Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/f0b960-86d8-4062-a597-9b4a2d5f3a76/1/oWikPPO3V0QeY0v8vBGwReraGUs.roa
File: oWikPPO3V0QeY0v8vBGwReraGUs.roa (raw, json)
Hash identifier: xHZgaltZECGHYZXkWizrY9iMMJdCdaYUNGOTHUNFxDM=
Subject key identifier: A1:68:A4:3C:F3:B7:57:44:1E:63:4B:FC:BC:11:B0:45:EA:DA:19:4B
Certificate issuer: /CN=a52fc60d36e28bb8df145c84acab19cfa53b025a
Certificate serial: 0194266C0B156A9464949050795FA732CD28
Authority key identifier: A5:2F:C6:0D:36:E2:8B:B8:DF:14:5C:84:AC:AB:19:CF:A5:3B:02:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pS_GDTbii7jfFFyErKsZz6U7Alo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/f0b960-86d8-4062-a597-9b4a2d5f3a76/1/oWikPPO3V0QeY0v8vBGwReraGUs.roa
Signing time: Thu 02 Jan 2025 09:50:02 +0000
ROA not before: Thu 02 Jan 2025 09:50:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207021
IP address blocks: 176.97.158.0/24 maxlen: 24
192.174.68.0/24 maxlen: 24
2001:67c:10b8::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/f0b960-86d8-4062-a597-9b4a2d5f3a76/1/pS_GDTbii7jfFFyErKsZz6U7Alo.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/f0b960-86d8-4062-a597-9b4a2d5f3a76/1/pS_GDTbii7jfFFyErKsZz6U7Alo.mft
rsync://rpki.ripe.net/repository/DEFAULT/pS_GDTbii7jfFFyErKsZz6U7Alo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:0b:15:6a:94:64:94:90:50:79:5f:a7:32:cd:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a52fc60d36e28bb8df145c84acab19cfa53b025a
Validity
Not Before: Jan 2 09:50:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a168a43cf3b757441e634bfcbc11b045eada194b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:e2:f6:05:cc:d7:3e:fb:07:43:0b:86:a6:9d:
84:6b:19:0a:af:ac:24:0e:7a:d5:da:fe:0b:76:7c:
35:6b:e9:73:31:0c:55:7d:12:3e:67:6d:c5:93:75:
ec:16:3a:1f:81:81:4b:ad:0b:e3:2b:1d:36:e8:a4:
b1:aa:ed:53:56:8f:2e:7b:a8:bf:03:49:b7:73:ee:
ea:22:3d:05:60:da:ce:44:c0:54:72:7f:36:ee:ca:
36:e1:d3:f0:57:c2:6b:10:f4:45:0c:66:e8:a7:a2:
b5:e3:98:fe:e7:3a:f3:3a:51:d8:4c:ea:4a:f1:58:
f9:f1:8b:b8:5e:b3:cc:f0:39:d4:65:a6:9d:ad:8c:
62:72:9d:1c:cc:2b:19:b9:63:e2:c9:28:c0:e1:22:
8b:7b:e4:db:93:c7:a9:69:0a:0b:0a:a0:04:33:6b:
a9:75:69:93:27:3d:f8:0d:b0:2f:93:6c:c3:0a:6b:
2e:e0:ed:80:57:37:8e:6c:5e:9b:3f:f2:20:ae:26:
67:05:50:18:c6:48:6d:7b:e8:b4:6f:b8:1d:13:29:
d7:7f:94:f2:25:85:24:58:32:d9:f6:69:ec:d0:d6:
51:1a:b5:9e:91:0b:14:cf:cd:cf:49:b5:c9:75:10:
c0:42:a1:07:09:c2:f1:66:57:d1:30:95:8f:51:ff:
52:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:68:A4:3C:F3:B7:57:44:1E:63:4B:FC:BC:11:B0:45:EA:DA:19:4B
X509v3 Authority Key Identifier:
keyid:A5:2F:C6:0D:36:E2:8B:B8:DF:14:5C:84:AC:AB:19:CF:A5:3B:02:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pS_GDTbii7jfFFyErKsZz6U7Alo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/f0b960-86d8-4062-a597-9b4a2d5f3a76/1/oWikPPO3V0QeY0v8vBGwReraGUs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/f0b960-86d8-4062-a597-9b4a2d5f3a76/1/pS_GDTbii7jfFFyErKsZz6U7Alo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.97.158.0/24
