Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vjSbIMiZxuin7C67VF4oS48bwiU.roa
File: vjSbIMiZxuin7C67VF4oS48bwiU.roa (raw, json)
Hash identifier: QBf9vLSDJ4aR1pAAAwA1if3BZ/iIMbIfDNmnJBVf2S8=
Subject key identifier: BE:34:9B:20:C8:99:C6:E8:A7:EC:2E:BB:54:5E:28:4B:8F:1B:C2:25
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0194B719C97AD99EF3CF9D9BE1E690B7EEE0
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vjSbIMiZxuin7C67VF4oS48bwiU.roa
Signing time: Thu 30 Jan 2025 12:05:08 +0000
ROA not before: Thu 30 Jan 2025 12:05:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13335
IP address blocks: 89.213.5.0/24 maxlen: 24
89.213.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 09:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:b7:19:c9:7a:d9:9e:f3:cf:9d:9b:e1:e6:90:b7:ee:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 30 12:05:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=be349b20c899c6e8a7ec2ebb545e284b8f1bc225
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:ee:3b:9e:5d:9c:cc:3b:82:f8:80:36:64:93:
cc:27:da:24:91:df:ce:95:ff:6d:a2:99:2c:57:d5:
83:1b:7d:8e:23:06:fe:83:b4:e2:8a:6c:91:a2:eb:
6d:c8:bf:ad:f6:5d:42:ce:d1:76:14:f3:11:65:11:
28:15:2f:6e:cb:8a:8b:ef:5f:5d:eb:bf:99:8d:fd:
a1:e8:0b:1a:26:76:13:0f:98:77:69:5b:f2:ed:f1:
0d:f4:9f:7a:4a:6d:8b:d4:e6:77:e9:2a:67:3c:4c:
2f:bd:78:17:de:e7:7f:d9:f7:9f:d7:a7:91:3f:0e:
86:5f:0d:1e:ea:c6:34:4b:b2:c7:49:6c:e4:79:07:
ce:0f:70:a3:f6:aa:a6:c1:1e:72:8f:eb:ee:5a:51:
d5:8f:7c:91:3b:aa:52:3a:91:fe:14:b8:58:0f:f7:
fd:23:df:52:41:e3:49:a6:e9:04:74:1f:02:b0:c3:
a9:48:85:65:63:63:e7:47:2c:44:e9:c2:99:49:3f:
e8:66:84:59:98:60:09:e6:34:d0:e8:e1:b4:8d:09:
fa:4a:e1:10:16:b3:43:5d:5b:e5:a9:54:d6:08:92:
84:34:ae:44:7d:1b:e8:ba:12:f6:71:6c:be:8d:eb:
61:0e:50:66:2c:4e:f9:ee:50:59:16:53:a3:7c:99:
ec:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:34:9B:20:C8:99:C6:E8:A7:EC:2E:BB:54:5E:28:4B:8F:1B:C2:25
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vjSbIMiZxuin7C67VF4oS48bwiU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.5.0/24
89.213.231.0/24
Signature Algorithm: sha256WithRSAEncryption
76:a8:e6:54:1f:f6:5e:f5:f8:81:85:26:81:c7:b7:55:e0:9a:
50:4f:7c:d0:54:59:5f:dd:96:07:95:6f:50:50:ee:02:74:85:
19:94:2b:cc:4b:68:b6:0d:8d:74:a6:b1:92:bd:0c:50:9a:12:
57:bd:68:40:cb:b5:36:01:dc:a5:dd:63:13:94:ce:f0:11:c3:
fd:45:7a:23:00:d5:9f:25:ea:ac:37:fa:dd:2e:48:60:04:e6:
0d:d1:5e:8a:0c:a1:ec:f9:8d:09:66:0c:f6:79:00:1f:88:a5:
ed:b9:21:3f:f7:10:c0:41:9d:07:9e:d7:33:cb:00:42:e0:be:
32:65:ef:0a:bf:82:89:bd:dd:e1:f3:bc:2e:80:b5:23:af:5b:
e6:a3:cb:39:fc:97:f6:de:f2:a1:3a:8b:7b:40:e8:7d:12:e5:
b6:06:05:49:87:10:10:e9:e0:e4:58:ff:d2:a0:ef:11:c7:8b:
30:9c:b1:b2:b4:00:47:20:a8:61:e4:44:ba:d3:aa:84:91:84:
64:65:f5:b0:43:74:cc:50:6d:ed:36:1e:33:ca:3f:67:f6:0d:
bd:87:2f:18:32:ac:22:ba:f1:41:40:78:eb:2d:99:7b:a0:65:
78:0b:5a:02:55:55:da:4a:14:0b:ca:9c:8e:b3:23:2c:e9:89:
4c:b9:dd:67
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZS3Gcl62Z7zz52b4eaQt+7gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTMwMTIwNTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTM0OWIyMGM4OTljNmU4YTdlYzJlYmI1NDVlMjg0YjhmMWJjMjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3u47nl2czDuC+IA2ZJPMJ9okkd/O
lf9topksV9WDG32OIwb+g7TiimyRouttyL+t9l1CztF2FPMRZREoFS9uy4qL719d
67+Zjf2h6AsaJnYTD5h3aVvy7fEN9J96Sm2L1OZ36SpnPEwvvXgX3ud/2fef16eR
Pw6GXw0e6sY0S7LHSWzkeQfOD3Cj9qqmwR5yj+vuWlHVj3yRO6pSOpH+FLhYD/f9
I99SQeNJpukEdB8CsMOpSIVlY2PnRyxE6cKZST/oZoRZmGAJ5jTQ6OG0jQn6SuEQ
FrNDXVvlqVTWCJKENK5EfRvouhL2cWy+jethDlBmLE757lBZFlOjfJns+QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL40myDImcbop+wuu1ReKEuPG8IlMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdmpTYklNaVp4dWluN0M2N1ZGNG9TNDhid2lVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWdUFAwQA
WdXnMA0GCSqGSIb3DQEBCwUAA4IBAQB2qOZUH/Ze9fiBhSaBx7dV4JpQT3zQVFlf
3ZYHlW9QUO4CdIUZlCvMS2i2DY10prGSvQxQmhJXvWhAy7U2Adyl3WMTlM7wEcP9
RXojANWfJeqsN/rdLkhgBOYN0V6KDKHs+Y0JZgz2eQAfiKXtuSE/9xDAQZ0Hntcz
ywBC4L4yZe8Kv4KJvd3h87wugLUjr1vmo8s5/Jf23vKhOot7QOh9EuW2BgVJhxAQ
6eDkWP/SoO8Rx4swnLGytABHIKhh5ES606qEkYRkZfWwQ3TMUG3tNh4zyj9n9g29
hy8YMqwiuvFBQHjrLZl7oGV4C1oCVVXaShQLypyOsyMs6YlMud1n
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:24:09 2025 by rpki-client