Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/54d437-a277-41bd-988f-950f0a0101a9/1/B-4mThf4e-80zWpEOjTSvUoatyg.roa
File: B-4mThf4e-80zWpEOjTSvUoatyg.roa (raw, json)
Hash identifier: iLGZvkSCMs5F+PZw6Uabdz+fABoTG9YghxbSRDf22wI=
Subject key identifier: 07:EE:26:4E:17:F8:7B:EF:34:CD:6A:44:3A:34:D2:BD:4A:1A:B7:28
Certificate issuer: /CN=2aa17ed407432c418b1c9eaf61fd1ca1cbff6a74
Certificate serial: 0194266BA7B4A6A7062704BD08FA6F223A64
Authority key identifier: 2A:A1:7E:D4:07:43:2C:41:8B:1C:9E:AF:61:FD:1C:A1:CB:FF:6A:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KqF-1AdDLEGLHJ6vYf0cocv_anQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/54d437-a277-41bd-988f-950f0a0101a9/1/B-4mThf4e-80zWpEOjTSvUoatyg.roa
Signing time: Thu 02 Jan 2025 09:49:37 +0000
ROA not before: Thu 02 Jan 2025 09:49:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61423
IP address blocks: 194.124.145.0/24 maxlen: 24
194.124.146.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/96/54d437-a277-41bd-988f-950f0a0101a9/1/KqF-1AdDLEGLHJ6vYf0cocv_anQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/96/54d437-a277-41bd-988f-950f0a0101a9/1/KqF-1AdDLEGLHJ6vYf0cocv_anQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/KqF-1AdDLEGLHJ6vYf0cocv_anQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:a7:b4:a6:a7:06:27:04:bd:08:fa:6f:22:3a:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2aa17ed407432c418b1c9eaf61fd1ca1cbff6a74
Validity
Not Before: Jan 2 09:49:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=07ee264e17f87bef34cd6a443a34d2bd4a1ab728
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:4d:83:da:25:a1:93:e4:94:ab:90:d4:33:44:
26:b5:99:91:d1:20:06:55:21:24:fe:55:fc:64:62:
60:f8:10:ba:89:8c:d7:00:c3:82:e5:13:8c:fe:06:
05:a5:ae:37:39:80:0a:11:05:9a:56:de:24:c3:39:
e6:ef:9d:aa:f2:40:22:dd:a2:77:7b:3a:cf:02:de:
9d:73:74:ef:84:82:ed:1b:c2:4c:54:a0:3b:2a:5c:
a8:33:e1:5c:13:f7:9c:ca:17:00:5a:82:17:39:b9:
b5:d8:fa:5c:6e:52:f0:33:4b:69:37:78:a4:ba:77:
c9:93:30:15:ff:07:71:04:1e:b7:23:6e:6a:22:41:
e8:37:94:55:76:9c:0a:3c:a4:3e:25:39:af:e8:83:
39:e0:2e:83:b0:e7:15:fd:68:f6:64:1c:da:f6:3e:
42:3b:7c:cf:c0:76:38:39:75:3b:69:8e:c4:a9:67:
5b:a0:09:82:cf:45:4b:7c:b7:56:47:9e:43:0c:c8:
d4:51:84:1f:53:01:5e:54:5d:89:e1:23:06:7c:e1:
07:9e:9e:a3:28:52:0b:2a:f9:a4:9b:85:0e:ca:d3:
8a:61:b1:83:73:f6:cb:dd:8c:50:3c:93:b6:18:31:
2c:49:7b:23:5b:67:b4:4f:19:e3:dc:47:50:16:19:
19:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:EE:26:4E:17:F8:7B:EF:34:CD:6A:44:3A:34:D2:BD:4A:1A:B7:28
X509v3 Authority Key Identifier:
keyid:2A:A1:7E:D4:07:43:2C:41:8B:1C:9E:AF:61:FD:1C:A1:CB:FF:6A:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KqF-1AdDLEGLHJ6vYf0cocv_anQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/54d437-a277-41bd-988f-950f0a0101a9/1/B-4mThf4e-80zWpEOjTSvUoatyg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/54d437-a277-41bd-988f-950f0a0101a9/1/KqF-1AdDLEGLHJ6vYf0cocv_anQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.124.145.0-194.124.147.255
