Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/406991-5be3-4a05-acb2-1ad47ccd2d9a/1/1jV2xqilASPXHu5Grr3x0X0ICp8.roa
File: 1jV2xqilASPXHu5Grr3x0X0ICp8.roa (raw, json)
Hash identifier: 8Jrll8bHg095WBKUtpaKs7HT5xMgUtd6Q0GjYhqobro=
Subject key identifier: D6:35:76:C6:A8:A5:01:23:D7:1E:EE:46:AE:BD:F1:D1:7D:08:0A:9F
Certificate issuer: /CN=89e21a2b8a25b971bdb741a0aae325992304194e
Certificate serial: 01941FFA0AAE2316B6E0178C5A92F9CD8EEF
Authority key identifier: 89:E2:1A:2B:8A:25:B9:71:BD:B7:41:A0:AA:E3:25:99:23:04:19:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ieIaK4oluXG9t0GgquMlmSMEGU4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/406991-5be3-4a05-acb2-1ad47ccd2d9a/1/1jV2xqilASPXHu5Grr3x0X0ICp8.roa
Signing time: Wed 01 Jan 2025 03:47:47 +0000
ROA not before: Wed 01 Jan 2025 03:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215046
IP address blocks: 193.25.252.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/406991-5be3-4a05-acb2-1ad47ccd2d9a/1/ieIaK4oluXG9t0GgquMlmSMEGU4.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/406991-5be3-4a05-acb2-1ad47ccd2d9a/1/ieIaK4oluXG9t0GgquMlmSMEGU4.mft
rsync://rpki.ripe.net/repository/DEFAULT/ieIaK4oluXG9t0GgquMlmSMEGU4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 13:43:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:0a:ae:23:16:b6:e0:17:8c:5a:92:f9:cd:8e:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89e21a2b8a25b971bdb741a0aae325992304194e
Validity
Not Before: Jan 1 03:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d63576c6a8a50123d71eee46aebdf1d17d080a9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:d6:54:86:66:10:66:66:7c:0c:61:ad:c2:7e:
a3:59:4c:7b:40:19:35:d0:95:ed:1e:cc:20:1f:c0:
99:32:7a:05:74:9f:7f:4e:a6:34:e3:67:44:70:bc:
2b:ce:96:6b:c9:cb:f9:1e:3f:f4:0f:7d:88:0e:b1:
1e:f2:7c:e6:8c:4a:e4:48:d2:a6:2c:85:34:6b:f8:
73:a7:7c:a6:d9:ef:5b:2f:74:a7:23:15:43:a6:aa:
ea:89:7f:85:c8:9b:91:a7:45:f0:af:5f:f3:93:ed:
a5:a7:0c:13:2c:88:2a:d5:10:c0:4c:b2:ea:02:d8:
1d:5f:12:a5:4a:8b:01:6d:a7:6a:7a:33:1b:9e:5d:
f7:3a:38:48:06:5f:17:33:f2:4f:a3:4c:ff:18:9f:
95:89:b5:68:87:29:a4:c6:bf:00:96:72:9c:8f:d2:
21:07:5f:8e:6b:40:86:16:d6:c8:33:67:23:e9:c8:
52:c8:08:84:07:58:f3:8a:b6:61:a4:8d:96:ae:19:
dd:b0:69:79:d1:df:3e:c3:4a:ea:d4:9c:49:12:0e:
57:ea:39:97:14:74:09:35:ce:57:c4:64:94:0d:1d:
73:c5:22:5f:60:c6:0c:4d:62:6b:87:8a:7f:e8:ae:
ed:28:fe:9f:6c:ec:50:34:e0:f8:78:a8:bc:5d:7a:
ee:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:35:76:C6:A8:A5:01:23:D7:1E:EE:46:AE:BD:F1:D1:7D:08:0A:9F
X509v3 Authority Key Identifier:
keyid:89:E2:1A:2B:8A:25:B9:71:BD:B7:41:A0:AA:E3:25:99:23:04:19:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ieIaK4oluXG9t0GgquMlmSMEGU4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/406991-5be3-4a05-acb2-1ad47ccd2d9a/1/1jV2xqilASPXHu5Grr3x0X0ICp8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/406991-5be3-4a05-acb2-1ad47ccd2d9a/1/ieIaK4oluXG9t0GgquMlmSMEGU4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.25.252.0/24
Signature Algorithm: sha256WithRSAEncryption
72:35:5a:92:3c:0a:fa:58:a2:65:ea:28:66:c3:ec:e4:bd:9c:
89:a0:a7:9d:1f:cb:b8:59:50:ff:4d:f5:c9:7a:25:dd:2e:46:
13:be:ba:dd:50:e0:67:00:f5:08:e4:ff:7a:c2:03:24:69:b5:
cc:33:6c:44:ba:e9:7e:0c:89:1e:07:46:f0:4a:04:ea:3c:99:
75:ef:33:6e:91:b4:e5:f3:4d:e3:ae:45:c2:66:f2:d2:c4:03:
2b:19:72:61:64:31:cd:92:bc:ab:52:a0:fd:72:7a:28:0d:df:
cc:45:05:be:44:19:65:fa:a6:28:01:2a:8f:ac:74:33:6d:eb:
1e:45:f5:37:78:06:e7:7e:a1:88:a5:7d:4a:57:fe:b1:43:a2:
63:be:84:78:e6:09:c6:f5:7e:21:8b:37:4a:bc:24:0a:7f:07:
4d:ca:48:29:be:fc:3d:46:e7:db:4e:c4:9f:92:0c:95:3e:33:
1a:3c:1e:53:95:d5:ba:7e:7b:3d:cb:88:f4:f6:74:c8:84:9b:
e4:4e:0f:c8:f6:02:6c:ea:31:91:37:61:51:b9:e6:4d:58:59:
de:88:dd:69:28:a3:e1:6e:26:38:d4:2c:e4:d9:16:aa:db:a7:
e8:1b:5c:9a:ae:60:a0:a9:b1:e3:b1:25:c2:91:84:ce:ec:75:
d3:01:14:9b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+gquIxa24BeMWpL5zY7vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5ZTIxYTJiOGEyNWI5NzFiZGI3NDFhMGFhZTMyNTk5MjMw
NDE5NGUwHhcNMjUwMTAxMDM0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjM1NzZjNmE4YTUwMTIzZDcxZWVlNDZhZWJkZjFkMTdkMDgwYTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAodZUhmYQZmZ8DGGtwn6jWUx7QBk1
0JXtHswgH8CZMnoFdJ9/TqY042dEcLwrzpZrycv5Hj/0D32IDrEe8nzmjErkSNKm
LIU0a/hzp3ym2e9bL3SnIxVDpqrqiX+FyJuRp0Xwr1/zk+2lpwwTLIgq1RDATLLq
AtgdXxKlSosBbadqejMbnl33OjhIBl8XM/JPo0z/GJ+VibVohymkxr8AlnKcj9Ih
B1+Oa0CGFtbIM2cj6chSyAiEB1jzirZhpI2WrhndsGl50d8+w0rq1JxJEg5X6jmX
FHQJNc5XxGSUDR1zxSJfYMYMTWJrh4p/6K7tKP6fbOxQNOD4eKi8XXrubQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNY1dsaopQEj1x7uRq698dF9CAqfMB8GA1UdIwQY
MBaAFIniGiuKJblxvbdBoKrjJZkjBBlOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWVJYUs0b2x1WEc5dDBHZ3F1TWxtU01FR1U0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi80MDY5OTEtNWJlMy00YTA1LWFjYjIt
MWFkNDdjY2QyZDlhLzEvMWpWMnhxaWxBU1BYSHU1R3JyM3gwWDBJQ3A4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi80MDY5OTEtNWJlMy00YTA1LWFjYjItMWFkNDdjY2QyZDlh
LzEvaWVJYUs0b2x1WEc5dDBHZ3F1TWxtU01FR1U0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwRn8MA0G
CSqGSIb3DQEBCwUAA4IBAQByNVqSPAr6WKJl6ihmw+zkvZyJoKedH8u4WVD/TfXJ
eiXdLkYTvrrdUOBnAPUI5P96wgMkabXMM2xEuul+DIkeB0bwSgTqPJl17zNukbTl
803jrkXCZvLSxAMrGXJhZDHNkryrUqD9cnooDd/MRQW+RBll+qYoASqPrHQzbese
RfU3eAbnfqGIpX1KV/6xQ6JjvoR45gnG9X4hizdKvCQKfwdNykgpvvw9RufbTsSf
kgyVPjMaPB5TldW6fns9y4j09nTIhJvkTg/I9gJs6jGRN2FRueZNWFneiN1pKKPh
biY41Czk2Raq26foG1yarmCgqbHjsSXCkYTO7HXTARSb
-----END CERTIFICATE-----
Generated at Tue Apr 8 18:16:04 2025 by rpki-client