Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/f6cfd7-a228-4591-9ef5-5f4b87ada4b5/1/aIdDcKIPSrdTWAm8Itr83nsLcD0.roa
File: aIdDcKIPSrdTWAm8Itr83nsLcD0.roa (raw, json)
Hash identifier: UkSPTJ6SY0So9wqyoQ355LtxgU1FlK7CRcCejA7q0Vc=
Subject key identifier: 68:87:43:70:A2:0F:4A:B7:53:58:09:BC:22:DA:FC:DE:7B:0B:70:3D
Certificate issuer: /CN=a3190f6efd79ea7333f9bccd85a04352d915b239
Certificate serial: 019425FD5719CCF984EB6EA9521106915933
Authority key identifier: A3:19:0F:6E:FD:79:EA:73:33:F9:BC:CD:85:A0:43:52:D9:15:B2:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oxkPbv156nMz-bzNhaBDUtkVsjk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/f6cfd7-a228-4591-9ef5-5f4b87ada4b5/1/aIdDcKIPSrdTWAm8Itr83nsLcD0.roa
Signing time: Thu 02 Jan 2025 07:49:07 +0000
ROA not before: Thu 02 Jan 2025 07:49:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50343
IP address blocks: 109.233.152.0/21 maxlen: 24
185.169.112.0/22 maxlen: 24
2a01:8780::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/93/f6cfd7-a228-4591-9ef5-5f4b87ada4b5/1/oxkPbv156nMz-bzNhaBDUtkVsjk.crl
rsync://rpki.ripe.net/repository/DEFAULT/93/f6cfd7-a228-4591-9ef5-5f4b87ada4b5/1/oxkPbv156nMz-bzNhaBDUtkVsjk.mft
rsync://rpki.ripe.net/repository/DEFAULT/oxkPbv156nMz-bzNhaBDUtkVsjk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 22:01:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:57:19:cc:f9:84:eb:6e:a9:52:11:06:91:59:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3190f6efd79ea7333f9bccd85a04352d915b239
Validity
Not Before: Jan 2 07:49:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=68874370a20f4ab7535809bc22dafcde7b0b703d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:df:84:3a:9b:fe:40:9d:7e:04:69:eb:b5:35:
a9:3f:f6:8e:fe:f7:47:8c:4a:ef:c9:d6:d8:2e:67:
4c:56:5e:81:12:94:f8:4b:c1:66:49:d2:65:38:cf:
98:f9:c6:b9:9a:cf:0f:16:3a:92:5a:76:93:63:9b:
a3:b3:e5:05:6c:ea:7d:42:4b:04:a4:4c:6d:b6:1a:
7b:3a:45:c6:85:0e:5e:66:00:d2:bc:80:9f:2a:f6:
05:3b:48:2e:ed:4d:de:70:62:8a:ee:49:71:f6:11:
41:18:08:5d:0c:1d:b3:c2:de:0a:bc:6c:e8:a0:f4:
02:67:ea:16:52:73:99:69:f3:c8:19:1c:96:e4:8f:
8f:07:26:a9:02:77:99:bb:4a:52:e2:c6:44:4c:2a:
9f:28:ec:2c:d6:bb:df:c2:d0:f5:b1:df:4d:d8:f3:
33:14:2f:18:97:ca:9a:9a:39:0b:1e:f9:39:a9:46:
54:db:07:ef:f2:4a:c2:58:cf:8d:7d:df:4a:c2:93:
7d:6b:3d:52:5a:f5:25:55:a5:24:3a:5c:b2:d8:e2:
a8:31:80:ec:42:68:2d:f2:0f:a0:8b:c9:ff:78:93:
9f:6a:a1:21:cd:bf:8c:2b:6d:66:d8:0e:f6:02:16:
c3:fc:b4:58:d7:54:d5:2b:32:26:6b:21:2f:56:3d:
d2:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:87:43:70:A2:0F:4A:B7:53:58:09:BC:22:DA:FC:DE:7B:0B:70:3D
X509v3 Authority Key Identifier:
