Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/2c3eee-2189-4469-816b-99b873e5e74a/1/wN1wFK2nod8Oc7XWg-Kjf2cevZI.roa
File: wN1wFK2nod8Oc7XWg-Kjf2cevZI.roa (raw, json)
Hash identifier: S+MrRK13xZ8FD9NbutVvWutfcwGFlY+gNxR94qjOH3c=
Subject key identifier: C0:DD:70:14:AD:A7:A1:DF:0E:73:B5:D6:83:E2:A3:7F:67:1E:BD:92
Certificate issuer: /CN=f763b7c74a47cee6bd99bbc62aef836a5602b531
Certificate serial: 019425FD025ADBB260FCD21C5BBA3FAB735C
Authority key identifier: F7:63:B7:C7:4A:47:CE:E6:BD:99:BB:C6:2A:EF:83:6A:56:02:B5:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/92O3x0pHzua9mbvGKu-DalYCtTE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/2c3eee-2189-4469-816b-99b873e5e74a/1/wN1wFK2nod8Oc7XWg-Kjf2cevZI.roa
Signing time: Thu 02 Jan 2025 07:48:45 +0000
ROA not before: Thu 02 Jan 2025 07:48:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 40989
IP address blocks: 91.213.150.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/2c3eee-2189-4469-816b-99b873e5e74a/1/92O3x0pHzua9mbvGKu-DalYCtTE.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/2c3eee-2189-4469-816b-99b873e5e74a/1/92O3x0pHzua9mbvGKu-DalYCtTE.mft
rsync://rpki.ripe.net/repository/DEFAULT/92O3x0pHzua9mbvGKu-DalYCtTE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:02:5a:db:b2:60:fc:d2:1c:5b:ba:3f:ab:73:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f763b7c74a47cee6bd99bbc62aef836a5602b531
Validity
Not Before: Jan 2 07:48:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c0dd7014ada7a1df0e73b5d683e2a37f671ebd92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:6d:a5:1a:93:94:ff:cc:d7:8b:18:2e:20:c0:
41:32:bd:55:f2:60:d6:a7:41:cb:64:7e:50:58:fa:
36:f8:79:e5:34:75:3d:0e:06:8a:90:c4:27:93:a9:
b8:c5:06:fd:06:2c:2f:ca:87:e0:bf:b0:9e:3f:64:
ca:71:f3:bd:dd:c0:6a:33:95:7d:fb:d9:f5:be:bd:
18:07:a6:e1:a4:85:16:c4:ed:e5:11:e6:02:ac:ad:
d9:25:3c:be:66:9d:23:40:c1:da:b4:6c:ad:8c:cc:
4d:d8:eb:a1:a7:3b:04:54:7a:e4:58:36:df:1f:42:
c8:db:f7:16:55:18:10:02:d9:10:ee:b2:03:f3:b8:
8f:de:a1:d4:0c:5d:ea:5f:4a:89:45:28:98:fe:6e:
97:63:95:f7:e3:2d:c7:4d:60:cb:9a:62:25:1f:ca:
99:43:19:d9:f9:3f:b2:39:50:0e:9d:48:23:34:2e:
37:cd:a7:e1:4d:c1:f0:a8:e6:49:61:45:55:80:8c:
21:81:cd:cf:e1:1d:2e:3f:c5:d1:0a:66:d8:dd:55:
c4:68:c5:7d:0f:88:cd:8b:b9:32:d3:c4:e3:be:0b:
c8:50:ca:e2:0d:2b:d6:9e:83:a5:ab:fd:22:49:03:
56:13:61:0d:2a:69:ac:2b:d3:cf:8c:2f:45:29:40:
a0:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:DD:70:14:AD:A7:A1:DF:0E:73:B5:D6:83:E2:A3:7F:67:1E:BD:92
X509v3 Authority Key Identifier:
keyid:F7:63:B7:C7:4A:47:CE:E6:BD:99:BB:C6:2A:EF:83:6A:56:02:B5:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/92O3x0pHzua9mbvGKu-DalYCtTE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/2c3eee-2189-4469-816b-99b873e5e74a/1/wN1wFK2nod8Oc7XWg-Kjf2cevZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/2c3eee-2189-4469-816b-99b873e5e74a/1/92O3x0pHzua9mbvGKu-DalYCtTE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.150.0/24
