Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/b66c2c-3d01-4bdb-8c4c-b2da977e407d/1/9JadLiuorP5WBtAK4ahko9XzHjQ.roa
File: 9JadLiuorP5WBtAK4ahko9XzHjQ.roa (raw, json)
Hash identifier: qnkmqt5DjArPix3ByqvfUIsWSJTvM73SLxqKVoYiGls=
Subject key identifier: F4:96:9D:2E:2B:A8:AC:FE:56:06:D0:0A:E1:A8:64:A3:D5:F3:1E:34
Certificate issuer: /CN=5289b6a8bfaac5c8c09a48c042819dfc5ea45104
Certificate serial: 0194228D855B694ACBF20B5F1ECD9C026D0B
Authority key identifier: 52:89:B6:A8:BF:AA:C5:C8:C0:9A:48:C0:42:81:9D:FC:5E:A4:51:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Uom2qL-qxcjAmkjAQoGd_F6kUQQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/b66c2c-3d01-4bdb-8c4c-b2da977e407d/1/9JadLiuorP5WBtAK4ahko9XzHjQ.roa
Signing time: Wed 01 Jan 2025 15:48:07 +0000
ROA not before: Wed 01 Jan 2025 15:48:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47258
IP address blocks: 94.143.48.0/21 maxlen: 24
185.51.124.0/22 maxlen: 24
2a04:be20::/30 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/b66c2c-3d01-4bdb-8c4c-b2da977e407d/1/Uom2qL-qxcjAmkjAQoGd_F6kUQQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/b66c2c-3d01-4bdb-8c4c-b2da977e407d/1/Uom2qL-qxcjAmkjAQoGd_F6kUQQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Uom2qL-qxcjAmkjAQoGd_F6kUQQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:85:5b:69:4a:cb:f2:0b:5f:1e:cd:9c:02:6d:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5289b6a8bfaac5c8c09a48c042819dfc5ea45104
Validity
Not Before: Jan 1 15:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f4969d2e2ba8acfe5606d00ae1a864a3d5f31e34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:3d:38:aa:b8:4d:a9:56:32:1f:de:5e:e6:9d:
68:16:d1:e0:6f:62:81:e5:d0:e2:26:4e:d8:16:ca:
f9:5d:71:29:12:ab:42:24:a1:69:b3:5d:97:6e:30:
5f:f0:3a:7a:f4:78:aa:3a:77:f4:b6:23:11:c0:43:
9a:f9:50:07:97:fa:ed:95:fd:d7:da:8d:96:46:e9:
30:f6:b8:b1:90:3b:46:bb:fb:0c:fe:f0:0e:57:bb:
45:da:41:bb:57:5f:c7:34:9c:9d:5b:22:2d:82:98:
42:64:68:d4:22:36:31:89:ec:16:f2:c5:87:cd:75:
15:96:e9:f5:2e:60:4e:57:17:2e:77:1d:53:8b:98:
cc:d6:4f:a3:0a:f8:f9:6c:d6:92:9c:9e:b1:ab:b2:
be:56:cf:f6:dc:ce:d2:1e:c4:bb:23:d2:c7:ce:8e:
47:5a:ce:63:a3:6d:67:77:c4:a2:c5:c0:08:26:0f:
7c:bc:8a:ab:b0:c3:4e:3e:44:3a:58:83:e6:f4:a7:
d0:76:6b:34:9c:dc:49:e0:67:a0:06:11:80:53:a4:
0b:57:b3:3b:10:81:eb:1a:a8:43:98:c9:85:cb:85:
e1:ce:b3:16:44:ff:24:bc:e4:89:f7:66:aa:e5:93:
30:cd:9a:c7:60:f4:4e:f1:ff:51:c0:37:13:3b:12:
b7:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:96:9D:2E:2B:A8:AC:FE:56:06:D0:0A:E1:A8:64:A3:D5:F3:1E:34
X509v3 Authority Key Identifier:
keyid:52:89:B6:A8:BF:AA:C5:C8:C0:9A:48:C0:42:81:9D:FC:5E:A4:51:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uom2qL-qxcjAmkjAQoGd_F6kUQQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/b66c2c-3d01-4bdb-8c4c-b2da977e407d/1/9JadLiuorP5WBtAK4ahko9XzHjQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/b66c2c-3d01-4bdb-8c4c-b2da977e407d/1/Uom2qL-qxcjAmkjAQoGd_F6kUQQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.143.48.0/21