192.174.68.0/24
IPv6:
2001:67c:10b8::/48
Signature Algorithm: sha256WithRSAEncryption
1a:af:66:1e:9b:00:94:f2:9f:f4:89:8f:e0:64:4f:57:39:1f:
73:b5:63:6c:5a:86:ca:c1:9e:a4:cb:51:45:4c:80:02:1e:d1:
c1:98:2a:0f:d3:a7:8f:bb:d9:73:45:43:9f:0b:68:c4:ad:b6:
6b:66:c9:28:2d:f8:db:25:50:97:76:10:1a:1f:2f:71:7b:a8:
30:a6:d9:24:54:46:6f:8f:2d:27:1e:f6:f1:74:6c:aa:98:a2:
2a:68:c0:83:88:a9:50:67:99:29:bb:ec:ff:b5:ad:a5:b1:9b:
b3:65:e7:0c:60:cd:07:88:ce:3e:88:d2:5b:0a:18:a1:9f:63:
33:c1:86:b4:84:a2:96:29:90:3b:af:3b:85:ce:b8:49:6a:b4:
24:82:20:a3:e5:72:06:39:77:c8:c8:0c:b1:e6:5c:71:ba:61:
2e:4e:2d:d7:a3:a4:57:45:45:29:b5:bb:25:7e:8d:f2:75:f6:
1f:8b:c7:75:58:f3:0c:ea:83:52:33:db:a6:cb:c3:ae:e6:71:
18:97:45:79:49:11:55:bb:e9:c2:e9:19:34:6d:1d:d1:91:d6:
8f:13:63:88:2e:6e:63:b6:8d:ed:5f:48:70:b7:87:a8:05:59:
d6:d1:5b:ca:b4:b7:29:c8:95:16:d7:41:fb:72:0f:81:57:12:
23:44:21:46
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQmbAsVapRklJBQeV+nMs0oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MmZjNjBkMzZlMjhiYjhkZjE0NWM4NGFjYWIxOWNmYTUz
YjAyNWEwHhcNMjUwMTAyMDk1MDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTY4YTQzY2YzYjc1NzQ0MWU2MzRiZmNiYzExYjA0NWVhZGExOTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+L2BczXPvsHQwuGpp2EaxkKr6wk
DnrV2v4Ldnw1a+lzMQxVfRI+Z23Fk3XsFjofgYFLrQvjKx026KSxqu1TVo8ue6i/
A0m3c+7qIj0FYNrORMBUcn827so24dPwV8JrEPRFDGbop6K145j+5zrzOlHYTOpK
8Vj58Yu4XrPM8DnUZaadrYxicp0czCsZuWPiySjA4SKLe+Tbk8epaQoLCqAEM2up
dWmTJz34DbAvk2zDCmsu4O2AVzeObF6bP/IgriZnBVAYxkhte+i0b7gdEynXf5Ty
JYUkWDLZ9mns0NZRGrWekQsUz83PSbXJdRDAQqEHCcLxZlfRMJWPUf9SpQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFKFopDzzt1dEHmNL/LwRsEXq2hlLMB8GA1UdIwQY
MBaAFKUvxg024ou43xRchKyrGc+lOwJaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFNfR0RUYmlpN2pmRkZ5RXJLc1p6NlU3QWxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9mMGI5NjAtODZkOC00MDYyLWE1OTct
OWI0YTJkNWYzYTc2LzEvb1dpa1BQTzNWMFFlWTB2OHZCR3dSZXJhR1VzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9mMGI5NjAtODZkOC00MDYyLWE1OTctOWI0YTJkNWYzYTc2
LzEvcFNfR0RUYmlpN2pmRkZ5RXJLc1p6NlU3QWxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAsGGeAwQA
wK5EMA8EAgACMAkDBwAgAQZ8ELgwDQYJKoZIhvcNAQELBQADggEBABqvZh6bAJTy
n/SJj+BkT1c5H3O1Y2xahsrBnqTLUUVMgAIe0cGYKg/Tp4+72XNFQ58LaMSttmtm
ySgt+NslUJd2EBofL3F7qDCm2SRURm+PLSce9vF0bKqYoipowIOIqVBnmSm77P+1
raWxm7Nl5wxgzQeIzj6I0lsKGKGfYzPBhrSEopYpkDuvO4XOuElqtCSCIKPlcgY5
d8jIDLHmXHG6YS5OLdejpFdFRSm1uyV+jfJ19h+Lx3VY8wzqg1Iz26bLw67mcRiX
RXlJEVW76cLpGTRtHdGR1o8TY4gubmO2je1fSHC3h6gFWdbRW8q0tynIlRbXQfty
D4FXEiNEIUY=
-----END CERTIFICATE-----
Generated at Thu Apr 17 19:52:24 2025 by rpki-client