Signature Algorithm: sha256WithRSAEncryption
36:7b:06:80:c6:89:1b:6a:40:d0:75:0b:f0:63:14:63:4f:8c:
0e:d1:a2:78:ec:6d:82:7c:d9:54:b5:69:85:3e:37:fd:df:ff:
3e:b4:4e:b9:a2:35:e4:04:b6:c6:a1:ee:69:fc:a9:ff:09:35:
60:b9:6d:f3:e4:a8:f6:d4:de:c3:1c:14:30:d6:44:15:0b:a7:
46:44:4c:8a:34:1d:fd:26:a8:ea:48:e7:04:dc:a8:91:c8:d0:
ef:f8:53:29:1e:14:7b:c4:2f:3e:c0:50:d7:34:bc:c0:f1:fc:
35:9c:05:2c:0f:fb:68:e4:28:b6:9b:d8:cb:67:94:aa:81:6d:
48:85:5c:5a:81:6b:af:62:45:ca:33:d1:a6:1b:5a:70:19:d3:
85:7d:fd:1c:14:99:75:01:23:e1:1a:29:01:5a:f2:d7:86:41:
16:0d:99:a5:75:12:e8:71:79:5b:a6:b2:86:89:85:58:22:4d:
29:81:53:4a:a4:59:70:46:9d:f8:d4:ab:17:f0:fc:ed:d1:82:
9c:19:81:7c:30:98:5b:cd:87:20:ca:12:c2:88:35:6c:8b:3e:
b8:9d:fe:cf:3b:1c:b0:44:7e:1f:89:0a:97:f5:ba:2d:57:b9:
46:12:8c:18:4e:3c:0e:e7:ab:f3:4f:69:af:b0:56:19:44:f1:
46:da:ed:84
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQma6e0pqcGJwS9CPpvIjpkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYTE3ZWQ0MDc0MzJjNDE4YjFjOWVhZjYxZmQxY2ExY2Jm
ZjZhNzQwHhcNMjUwMTAyMDk0OTM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2VlMjY0ZTE3Zjg3YmVmMzRjZDZhNDQzYTM0ZDJiZDRhMWFiNzI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkU2D2iWhk+SUq5DUM0QmtZmR0SAG
VSEk/lX8ZGJg+BC6iYzXAMOC5ROM/gYFpa43OYAKEQWaVt4kwznm752q8kAi3aJ3
ezrPAt6dc3TvhILtG8JMVKA7KlyoM+FcE/ecyhcAWoIXObm12PpcblLwM0tpN3ik
unfJkzAV/wdxBB63I25qIkHoN5RVdpwKPKQ+JTmv6IM54C6DsOcV/Wj2ZBza9j5C
O3zPwHY4OXU7aY7EqWdboAmCz0VLfLdWR55DDMjUUYQfUwFeVF2J4SMGfOEHnp6j
KFILKvmkm4UOytOKYbGDc/bL3YxQPJO2GDEsSXsjW2e0Txnj3EdQFhkZKQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFAfuJk4X+HvvNM1qRDo00r1KGrcoMB8GA1UdIwQY
MBaAFCqhftQHQyxBixyer2H9HKHL/2p0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3FGLTFBZERMRUdMSEo2dllmMGNvY3ZfYW5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni81NGQ0MzctYTI3Ny00MWJkLTk4OGYt
OTUwZjBhMDEwMWE5LzEvQi00bVRoZjRlLTgweldwRU9qVFN2VW9hdHlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni81NGQ0MzctYTI3Ny00MWJkLTk4OGYtOTUwZjBhMDEwMWE5
LzEvS3FGLTFBZERMRUdMSEo2dllmMGNvY3ZfYW5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBADCfJED
BALCfJAwDQYJKoZIhvcNAQELBQADggEBADZ7BoDGiRtqQNB1C/BjFGNPjA7Ronjs
bYJ82VS1aYU+N/3f/z60TrmiNeQEtsah7mn8qf8JNWC5bfPkqPbU3sMcFDDWRBUL
p0ZETIo0Hf0mqOpI5wTcqJHI0O/4UykeFHvELz7AUNc0vMDx/DWcBSwP+2jkKLab
2MtnlKqBbUiFXFqBa69iRcoz0aYbWnAZ04V9/RwUmXUBI+EaKQFa8teGQRYNmaV1
EuhxeVumsoaJhVgiTSmBU0qkWXBGnfjUqxfw/O3RgpwZgXwwmFvNhyDKEsKINWyL
Prid/s87HLBEfh+JCpf1ui1XuUYSjBhOPA7nq/NPaa+wVhlE8Uba7YQ=
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:21:21 2025 by rpki-client