Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/irT4DdDzgeP-65AGXrk0PHCAQVY.roa
File: irT4DdDzgeP-65AGXrk0PHCAQVY.roa (raw, json)
Hash identifier: RsayR2J7jayb/ZHPN+8XPFdXktAjeGK/x5tQjIbG8/Y=
Subject key identifier: 8A:B4:F8:0D:D0:F3:81:E3:FE:EB:90:06:5E:B9:34:3C:70:80:41:56
Certificate issuer: /CN=9c542f5df3c1acb857fd50eeb016eed07385ff8c
Certificate serial: 019425217D2639742EC60DF4B4044627296C
Authority key identifier: 9C:54:2F:5D:F3:C1:AC:B8:57:FD:50:EE:B0:16:EE:D0:73:85:FF:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nFQvXfPBrLhX_VDusBbu0HOF_4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/irT4DdDzgeP-65AGXrk0PHCAQVY.roa
Signing time: Thu 02 Jan 2025 03:48:59 +0000
ROA not before: Thu 02 Jan 2025 03:48:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48955
IP address blocks: 86.107.58.0/23 maxlen: 24
94.154.122.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/nFQvXfPBrLhX_VDusBbu0HOF_4w.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/nFQvXfPBrLhX_VDusBbu0HOF_4w.mft
rsync://rpki.ripe.net/repository/DEFAULT/nFQvXfPBrLhX_VDusBbu0HOF_4w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 04:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:7d:26:39:74:2e:c6:0d:f4:b4:04:46:27:29:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c542f5df3c1acb857fd50eeb016eed07385ff8c
Validity
Not Before: Jan 2 03:48:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8ab4f80dd0f381e3feeb90065eb9343c70804156
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:20:95:db:dc:82:0c:53:5e:30:81:c9:b1:f6:
11:95:d8:74:4a:b8:3c:05:e2:da:2f:5d:cf:93:fa:
7f:a9:4d:df:58:db:59:74:f1:ad:a6:1f:d4:ab:ea:
68:9b:6b:2e:bc:80:e9:76:29:80:43:7c:99:70:d3:
73:7c:03:dd:a0:ec:98:91:32:da:89:2f:53:d7:b7:
f2:10:4a:4d:6b:fe:76:15:7c:9c:23:be:0e:5e:04:
2a:97:26:d0:47:ad:14:5e:e0:98:bb:5e:b5:6c:ba:
fc:80:c5:09:71:b2:bc:7b:49:6b:2f:1f:92:2c:03:
73:89:2e:cc:d0:93:e4:00:ea:6a:cc:cc:9e:0b:77:
65:72:ea:c3:cc:c9:1f:d5:8e:1c:43:a7:0f:41:2a:
e4:5c:8b:5a:6f:2e:2f:be:b9:dc:5b:d1:58:ca:f8:
ae:b0:0c:ac:8b:c2:f2:f7:08:7f:be:ca:05:c1:1e:
cd:cb:b8:67:25:89:bb:33:57:1f:c9:c8:39:d0:56:
1d:8b:90:65:6f:98:d2:13:05:9b:7f:a6:18:35:d2:
29:c9:e9:9a:9e:c3:f4:a8:7d:50:32:96:81:d1:4e:
b0:af:45:36:e6:6b:df:5f:f2:c9:c7:7a:cb:9d:5f:
6b:64:95:14:96:b5:2e:cb:83:e6:2c:97:2d:95:5b:
af:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:B4:F8:0D:D0:F3:81:E3:FE:EB:90:06:5E:B9:34:3C:70:80:41:56
X509v3 Authority Key Identifier:
keyid:9C:54:2F:5D:F3:C1:AC:B8:57:FD:50:EE:B0:16:EE:D0:73:85:FF:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nFQvXfPBrLhX_VDusBbu0HOF_4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/irT4DdDzgeP-65AGXrk0PHCAQVY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/nFQvXfPBrLhX_VDusBbu0HOF_4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.107.58.0/23
