Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/ikaCSqXI6xfl5qVDi3yr58aTFuA.roa
File: ikaCSqXI6xfl5qVDi3yr58aTFuA.roa (raw, json)
Hash identifier: N8S/41ybeOjv/UdOqBCbTzj0r4lou4Hpt/IYlvQhpik=
Subject key identifier: 8A:46:82:4A:A5:C8:EB:17:E5:E6:A5:43:8B:7C:AB:E7:C6:93:16:E0
Certificate issuer: /CN=914aa557c3d3d1e6b7f0525c34cc1d488a5a9294
Certificate serial: 019717A1E34B372D92E42A94534E0746660A
Authority key identifier: 91:4A:A5:57:C3:D3:D1:E6:B7:F0:52:5C:34:CC:1D:48:8A:5A:92:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/ikaCSqXI6xfl5qVDi3yr58aTFuA.roa
Signing time: Wed 28 May 2025 16:02:54 +0000
ROA not before: Wed 28 May 2025 16:02:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 54600
IP address blocks: 116.204.164.0/23 maxlen: 24
116.204.166.0/24 maxlen: 24
222.167.224.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:17:a1:e3:4b:37:2d:92:e4:2a:94:53:4e:07:46:66:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=914aa557c3d3d1e6b7f0525c34cc1d488a5a9294
Validity
Not Before: May 28 16:02:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8a46824aa5c8eb17e5e6a5438b7cabe7c69316e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:34:3e:37:96:c6:91:77:dd:06:ef:39:d4:5c:
eb:38:d9:6c:f5:d2:2c:92:58:e1:3c:3b:42:dd:2c:
0c:cf:e4:7d:51:3b:b6:1c:55:c2:b2:58:63:1f:8e:
8b:75:fb:f8:04:1f:dc:58:8d:b0:ff:af:2d:30:16:
f7:0b:a4:d6:6e:ae:23:98:a6:5f:f4:7b:86:f1:12:
5b:1c:6f:af:a8:10:eb:71:f1:53:b8:8e:fc:d1:4e:
46:55:0e:59:08:98:4d:34:e3:cb:c4:a1:28:93:ee:
30:58:78:62:1d:3a:b7:33:e0:b8:2a:2b:52:d2:9e:
70:38:ab:28:57:f0:34:65:0a:76:20:64:2c:be:74:
7f:3b:a3:8e:f0:ef:d2:da:67:54:e0:49:f0:2f:83:
55:41:d8:02:52:ca:fe:32:7f:95:83:3d:be:41:f2:
3b:fa:e1:f1:93:e6:55:b9:5a:8c:1e:d7:85:52:d1:
43:9b:6c:06:35:f2:1c:6c:70:ff:18:60:be:1f:97:
81:dc:f3:d8:eb:e7:23:ba:98:84:63:d2:29:7a:5f:
02:c8:48:c4:c1:64:96:67:d1:bd:76:2c:f3:12:a6:
8a:fb:84:16:24:0c:56:f2:97:41:87:a5:20:c9:e8:
81:48:dc:f4:00:3b:ca:bd:39:87:81:1d:bb:ef:f2:
05:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:46:82:4A:A5:C8:EB:17:E5:E6:A5:43:8B:7C:AB:E7:C6:93:16:E0
X509v3 Authority Key Identifier:
keyid:91:4A:A5:57:C3:D3:D1:E6:B7:F0:52:5C:34:CC:1D:48:8A:5A:92:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/ikaCSqXI6xfl5qVDi3yr58aTFuA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
116.204.164.0-116.204.166.255
222.167.224.0/19
Signature Algorithm: sha256WithRSAEncryption
54:e2:a9:f0:1c:47:d9:04:48:88:da:be:6c:0d:f3:10:b2:85:
