Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/a36a22-4955-4090-97d6-3c34a8c28ca1/1/KyWdAlshbj0x1AA1uUx-ZQPp9Zk.roa
File: KyWdAlshbj0x1AA1uUx-ZQPp9Zk.roa (raw, json)
Hash identifier: WDABDJxxu4elmiEAWMv89c2ma+ic8Jsi7E3Q6vmgEYc=
Subject key identifier: 2B:25:9D:02:5B:21:6E:3D:31:D4:00:35:B9:4C:7E:65:03:E9:F5:99
Certificate issuer: /CN=83d829263b3c5f63968037f9e863fd0fd01e7869
Certificate serial: 01941FFAB8BB2097F4D622501D037E8D0F0A
Authority key identifier: 83:D8:29:26:3B:3C:5F:63:96:80:37:F9:E8:63:FD:0F:D0:1E:78:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g9gpJjs8X2OWgDf56GP9D9AeeGk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/a36a22-4955-4090-97d6-3c34a8c28ca1/1/KyWdAlshbj0x1AA1uUx-ZQPp9Zk.roa
Signing time: Wed 01 Jan 2025 03:48:32 +0000
ROA not before: Wed 01 Jan 2025 03:48:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16167
IP address blocks: 185.243.0.0/24 maxlen: 24
193.41.230.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/a36a22-4955-4090-97d6-3c34a8c28ca1/1/g9gpJjs8X2OWgDf56GP9D9AeeGk.crl
rsync://rpki.ripe.net/repository/DEFAULT/9a/a36a22-4955-4090-97d6-3c34a8c28ca1/1/g9gpJjs8X2OWgDf56GP9D9AeeGk.mft
rsync://rpki.ripe.net/repository/DEFAULT/g9gpJjs8X2OWgDf56GP9D9AeeGk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:b8:bb:20:97:f4:d6:22:50:1d:03:7e:8d:0f:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83d829263b3c5f63968037f9e863fd0fd01e7869
Validity
Not Before: Jan 1 03:48:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2b259d025b216e3d31d40035b94c7e6503e9f599
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:7c:91:10:b7:3c:6c:e7:55:93:70:fa:e3:ee:
11:23:2f:e6:69:7e:9b:80:d9:d4:66:51:b6:bc:5b:
08:66:24:65:23:ec:b1:76:75:bc:d3:79:79:3f:c9:
bb:96:53:b1:a3:2e:ad:1b:b1:8c:08:96:51:5b:a2:
a7:21:56:26:0f:df:99:30:6c:11:8e:48:0f:a2:b6:
0d:b8:b6:f7:ac:2a:c9:3b:db:34:4f:47:06:d3:b8:
b6:f9:3d:63:3b:f3:76:1c:99:cd:b1:98:06:a7:a0:
30:64:8d:da:0e:cc:56:05:95:18:25:bc:b1:dc:85:
e4:b5:22:58:6c:73:98:0d:20:a1:cc:05:46:fe:7a:
15:a1:dd:bc:29:be:7f:18:bb:6b:71:50:e0:be:d1:
06:27:86:e6:56:e5:57:c7:5e:29:bc:e2:8e:9a:e4:
2b:dc:fb:7c:a3:91:4c:e3:56:b7:ac:4b:3e:55:9f:
73:d2:4a:ce:20:52:1d:18:e5:10:67:42:89:47:05:
f8:1f:85:4a:36:54:4b:fa:d5:97:c7:eb:a3:c2:7f:
75:2d:5c:28:e3:48:81:5e:5f:aa:b2:4f:df:2f:34:
5b:d6:3c:f4:24:3b:ba:36:80:b2:72:80:57:21:78:
24:cd:e4:64:60:71:85:cb:b7:5c:5c:25:1b:9e:a8:
4c:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:25:9D:02:5B:21:6E:3D:31:D4:00:35:B9:4C:7E:65:03:E9:F5:99
X509v3 Authority Key Identifier:
keyid:83:D8:29:26:3B:3C:5F:63:96:80:37:F9:E8:63:FD:0F:D0:1E:78:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g9gpJjs8X2OWgDf56GP9D9AeeGk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/a36a22-4955-4090-97d6-3c34a8c28ca1/1/KyWdAlshbj0x1AA1uUx-ZQPp9Zk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/a36a22-4955-4090-97d6-3c34a8c28ca1/1/g9gpJjs8X2OWgDf56GP9D9AeeGk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.243.0.0/24
