Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/d56693-2254-4a3b-acbb-efaaff0a982f/1/hP4RlSdcYGNnTpuPiY_-lw9F7k8.roa
File: hP4RlSdcYGNnTpuPiY_-lw9F7k8.roa (raw, json)
Hash identifier: C3TpjMqyfvy/eCoQ7B0XWPy+vgrcOa/QV9L4/p4cn7c=
Subject key identifier: 84:FE:11:95:27:5C:60:63:67:4E:9B:8F:89:8F:FE:97:0F:45:EE:4F
Certificate issuer: /CN=47d064fb3e541f23563065e48f300f2cfdfe009a
Certificate serial: 019420D668ACE9061E9758A912C3C51020C7
Authority key identifier: 47:D0:64:FB:3E:54:1F:23:56:30:65:E4:8F:30:0F:2C:FD:FE:00:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R9Bk-z5UHyNWMGXkjzAPLP3-AJo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/d56693-2254-4a3b-acbb-efaaff0a982f/1/hP4RlSdcYGNnTpuPiY_-lw9F7k8.roa
Signing time: Wed 01 Jan 2025 07:48:29 +0000
ROA not before: Wed 01 Jan 2025 07:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39592
IP address blocks: 195.244.29.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/d56693-2254-4a3b-acbb-efaaff0a982f/1/R9Bk-z5UHyNWMGXkjzAPLP3-AJo.crl
rsync://rpki.ripe.net/repository/DEFAULT/88/d56693-2254-4a3b-acbb-efaaff0a982f/1/R9Bk-z5UHyNWMGXkjzAPLP3-AJo.mft
rsync://rpki.ripe.net/repository/DEFAULT/R9Bk-z5UHyNWMGXkjzAPLP3-AJo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Feb 2025 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:68:ac:e9:06:1e:97:58:a9:12:c3:c5:10:20:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=47d064fb3e541f23563065e48f300f2cfdfe009a
Validity
Not Before: Jan 1 07:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=84fe1195275c6063674e9b8f898ffe970f45ee4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:05:94:e7:b1:d7:97:01:55:dc:e0:5d:4f:cd:
80:74:3c:8e:b4:74:41:9c:95:e4:83:eb:72:3e:bb:
a8:b7:44:3e:ca:a5:d3:5a:ff:5d:6e:99:ec:fd:ea:
18:77:e0:15:bc:4a:94:a8:54:3e:64:0a:e1:7d:fe:
7a:91:b9:5a:44:8b:dc:60:af:f7:1f:88:c0:29:eb:
fa:82:f4:96:0e:3e:4c:2c:8a:79:4c:6a:7c:23:33:
3d:31:8f:6a:23:2f:35:1c:aa:37:45:1b:8b:86:65:
3b:65:e4:b0:5f:27:50:d4:0b:75:0d:5e:ea:70:ba:
88:5e:57:99:72:a9:4f:f5:29:51:94:bf:81:1d:0a:
b3:9c:54:f4:8d:71:10:13:57:a7:16:4a:dc:cf:39:
49:ac:f5:66:af:3f:7b:04:d5:e7:d3:11:27:aa:ab:
a5:f0:31:b5:61:e1:53:b2:02:b3:70:9f:25:09:69:
5b:95:0c:e3:bd:e5:92:ba:9c:a2:88:9d:3f:b3:ab:
51:67:66:ae:11:40:53:60:a6:4e:b5:5b:e4:87:75:
35:4c:f4:70:a5:e0:ee:7a:6c:5e:77:67:9b:45:f3:
27:8c:6e:12:af:e6:e6:86:7b:ed:63:c7:7d:9a:3f:
08:5f:3e:ee:60:f0:2c:b8:d5:ad:94:e5:be:e5:47:
17:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:FE:11:95:27:5C:60:63:67:4E:9B:8F:89:8F:FE:97:0F:45:EE:4F
X509v3 Authority Key Identifier:
