Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/OqF2eyJ9Nah0S4xGSjJYn_h3cTU.roa
File: OqF2eyJ9Nah0S4xGSjJYn_h3cTU.roa (raw, json)
Hash identifier: UaxiQV187imUDaob7M2RSZknrvaHjuJ3BY11Fvhjz2E=
Subject key identifier: 3A:A1:76:7B:22:7D:35:A8:74:4B:8C:46:4A:32:58:9F:F8:77:71:35
Certificate issuer: /CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Certificate serial: 019421B1DAE84FCC9DA533A5A6733AFAB610
Authority key identifier: F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/OqF2eyJ9Nah0S4xGSjJYn_h3cTU.roa
Signing time: Wed 01 Jan 2025 11:48:11 +0000
ROA not before: Wed 01 Jan 2025 11:48:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51843
IP address blocks: 91.120.250.0/24 maxlen: 24
91.120.251.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.mft
rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 08:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:da:e8:4f:cc:9d:a5:33:a5:a6:73:3a:fa:b6:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Validity
Not Before: Jan 1 11:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3aa1767b227d35a8744b8c464a32589ff8777135
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:1f:76:f3:b8:59:c6:12:d8:a5:2c:1c:42:ae:
18:e6:54:4f:f9:c4:c4:5a:2e:6f:db:a2:93:a2:42:
e9:d3:83:29:d6:e7:35:cb:01:d0:f3:ad:fc:f1:bf:
f1:80:86:41:e2:e3:05:d9:11:b1:9a:1b:0d:1a:c4:
50:f1:c8:24:c0:07:04:77:7c:13:a1:ab:e0:4e:d1:
24:65:e2:24:a9:75:f8:4c:01:e8:77:eb:25:36:52:
58:88:04:87:cf:48:b2:65:e5:22:9f:47:2c:3a:37:
fd:17:08:69:3f:ad:cf:73:e7:5f:af:cf:8a:d0:b7:
04:f2:25:6e:56:d0:27:5a:1b:28:4f:d3:46:71:a9:
0d:d9:2f:e9:b6:3d:d7:be:0b:d6:ca:b4:40:ba:2a:
e2:ac:5e:a4:4e:69:18:fb:4a:22:41:81:a6:28:89:
c2:b6:f6:9f:ab:57:2d:0d:75:b0:98:cc:bf:3b:ce:
de:3a:69:53:18:89:1a:68:e9:09:25:d5:f9:f6:1b:
a3:74:30:cd:2c:dd:16:a5:f2:52:35:69:a9:b8:31:
d7:a0:89:85:64:54:77:c1:d0:de:21:d4:55:d1:24:
e6:e0:80:41:a9:9b:9d:aa:5d:59:7b:0c:59:24:55:
5d:8f:3c:df:8a:61:9d:26:6e:cd:de:22:8c:7e:c0:
20:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:A1:76:7B:22:7D:35:A8:74:4B:8C:46:4A:32:58:9F:F8:77:71:35
X509v3 Authority Key Identifier:
keyid:F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/OqF2eyJ9Nah0S4xGSjJYn_h3cTU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.120.250.0/23
Signature Algorithm: sha256WithRSAEncryption
2a:8d:ce:93:1e:32:20:6c:a5:03:26:28:38:fe:b3:dd:3c:bf:
c4:83:79:67:74:78:68:76:9e:63:79:26:e0:5b:a8:22:0b:ae:
2f:da:d4:20:13:cb:91:ce:af:d5:f9:a9:0a:af:c2:78:41:37:
fb:e1:d0:5a:5b:68:76:6d:b9:85:78:eb:d1:ca:50:e9:0b:7c:
ee:6d:49:23:3a:21:f2:53:88:01:33:44:80:ee:aa:eb:57:39:
37:c6:2c:48:89:4e:5d:23:70:61:8c:6f:1d:98:df:1a:76:96:
84:c4:27:b8:f6:d7:23:98:28:6e:5e:ff:02:15:f7:3e:3d:f0:
92:df:05:87:f7:24:46:d7:df:a9:87:35:ce:8b:83:ec:03:66:
af:ac:92:04:1e:1b:32:1a:63:f6:f2:34:e7:b8:77:b4:58:21:
00:28:6b:ba:0d:37:02:0c:e2:74:1d:85:93:4a:f4:f6:1f:f5:
54:4b:84:bc:e0:94:c7:86:8d:71:6a:66:c1:62:83:b3:e5:f9:
9f:7a:bb:90:c9:82:d3:72:ad:33:4c:eb:fe:2d:0b:23:12:82:
a0:25:16:9f:b2:07:33:15:0b:ea:84:2f:cd:fa:9e:32:aa:59:
9b:06:ed:f7:2b:ca:70:9b:c0:6a:13:1a:22:95:8e:29:2c:e4:
0f:a0:f5:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsdroT8ydpTOlpnM6+rYQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMmRhYzYwNWY0NjU5NzE4YzBhMTVlMWY3MzJjYmQ0ZjQ4
YWFlN2IwHhcNMjUwMTAxMTE0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWExNzY3YjIyN2QzNWE4NzQ0YjhjNDY0YTMyNTg5ZmY4Nzc3MTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3x9287hZxhLYpSwcQq4Y5lRP+cTE
Wi5v26KTokLp04Mp1uc1ywHQ86388b/xgIZB4uMF2RGxmhsNGsRQ8cgkwAcEd3wT
oavgTtEkZeIkqXX4TAHod+slNlJYiASHz0iyZeUin0csOjf9FwhpP63Pc+dfr8+K
0LcE8iVuVtAnWhsoT9NGcakN2S/ptj3XvgvWyrRAuirirF6kTmkY+0oiQYGmKInC
tvafq1ctDXWwmMy/O87eOmlTGIkaaOkJJdX59hujdDDNLN0WpfJSNWmpuDHXoImF
ZFR3wdDeIdRV0STm4IBBqZudql1ZewxZJFVdjzzfimGdJm7N3iKMfsAgsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDqhdnsifTWodEuMRkoyWJ/4d3E1MB8GA1UdIwQY
MBaAFPAtrGBfRllxjAoV4fcyy9T0iq57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYt
MjkyYWU0NmU2MzAyLzEvT3FGMmV5SjlOYWgwUzR4R1NqSlluX2gzY1RVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYtMjkyYWU0NmU2MzAy
LzEvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW3j6MA0G
CSqGSIb3DQEBCwUAA4IBAQAqjc6THjIgbKUDJig4/rPdPL/Eg3lndHhodp5jeSbg
W6giC64v2tQgE8uRzq/V+akKr8J4QTf74dBaW2h2bbmFeOvRylDpC3zubUkjOiHy
U4gBM0SA7qrrVzk3xixIiU5dI3BhjG8dmN8adpaExCe49tcjmChuXv8CFfc+PfCS
3wWH9yRG19+phzXOi4PsA2avrJIEHhsyGmP28jTnuHe0WCEAKGu6DTcCDOJ0HYWT
SvT2H/VUS4S84JTHho1xambBYoOz5fmferuQyYLTcq0zTOv+LQsjEoKgJRafsgcz
FQvqhC/N+p4yqlmbBu33K8pwm8BqExoilY4pLOQPoPUl
-----END CERTIFICATE-----
Generated at Sun Apr 13 16:09:01 2025 by rpki-client