keyid:A3:19:0F:6E:FD:79:EA:73:33:F9:BC:CD:85:A0:43:52:D9:15:B2:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oxkPbv156nMz-bzNhaBDUtkVsjk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/f6cfd7-a228-4591-9ef5-5f4b87ada4b5/1/aIdDcKIPSrdTWAm8Itr83nsLcD0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/f6cfd7-a228-4591-9ef5-5f4b87ada4b5/1/oxkPbv156nMz-bzNhaBDUtkVsjk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.233.152.0/21
185.169.112.0/22
IPv6:
2a01:8780::/29
Signature Algorithm: sha256WithRSAEncryption
44:44:65:78:d0:00:56:ca:7b:5a:ed:cc:07:4a:dc:8e:4f:eb:
00:ce:69:6b:18:3e:ea:85:71:cf:9e:b5:6d:97:3e:b7:a7:25:
f7:30:52:2f:0b:d1:51:3c:18:46:e6:a9:55:f6:33:48:e5:62:
26:e2:9a:c6:c2:2b:c4:92:79:d7:3d:f9:97:49:38:af:fb:c1:
0e:f2:d8:b6:f1:25:ab:b6:8c:36:f0:69:d5:1e:59:0b:45:cd:
5a:81:66:68:59:bf:a9:c0:cb:71:3b:c3:76:f0:10:8a:b3:45:
ee:65:67:46:f6:ba:31:f3:87:83:e6:40:59:d5:7b:d1:11:c7:
cf:39:b5:05:ea:3f:5b:a7:4f:bb:e1:f9:75:24:81:11:34:ad:
72:2d:db:b9:03:ea:60:a8:84:64:e7:08:b6:a5:ca:c5:60:f0:
44:9e:da:0d:92:f9:d8:9e:6b:c6:44:35:64:41:77:c9:bc:96:
a6:5b:71:8a:eb:67:95:e7:43:81:58:c5:4f:ae:2f:b4:66:10:
d5:64:6c:8f:ed:a1:08:39:0b:73:c9:15:3d:c3:23:0e:91:a5:
46:8b:f2:6b:e0:83:45:d0:46:fc:1d:ae:70:cd:40:6d:db:be:
0e:a0:d0:3c:a7:ed:a7:70:80:f6:ae:9e:f4:77:2f:62:0a:05:
62:20:a7:7b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQl/VcZzPmE626pUhEGkVkzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMTkwZjZlZmQ3OWVhNzMzM2Y5YmNjZDg1YTA0MzUyZDkx
NWIyMzkwHhcNMjUwMTAyMDc0OTA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODg3NDM3MGEyMGY0YWI3NTM1ODA5YmMyMmRhZmNkZTdiMGI3MDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArN+EOpv+QJ1+BGnrtTWpP/aO/vdH
jErvydbYLmdMVl6BEpT4S8FmSdJlOM+Y+ca5ms8PFjqSWnaTY5ujs+UFbOp9QksE
pExtthp7OkXGhQ5eZgDSvICfKvYFO0gu7U3ecGKK7klx9hFBGAhdDB2zwt4KvGzo
oPQCZ+oWUnOZafPIGRyW5I+PByapAneZu0pS4sZETCqfKOws1rvfwtD1sd9N2PMz
FC8Yl8qamjkLHvk5qUZU2wfv8krCWM+Nfd9KwpN9az1SWvUlVaUkOlyy2OKoMYDs
Qmgt8g+gi8n/eJOfaqEhzb+MK21m2A72AhbD/LRY11TVKzImayEvVj3SaQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGiHQ3CiD0q3U1gJvCLa/N57C3A9MB8GA1UdIwQY
MBaAFKMZD279eepzM/m8zYWgQ1LZFbI5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3hrUGJ2MTU2bk16LWJ6TmhhQkRVdGtWc2prLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My9mNmNmZDctYTIyOC00NTkxLTllZjUt
NWY0Yjg3YWRhNGI1LzEvYUlkRGNLSVBTcmRUV0FtOEl0cjgzbnNMY0QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My9mNmNmZDctYTIyOC00NTkxLTllZjUtNWY0Yjg3YWRhNGI1
LzEvb3hrUGJ2MTU2bk16LWJ6TmhhQkRVdGtWc2prLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDbemYAwQC
ualwMA0EAgACMAcDBQMqAYeAMA0GCSqGSIb3DQEBCwUAA4IBAQBERGV40ABWynta
7cwHStyOT+sAzmlrGD7qhXHPnrVtlz63pyX3MFIvC9FRPBhG5qlV9jNI5WIm4prG
wivEknnXPfmXSTiv+8EO8ti28SWrtow28GnVHlkLRc1agWZoWb+pwMtxO8N28BCK
s0XuZWdG9rox84eD5kBZ1XvREcfPObUF6j9bp0+74fl1JIERNK1yLdu5A+pgqIRk
5wi2pcrFYPBEntoNkvnYnmvGRDVkQXfJvJamW3GK62eV50OBWMVPri+0ZhDVZGyP
7aEIOQtzyRU9wyMOkaVGi/Jr4INF0Eb8Ha5wzUBt274OoNA8p+2ncID2rp70dy9i
CgViIKd7
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:43:37 2025 by rpki-client