 2 15:50:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0bf3ffc7abca94febd5874b6228df237457d9e29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:50:f5:7b:d5:45:3f:c9:75:b0:eb:cd:6e:b8:
6d:cf:ac:b7:b9:69:3e:eb:c0:03:e2:ae:e2:6e:21:
3c:26:e0:00:5f:87:04:66:ae:93:67:ef:63:04:24:
bf:65:3b:76:8a:fe:f9:4e:8b:5e:d0:c0:a1:52:18:
2f:8e:32:79:e0:86:2a:3d:4f:ad:a2:fd:2e:c0:5f:
de:2a:ba:a8:f0:65:a4:e7:63:d7:bf:66:ea:8a:54:
9f:de:85:7c:80:5d:34:ac:89:c2:44:91:82:43:6e:
ca:b9:7d:68:69:47:2b:37:21:50:d4:6b:4c:35:d5:
5d:cd:cb:dc:73:4d:a0:75:80:58:e1:f9:13:13:0b:
a4:f5:f9:5c:c1:b9:77:e8:36:6e:fc:f4:ed:22:6d:
76:a3:aa:dc:91:5c:68:48:ef:2d:94:3c:10:36:74:
b8:0e:ef:7c:f1:81:74:05:bd:28:12:77:2b:84:61:
dd:61:82:dd:97:0b:bc:76:1e:a1:40:45:cc:1a:81:
13:89:0d:f4:8d:12:15:04:8d:0c:ee:46:c6:4c:4e:
a3:7d:5c:90:4e:a6:7f:4a:f0:7d:42:4d:40:b4:89:
7d:c6:c7:30:0f:4e:01:5f:a7:6c:af:7a:4a:45:c8:
9a:de:63:4f:8c:7b:ec:34:94:b5:37:28:15:49:af:
a5:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:F3:FF:C7:AB:CA:94:FE:BD:58:74:B6:22:8D:F2:37:45:7D:9E:29
X509v3 Authority Key Identifier:
keyid:13:6C:48:31:59:7F:E1:6E:9E:E2:88:2D:7B:5A:0D:F8:A7:6E:4F:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E2xIMVl_4W6e4ogte1oN-KduT38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/40fe20-6ceb-45d6-aa11-ce59b0c54eea/1/C_P_x6vKlP69WHS2Io3yN0V9nik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/40fe20-6ceb-45d6-aa11-ce59b0c54eea/1/E2xIMVl_4W6e4ogte1oN-KduT38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.233.0.0/21
IPv6:
2a02:2368::/32
Signature Algorithm: sha256WithRSAEncryption
69:33:18:b6:01:2d:8b:5e:d1:f8:ea:39:90:86:10:f3:1b:0e:
3f:67:f5:27:26:10:b4:91:f3:b6:03:c8:28:70:84:00:80:c9:
07:6c:0d:2e:3a:28:7e:c5:a2:7e:22:35:5c:a4:f6:aa:06:35:
7b:4f:ab:75:28:19:64:98:b6:6f:46:98:f4:9a:63:fe:38:2f:
3e:e0:5c:de:6d:0d:a3:d3:e5:cb:dd:d7:c9:d0:bc:09:26:f2:
fc:af:12:1a:61:d6:78:71:07:57:c9:53:69:ad:02:a8:21:a1:
90:de:86:79:73:4d:0a:e6:e8:ea:96:5d:5f:df:0f:bc:69:1e:
dd:d0:0d:16:3e:3f:cd:31:3b:01:f8:00:ef:b7:46:5b:1f:4a:
3a:cf:db:ad:3d:21:05:b1:7f:fd:13:3c:10:87:27:e4:29:4b:
bc:18:56:42:6a:dd:4e:60:cc:ee:70:2d:c0:7e:bf:20:25:c7:
e7:f4:f7:da:49:a2:1b:17:41:39:ce:72:eb:cf:97:0e:59:04:
5b:70:77:94:f9:28:20:f1:ed:27:ce:06:10:74:e3:eb:4f:b2:
45:84:a6:f4:50:e3:ca:cc:af:27:d0:71:43:74:a7:36:4b:cb:
59:f1:6f:d2:0a:15:37:4d:af:5d:b0:f5:d1:99:c2:f4:b9:bd:
e5:73:57:e6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQntg3BZmh3tBr6kvWqwLBDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzNmM0ODMxNTk3ZmUxNmU5ZWUyODgyZDdiNWEwZGY4YTc2
ZTRmN2YwHhcNMjUwMTAyMTU1MDI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmYzZmZjN2FiY2E5NGZlYmQ1ODc0YjYyMjhkZjIzNzQ1N2Q5ZTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqlD1e9VFP8l1sOvNbrhtz6y3uWk+
68AD4q7ibiE8JuAAX4cEZq6TZ+9jBCS/ZTt2iv75Tote0MChUhgvjjJ54IYqPU+t
ov0uwF/eKrqo8GWk52PXv2bqilSf3oV8gF00rInCRJGCQ27KuX1oaUcrNyFQ1GtM
NdVdzcvcc02gdYBY4fkTEwuk9flcwbl36DZu/PTtIm12o6rckVxoSO8tlDwQNnS4
Du988YF0Bb0oEncrhGHdYYLdlwu8dh6hQEXMGoETiQ30jRIVBI0M7kbGTE6jfVyQ
TqZ/SvB9Qk1AtIl9xscwD04BX6dsr3pKRcia3mNPjHvsNJS1NygVSa+lGQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAvz/8erypT+vVh0tiKN8jdFfZ4pMB8GA1UdIwQY
MBaAFBNsSDFZf+FunuKILXtaDfinbk9/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTJ4SU1WbF80VzZlNG9ndGUxb04tS2R1VDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS80MGZlMjAtNmNlYi00NWQ2LWFhMTEt
Y2U1OWIwYzU0ZWVhLzEvQ19QX3g2dktsUDY5V0hTMklvM3lOMFY5bmlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS80MGZlMjAtNmNlYi00NWQ2LWFhMTEtY2U1OWIwYzU0ZWVh
LzEvRTJ4SU1WbF80VzZlNG9ndGUxb04tS2R1VDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDbekAMA0E
AgACMAcDBQAqAiNoMA0GCSqGSIb3DQEBCwUAA4IBAQBpMxi2AS2LXtH46jmQhhDz
Gw4/Z/UnJhC0kfO2A8gocIQAgMkHbA0uOih+xaJ+IjVcpPaqBjV7T6t1KBlkmLZv
Rpj0mmP+OC8+4FzebQ2j0+XL3dfJ0LwJJvL8rxIaYdZ4cQdXyVNprQKoIaGQ3oZ5
c00K5ujqll1f3w+8aR7d0A0WPj/NMTsB+ADvt0ZbH0o6z9utPSEFsX/9EzwQhyfk
KUu8GFZCat1OYMzucC3Afr8gJcfn9PfaSaIbF0E5znLrz5cOWQRbcHeU+Sgg8e0n
zgYQdOPrT7JFhKb0UOPKzK8n0HFDdKc2S8tZ8W/SChU3Ta9dsPXRmcL0ub3lc1fm
-----END CERTIFICATE-----
Generated at Wed Apr 16 04:47:21 2025 by rpki-client