Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/310d34-f5d8-4e96-9b7c-648f501afae5/1/onkr1ceIBIpKPgL3tDwWHACVi7M.roa
File: onkr1ceIBIpKPgL3tDwWHACVi7M.roa (raw, json)
Hash identifier: EEvxEqVipQPJzVBh5cB6I21KRgxyU4/cw+o/6DWEUyk=
Subject key identifier: A2:79:2B:D5:C7:88:04:8A:4A:3E:02:F7:B4:3C:16:1C:00:95:8B:B3
Certificate issuer: /CN=cc6532649a6aef4714841b9c8f54660d889b0629
Certificate serial: 0194258FC37B553E164281DFC05CABF797C4
Authority key identifier: CC:65:32:64:9A:6A:EF:47:14:84:1B:9C:8F:54:66:0D:88:9B:06:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zGUyZJpq70cUhBucj1RmDYibBik.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/310d34-f5d8-4e96-9b7c-648f501afae5/1/onkr1ceIBIpKPgL3tDwWHACVi7M.roa
Signing time: Thu 02 Jan 2025 05:49:26 +0000
ROA not before: Thu 02 Jan 2025 05:49:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15983
IP address blocks: 195.234.145.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/310d34-f5d8-4e96-9b7c-648f501afae5/1/zGUyZJpq70cUhBucj1RmDYibBik.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/310d34-f5d8-4e96-9b7c-648f501afae5/1/zGUyZJpq70cUhBucj1RmDYibBik.mft
rsync://rpki.ripe.net/repository/DEFAULT/zGUyZJpq70cUhBucj1RmDYibBik.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:c3:7b:55:3e:16:42:81:df:c0:5c:ab:f7:97:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cc6532649a6aef4714841b9c8f54660d889b0629
Validity
Not Before: Jan 2 05:49:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a2792bd5c788048a4a3e02f7b43c161c00958bb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:65:ce:a2:e1:98:b0:8f:05:66:45:06:88:98:
0c:ed:bb:20:23:f3:71:70:ac:ff:ed:ed:7f:6b:b2:
3f:ab:51:67:dc:ab:fa:4f:0e:ac:d5:76:04:40:d6:
9f:94:cd:c8:a0:cf:b2:6a:16:a4:88:9c:6a:16:2b:
21:9a:da:8e:ec:2e:e9:22:ee:42:dd:fe:0b:91:5b:
81:af:57:3f:65:fd:ed:98:b0:12:6b:f1:90:8d:0e:
e1:40:5e:63:e7:2f:55:6b:f3:01:c9:a4:ed:b1:25:
bc:03:d1:62:a8:c7:5b:37:10:95:62:ae:d2:3c:68:
6b:de:2e:cb:f0:3c:ff:cd:1f:df:07:90:ab:08:5a:
89:95:33:5c:d4:0f:cc:ee:68:f8:e4:a3:9b:b0:ab:
08:9d:ab:5b:f9:07:8f:cf:b1:50:af:a0:83:f6:41:
b3:a9:95:fc:c6:2a:61:84:e2:a1:3e:35:cc:ba:86:
4f:56:63:1a:11:7d:e3:94:59:95:45:14:75:9f:2c:
e1:0a:67:28:04:01:d7:82:e6:3c:64:77:58:50:37:
f8:4f:81:69:64:bb:af:52:c4:ff:1c:d1:4f:66:7a:
c5:62:39:db:27:05:99:99:ba:0d:c8:1c:50:c4:02:
94:a2:0c:58:d6:b7:fb:12:8c:04:4a:9d:56:31:64:
7b:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:79:2B:D5:C7:88:04:8A:4A:3E:02:F7:B4:3C:16:1C:00:95:8B:B3
X509v3 Authority Key Identifier:
keyid:CC:65:32:64:9A:6A:EF:47:14:84:1B:9C:8F:54:66:0D:88:9B:06:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zGUyZJpq70cUhBucj1RmDYibBik.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/310d34-f5d8-4e96-9b7c-648f501afae5/1/onkr1ceIBIpKPgL3tDwWHACVi7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/310d34-f5d8-4e96-9b7c-648f501afae5/1/zGUyZJpq70cUhBucj1RmDYibBik.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.234.145.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:33:26:df:06:ec:4f:68:58:6e:88:95:43:3b:ce:e3:7d:50:
f1:68:1f:4b:90:ce:a6:85:be:a2:2d:67:a2:3f:71:fe:16:d2:
f9:2a:3f:d0:4d:87:d4:5e:45:ac:a6:3c:9d:21:96:69:b2:10:
87:e2:44:24:86:3b:dd:f7:9d:b5:d0:cb:6e:28:22:77:a9:a0:
ce:0d:98:e8:bd:3b:57:67:58:77:1e:0f:3b:14:c9:99:7f:cb:
08:f1:14:6a:48:8b:2b:6c:8e:eb:ff:49:99:a5:91:ed:c4:71:
a6:74:b4:44:3a:ad:cc:f7:e1:d8:6f:61:64:55:87:fb:0f:4b:
7a:eb:c1:d8:e4:a9:b0:81:2e:e1:98:a7:64:b9:9e:49:7d:b5:
a4:ba:bc:0d:12:91:96:fa:ac:91:24:1a:20:f5:ee:ad:e0:89:
17:f4:5d:53:f9:42:5b:b1:ba:46:e3:38:78:f2:7c:40:d7:bb:
7c:fe:b9:0b:93:23:4b:82:e3:90:5e:41:1f:f4:26:32:a3:4e:
ea:3a:19:94:98:69:77:9b:89:9a:07:68:9a:70:8f:2a:e8:f2:
72:90:ec:a3:cc:34:be:3c:20:74:bc:7c:4c:8b:a7:59:8d:69:
47:11:bf:80:e1:4e:6f:97:81:93:50:e7:94:93:ef:91:07:d7:
74:37:01:12
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlj8N7VT4WQoHfwFyr95fEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjNjUzMjY0OWE2YWVmNDcxNDg0MWI5YzhmNTQ2NjBkODg5
YjA2MjkwHhcNMjUwMTAyMDU0OTI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjc5MmJkNWM3ODgwNDhhNGEzZTAyZjdiNDNjMTYxYzAwOTU4YmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvmXOouGYsI8FZkUGiJgM7bsgI/Nx
cKz/7e1/a7I/q1Fn3Kv6Tw6s1XYEQNaflM3IoM+yahakiJxqFishmtqO7C7pIu5C
3f4LkVuBr1c/Zf3tmLASa/GQjQ7hQF5j5y9Va/MByaTtsSW8A9FiqMdbNxCVYq7S
PGhr3i7L8Dz/zR/fB5CrCFqJlTNc1A/M7mj45KObsKsInatb+QePz7FQr6CD9kGz
qZX8xiphhOKhPjXMuoZPVmMaEX3jlFmVRRR1nyzhCmcoBAHXguY8ZHdYUDf4T4Fp
ZLuvUsT/HNFPZnrFYjnbJwWZmboNyBxQxAKUogxY1rf7EowESp1WMWR7gQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKJ5K9XHiASKSj4C97Q8FhwAlYuzMB8GA1UdIwQY
MBaAFMxlMmSaau9HFIQbnI9UZg2ImwYpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekdVeVpKcHE3MGNVaEJ1Y2oxUm1EWWliQmlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC8zMTBkMzQtZjVkOC00ZTk2LTliN2Mt
NjQ4ZjUwMWFmYWU1LzEvb25rcjFjZUlCSXBLUGdMM3REd1dIQUNWaTdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC8zMTBkMzQtZjVkOC00ZTk2LTliN2MtNjQ4ZjUwMWFmYWU1
LzEvekdVeVpKcHE3MGNVaEJ1Y2oxUm1EWWliQmlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw+qRMA0G
CSqGSIb3DQEBCwUAA4IBAQA9MybfBuxPaFhuiJVDO87jfVDxaB9LkM6mhb6iLWei
P3H+FtL5Kj/QTYfUXkWspjydIZZpshCH4kQkhjvd95210MtuKCJ3qaDODZjovTtX
Z1h3Hg87FMmZf8sI8RRqSIsrbI7r/0mZpZHtxHGmdLREOq3M9+HYb2FkVYf7D0t6
68HY5KmwgS7hmKdkuZ5JfbWkurwNEpGW+qyRJBog9e6t4IkX9F1T+UJbsbpG4zh4
8nxA17t8/rkLkyNLguOQXkEf9CYyo07qOhmUmGl3m4maB2iacI8q6PJykOyjzDS+
PCB0vHxMi6dZjWlHEb+A4U5vl4GTUOeUk++RB9d0NwES
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:58:33 2025 by rpki-client