Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/1b138e-1e19-4c7d-8ca4-b87f91c29b9e/1/osNkGM30SnMymb2Awx_H5QpAsjo.roa
File: osNkGM30SnMymb2Awx_H5QpAsjo.roa (raw, json)
Hash identifier: HAaDhq9nK6jC5S5RvUgE6hoFlbMOsKI55ry4MCnd8LE=
Subject key identifier: A2:C3:64:18:CD:F4:4A:73:32:99:BD:80:C3:1F:C7:E5:0A:40:B2:3A
Certificate issuer: /CN=50bb4c781a5b393ff07fb405e528179f5ab87726
Certificate serial: 019473BBFA68C7339A63D79A9ABAE2C8C0C6
Authority key identifier: 50:BB:4C:78:1A:5B:39:3F:F0:7F:B4:05:E5:28:17:9F:5A:B8:77:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ULtMeBpbOT_wf7QF5SgXn1q4dyY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/1b138e-1e19-4c7d-8ca4-b87f91c29b9e/1/osNkGM30SnMymb2Awx_H5QpAsjo.roa
Signing time: Fri 17 Jan 2025 10:08:06 +0000
ROA not before: Fri 17 Jan 2025 10:08:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1103
IP address blocks: 129.125.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/1b138e-1e19-4c7d-8ca4-b87f91c29b9e/1/ULtMeBpbOT_wf7QF5SgXn1q4dyY.crl
rsync://rpki.ripe.net/repository/DEFAULT/85/1b138e-1e19-4c7d-8ca4-b87f91c29b9e/1/ULtMeBpbOT_wf7QF5SgXn1q4dyY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ULtMeBpbOT_wf7QF5SgXn1q4dyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:73:bb:fa:68:c7:33:9a:63:d7:9a:9a:ba:e2:c8:c0:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50bb4c781a5b393ff07fb405e528179f5ab87726
Validity
Not Before: Jan 17 10:08:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a2c36418cdf44a733299bd80c31fc7e50a40b23a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:c5:3d:f8:08:a5:7a:a8:d0:81:ba:27:85:c4:
ba:14:64:76:94:65:1d:c3:ee:5e:37:50:7a:ed:cd:
62:15:50:e6:5c:58:41:ed:1d:c7:bb:37:64:11:00:
9c:7b:95:b5:2d:c0:3e:1c:5e:0c:13:3b:53:c3:42:
ab:25:74:a2:0e:1e:dc:62:05:1e:68:63:1e:f6:7c:
c9:0f:05:0d:7d:c4:bf:7b:68:68:1b:db:28:53:34:
5a:5d:16:32:c2:e6:11:13:fb:40:10:52:8d:70:7d:
3c:1c:41:73:6a:86:e8:47:50:82:b0:11:c7:97:05:
ec:71:4f:f2:de:b6:83:72:e3:d4:72:32:15:8a:0a:
4c:fe:7e:26:81:ba:0c:39:b2:3d:89:26:2f:91:d2:
a9:ee:3e:78:0b:10:11:d9:37:cf:60:55:84:da:d0:
96:d0:a3:12:10:66:f8:57:8a:88:f9:39:51:4b:dc:
9d:a9:bc:70:c6:fb:31:ec:1c:fd:8d:03:b7:87:8c:
25:0e:70:ff:7d:a3:d3:aa:8d:bc:9c:83:2d:f7:63:
77:66:ae:d4:f8:8a:72:34:8a:82:35:a1:34:35:1d:
55:e0:29:83:23:9c:06:b0:64:80:62:08:b6:e2:c3:
61:6c:ef:ea:e9:53:10:85:99:de:fe:05:c8:af:2e:
55:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:C3:64:18:CD:F4:4A:73:32:99:BD:80:C3:1F:C7:E5:0A:40:B2:3A
X509v3 Authority Key Identifier:
keyid:50:BB:4C:78:1A:5B:39:3F:F0:7F:B4:05:E5:28:17:9F:5A:B8:77:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ULtMeBpbOT_wf7QF5SgXn1q4dyY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/1b138e-1e19-4c7d-8ca4-b87f91c29b9e/1/osNkGM30SnMymb2Awx_H5QpAsjo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/1b138e-1e19-4c7d-8ca4-b87f91c29b9e/1/ULtMeBpbOT_wf7QF5SgXn1q4dyY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
