Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/d4e2b3-aff8-49cd-9c7e-97d8d44e10ce/1/0IBqXjTVhcvD4lCSiVgJHykRKw4.roa
File: 0IBqXjTVhcvD4lCSiVgJHykRKw4.roa (raw, json)
Hash identifier: Dumvxj6VzhZyR7xgjdh7+SNA6SS4v9smnXFYVL96Sao=
Subject key identifier: D0:80:6A:5E:34:D5:85:CB:C3:E2:50:92:89:58:09:1F:29:11:2B:0E
Certificate issuer: /CN=e75a8cef5fd2a8f185aff59a8c6ebdd98363ac67
Certificate serial: 01941F8C1BD40F2CED79A7E10D29A971E1C4
Authority key identifier: E7:5A:8C:EF:5F:D2:A8:F1:85:AF:F5:9A:8C:6E:BD:D9:83:63:AC:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/51qM71_SqPGFr_WajG692YNjrGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/d4e2b3-aff8-49cd-9c7e-97d8d44e10ce/1/0IBqXjTVhcvD4lCSiVgJHykRKw4.roa
Signing time: Wed 01 Jan 2025 01:47:43 +0000
ROA not before: Wed 01 Jan 2025 01:47:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199080
IP address blocks: 91.198.213.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/d4e2b3-aff8-49cd-9c7e-97d8d44e10ce/1/51qM71_SqPGFr_WajG692YNjrGc.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/d4e2b3-aff8-49cd-9c7e-97d8d44e10ce/1/51qM71_SqPGFr_WajG692YNjrGc.mft
rsync://rpki.ripe.net/repository/DEFAULT/51qM71_SqPGFr_WajG692YNjrGc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 04:01:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:1b:d4:0f:2c:ed:79:a7:e1:0d:29:a9:71:e1:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e75a8cef5fd2a8f185aff59a8c6ebdd98363ac67
Validity
Not Before: Jan 1 01:47:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d0806a5e34d585cbc3e250928958091f29112b0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:12:07:5f:2f:58:1b:85:2a:b3:b9:2a:60:39:
5a:89:fd:02:47:68:36:8e:0d:cc:0c:c3:d9:09:09:
56:1f:1a:38:ad:32:b5:19:c1:69:3d:f4:00:67:99:
12:eb:2e:af:42:74:1c:27:1c:ed:c0:c6:91:5d:73:
52:ab:10:02:f1:cd:64:11:64:f3:6b:3e:a4:34:c5:
d5:99:6a:55:c2:21:c6:f8:71:13:a4:71:bf:62:62:
fb:0d:7f:d0:80:7f:d9:98:55:1f:69:cc:89:78:ec:
ae:b8:77:66:b6:73:fc:12:59:d9:dc:3f:fe:33:00:
a6:f0:85:bf:f9:b5:47:b6:d0:3e:3d:f6:c5:13:7a:
0e:57:d0:49:8f:0a:b4:56:55:fa:ce:11:8f:4d:12:
45:0b:4a:1c:ae:6b:70:70:2b:27:0c:48:a3:2c:fc:
2b:e6:01:38:a4:fe:5a:9c:44:4c:3f:a0:1d:1d:b3:
40:6c:ce:c0:63:a0:22:76:4b:22:6e:0e:de:a4:85:
e7:95:1a:65:26:14:a7:5a:79:a5:d6:bd:13:ce:bf:
bc:e1:ea:31:bb:3c:2c:36:9f:42:b8:1c:12:8f:71:
26:98:61:8e:13:e2:0b:da:4f:9c:ea:35:c3:b8:1b:
5a:a1:0c:af:ea:49:61:d2:df:07:43:e3:5d:72:ee:
c5:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:80:6A:5E:34:D5:85:CB:C3:E2:50:92:89:58:09:1F:29:11:2B:0E
X509v3 Authority Key Identifier:
