Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/0caa6d-109e-45f3-a932-475c5c91f474/1/fyoJ9a9SSU9QMOOAnopUi24XOCI.roa
File: fyoJ9a9SSU9QMOOAnopUi24XOCI.roa (raw, json)
Hash identifier: Oq4G4KqExdW+YSWtwOksmXAFXdtGTgedgjAZaCPW9DM=
Subject key identifier: 7F:2A:09:F5:AF:52:49:4F:50:30:E3:80:9E:8A:54:8B:6E:17:38:22
Certificate issuer: /CN=b464e0af28b755c4ec88010d94298697d1883933
Certificate serial: 0194221FE658A8F10A6F52684BDCB7079126
Authority key identifier: B4:64:E0:AF:28:B7:55:C4:EC:88:01:0D:94:29:86:97:D1:88:39:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tGTgryi3VcTsiAENlCmGl9GIOTM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/0caa6d-109e-45f3-a932-475c5c91f474/1/fyoJ9a9SSU9QMOOAnopUi24XOCI.roa
Signing time: Wed 01 Jan 2025 13:48:23 +0000
ROA not before: Wed 01 Jan 2025 13:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31083
IP address blocks: 2.56.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/0caa6d-109e-45f3-a932-475c5c91f474/1/tGTgryi3VcTsiAENlCmGl9GIOTM.crl
rsync://rpki.ripe.net/repository/DEFAULT/9a/0caa6d-109e-45f3-a932-475c5c91f474/1/tGTgryi3VcTsiAENlCmGl9GIOTM.mft
rsync://rpki.ripe.net/repository/DEFAULT/tGTgryi3VcTsiAENlCmGl9GIOTM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:e6:58:a8:f1:0a:6f:52:68:4b:dc:b7:07:91:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b464e0af28b755c4ec88010d94298697d1883933
Validity
Not Before: Jan 1 13:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7f2a09f5af52494f5030e3809e8a548b6e173822
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:fd:42:1c:5a:04:86:13:5f:e2:95:fc:49:6a:
01:58:78:81:1f:7e:76:81:39:6e:f9:10:d7:ff:e8:
76:41:fa:2f:22:c4:51:e6:79:e4:f2:d2:35:ac:a3:
33:06:dc:79:7e:ff:db:a8:11:39:b9:e7:76:51:5d:
8c:28:07:4a:8b:25:d6:44:39:ef:8f:e2:cb:36:f6:
a6:45:56:a2:0a:d3:8f:9e:ca:30:3d:d5:f0:42:70:
23:18:f8:7c:2d:1b:c3:19:e3:95:46:87:f0:c7:04:
44:d0:aa:fe:6b:1c:8d:96:fa:cb:fa:c1:0f:13:c5:
e2:bb:64:b9:9d:b9:99:b6:9a:1e:c2:c9:dd:d2:d4:
89:92:ac:d4:77:51:4d:e0:5a:6a:7f:19:ce:45:96:
0b:cb:3d:ce:fd:b9:5f:9d:fb:cb:f9:86:87:ab:a0:
90:5b:d9:64:b6:31:26:1e:bf:f0:94:04:ca:ea:91:
3c:5a:2f:2a:56:a3:6a:e1:82:28:59:85:12:57:95:
3d:ea:9a:d9:a7:46:68:8d:30:39:86:c1:ff:1b:cd:
3e:31:0b:ed:ff:8b:d3:a6:29:c6:8c:a2:9d:05:38:
75:92:80:c9:24:fe:29:30:c9:3a:1b:74:c4:5f:44:
cb:67:e6:ed:1d:d0:ee:21:cf:fc:32:0e:55:b1:94:
57:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:2A:09:F5:AF:52:49:4F:50:30:E3:80:9E:8A:54:8B:6E:17:38:22
X509v3 Authority Key Identifier:
keyid:B4:64:E0:AF:28:B7:55:C4:EC:88:01:0D:94:29:86:97:D1:88:39:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tGTgryi3VcTsiAENlCmGl9GIOTM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/0caa6d-109e-45f3-a932-475c5c91f474/1/fyoJ9a9SSU9QMOOAnopUi24XOCI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/0caa6d-109e-45f3-a932-475c5c91f474/1/tGTgryi3VcTsiAENlCmGl9GIOTM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.15.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:6d:db:c3:8c:6d:32:2c:7c:86:10:33:c1:07:07:c0:cb:2f:
f4:2b:70:f3:e1:47:a8:d4:c4:c2:a8:e0:1a:51:37:59:b9:f7:
1d:16:2e:1d:c3:a3:b1:30:46:06:cf:4e:65:07:9a:22:70:9e:
45:83:b7:41:a7:7c:f9:92:2e:8a:50:bf:87:ce:1e:3a:49:09:
35:bc:e8:88:a1:72:ac:2e:e5:b2:ab:2f:92:db:b4:06:51:05:
d8:a1:50:9c:e6:26:b6:19:b7:39:11:cf:8e:58:fe:3a:3a:37:
b9:9b:ed:bf:dd:ee:6a:a5:1a:bd:be:5a:90:2d:04:46:42:41:
1c:b4:5e:e5:fa:7a:35:ac:d6:ed:94:e7:bf:e8:f7:20:85:d3:
f7:3c:c5:51:69:53:fd:a9:d0:29:46:25:e2:21:34:41:13:d5:
23:45:60:50:de:8b:7f:ff:b0:a9:ce:de:30:98:d4:e6:e1:c9:
10:f5:12:5b:52:9e:97:75:ad:d6:2f:ed:b8:53:5f:5b:21:81:
49:6f:6d:c6:a4:7a:8e:c4:00:d8:b2:19:c2:7f:d6:a7:de:db:
94:fe:7a:c0:7d:78:80:f3:e2:34:b2:2b:2b:4a:8c:69:96:c7:
50:1c:c5:3b:28:45:e2:b6:b8:1c:58:f9:7b:dc:ae:4e:6a:d1:
05:6a:0f:19
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH+ZYqPEKb1JoS9y3B5EmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NjRlMGFmMjhiNzU1YzRlYzg4MDEwZDk0Mjk4Njk3ZDE4
ODM5MzMwHhcNMjUwMTAxMTM0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjJhMDlmNWFmNTI0OTRmNTAzMGUzODA5ZThhNTQ4YjZlMTczODIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsv1CHFoEhhNf4pX8SWoBWHiBH352
gTlu+RDX/+h2QfovIsRR5nnk8tI1rKMzBtx5fv/bqBE5ued2UV2MKAdKiyXWRDnv
j+LLNvamRVaiCtOPnsowPdXwQnAjGPh8LRvDGeOVRofwxwRE0Kr+axyNlvrL+sEP
E8Xiu2S5nbmZtpoewsnd0tSJkqzUd1FN4FpqfxnORZYLyz3O/blfnfvL+YaHq6CQ
W9lktjEmHr/wlATK6pE8Wi8qVqNq4YIoWYUSV5U96prZp0ZojTA5hsH/G80+MQvt
/4vTpinGjKKdBTh1koDJJP4pMMk6G3TEX0TLZ+btHdDuIc/8Mg5VsZRX1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH8qCfWvUklPUDDjgJ6KVItuFzgiMB8GA1UdIwQY
MBaAFLRk4K8ot1XE7IgBDZQphpfRiDkzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEdUZ3J5aTNWY1RzaUFFTmxDbUdsOUdJT1RNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS8wY2FhNmQtMTA5ZS00NWYzLWE5MzIt
NDc1YzVjOTFmNDc0LzEvZnlvSjlhOVNTVTlRTU9PQW5vcFVpMjRYT0NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS8wY2FhNmQtMTA5ZS00NWYzLWE5MzItNDc1YzVjOTFmNDc0
LzEvdEdUZ3J5aTNWY1RzaUFFTmxDbUdsOUdJT1RNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjgPMA0G
CSqGSIb3DQEBCwUAA4IBAQBKbdvDjG0yLHyGEDPBBwfAyy/0K3Dz4Ueo1MTCqOAa
UTdZufcdFi4dw6OxMEYGz05lB5oicJ5Fg7dBp3z5ki6KUL+Hzh46SQk1vOiIoXKs
LuWyqy+S27QGUQXYoVCc5ia2Gbc5Ec+OWP46Oje5m+2/3e5qpRq9vlqQLQRGQkEc
tF7l+no1rNbtlOe/6PcghdP3PMVRaVP9qdApRiXiITRBE9UjRWBQ3ot//7Cpzt4w
mNTm4ckQ9RJbUp6Xda3WL+24U19bIYFJb23GpHqOxADYshnCf9an3tuU/nrAfXiA
8+I0sisrSoxplsdQHMU7KEXitrgcWPl73K5OatEFag8Z
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:29:33 2025 by rpki-client