Signature Algorithm: sha256WithRSAEncryption
07:71:63:dd:bc:e5:97:0f:d9:93:39:88:b3:dc:26:0e:2b:0e:
bb:af:f2:dd:9c:51:51:84:8e:a8:0a:06:81:5d:e4:30:c1:4b:
76:3f:41:c2:b9:d3:b2:56:f5:ee:8d:eb:1a:54:cb:6e:f9:41:
8e:b7:f9:7f:a6:0f:72:cc:37:87:c8:0c:83:ed:0f:30:5a:3c:
3a:d7:41:84:8b:c7:54:d2:72:16:2c:5d:2f:4a:22:15:af:f3:
e3:66:d6:bf:18:07:9e:e0:dd:a2:cc:6a:75:85:64:7f:3a:33:
d7:cf:f5:86:5d:4e:0d:9d:da:fa:77:43:17:d2:6d:8f:3e:fd:
2e:b1:03:55:01:0a:12:4c:45:92:14:46:c5:dd:ff:02:3f:77:
6c:6b:c2:b2:ee:0e:e9:6d:c5:1c:a7:e5:37:36:ee:72:dc:03:
03:3c:be:0d:84:d8:fa:bc:56:76:57:3e:12:25:53:4b:8f:3d:
32:f6:bb:17:6a:78:90:5a:8c:2a:34:ca:84:1a:31:83:96:d4:
96:76:3d:80:ce:e9:e9:22:79:b3:8f:f5:27:f6:d9:d1:bf:c0:
57:88:eb:b9:86:45:62:ba:25:29:74:1a:67:a2:81:8d:10:d0:
21:a0:3d:44:4b:60:18:f5:48:6d:68:aa:79:15:24:77:bb:b2:
b8:06:91:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/QJa27Jg/NIcW7o/q3NcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NjNiN2M3NGE0N2NlZTZiZDk5YmJjNjJhZWY4MzZhNTYw
MmI1MzEwHhcNMjUwMTAyMDc0ODQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGRkNzAxNGFkYTdhMWRmMGU3M2I1ZDY4M2UyYTM3ZjY3MWViZDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxG2lGpOU/8zXixguIMBBMr1V8mDW
p0HLZH5QWPo2+HnlNHU9DgaKkMQnk6m4xQb9Biwvyofgv7CeP2TKcfO93cBqM5V9
+9n1vr0YB6bhpIUWxO3lEeYCrK3ZJTy+Zp0jQMHatGytjMxN2OuhpzsEVHrkWDbf
H0LI2/cWVRgQAtkQ7rID87iP3qHUDF3qX0qJRSiY/m6XY5X34y3HTWDLmmIlH8qZ
QxnZ+T+yOVAOnUgjNC43zafhTcHwqOZJYUVVgIwhgc3P4R0uP8XRCmbY3VXEaMV9
D4jNi7ky08TjvgvIUMriDSvWnoOlq/0iSQNWE2ENKmmsK9PPjC9FKUCgIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMDdcBStp6HfDnO11oPio39nHr2SMB8GA1UdIwQY
MBaAFPdjt8dKR87mvZm7xirvg2pWArUxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTJPM3gwcEh6dWE5bWJ2R0t1LURhbFlDdFRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8yYzNlZWUtMjE4OS00NDY5LTgxNmIt
OTliODczZTVlNzRhLzEvd04xd0ZLMm5vZDhPYzdYV2ctS2pmMmNldlpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8yYzNlZWUtMjE4OS00NDY5LTgxNmItOTliODczZTVlNzRh
LzEvOTJPM3gwcEh6dWE5bWJ2R0t1LURhbFlDdFRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9WWMA0G
CSqGSIb3DQEBCwUAA4IBAQAHcWPdvOWXD9mTOYiz3CYOKw67r/LdnFFRhI6oCgaB
XeQwwUt2P0HCudOyVvXujesaVMtu+UGOt/l/pg9yzDeHyAyD7Q8wWjw610GEi8dU
0nIWLF0vSiIVr/PjZta/GAee4N2izGp1hWR/OjPXz/WGXU4Nndr6d0MX0m2PPv0u
sQNVAQoSTEWSFEbF3f8CP3dsa8Ky7g7pbcUcp+U3Nu5y3AMDPL4NhNj6vFZ2Vz4S
JVNLjz0y9rsXaniQWowqNMqEGjGDltSWdj2AzunpInmzj/Un9tnRv8BXiOu5hkVi
uiUpdBpnooGNENAhoD1ES2AY9UhtaKp5FSR3u7K4BpHn
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:47:52 2025 by rpki-client