Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/xJMh3j3GpShYCJoYtsAE4dqx3WU.roa
File: xJMh3j3GpShYCJoYtsAE4dqx3WU.roa (raw, json)
Hash identifier: k38ffw08ruTV3gYvZegSeTLOSKho9qw6Tw7LEO7WSjk=
Subject key identifier: C4:93:21:DE:3D:C6:A5:28:58:08:9A:18:B6:C0:04:E1:DA:B1:DD:65
Certificate issuer: /CN=affa13f1ae053916280ec68ee1b0976f9ebd3ea8
Certificate serial: 0194266BD489B5E1F4E4D29C9B72F35606D9
Authority key identifier: AF:FA:13:F1:AE:05:39:16:28:0E:C6:8E:E1:B0:97:6F:9E:BD:3E:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r_oT8a4FORYoDsaO4bCXb569Pqg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/xJMh3j3GpShYCJoYtsAE4dqx3WU.roa
Signing time: Thu 02 Jan 2025 09:49:48 +0000
ROA not before: Thu 02 Jan 2025 09:49:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9123
IP address blocks: 77.73.132.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/r_oT8a4FORYoDsaO4bCXb569Pqg.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/r_oT8a4FORYoDsaO4bCXb569Pqg.mft
rsync://rpki.ripe.net/repository/DEFAULT/r_oT8a4FORYoDsaO4bCXb569Pqg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 08:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:d4:89:b5:e1:f4:e4:d2:9c:9b:72:f3:56:06:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=affa13f1ae053916280ec68ee1b0976f9ebd3ea8
Validity
Not Before: Jan 2 09:49:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c49321de3dc6a52858089a18b6c004e1dab1dd65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:76:ad:20:42:56:cd:30:3f:9c:e8:9f:47:d7:
88:63:a2:33:47:d6:bd:78:4b:fd:af:44:8b:57:cb:
4b:41:36:9e:f6:0c:a5:9e:05:d7:80:aa:aa:1e:e9:
07:47:33:9a:fa:27:67:f8:8c:af:42:5e:d6:fc:e4:
57:c3:79:47:92:8e:0d:72:6c:b5:09:49:7a:60:eb:
99:d7:36:35:4d:c6:56:11:c7:87:00:83:aa:58:8e:
7d:a0:de:c1:ab:81:0e:36:df:81:07:b8:e7:1b:d2:
f4:53:0e:fa:5f:0e:ea:06:3a:2d:70:a4:4d:12:0f:
86:72:fb:b6:cf:f5:23:3e:1b:ae:35:9e:07:25:08:
05:2c:3d:8f:1a:b7:11:c9:97:cb:e2:59:94:5a:e9:
7b:a1:a8:a7:53:a1:9e:5c:dd:b9:ee:ad:b9:30:6e:
ea:67:d5:34:58:26:28:fc:7a:81:e4:b6:f4:a3:90:
bd:4d:b6:99:e7:61:ff:bb:74:fd:8a:a2:47:42:1f:
81:44:6c:30:d8:c6:38:5e:59:c6:e3:be:a6:0f:01:
0e:0a:60:b8:00:c1:5d:02:33:b9:06:38:a3:51:55:
1e:24:ea:22:48:f2:ff:27:32:ad:8a:2f:4a:ef:4f:
84:3b:f9:dc:fa:c3:35:f7:5e:6d:1a:a4:1f:c5:ed:
99:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:93:21:DE:3D:C6:A5:28:58:08:9A:18:B6:C0:04:E1:DA:B1:DD:65
X509v3 Authority Key Identifier:
keyid:AF:FA:13:F1:AE:05:39:16:28:0E:C6:8E:E1:B0:97:6F:9E:BD:3E:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r_oT8a4FORYoDsaO4bCXb569Pqg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/xJMh3j3GpShYCJoYtsAE4dqx3WU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/r_oT8a4FORYoDsaO4bCXb569Pqg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.73.132.0/24