185.51.124.0/22
IPv6:
2a04:be20::/30
Signature Algorithm: sha256WithRSAEncryption
8d:e1:09:f2:55:16:d2:60:c8:d2:dc:29:a4:bf:c8:a2:cb:b5:
bc:2c:be:7d:a7:b5:7e:9e:fe:18:e4:d1:d2:25:57:f7:22:b7:
5d:f3:8e:dd:8d:be:27:e3:f2:f4:48:25:87:03:98:18:4f:aa:
45:92:57:b8:22:2a:99:ed:08:73:e7:ac:36:8d:c8:35:db:6f:
ec:26:04:b1:c0:b8:c5:53:c6:5d:92:7d:ac:4c:dd:b2:bd:09:
bc:42:da:31:82:77:72:cb:88:14:7a:4c:71:d4:73:83:72:5d:
38:bf:fd:14:8b:9e:7b:3f:78:b6:7f:83:a7:ed:1b:95:50:60:
ac:b6:93:0d:e0:05:86:ee:ff:6b:08:c7:72:1f:8d:bb:6a:80:
eb:27:01:70:0b:d3:09:ee:73:de:f3:b7:ca:f2:a3:fe:47:30:
98:6c:a8:d0:f1:43:b6:5d:4b:e8:aa:4a:e3:dd:89:f1:ad:ee:
d3:e6:33:53:54:b4:34:27:14:71:bc:ce:63:68:ca:8c:2f:a5:
f9:67:9c:6d:1d:d5:80:22:00:94:bb:f2:82:20:00:ec:c5:e4:
fd:ec:a0:d6:b7:33:f8:08:f9:fa:d0:17:8b:b7:36:16:6b:1f:
17:44:9f:95:6c:d5:55:0e:63:81:5c:b8:43:3a:6a:45:97:38:
c3:e3:d7:cb
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQijYVbaUrL8gtfHs2cAm0LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyODliNmE4YmZhYWM1YzhjMDlhNDhjMDQyODE5ZGZjNWVh
NDUxMDQwHhcNMjUwMTAxMTU0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDk2OWQyZTJiYThhY2ZlNTYwNmQwMGFlMWE4NjRhM2Q1ZjMxZTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1j04qrhNqVYyH95e5p1oFtHgb2KB
5dDiJk7YFsr5XXEpEqtCJKFps12XbjBf8Dp69HiqOnf0tiMRwEOa+VAHl/rtlf3X
2o2WRukw9rixkDtGu/sM/vAOV7tF2kG7V1/HNJydWyItgphCZGjUIjYxiewW8sWH
zXUVlun1LmBOVxcudx1Ti5jM1k+jCvj5bNaSnJ6xq7K+Vs/23M7SHsS7I9LHzo5H
Ws5jo21nd8SixcAIJg98vIqrsMNOPkQ6WIPm9KfQdms0nNxJ4GegBhGAU6QLV7M7
EIHrGqhDmMmFy4XhzrMWRP8kvOSJ92aq5ZMwzZrHYPRO8f9RwDcTOxK3HwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPSWnS4rqKz+VgbQCuGoZKPV8x40MB8GA1UdIwQY
MBaAFFKJtqi/qsXIwJpIwEKBnfxepFEEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW9tMnFMLXF4Y2pBbWtqQVFvR2RfRjZrVVFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9iNjZjMmMtM2QwMS00YmRiLThjNGMt
YjJkYTk3N2U0MDdkLzEvOUphZExpdW9yUDVXQnRBSzRhaGtvOVh6SGpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9iNjZjMmMtM2QwMS00YmRiLThjNGMtYjJkYTk3N2U0MDdk
LzEvVW9tMnFMLXF4Y2pBbWtqQVFvR2RfRjZrVVFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDXo8wAwQC
uTN8MA0EAgACMAcDBQIqBL4gMA0GCSqGSIb3DQEBCwUAA4IBAQCN4QnyVRbSYMjS
3Cmkv8iiy7W8LL59p7V+nv4Y5NHSJVf3Irdd847djb4n4/L0SCWHA5gYT6pFkle4
IiqZ7Qhz56w2jcg122/sJgSxwLjFU8Zdkn2sTN2yvQm8Qtoxgndyy4gUekxx1HOD
cl04v/0Ui557P3i2f4On7RuVUGCstpMN4AWG7v9rCMdyH427aoDrJwFwC9MJ7nPe
87fK8qP+RzCYbKjQ8UO2XUvoqkrj3Ynxre7T5jNTVLQ0JxRxvM5jaMqML6X5Z5xt
HdWAIgCUu/KCIADsxeT97KDWtzP4CPn60BeLtzYWax8XRJ+VbNVVDmOBXLhDOmpF
lzjD49fL
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:56:45 2025 by rpki-client