keyid:E7:5A:8C:EF:5F:D2:A8:F1:85:AF:F5:9A:8C:6E:BD:D9:83:63:AC:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51qM71_SqPGFr_WajG692YNjrGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/d4e2b3-aff8-49cd-9c7e-97d8d44e10ce/1/0IBqXjTVhcvD4lCSiVgJHykRKw4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/d4e2b3-aff8-49cd-9c7e-97d8d44e10ce/1/51qM71_SqPGFr_WajG692YNjrGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.213.0/24
Signature Algorithm: sha256WithRSAEncryption
86:a9:68:2f:74:12:40:ce:49:1d:2b:ab:dd:bf:b0:3e:c4:a9:
61:dc:5a:3a:c5:5c:a2:ef:e6:01:dc:a2:30:5b:72:5c:b4:f3:
f6:3c:21:8b:64:f2:34:d1:13:42:73:26:16:73:99:d2:d1:48:
1a:8b:e2:e4:9d:38:d5:7c:d0:17:85:2e:f5:25:df:85:11:43:
63:76:ec:1b:86:95:98:aa:bb:f5:ad:c4:06:3f:22:63:5c:9f:
e4:c7:9a:64:40:9a:b0:71:9a:ee:e9:7f:b0:85:5b:73:ec:ef:
a6:39:c2:7b:6c:80:db:49:0e:f4:e6:55:63:fe:13:de:88:dd:
3a:0e:3d:b9:e5:c8:0d:b0:52:c9:d9:c7:c1:06:59:7b:bc:ee:
3a:ae:e9:5a:31:77:b6:fa:8a:f9:ac:22:bd:22:e7:3d:54:0d:
d4:55:e5:d6:4b:97:cc:2b:d0:5c:10:0e:b5:5a:7e:d7:de:0e:
f2:cd:60:3a:a2:7e:47:cd:74:7d:55:67:81:82:f7:a7:0d:55:
0a:0e:41:7b:71:ad:b3:4c:67:8c:e9:a6:1d:f4:cf:3e:44:e1:
0b:9c:f5:49:fe:39:38:42:c7:65:d5:35:35:61:9b:8c:64:d3:
92:12:d0:53:45:03:c2:8b:04:1e:62:ae:a9:3f:14:2c:f7:a6:
85:40:6b:cf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjBvUDyzteafhDSmpceHEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NWE4Y2VmNWZkMmE4ZjE4NWFmZjU5YThjNmViZGQ5ODM2
M2FjNjcwHhcNMjUwMTAxMDE0NzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDgwNmE1ZTM0ZDU4NWNiYzNlMjUwOTI4OTU4MDkxZjI5MTEyYjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzRIHXy9YG4Uqs7kqYDlaif0CR2g2
jg3MDMPZCQlWHxo4rTK1GcFpPfQAZ5kS6y6vQnQcJxztwMaRXXNSqxAC8c1kEWTz
az6kNMXVmWpVwiHG+HETpHG/YmL7DX/QgH/ZmFUfacyJeOyuuHdmtnP8ElnZ3D/+
MwCm8IW/+bVHttA+PfbFE3oOV9BJjwq0VlX6zhGPTRJFC0ocrmtwcCsnDEijLPwr
5gE4pP5anERMP6AdHbNAbM7AY6Aidksibg7epIXnlRplJhSnWnml1r0Tzr+84eox
uzwsNp9CuBwSj3EmmGGOE+IL2k+c6jXDuBtaoQyv6klh0t8HQ+Ndcu7FwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNCAal401YXLw+JQkolYCR8pESsOMB8GA1UdIwQY
MBaAFOdajO9f0qjxha/1moxuvdmDY6xnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTFxTTcxX1NxUEdGcl9XYWpHNjkyWU5qckdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9kNGUyYjMtYWZmOC00OWNkLTljN2Ut
OTdkOGQ0NGUxMGNlLzEvMElCcVhqVFZoY3ZENGxDU2lWZ0pIeWtSS3c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9kNGUyYjMtYWZmOC00OWNkLTljN2UtOTdkOGQ0NGUxMGNl
LzEvNTFxTTcxX1NxUEdGcl9XYWpHNjkyWU5qckdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8bVMA0G
CSqGSIb3DQEBCwUAA4IBAQCGqWgvdBJAzkkdK6vdv7A+xKlh3Fo6xVyi7+YB3KIw
W3JctPP2PCGLZPI00RNCcyYWc5nS0Ugai+LknTjVfNAXhS71Jd+FEUNjduwbhpWY
qrv1rcQGPyJjXJ/kx5pkQJqwcZru6X+whVtz7O+mOcJ7bIDbSQ705lVj/hPeiN06
Dj255cgNsFLJ2cfBBll7vO46rulaMXe2+or5rCK9Iuc9VA3UVeXWS5fMK9BcEA61
Wn7X3g7yzWA6on5HzXR9VWeBgvenDVUKDkF7ca2zTGeM6aYd9M8+ROELnPVJ/jk4
Qsdl1TU1YZuMZNOSEtBTRQPCiwQeYq6pPxQs96aFQGvP
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:39:35 2025 by rpki-client