Signature Algorithm: sha256WithRSAEncryption
34:ac:f7:9b:b9:f5:9a:64:2a:50:5f:7a:1e:5f:7e:17:44:cd:
ec:d5:9f:7a:d8:62:99:7d:e9:e8:fd:f1:e2:21:08:9b:c5:eb:
0d:2c:f4:d8:cd:62:fe:f2:5a:5f:48:d5:87:9b:d9:2f:76:84:
13:44:18:53:f3:2b:76:9a:a0:c7:a0:16:59:16:5c:65:a3:d0:
68:fd:43:cb:24:18:d7:76:b5:f2:e0:8a:3b:af:bd:f4:8c:d4:
6c:c1:ed:c8:47:0c:bc:c1:90:65:e8:12:b2:2d:07:ce:6a:83:
69:60:73:dd:a8:6e:f6:cc:78:d5:d2:4c:6b:cb:13:1a:e7:7b:
2a:74:1d:35:85:85:c2:99:b4:19:2a:e8:91:a4:ed:5b:87:b9:
8c:a6:10:61:6a:bb:a7:71:02:e0:0e:b5:3c:ab:b7:e2:87:8f:
1f:57:18:c3:be:4b:be:74:30:a6:4e:3c:32:6b:8e:bb:eb:f7:
8e:3e:59:b9:5e:8e:01:ff:36:75:25:59:bf:ba:e2:79:ea:b3:
42:6f:9f:48:b3:b3:c1:2b:af:ca:f3:29:84:19:ee:70:cf:14:
15:90:32:12:56:a9:ae:d7:27:f5:2d:93:f2:de:2d:e3:64:d4:
73:5f:19:17:55:ef:0c:94:33:d9:ac:84:87:d7:4b:75:b0:e8:
91:78:16:d1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQma9SJteH05NKcm3LzVgbZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmZmExM2YxYWUwNTM5MTYyODBlYzY4ZWUxYjA5NzZmOWVi
ZDNlYTgwHhcNMjUwMTAyMDk0OTQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDkzMjFkZTNkYzZhNTI4NTgwODlhMThiNmMwMDRlMWRhYjFkZDY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs3atIEJWzTA/nOifR9eIY6IzR9a9
eEv9r0SLV8tLQTae9gylngXXgKqqHukHRzOa+idn+IyvQl7W/ORXw3lHko4Ncmy1
CUl6YOuZ1zY1TcZWEceHAIOqWI59oN7Bq4EONt+BB7jnG9L0Uw76Xw7qBjotcKRN
Eg+Gcvu2z/UjPhuuNZ4HJQgFLD2PGrcRyZfL4lmUWul7oainU6GeXN257q25MG7q
Z9U0WCYo/HqB5Lb0o5C9TbaZ52H/u3T9iqJHQh+BRGww2MY4XlnG476mDwEOCmC4
AMFdAjO5BjijUVUeJOoiSPL/JzKtii9K70+EO/nc+sM1915tGqQfxe2ZzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMSTId49xqUoWAiaGLbABOHasd1lMB8GA1UdIwQY
MBaAFK/6E/GuBTkWKA7GjuGwl2+evT6oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcl9vVDhhNEZPUllvRHNhTzRiQ1hiNTY5UHFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9hM2MwYTQtMzE5MS00ZTUxLThkODAt
NDc4YzJjOGNiMmEwLzEveEpNaDNqM0dwU2hZQ0pvWXRzQUU0ZHF4M1dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9hM2MwYTQtMzE5MS00ZTUxLThkODAtNDc4YzJjOGNiMmEw
LzEvcl9vVDhhNEZPUllvRHNhTzRiQ1hiNTY5UHFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATUmEMA0G
CSqGSIb3DQEBCwUAA4IBAQA0rPebufWaZCpQX3oeX34XRM3s1Z962GKZfeno/fHi
IQibxesNLPTYzWL+8lpfSNWHm9kvdoQTRBhT8yt2mqDHoBZZFlxlo9Bo/UPLJBjX
drXy4Io7r730jNRswe3IRwy8wZBl6BKyLQfOaoNpYHPdqG72zHjV0kxryxMa53sq
dB01hYXCmbQZKuiRpO1bh7mMphBharuncQLgDrU8q7fih48fVxjDvku+dDCmTjwy
a4676/eOPlm5Xo4B/zZ1JVm/uuJ56rNCb59Is7PBK6/K8ymEGe5wzxQVkDISVqmu
1yf1LZPy3i3jZNRzXxkXVe8MlDPZrISH10t1sOiReBbR
-----END CERTIFICATE-----
Generated at Sun Apr 13 14:56:15 2025 by rpki-client