94.154.122.0/24
Signature Algorithm: sha256WithRSAEncryption
51:9d:9a:4f:f1:d0:bc:39:f9:84:1a:43:d4:2f:11:fb:02:a6:
f6:64:ad:75:19:c6:3a:f5:f5:4e:44:9f:52:78:49:25:60:39:
cc:07:13:4d:4e:c3:a1:f5:0d:41:76:96:f8:86:b3:d4:2d:73:
58:78:2e:ee:51:48:73:6e:0d:86:f0:ce:b5:0b:14:bc:27:7b:
69:db:43:06:aa:1d:1f:28:6a:5c:5c:3f:d6:33:30:1c:83:0c:
6f:8c:14:3f:cd:ef:23:9d:7e:66:d5:c4:d3:7c:74:16:5c:78:
a4:3a:d2:a5:26:5c:a9:81:c2:8a:12:e5:5a:10:bd:6e:4a:af:
7a:97:8a:1c:8a:e5:2a:9b:5d:bd:d5:ae:a3:51:57:c7:63:e0:
53:be:28:c0:80:42:2e:1b:60:bc:9b:ac:31:f3:4d:5c:74:ca:
24:20:cb:88:32:70:b3:9e:ac:14:b1:b4:53:7a:ca:2b:cd:ba:
a3:35:bf:fc:53:b1:85:2e:be:e5:b8:ca:d4:89:ac:09:21:ed:
be:7f:19:29:6b:62:3c:c4:bc:4c:e8:59:1a:08:e1:4f:62:32:
76:c1:eb:11:9b:f3:5d:87:c1:90:3e:f0:1f:13:cc:aa:f3:eb:
48:c4:7f:33:4c:0c:04:e9:ca:fc:5e:f0:5a:61:61:e9:5d:01:
6b:b0:99:d7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQlIX0mOXQuxg30tARGJylsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNTQyZjVkZjNjMWFjYjg1N2ZkNTBlZWIwMTZlZWQwNzM4
NWZmOGMwHhcNMjUwMTAyMDM0ODU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWI0ZjgwZGQwZjM4MWUzZmVlYjkwMDY1ZWI5MzQzYzcwODA0MTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1SCV29yCDFNeMIHJsfYRldh0Srg8
BeLaL13Pk/p/qU3fWNtZdPGtph/Uq+pom2suvIDpdimAQ3yZcNNzfAPdoOyYkTLa
iS9T17fyEEpNa/52FXycI74OXgQqlybQR60UXuCYu161bLr8gMUJcbK8e0lrLx+S
LANziS7M0JPkAOpqzMyeC3dlcurDzMkf1Y4cQ6cPQSrkXItaby4vvrncW9FYyviu
sAysi8Ly9wh/vsoFwR7Ny7hnJYm7M1cfycg50FYdi5Blb5jSEwWbf6YYNdIpyema
nsP0qH1QMpaB0U6wr0U25mvfX/LJx3rLnV9rZJUUlrUuy4PmLJctlVuvjQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIq0+A3Q84Hj/uuQBl65NDxwgEFWMB8GA1UdIwQY
MBaAFJxUL13zway4V/1Q7rAW7tBzhf+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkZRdlhmUEJyTGhYX1ZEdXNCYnUwSE9GXzR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9mYjc5MWItODAxMy00NThhLTlhMWUt
MjVkYmY0MzgwNGM1LzEvaXJUNERkRHpnZVAtNjVBR1hyazBQSENBUVZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9mYjc5MWItODAxMy00NThhLTlhMWUtMjVkYmY0MzgwNGM1
LzEvbkZRdlhmUEJyTGhYX1ZEdXNCYnUwSE9GXzR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBVms6AwQA
Xpp6MA0GCSqGSIb3DQEBCwUAA4IBAQBRnZpP8dC8OfmEGkPULxH7Aqb2ZK11GcY6
9fVORJ9SeEklYDnMBxNNTsOh9Q1Bdpb4hrPULXNYeC7uUUhzbg2G8M61CxS8J3tp
20MGqh0fKGpcXD/WMzAcgwxvjBQ/ze8jnX5m1cTTfHQWXHikOtKlJlypgcKKEuVa
EL1uSq96l4ociuUqm1291a6jUVfHY+BTvijAgEIuG2C8m6wx801cdMokIMuIMnCz
nqwUsbRTesorzbqjNb/8U7GFLr7luMrUiawJIe2+fxkpa2I8xLxM6FkaCOFPYjJ2
wesRm/Ndh8GQPvAfE8yq8+tIxH8zTAwE6cr8XvBaYWHpXQFrsJnX
-----END CERTIFICATE-----
Generated at Sun Apr 13 13:34:43 2025 by rpki-client