bf:91:8a:a1:13:6c:fe:4c:37:92:19:7b:5c:0a:23:7e:fc:ef:
31:c7:93:b8:10:73:52:3d:f9:5d:0b:60:11:12:7d:21:39:6e:
85:d1:7d:54:03:dd:74:94:33:4a:33:4f:20:36:d1:4b:ab:a8:
37:a1:e8:3e:e6:9d:f2:62:d0:e8:06:e4:51:56:c9:d2:e0:da:
8d:8b:3d:e5:a4:4b:7c:d8:54:9d:6e:e0:ce:5f:19:8d:0c:ec:
ad:9e:30:78:56:27:0e:c2:04:4a:97:b3:af:9e:74:c6:82:07:
6e:76:2a:b6:8e:1b:eb:e5:b8:30:bd:de:1d:26:94:59:65:61:
b2:68:0a:94:1c:c8:5f:c1:16:f9:99:14:b1:b6:fc:98:a8:bc:
01:f9:d0:49:ab:68:a4:19:8c:5f:5d:ce:e2:fd:a2:33:49:55:
8b:2f:e7:1c:d9:b4:81:01:a2:f6:84:ef:27:ed:f7:67:95:9a:
10:b7:ab:91:0c:1f:33:45:b7:6c:0b:16:64:dc:44:9d:a6:4f:
43:c6:a6:fb:d1:8f:f0:58:6d:e5:b3:74:24:0e:ed:7f:7b:f3:
ff:c1:2c:d7:ac:f6:ee:11:0d:4f:2d:80:2c:7b:9c:86:04:4d:
04:c3:9a:e4
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZcXoeNLNy2S5CqUU04HRmYKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxNGFhNTU3YzNkM2QxZTZiN2YwNTI1YzM0Y2MxZDQ4OGE1
YTkyOTQwHhcNMjUwNTI4MTYwMjU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTQ2ODI0YWE1YzhlYjE3ZTVlNmE1NDM4YjdjYWJlN2M2OTMxNmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxzQ+N5bGkXfdBu851FzrONls9dIs
kljhPDtC3SwMz+R9UTu2HFXCslhjH46Ldfv4BB/cWI2w/68tMBb3C6TWbq4jmKZf
9HuG8RJbHG+vqBDrcfFTuI780U5GVQ5ZCJhNNOPLxKEok+4wWHhiHTq3M+C4KitS
0p5wOKsoV/A0ZQp2IGQsvnR/O6OO8O/S2mdU4EnwL4NVQdgCUsr+Mn+Vgz2+QfI7
+uHxk+ZVuVqMHteFUtFDm2wGNfIcbHD/GGC+H5eB3PPY6+cjupiEY9Ipel8CyEjE
wWSWZ9G9dizzEqaK+4QWJAxW8pdBh6UgyeiBSNz0ADvKvTmHgR277/IFdQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFIpGgkqlyOsX5ealQ4t8q+fGkxbgMB8GA1UdIwQY
MBaAFJFKpVfD09Hmt/BSXDTMHUiKWpKUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1VxbFY4UFQwZWEzOEZKY05Nd2RTSXBha3BRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9kYjk3ZDAtMjhmMi00MzI5LWI4NTYt
NGEzNDhlN2JlNDQxLzEvaWthQ1NxWEk2eGZsNXFWRGkzeXI1OGFURnVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9kYjk3ZDAtMjhmMi00MzI5LWI4NTYtNGEzNDhlN2JlNDQx
LzEva1VxbFY4UFQwZWEzOEZKY05Nd2RTSXBha3BRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAJ0zKQD
BAB0zKYDBAXep+AwDQYJKoZIhvcNAQELBQADggEBAFTiqfAcR9kESIjavmwN8xCy
hb+RiqETbP5MN5IZe1wKI3787zHHk7gQc1I9+V0LYBESfSE5boXRfVQD3XSUM0oz
TyA20UurqDeh6D7mnfJi0OgG5FFWydLg2o2LPeWkS3zYVJ1u4M5fGY0M7K2eMHhW
Jw7CBEqXs6+edMaCB252KraOG+vluDC93h0mlFllYbJoCpQcyF/BFvmZFLG2/Jio
vAH50EmraKQZjF9dzuL9ojNJVYsv5xzZtIEBovaE7yft92eVmhC3q5EMHzNFt2wL
FmTcRJ2mT0PGpvvRj/BYbeWzdCQO7X978//BLNes9u4RDU8tgCx7nIYETQTDmuQ=
-----END CERTIFICATE-----
Generated at Thu Jun 5 19:20:43 2025 by rpki-client