keyid:47:D0:64:FB:3E:54:1F:23:56:30:65:E4:8F:30:0F:2C:FD:FE:00:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R9Bk-z5UHyNWMGXkjzAPLP3-AJo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/d56693-2254-4a3b-acbb-efaaff0a982f/1/hP4RlSdcYGNnTpuPiY_-lw9F7k8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/d56693-2254-4a3b-acbb-efaaff0a982f/1/R9Bk-z5UHyNWMGXkjzAPLP3-AJo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.244.29.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:68:04:48:1b:11:e2:9b:72:3c:3d:5a:6b:95:76:a6:14:09:
d1:a7:a6:1e:1b:84:df:83:4d:68:5f:6d:39:02:b6:48:82:a0:
f7:8c:23:a4:5f:ed:6d:2c:2d:31:99:e2:38:bc:b8:63:cb:86:
f6:82:b4:7f:b2:7e:c1:84:ff:66:a9:f6:4b:e1:b5:8c:26:04:
1d:47:c5:72:be:5e:a4:af:d1:7a:38:45:f8:88:ab:40:73:ae:
53:80:ec:67:82:19:ad:2c:1d:cb:3a:e7:68:5c:96:49:ef:7e:
d8:c7:1d:2e:73:73:2a:ec:be:15:5e:b3:44:3c:85:7f:4f:41:
4d:d4:6c:07:f0:30:05:a3:27:18:73:23:0e:1a:15:04:eb:fe:
f9:9f:58:78:e6:93:79:ad:70:09:fc:c0:d6:b4:cc:04:ea:eb:
1f:c4:5c:66:7c:7f:6d:72:25:48:f2:b9:e5:36:68:ed:05:9d:
2a:8a:35:15:31:7a:0a:b5:4b:0f:6d:07:02:86:58:8c:75:1e:
55:e4:99:3b:21:1f:6e:8c:42:12:27:2e:71:c2:56:68:97:18:
39:0c:ac:16:07:4c:88:d7:3f:71:11:6e:6b:dd:6e:42:0b:71:
ef:5b:71:e9:12:18:43:cd:a9:e1:63:d4:84:c9:03:36:ba:e9:
df:5f:f3:2b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1mis6QYel1ipEsPFECDHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3ZDA2NGZiM2U1NDFmMjM1NjMwNjVlNDhmMzAwZjJjZmRm
ZTAwOWEwHhcNMjUwMTAxMDc0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGZlMTE5NTI3NWM2MDYzNjc0ZTliOGY4OThmZmU5NzBmNDVlZTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAugWU57HXlwFV3OBdT82AdDyOtHRB
nJXkg+tyPruot0Q+yqXTWv9dbpns/eoYd+AVvEqUqFQ+ZArhff56kblaRIvcYK/3
H4jAKev6gvSWDj5MLIp5TGp8IzM9MY9qIy81HKo3RRuLhmU7ZeSwXydQ1At1DV7q
cLqIXleZcqlP9SlRlL+BHQqznFT0jXEQE1enFkrczzlJrPVmrz97BNXn0xEnqqul
8DG1YeFTsgKzcJ8lCWlblQzjveWSupyiiJ0/s6tRZ2auEUBTYKZOtVvkh3U1TPRw
peDuemxed2ebRfMnjG4Sr+bmhnvtY8d9mj8IXz7uYPAsuNWtlOW+5UcXnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIT+EZUnXGBjZ06bj4mP/pcPRe5PMB8GA1UdIwQY
MBaAFEfQZPs+VB8jVjBl5I8wDyz9/gCaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjlCay16NVVIeU5XTUdYa2p6QVBMUDMtQUpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9kNTY2OTMtMjI1NC00YTNiLWFjYmIt
ZWZhYWZmMGE5ODJmLzEvaFA0UmxTZGNZR05uVHB1UGlZXy1sdzlGN2s4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9kNTY2OTMtMjI1NC00YTNiLWFjYmItZWZhYWZmMGE5ODJm
LzEvUjlCay16NVVIeU5XTUdYa2p6QVBMUDMtQUpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw/QdMA0G
CSqGSIb3DQEBCwUAA4IBAQB8aARIGxHim3I8PVprlXamFAnRp6YeG4Tfg01oX205
ArZIgqD3jCOkX+1tLC0xmeI4vLhjy4b2grR/sn7BhP9mqfZL4bWMJgQdR8Vyvl6k
r9F6OEX4iKtAc65TgOxnghmtLB3LOudoXJZJ737Yxx0uc3Mq7L4VXrNEPIV/T0FN
1GwH8DAFoycYcyMOGhUE6/75n1h45pN5rXAJ/MDWtMwE6usfxFxmfH9tciVI8rnl
NmjtBZ0qijUVMXoKtUsPbQcChliMdR5V5Jk7IR9ujEISJy5xwlZolxg5DKwWB0yI
1z9xEW5r3W5CC3HvW3HpEhhDzanhY9SEyQM2uunfX/Mr
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:41:48 2025 by rpki-client