Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/726298-0279-4b93-a985-a04ad22e33f3/1/rtyY9Cz1KYossj4NRjvNjMhwRZI.roa
File: rtyY9Cz1KYossj4NRjvNjMhwRZI.roa (raw, json)
Hash identifier: KYSFbkeXEHZUiKzf8OS4b0YogJmArNqO7BI7cVGBHSA=
Subject key identifier: AE:DC:98:F4:2C:F5:29:8A:2C:B2:3E:0D:46:3B:CD:8C:C8:70:45:92
Certificate issuer: /CN=f59cb923e4069bfe362e2d96ffab2ff31078317a
Certificate serial: 019424B39F7F3C54AC3912FC61729D34FD35
Authority key identifier: F5:9C:B9:23:E4:06:9B:FE:36:2E:2D:96:FF:AB:2F:F3:10:78:31:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9Zy5I-QGm_42Li2W_6sv8xB4MXo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/726298-0279-4b93-a985-a04ad22e33f3/1/rtyY9Cz1KYossj4NRjvNjMhwRZI.roa
Signing time: Thu 02 Jan 2025 01:48:59 +0000
ROA not before: Thu 02 Jan 2025 01:48:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39632
IP address blocks: 91.208.26.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/726298-0279-4b93-a985-a04ad22e33f3/1/9Zy5I-QGm_42Li2W_6sv8xB4MXo.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/726298-0279-4b93-a985-a04ad22e33f3/1/9Zy5I-QGm_42Li2W_6sv8xB4MXo.mft
rsync://rpki.ripe.net/repository/DEFAULT/9Zy5I-QGm_42Li2W_6sv8xB4MXo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:9f:7f:3c:54:ac:39:12:fc:61:72:9d:34:fd:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f59cb923e4069bfe362e2d96ffab2ff31078317a
Validity
Not Before: Jan 2 01:48:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aedc98f42cf5298a2cb23e0d463bcd8cc8704592
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:92:8f:5f:ad:33:8e:c0:ec:43:ed:80:53:fa:
e4:6b:ff:a1:05:0c:f9:6b:4b:48:15:ef:57:7a:c1:
8f:4d:fe:18:85:6b:d6:c8:92:c7:11:78:68:5a:13:
0e:a8:4e:e7:b1:bd:20:bf:5d:0a:89:02:a1:6c:65:
a1:47:98:51:98:c6:03:99:c0:69:35:d9:11:45:43:
ee:e5:92:2e:ca:b0:d7:fc:9c:5f:9e:f5:53:1a:1e:
8b:0e:05:f2:53:5d:72:fa:75:b7:db:64:2e:92:b4:
27:b1:5d:c1:43:93:f1:1f:73:2c:b8:b3:c6:a6:55:
db:7a:02:51:9f:e8:8e:f5:ab:c6:65:56:03:9d:91:
83:62:d3:4f:f5:38:aa:77:f3:15:34:09:28:5f:54:
ef:2e:88:33:a9:ab:34:20:11:2f:89:4f:32:ff:8a:
5c:6b:bf:fc:06:68:9e:96:84:c6:97:1f:26:3d:6a:
7c:0a:d4:5e:c6:ca:3f:ef:cd:51:e9:07:8e:5e:55:
02:e2:1e:09:96:72:9b:7a:11:c9:86:44:29:b8:01:
73:0d:fe:d3:1c:c0:00:fd:28:d6:87:ac:03:85:17:
4c:0a:4d:e0:91:70:a1:4b:b5:c2:21:3a:1f:75:4e:
6c:54:92:d8:a5:04:ad:61:6f:25:48:d3:02:8b:7e:
18:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:DC:98:F4:2C:F5:29:8A:2C:B2:3E:0D:46:3B:CD:8C:C8:70:45:92
X509v3 Authority Key Identifier:
keyid:F5:9C:B9:23:E4:06:9B:FE:36:2E:2D:96:FF:AB:2F:F3:10:78:31:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9Zy5I-QGm_42Li2W_6sv8xB4MXo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/726298-0279-4b93-a985-a04ad22e33f3/1/rtyY9Cz1KYossj4NRjvNjMhwRZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/726298-0279-4b93-a985-a04ad22e33f3/1/9Zy5I-QGm_42Li2W_6sv8xB4MXo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.26.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:5a:3c:d0:8c:5f:10:cc:c8:f9:70:8e:01:0a:2d:ad:8b:a0:
81:b1:1a:9d:e3:76:b6:f5:c2:91:d1:a8:df:69:09:30:53:8b:
5c:4d:28:f2:1f:7f:a6:c0:0b:25:8e:f2:fe:8e:61:84:24:7b:
9b:51:2a:1a:d0:e5:a5:de:c3:24:c8:20:a8:27:d0:50:58:c7:
5a:3f:fb:e3:3a:9d:fc:e7:8c:e6:e3:8b:32:82:16:f3:cd:27:
c2:53:e5:12:ae:d5:95:9c:d1:1f:27:91:c6:ba:85:b7:31:64:
82:fd:f1:2d:ea:5e:cf:58:8b:16:20:f5:7c:0a:f3:4a:d4:a6:
ae:eb:1a:48:49:d7:fc:32:89:b1:cb:f3:47:d9:a5:5d:24:51:
aa:8e:e2:5d:16:9d:26:94:17:56:05:af:7a:ad:97:80:96:ad:
fa:a7:f0:aa:74:b9:c7:d2:7b:28:97:c1:af:15:e5:5a:a1:f6:
df:e7:f4:9a:af:aa:42:67:38:8f:fa:71:03:1a:00:eb:e2:f4:
ad:e0:98:db:3d:76:61:22:cd:d6:00:26:7e:e9:61:0f:1f:da:
bf:3c:e8:20:d8:03:1e:b2:dc:3a:b3:e4:e5:9d:65:4f:9a:b1:
5b:f3:8f:e0:16:77:92:b0:c7:bd:61:98:10:b6:f2:a3:dd:fb:
f9:c0:ff:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQks59/PFSsORL8YXKdNP01MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1OWNiOTIzZTQwNjliZmUzNjJlMmQ5NmZmYWIyZmYzMTA3
ODMxN2EwHhcNMjUwMTAyMDE0ODU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWRjOThmNDJjZjUyOThhMmNiMjNlMGQ0NjNiY2Q4Y2M4NzA0NTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu5KPX60zjsDsQ+2AU/rka/+hBQz5
a0tIFe9XesGPTf4YhWvWyJLHEXhoWhMOqE7nsb0gv10KiQKhbGWhR5hRmMYDmcBp
NdkRRUPu5ZIuyrDX/JxfnvVTGh6LDgXyU11y+nW322QukrQnsV3BQ5PxH3MsuLPG
plXbegJRn+iO9avGZVYDnZGDYtNP9Tiqd/MVNAkoX1TvLogzqas0IBEviU8y/4pc
a7/8BmieloTGlx8mPWp8CtRexso/781R6QeOXlUC4h4JlnKbehHJhkQpuAFzDf7T
HMAA/SjWh6wDhRdMCk3gkXChS7XCITofdU5sVJLYpQStYW8lSNMCi34YFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK7cmPQs9SmKLLI+DUY7zYzIcEWSMB8GA1UdIwQY
MBaAFPWcuSPkBpv+Ni4tlv+rL/MQeDF6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVp5NUktUUdtXzQyTGkyV182c3Y4eEI0TVhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83MjYyOTgtMDI3OS00YjkzLWE5ODUt
YTA0YWQyMmUzM2YzLzEvcnR5WTlDejFLWW9zc2o0TlJqdk5qTWh3UlpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83MjYyOTgtMDI3OS00YjkzLWE5ODUtYTA0YWQyMmUzM2Yz
LzEvOVp5NUktUUdtXzQyTGkyV182c3Y4eEI0TVhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9AaMA0G
CSqGSIb3DQEBCwUAA4IBAQBqWjzQjF8QzMj5cI4BCi2ti6CBsRqd43a29cKR0ajf
aQkwU4tcTSjyH3+mwAsljvL+jmGEJHubUSoa0OWl3sMkyCCoJ9BQWMdaP/vjOp38
54zm44syghbzzSfCU+USrtWVnNEfJ5HGuoW3MWSC/fEt6l7PWIsWIPV8CvNK1Kau
6xpISdf8Momxy/NH2aVdJFGqjuJdFp0mlBdWBa96rZeAlq36p/CqdLnH0nsol8Gv
FeVaofbf5/Sar6pCZziP+nEDGgDr4vSt4JjbPXZhIs3WACZ+6WEPH9q/POgg2AMe
stw6s+TlnWVPmrFb84/gFneSsMe9YZgQtvKj3fv5wP9r
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:41:30 2025 by rpki-client