129.125.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2e:fd:7e:4e:b5:9a:27:32:ac:9b:80:66:b5:05:70:d8:fe:65:
8d:81:c5:e0:2d:c1:4c:59:d8:4e:f3:2c:1d:08:c3:f9:f0:04:
4e:24:29:91:bb:ef:0f:20:a4:43:11:06:ed:00:88:0e:15:cf:
71:a8:df:6a:19:a0:f2:53:32:a8:12:70:6d:1b:8a:67:2a:fa:
7c:53:ec:8c:fa:20:40:af:a3:6e:ca:bf:44:d2:63:b8:cb:d8:
9d:d7:c8:38:73:32:d7:c5:3f:0b:77:c9:40:54:91:ac:e3:e7:
23:3e:77:e4:5d:23:b6:90:5f:1e:fe:b1:ef:09:35:9b:cc:52:
0f:45:c9:74:8b:5c:c0:45:ee:a2:2c:df:85:c3:6a:1d:ef:0f:
ff:60:92:3b:7e:cd:3d:70:5c:04:e0:69:a9:29:11:09:48:ae:
06:66:9c:8c:9a:57:2b:9f:27:19:52:cb:17:81:3d:15:cc:d0:
ef:d0:2f:3c:4f:9a:59:44:64:4e:3e:84:8f:72:24:79:21:46:
9c:7a:80:2d:7d:b2:9a:a5:1a:c1:17:83:04:65:ac:e4:7e:ef:
32:dc:ce:85:3a:90:48:91:02:a6:ca:22:da:3a:cb:e6:81:be:
14:7b:c6:f2:48:78:72:59:d0:2f:39:29:61:7a:28:6c:70:0e:
c3:0a:f7:97
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZRzu/poxzOaY9eamrriyMDGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwYmI0Yzc4MWE1YjM5M2ZmMDdmYjQwNWU1MjgxNzlmNWFi
ODc3MjYwHhcNMjUwMTE3MTAwODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmMzNjQxOGNkZjQ0YTczMzI5OWJkODBjMzFmYzdlNTBhNDBiMjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtsU9+AileqjQgbonhcS6FGR2lGUd
w+5eN1B67c1iFVDmXFhB7R3HuzdkEQCce5W1LcA+HF4MEztTw0KrJXSiDh7cYgUe
aGMe9nzJDwUNfcS/e2hoG9soUzRaXRYywuYRE/tAEFKNcH08HEFzaoboR1CCsBHH
lwXscU/y3raDcuPUcjIVigpM/n4mgboMObI9iSYvkdKp7j54CxAR2TfPYFWE2tCW
0KMSEGb4V4qI+TlRS9ydqbxwxvsx7Bz9jQO3h4wlDnD/faPTqo28nIMt92N3Zq7U
+IpyNIqCNaE0NR1V4CmDI5wGsGSAYgi24sNhbO/q6VMQhZne/gXIry5VmQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFKLDZBjN9EpzMpm9gMMfx+UKQLI6MB8GA1UdIwQY
MBaAFFC7THgaWzk/8H+0BeUoF59auHcmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUx0TWVCcGJPVF93ZjdRRjVTZ1huMXE0ZHlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS8xYjEzOGUtMWUxOS00YzdkLThjYTQt
Yjg3ZjkxYzI5YjllLzEvb3NOa0dNMzBTbk15bWIyQXd4X0g1UXBBc2pvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS8xYjEzOGUtMWUxOS00YzdkLThjYTQtYjg3ZjkxYzI5Yjll
LzEvVUx0TWVCcGJPVF93ZjdRRjVTZ1huMXE0ZHlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAgX0wDQYJ
KoZIhvcNAQELBQADggEBAC79fk61micyrJuAZrUFcNj+ZY2BxeAtwUxZ2E7zLB0I
w/nwBE4kKZG77w8gpEMRBu0AiA4Vz3Go32oZoPJTMqgScG0bimcq+nxT7Iz6IECv
o27Kv0TSY7jL2J3XyDhzMtfFPwt3yUBUkazj5yM+d+RdI7aQXx7+se8JNZvMUg9F
yXSLXMBF7qIs34XDah3vD/9gkjt+zT1wXATgaakpEQlIrgZmnIyaVyufJxlSyxeB
PRXM0O/QLzxPmllEZE4+hI9yJHkhRpx6gC19spqlGsEXgwRlrOR+7zLczoU6kEiR
AqbKIto6y+aBvhR7xvJIeHJZ0C85KWF6KGxwDsMK95c=
-----END CERTIFICATE-----
Generated at Mon Apr 7 18:35:59 2025 by rpki-client