Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/be2903-3538-46ff-aae4-bd1d48d512ce/1/AHAIEOWCHWLKa9JHFINf6irqksg.roa
File: AHAIEOWCHWLKa9JHFINf6irqksg.roa (raw, json)
Hash identifier: 0crUb9fChI2AB7u9/en/nHBi9yIJVpozoehFQ2yd02I=
Subject key identifier: 00:70:08:10:E5:82:1D:62:CA:6B:D2:47:14:83:5F:EA:2A:EA:92:C8
Certificate issuer: /CN=4127b0c0fe7c08935e258713fcf90fe958ee03ee
Certificate serial: 0194228D679DD517DEA354611990C58D521E
Authority key identifier: 41:27:B0:C0:FE:7C:08:93:5E:25:87:13:FC:F9:0F:E9:58:EE:03:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QSewwP58CJNeJYcT_PkP6VjuA-4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/be2903-3538-46ff-aae4-bd1d48d512ce/1/AHAIEOWCHWLKa9JHFINf6irqksg.roa
Signing time: Wed 01 Jan 2025 15:47:59 +0000
ROA not before: Wed 01 Jan 2025 15:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19905
IP address blocks: 185.120.140.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/be2903-3538-46ff-aae4-bd1d48d512ce/1/QSewwP58CJNeJYcT_PkP6VjuA-4.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/be2903-3538-46ff-aae4-bd1d48d512ce/1/QSewwP58CJNeJYcT_PkP6VjuA-4.mft
rsync://rpki.ripe.net/repository/DEFAULT/QSewwP58CJNeJYcT_PkP6VjuA-4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 08:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:67:9d:d5:17:de:a3:54:61:19:90:c5:8d:52:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4127b0c0fe7c08935e258713fcf90fe958ee03ee
Validity
Not Before: Jan 1 15:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=00700810e5821d62ca6bd24714835fea2aea92c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:60:0a:79:03:20:e3:63:b0:bb:de:4b:65:86:
c6:da:7f:27:a0:83:cf:c6:c6:56:df:4a:8b:7d:f9:
03:4d:00:f6:cb:38:61:a7:be:ac:4c:b4:e6:b5:2f:
14:6b:2c:29:3b:84:27:b7:24:3c:1a:48:fa:e4:db:
53:9e:e7:f4:a8:67:66:7e:1d:d1:d8:b4:f6:84:59:
7d:2c:0c:73:96:9e:7b:34:e6:21:60:14:e8:91:97:
8b:7a:5d:cb:29:8d:48:67:6b:6b:e3:0c:ab:4b:70:
72:6b:8f:6c:06:39:07:f2:39:e5:bb:3e:9e:11:16:
f3:1d:a0:2c:58:cc:50:b7:6e:73:84:38:39:0b:a5:
99:75:08:f0:b7:1f:7f:7d:9b:17:ad:2c:7b:5e:9c:
00:09:8f:0e:3b:b5:7a:04:4f:ad:80:28:60:f4:77:
96:8f:c3:27:9d:cc:40:5d:35:4f:c3:eb:29:4b:93:
ad:89:1a:4b:75:04:22:85:23:c4:b1:66:27:a8:79:
02:9d:f7:9c:34:dc:d1:55:1d:6a:0a:2b:b2:52:02:
30:98:2b:ac:a2:b8:69:9b:a8:62:aa:25:c1:6e:9c:
ad:5d:ec:eb:09:ba:73:5e:9e:0a:7c:1f:89:c1:5c:
cf:69:9a:ea:8a:fd:0e:65:cf:32:d0:5b:b9:3c:dd:
e8:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:70:08:10:E5:82:1D:62:CA:6B:D2:47:14:83:5F:EA:2A:EA:92:C8
X509v3 Authority Key Identifier:
