Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/39a5b5-3c51-46e2-9479-12f41a0cc0c1/1/I7yYY6oN8nbmOzWKLfxUY08F4VM.roa
File: I7yYY6oN8nbmOzWKLfxUY08F4VM.roa (raw, json)
Hash identifier: OpjuP5bzSExVmZzxUJkOBU+S1bIyOKqFxjUEQGmtVXk=
Subject key identifier: 23:BC:98:63:AA:0D:F2:76:E6:3B:35:8A:2D:FC:54:63:4F:05:E1:53
Certificate issuer: /CN=1c7433fafa59f0d512a2bebb097e69463cc06759
Certificate serial: 019425FC0F570026DDEDF39B1C65718CABF1
Authority key identifier: 1C:74:33:FA:FA:59:F0:D5:12:A2:BE:BB:09:7E:69:46:3C:C0:67:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HHQz-vpZ8NUSor67CX5pRjzAZ1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/39a5b5-3c51-46e2-9479-12f41a0cc0c1/1/I7yYY6oN8nbmOzWKLfxUY08F4VM.roa
Signing time: Thu 02 Jan 2025 07:47:43 +0000
ROA not before: Thu 02 Jan 2025 07:47:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42926
IP address blocks: 5.250.255.0/24 maxlen: 24
185.123.54.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/39a5b5-3c51-46e2-9479-12f41a0cc0c1/1/HHQz-vpZ8NUSor67CX5pRjzAZ1k.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/39a5b5-3c51-46e2-9479-12f41a0cc0c1/1/HHQz-vpZ8NUSor67CX5pRjzAZ1k.mft
rsync://rpki.ripe.net/repository/DEFAULT/HHQz-vpZ8NUSor67CX5pRjzAZ1k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:0f:57:00:26:dd:ed:f3:9b:1c:65:71:8c:ab:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c7433fafa59f0d512a2bebb097e69463cc06759
Validity
Not Before: Jan 2 07:47:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=23bc9863aa0df276e63b358a2dfc54634f05e153
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:e5:24:33:8d:54:34:42:02:f1:09:0f:7b:93:
f6:02:66:aa:21:45:42:73:22:7d:0e:af:7f:29:f0:
2a:90:62:d8:b3:32:0c:09:1f:82:7c:0a:cd:6c:0b:
fd:f5:74:11:76:af:43:70:10:a9:92:60:90:60:1c:
6d:39:5c:1c:42:cf:1c:c0:72:ee:75:bf:4c:03:90:
1a:d1:ef:15:97:57:f7:2a:1e:1a:9e:dc:1c:60:02:
b9:7f:8c:3e:15:8c:f3:00:2b:07:d6:fa:d3:f8:c5:
68:55:85:47:ce:4e:b0:84:29:04:92:3a:11:c3:7d:
7c:7e:da:bc:17:31:d1:99:98:c4:45:d4:59:c6:1a:
16:9f:5d:31:bb:b6:3c:ef:19:0f:59:af:d4:ca:c8:
79:fb:4a:2f:67:07:d0:b0:b5:d0:95:2a:6c:86:6e:
6a:34:35:b0:25:a2:ac:87:85:52:8b:35:08:96:4a:
a2:b6:0f:8f:e9:62:51:91:07:37:61:ef:71:c8:63:
b7:84:b2:34:ad:cb:cb:a4:ae:ea:69:11:10:d4:53:
10:95:84:b4:0d:71:72:8e:33:84:c0:2c:d9:13:f9:
03:e0:ca:6c:ea:55:7b:64:14:00:4c:92:e9:be:0b:
8a:94:b5:f8:d3:80:6b:60:d4:68:56:39:7e:ea:7e:
ef:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:BC:98:63:AA:0D:F2:76:E6:3B:35:8A:2D:FC:54:63:4F:05:E1:53
X509v3 Authority Key Identifier:
keyid:1C:74:33:FA:FA:59:F0:D5:12:A2:BE:BB:09:7E:69:46:3C:C0:67:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HHQz-vpZ8NUSor67CX5pRjzAZ1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/39a5b5-3c51-46e2-9479-12f41a0cc0c1/1/I7yYY6oN8nbmOzWKLfxUY08F4VM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/39a5b5-3c51-46e2-9479-12f41a0cc0c1/1/HHQz-vpZ8NUSor67CX5pRjzAZ1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.250.255.0/24
