Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/aK0dA5MmIygJO16Exk-PLk4gois.roa
File: aK0dA5MmIygJO16Exk-PLk4gois.roa (raw, json)
Hash identifier: QqX6uV81cNM3T3ekrr/KNlMQckc8rHHyDWJgqO9m2ls=
Subject key identifier: 68:AD:1D:03:93:26:23:28:09:3B:5E:84:C6:4F:8F:2E:4E:20:A2:2B
Certificate issuer: /CN=3718b734349bf327d9453b96501e44b192e55142
Certificate serial: 0194228E27DA1D8F472DCFEF36C1765C514E
Authority key identifier: 37:18:B7:34:34:9B:F3:27:D9:45:3B:96:50:1E:44:B1:92:E5:51:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nxi3NDSb8yfZRTuWUB5EsZLlUUI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/aK0dA5MmIygJO16Exk-PLk4gois.roa
Signing time: Wed 01 Jan 2025 15:48:49 +0000
ROA not before: Wed 01 Jan 2025 15:48:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 31.14.37.0/24 maxlen: 24
31.14.38.0/23 maxlen: 23
185.155.54.0/23 maxlen: 24
185.155.55.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/Nxi3NDSb8yfZRTuWUB5EsZLlUUI.crl
rsync://rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/Nxi3NDSb8yfZRTuWUB5EsZLlUUI.mft
rsync://rpki.ripe.net/repository/DEFAULT/Nxi3NDSb8yfZRTuWUB5EsZLlUUI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 15:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:27:da:1d:8f:47:2d:cf:ef:36:c1:76:5c:51:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3718b734349bf327d9453b96501e44b192e55142
Validity
Not Before: Jan 1 15:48:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=68ad1d0393262328093b5e84c64f8f2e4e20a22b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:0e:c3:fc:40:58:7e:3b:c2:7b:81:1b:90:8d:
c5:b0:16:da:15:ca:b0:f4:bb:ad:a0:a8:60:26:44:
d0:46:8f:79:2e:6f:27:f6:f7:a1:69:4c:67:9d:ea:
dd:0f:f7:8b:e0:59:ec:68:84:2c:09:2f:48:1e:b8:
17:ef:d0:28:9a:f2:fb:2d:d8:27:b8:16:4e:b0:8c:
7a:9d:10:56:1c:24:6d:8e:4f:01:19:38:79:3d:11:
e1:39:df:01:f8:52:f0:38:2d:29:fb:c5:07:68:dc:
24:8d:bc:f3:3b:a2:e7:5c:fc:7f:ec:92:fd:b3:6f:
19:0f:d7:c2:bf:86:8a:bd:a8:fc:9a:ff:c1:e4:28:
68:24:0b:78:e3:63:cc:fa:0b:30:24:d1:4c:9d:5c:
07:84:51:64:f0:98:f1:98:ee:5a:36:67:7d:65:a4:
0f:8a:ee:81:c7:a6:b1:42:b0:e0:77:59:84:8c:45:
ca:db:0d:9d:67:64:1d:62:5e:59:0f:e3:90:a4:d8:
a5:cd:6c:5a:76:6a:81:0e:55:b1:3b:ac:fd:94:7b:
11:ce:50:eb:c9:dd:f9:fb:08:aa:4d:04:a5:f5:e2:
a6:7a:09:43:79:51:5a:9a:42:ae:54:9f:18:24:0d:
9a:e1:49:56:12:27:0b:3e:44:52:e1:fb:0c:cc:d9:
44:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:AD:1D:03:93:26:23:28:09:3B:5E:84:C6:4F:8F:2E:4E:20:A2:2B
X509v3 Authority Key Identifier:
keyid:37:18:B7:34:34:9B:F3:27:D9:45:3B:96:50:1E:44:B1:92:E5:51:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nxi3NDSb8yfZRTuWUB5EsZLlUUI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/aK0dA5MmIygJO16Exk-PLk4gois.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/Nxi3NDSb8yfZRTuWUB5EsZLlUUI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.37.0-31.14.39.255