keyid:41:27:B0:C0:FE:7C:08:93:5E:25:87:13:FC:F9:0F:E9:58:EE:03:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QSewwP58CJNeJYcT_PkP6VjuA-4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/be2903-3538-46ff-aae4-bd1d48d512ce/1/AHAIEOWCHWLKa9JHFINf6irqksg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/be2903-3538-46ff-aae4-bd1d48d512ce/1/QSewwP58CJNeJYcT_PkP6VjuA-4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.120.140.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:d7:24:8b:b3:2b:60:3d:d8:65:9a:77:dd:57:39:a7:49:87:
67:f3:7d:fd:30:1d:00:5a:a4:00:77:74:2e:a4:ee:07:8b:a8:
3c:09:d9:a8:7d:6a:9f:97:05:e7:f0:e8:88:0e:cf:dc:45:84:
56:2f:37:4e:9f:59:ae:4c:87:3c:dc:52:d5:88:70:91:68:f6:
f6:54:d7:dd:05:22:60:da:42:cd:eb:96:ae:96:50:d9:eb:6f:
09:99:c0:2a:e2:c5:f3:f7:ba:b5:6b:6e:a9:b3:67:ab:f9:71:
e3:ff:ba:d8:44:4e:ad:89:c0:0d:47:44:70:4b:df:79:59:2e:
7d:1b:27:6b:f2:62:fb:af:a9:b8:87:95:33:7d:a8:4c:9c:ad:
fd:bb:be:12:f6:e6:f9:3c:c3:5b:54:80:e7:80:6b:7b:8e:79:
da:72:d2:2e:78:eb:e2:a4:34:55:90:23:f1:4b:de:4e:7d:c6:
a6:fa:da:ee:9e:a9:d5:b5:2d:e8:22:b2:30:e5:87:81:4a:16:
bf:4b:52:8c:69:af:e0:e2:97:56:41:7c:e0:b1:64:b6:69:5e:
fb:23:e4:63:5f:1c:90:3b:8a:db:d5:f2:52:c5:21:c0:11:3f:
9d:95:63:3e:68:16:22:a3:0c:3c:c3:54:8d:80:25:41:4c:dd:
59:cc:62:f7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijWed1Rfeo1RhGZDFjVIeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMjdiMGMwZmU3YzA4OTM1ZTI1ODcxM2ZjZjkwZmU5NThl
ZTAzZWUwHhcNMjUwMTAxMTU0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDcwMDgxMGU1ODIxZDYyY2E2YmQyNDcxNDgzNWZlYTJhZWE5MmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnmAKeQMg42Owu95LZYbG2n8noIPP
xsZW30qLffkDTQD2yzhhp76sTLTmtS8UaywpO4QntyQ8Gkj65NtTnuf0qGdmfh3R
2LT2hFl9LAxzlp57NOYhYBTokZeLel3LKY1IZ2tr4wyrS3Bya49sBjkH8jnluz6e
ERbzHaAsWMxQt25zhDg5C6WZdQjwtx9/fZsXrSx7XpwACY8OO7V6BE+tgChg9HeW
j8MnncxAXTVPw+spS5OtiRpLdQQihSPEsWYnqHkCnfecNNzRVR1qCiuyUgIwmCus
orhpm6hiqiXBbpytXezrCbpzXp4KfB+JwVzPaZrqiv0OZc8y0Fu5PN3o4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFABwCBDlgh1iymvSRxSDX+oq6pLIMB8GA1UdIwQY
MBaAFEEnsMD+fAiTXiWHE/z5D+lY7gPuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVNld3dQNThDSk5lSlljVF9Qa1A2Vmp1QS00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9iZTI5MDMtMzUzOC00NmZmLWFhZTQt
YmQxZDQ4ZDUxMmNlLzEvQUhBSUVPV0NIV0xLYTlKSEZJTmY2aXJxa3NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9iZTI5MDMtMzUzOC00NmZmLWFhZTQtYmQxZDQ4ZDUxMmNl
LzEvUVNld3dQNThDSk5lSlljVF9Qa1A2Vmp1QS00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuXiMMA0G
CSqGSIb3DQEBCwUAA4IBAQAt1ySLsytgPdhlmnfdVzmnSYdn8339MB0AWqQAd3Qu
pO4Hi6g8CdmofWqflwXn8OiIDs/cRYRWLzdOn1muTIc83FLViHCRaPb2VNfdBSJg
2kLN65aullDZ628JmcAq4sXz97q1a26ps2er+XHj/7rYRE6ticANR0RwS995WS59
Gydr8mL7r6m4h5UzfahMnK39u74S9ub5PMNbVIDngGt7jnnactIueOvipDRVkCPx
S95Ofcam+trunqnVtS3oIrIw5YeBSha/S1KMaa/g4pdWQXzgsWS2aV77I+RjXxyQ
O4rb1fJSxSHAET+dlWM+aBYioww8w1SNgCVBTN1ZzGL3
-----END CERTIFICATE-----
Generated at Sat Apr 12 16:19:57 2025 by rpki-client