Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/yKwnWIdNc1rF6hJYtp2fRukRrNM.roa
File: yKwnWIdNc1rF6hJYtp2fRukRrNM.roa (raw, json)
Hash identifier: +WOvslpaYPmOnqT1KpwCif3QNDVsbdlZLaKviGv6adQ=
Subject key identifier: C8:AC:27:58:87:4D:73:5A:C5:EA:12:58:B6:9D:9F:46:E9:11:AC:D3
Certificate issuer: /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial: 01941FFA95FB5E5F9D6D4963E8FB2DB925E7
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/yKwnWIdNc1rF6hJYtp2fRukRrNM.roa
Signing time: Wed 01 Jan 2025 03:48:23 +0000
ROA not before: Wed 01 Jan 2025 03:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 52006
IP address blocks: 141.101.192.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.mft
rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 11 Apr 2025 08:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:95:fb:5e:5f:9d:6d:49:63:e8:fb:2d:b9:25:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Validity
Not Before: Jan 1 03:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c8ac2758874d735ac5ea1258b69d9f46e911acd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:a5:f1:e9:17:cb:88:c7:df:83:2e:cc:bd:b7:
c3:be:c7:0c:0a:1d:99:39:b5:cf:02:1e:75:05:4c:
01:34:c6:b8:91:b3:63:0f:27:87:e1:8d:b8:bb:ba:
c9:6b:df:81:b7:db:7a:92:97:4d:e5:5f:28:0f:9f:
1a:c3:ec:f4:1b:66:58:7f:79:b8:36:20:91:a6:41:
f0:06:86:40:b0:b2:80:de:da:8c:a6:e3:a0:1e:9a:
a8:31:ad:b2:88:3c:24:ac:a0:7b:36:54:9c:83:76:
02:3c:62:14:84:f8:ee:04:63:85:c8:d0:56:ab:89:
8b:88:a1:ad:fc:1b:5f:63:e4:23:a0:85:7c:bc:0c:
22:29:77:b8:54:87:fc:a4:ab:d9:12:aa:09:5b:d9:
76:44:6f:b4:3d:53:b6:39:ea:4c:3c:31:ca:a2:9c:
d5:e1:ea:e1:a2:81:25:f8:fd:f7:8f:1e:01:17:b0:
ec:72:52:ba:5d:b4:ed:d9:36:cc:94:c5:75:cb:a3:
a1:52:2e:47:e4:c1:dd:c9:d9:44:33:76:52:ea:c2:
b7:7d:d8:28:aa:d7:c5:7a:83:52:84:77:e6:fc:53:
ba:1d:a7:6b:22:dd:da:74:f7:6b:44:bc:f5:21:a2:
13:f1:ea:75:50:ba:3a:ce:28:43:b7:57:91:25:70:
b7:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:AC:27:58:87:4D:73:5A:C5:EA:12:58:B6:9D:9F:46:E9:11:AC:D3
X509v3 Authority Key Identifier:
keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/yKwnWIdNc1rF6hJYtp2fRukRrNM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.101.192.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:f7:b9:fd:e7:9c:29:2a:d9:28:48:f4:4b:40:43:c7:d6:3f:
e3:3a:e3:32:08:0b:75:43:11:ae:79:d9:8d:1d:d1:7e:6e:89:
51:bc:dd:6d:f8:ad:4e:04:24:2b:d9:13:38:d4:39:40:9f:75:
4f:89:5a:03:7e:1f:cf:2e:3e:8d:e3:e8:7b:fd:80:7b:30:b3:
84:4a:5b:12:2e:7c:4c:a2:e1:1f:18:8e:4c:f4:42:40:01:18:
c5:37:c0:d5:c8:2a:16:3d:e8:1d:11:e4:b7:26:17:68:1c:02:
16:67:d7:4c:a3:e5:05:f5:7b:b2:60:a2:69:a3:de:0a:fb:f1:
8a:c7:74:0f:62:76:ea:ef:73:67:ca:f1:25:c2:af:43:97:ee:
22:a2:32:3e:1e:1b:78:e6:44:73:54:47:02:3b:92:e1:f1:cb:
01:46:dc:96:7b:c6:71:39:b2:68:99:e6:0c:cf:88:34:d9:e1:
57:17:65:dc:26:25:27:2d:35:f4:29:bf:59:be:0b:14:28:a3:
1b:ee:dc:77:f8:6e:3b:34:be:20:f1:8e:23:e7:b4:8c:5d:e8:
da:12:7d:6c:f1:a4:d4:21:5f:61:78:c2:f2:0b:5d:fa:d1:ef:
24:ff:1f:8b:ef:0c:f1:12:9d:35:3b:b1:76:c0:53:35:aa:e4:
8f:a2:50:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+pX7Xl+dbUlj6PstuSXnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0
NzA2N2UwHhcNMjUwMTAxMDM0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGFjMjc1ODg3NGQ3MzVhYzVlYTEyNThiNjlkOWY0NmU5MTFhY2QzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyaXx6RfLiMffgy7MvbfDvscMCh2Z
ObXPAh51BUwBNMa4kbNjDyeH4Y24u7rJa9+Bt9t6kpdN5V8oD58aw+z0G2ZYf3m4
NiCRpkHwBoZAsLKA3tqMpuOgHpqoMa2yiDwkrKB7NlScg3YCPGIUhPjuBGOFyNBW
q4mLiKGt/BtfY+QjoIV8vAwiKXe4VIf8pKvZEqoJW9l2RG+0PVO2OepMPDHKopzV
4erhooEl+P33jx4BF7DsclK6XbTt2TbMlMV1y6OhUi5H5MHdydlEM3ZS6sK3fdgo
qtfFeoNShHfm/FO6HadrIt3adPdrRLz1IaIT8ep1ULo6zihDt1eRJXC3WwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMisJ1iHTXNaxeoSWLadn0bpEazTMB8GA1UdIwQY
MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt
OGM5NTgxZDk2ZDhmLzEveUt3bldJZE5jMXJGNmhKWXRwMmZSdWtSck5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm
LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjWXAMA0G
CSqGSIb3DQEBCwUAA4IBAQCr97n955wpKtkoSPRLQEPH1j/jOuMyCAt1QxGuedmN
HdF+bolRvN1t+K1OBCQr2RM41DlAn3VPiVoDfh/PLj6N4+h7/YB7MLOESlsSLnxM
ouEfGI5M9EJAARjFN8DVyCoWPegdEeS3JhdoHAIWZ9dMo+UF9XuyYKJpo94K+/GK
x3QPYnbq73NnyvElwq9Dl+4iojI+Hht45kRzVEcCO5Lh8csBRtyWe8ZxObJomeYM
z4g02eFXF2XcJiUnLTX0Kb9ZvgsUKKMb7tx3+G47NL4g8Y4j57SMXejaEn1s8aTU
IV9heMLyC1360e8k/x+L7wzxEp01O7F2wFM1quSPolCi
-----END CERTIFICATE-----
Generated at Thu Apr 10 16:50:20 2025 by rpki-client