185.155.54.0/23
Signature Algorithm: sha256WithRSAEncryption
2a:77:ce:16:b8:99:8f:90:30:46:dc:64:30:c2:9b:a4:10:af:
9f:12:76:17:55:b8:f2:57:fb:c3:5a:9c:9c:b4:69:42:4a:f6:
2a:f5:c9:6c:2b:af:5b:c1:82:b6:0e:0b:76:30:27:1b:d7:09:
86:66:21:73:f5:89:5b:31:5f:b7:fd:97:df:f2:6d:e2:20:1c:
0e:20:22:3d:86:9e:5c:9d:64:4e:77:ba:a0:3a:4b:af:dd:32:
17:3d:35:db:cf:89:4d:88:c7:bf:14:40:bd:bc:69:67:4a:99:
aa:ff:81:01:75:d1:10:0a:00:ee:ef:8a:92:b2:1d:fb:0e:b8:
59:bb:4d:8e:7d:86:ae:0f:13:20:f7:5f:9b:78:59:1a:72:db:
83:92:7f:ec:69:db:d9:af:96:c6:f1:68:ca:3e:d6:40:5a:bb:
48:92:f8:d6:28:7d:c7:59:e4:5f:47:11:d5:aa:8b:ac:f3:f2:
e5:40:b3:7f:de:3f:c1:c1:41:d8:c7:b5:82:a9:23:f0:02:30:
08:33:f3:12:18:0e:1b:77:5d:e2:db:da:ed:42:d1:ea:f0:ba:
55:96:6c:c9:90:ee:6f:be:bb:29:0c:1a:b7:8d:56:d5:b2:22:
ec:f6:eb:ed:91:fc:32:63:51:18:28:90:41:e4:a9:c7:ef:ad:
07:4f:0f:bf
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQijifaHY9HLc/vNsF2XFFOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3MThiNzM0MzQ5YmYzMjdkOTQ1M2I5NjUwMWU0NGIxOTJl
NTUxNDIwHhcNMjUwMTAxMTU0ODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGFkMWQwMzkzMjYyMzI4MDkzYjVlODRjNjRmOGYyZTRlMjBhMjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7Q7D/EBYfjvCe4EbkI3FsBbaFcqw
9LutoKhgJkTQRo95Lm8n9vehaUxnnerdD/eL4FnsaIQsCS9IHrgX79AomvL7Ldgn
uBZOsIx6nRBWHCRtjk8BGTh5PRHhOd8B+FLwOC0p+8UHaNwkjbzzO6LnXPx/7JL9
s28ZD9fCv4aKvaj8mv/B5ChoJAt442PM+gswJNFMnVwHhFFk8JjxmO5aNmd9ZaQP
iu6Bx6axQrDgd1mEjEXK2w2dZ2QdYl5ZD+OQpNilzWxadmqBDlWxO6z9lHsRzlDr
yd35+wiqTQSl9eKmeglDeVFamkKuVJ8YJA2a4UlWEicLPkRS4fsMzNlEFwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFGitHQOTJiMoCTtehMZPjy5OIKIrMB8GA1UdIwQY
MBaAFDcYtzQ0m/Mn2UU7llAeRLGS5VFCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnhpM05EU2I4eWZaUlR1V1VCNUVzWkxsVVVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My83YmY4YTgtZTQ5Yy00MDZlLThlYjct
YzgyM2NjOGYzODM3LzEvYUswZEE1TW1JeWdKTzE2RXhrLVBMazRnb2lzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My83YmY4YTgtZTQ5Yy00MDZlLThlYjctYzgyM2NjOGYzODM3
LzEvTnhpM05EU2I4eWZaUlR1V1VCNUVzWkxsVVVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAAfDiUD
BAMfDiADBAG5mzYwDQYJKoZIhvcNAQELBQADggEBACp3zha4mY+QMEbcZDDCm6QQ
r58SdhdVuPJX+8NanJy0aUJK9ir1yWwrr1vBgrYOC3YwJxvXCYZmIXP1iVsxX7f9
l9/ybeIgHA4gIj2GnlydZE53uqA6S6/dMhc9NdvPiU2Ix78UQL28aWdKmar/gQF1
0RAKAO7vipKyHfsOuFm7TY59hq4PEyD3X5t4WRpy24OSf+xp29mvlsbxaMo+1kBa
u0iS+NYofcdZ5F9HEdWqi6zz8uVAs3/eP8HBQdjHtYKpI/ACMAgz8xIYDht3XeLb
2u1C0erwulWWbMmQ7m++uykMGreNVtWyIuz26+2R/DJjURgokEHkqcfvrQdPD78=
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:40:27 2025 by rpki-client