185.123.54.0/24
Signature Algorithm: sha256WithRSAEncryption
95:7d:d7:69:2d:07:e9:5e:aa:fe:0c:b9:29:b1:70:84:ca:21:
71:ca:2f:ad:09:45:3f:80:ab:8a:66:cb:51:29:15:1d:ce:fb:
e4:7e:4e:8e:e8:a3:ed:e9:86:55:81:3a:72:c7:9b:b8:30:f6:
98:e4:ae:bb:32:76:f3:54:34:2a:3c:78:eb:18:bb:2c:d5:b2:
c6:b7:80:63:43:1f:91:9c:ce:89:01:6e:0f:8e:6f:41:93:eb:
d2:da:d2:97:29:f1:a4:30:54:ba:e2:99:c4:f0:c4:d7:ff:58:
d8:c0:9b:52:0f:2a:62:ab:77:95:97:c9:3e:2e:4c:25:f5:2e:
de:b1:4c:a8:81:75:44:6a:ba:fc:20:59:47:f4:07:01:2f:c6:
02:95:43:fb:7f:05:28:06:01:90:69:8d:33:1a:ec:9c:86:3c:
c6:31:a3:6b:70:fc:a1:54:ba:b8:2a:07:54:0a:71:2a:fb:f1:
a1:8b:ab:9c:1c:f0:35:0a:5b:3a:24:c2:95:fa:40:20:aa:ae:
b1:8b:e3:92:86:13:3a:cc:c3:0e:a1:c2:b7:3a:80:51:48:a4:
7c:d1:38:68:1a:47:d1:3e:49:c7:de:34:f0:49:a2:95:90:dd:
ac:cb:d1:97:91:1d:77:f1:4c:40:9d:73:e1:53:56:fc:d2:f4:
0c:28:56:2c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQl/A9XACbd7fObHGVxjKvxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNzQzM2ZhZmE1OWYwZDUxMmEyYmViYjA5N2U2OTQ2M2Nj
MDY3NTkwHhcNMjUwMTAyMDc0NzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2JjOTg2M2FhMGRmMjc2ZTYzYjM1OGEyZGZjNTQ2MzRmMDVlMTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkeUkM41UNEIC8QkPe5P2AmaqIUVC
cyJ9Dq9/KfAqkGLYszIMCR+CfArNbAv99XQRdq9DcBCpkmCQYBxtOVwcQs8cwHLu
db9MA5Aa0e8Vl1f3Kh4antwcYAK5f4w+FYzzACsH1vrT+MVoVYVHzk6whCkEkjoR
w318ftq8FzHRmZjERdRZxhoWn10xu7Y87xkPWa/Uysh5+0ovZwfQsLXQlSpshm5q
NDWwJaKsh4VSizUIlkqitg+P6WJRkQc3Ye9xyGO3hLI0rcvLpK7qaREQ1FMQlYS0
DXFyjjOEwCzZE/kD4Mps6lV7ZBQATJLpvguKlLX404BrYNRoVjl+6n7vuwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCO8mGOqDfJ25js1ii38VGNPBeFTMB8GA1UdIwQY
MBaAFBx0M/r6WfDVEqK+uwl+aUY8wGdZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEhRei12cFo4TlVTb3I2N0NYNXBSanpBWjFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8zOWE1YjUtM2M1MS00NmUyLTk0Nzkt
MTJmNDFhMGNjMGMxLzEvSTd5WVk2b044bmJtT3pXS0xmeFVZMDhGNFZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8zOWE1YjUtM2M1MS00NmUyLTk0NzktMTJmNDFhMGNjMGMx
LzEvSEhRei12cFo4TlVTb3I2N0NYNXBSanpBWjFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABfr/AwQA
uXs2MA0GCSqGSIb3DQEBCwUAA4IBAQCVfddpLQfpXqr+DLkpsXCEyiFxyi+tCUU/
gKuKZstRKRUdzvvkfk6O6KPt6YZVgTpyx5u4MPaY5K67MnbzVDQqPHjrGLss1bLG
t4BjQx+RnM6JAW4Pjm9Bk+vS2tKXKfGkMFS64pnE8MTX/1jYwJtSDypiq3eVl8k+
Lkwl9S7esUyogXVEarr8IFlH9AcBL8YClUP7fwUoBgGQaY0zGuychjzGMaNrcPyh
VLq4KgdUCnEq+/Ghi6ucHPA1Cls6JMKV+kAgqq6xi+OShhM6zMMOocK3OoBRSKR8
0ThoGkfRPknH3jTwSaKVkN2sy9GXkR138UxAnXPhU1b80vQMKFYs
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:05:50 2025 by rpki-client