193.41.230.0/24
Signature Algorithm: sha256WithRSAEncryption
31:13:fc:8a:5f:21:d5:de:59:e2:d3:31:99:6e:ee:6a:8a:2a:
8b:72:aa:bf:90:d3:2c:f2:d9:49:3e:09:3b:5c:81:97:fe:6b:
d1:00:fd:74:16:1b:1f:7f:78:e2:05:5e:94:69:e9:53:c4:56:
fa:3a:b8:64:c6:3b:14:1d:36:d2:2c:8a:ff:01:d2:ba:2b:a5:
bd:84:65:2d:e6:7d:9a:64:f3:b0:72:43:c3:71:13:f6:47:7b:
0b:2f:9a:24:d4:5d:2c:e1:fd:b6:aa:90:67:d7:cd:52:e3:e5:
2f:c1:c4:fa:99:bf:90:8d:08:10:c5:a5:2f:09:7a:8d:b7:c6:
38:b1:4e:5e:1e:bc:da:44:00:45:91:2f:8e:ab:68:ac:30:81:
72:97:2c:ce:b8:fc:c2:5d:10:89:b8:95:ef:96:66:b9:2a:0f:
92:e8:05:1c:48:4a:8a:4e:bf:68:a2:64:67:e2:da:0a:38:eb:
44:7d:39:b2:08:bd:ed:bd:24:cc:b4:17:21:e9:61:45:eb:12:
f8:a5:ce:ed:7d:6b:82:97:ea:7a:3f:8e:20:ef:9b:87:bf:2d:
15:83:04:f1:4d:0f:e1:e3:37:91:35:78:ef:7e:ed:55:8d:77:
a7:23:bd:41:35:2e:75:74:fd:3a:b0:24:68:2a:40:07:15:d8:
ac:22:de:b3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQf+ri7IJf01iJQHQN+jQ8KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzZDgyOTI2M2IzYzVmNjM5NjgwMzdmOWU4NjNmZDBmZDAx
ZTc4NjkwHhcNMjUwMTAxMDM0ODMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjI1OWQwMjViMjE2ZTNkMzFkNDAwMzViOTRjN2U2NTAzZTlmNTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoHyRELc8bOdVk3D64+4RIy/maX6b
gNnUZlG2vFsIZiRlI+yxdnW803l5P8m7llOxoy6tG7GMCJZRW6KnIVYmD9+ZMGwR
jkgPorYNuLb3rCrJO9s0T0cG07i2+T1jO/N2HJnNsZgGp6AwZI3aDsxWBZUYJbyx
3IXktSJYbHOYDSChzAVG/noVod28Kb5/GLtrcVDgvtEGJ4bmVuVXx14pvOKOmuQr
3Pt8o5FM41a3rEs+VZ9z0krOIFIdGOUQZ0KJRwX4H4VKNlRL+tWXx+ujwn91LVwo
40iBXl+qsk/fLzRb1jz0JDu6NoCycoBXIXgkzeRkYHGFy7dcXCUbnqhMFQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCslnQJbIW49MdQANblMfmUD6fWZMB8GA1UdIwQY
MBaAFIPYKSY7PF9jloA3+ehj/Q/QHnhpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzlncEpqczhYMk9XZ0RmNTZHUDlEOUFlZUdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9hMzZhMjItNDk1NS00MDkwLTk3ZDYt
M2MzNGE4YzI4Y2ExLzEvS3lXZEFsc2hiajB4MUFBMXVVeC1aUVBwOVprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9hMzZhMjItNDk1NS00MDkwLTk3ZDYtM2MzNGE4YzI4Y2Ex
LzEvZzlncEpqczhYMk9XZ0RmNTZHUDlEOUFlZUdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAufMAAwQA
wSnmMA0GCSqGSIb3DQEBCwUAA4IBAQAxE/yKXyHV3lni0zGZbu5qiiqLcqq/kNMs
8tlJPgk7XIGX/mvRAP10Fhsff3jiBV6UaelTxFb6OrhkxjsUHTbSLIr/AdK6K6W9
hGUt5n2aZPOwckPDcRP2R3sLL5ok1F0s4f22qpBn181S4+UvwcT6mb+QjQgQxaUv
CXqNt8Y4sU5eHrzaRABFkS+Oq2isMIFylyzOuPzCXRCJuJXvlma5Kg+S6AUcSEqK
Tr9oomRn4toKOOtEfTmyCL3tvSTMtBch6WFF6xL4pc7tfWuCl+p6P44g75uHvy0V
gwTxTQ/h4zeRNXjvfu1VjXenI71BNS51dP06sCRoKkAHFdisIt6z
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:45:01 2025 by rpki-client