Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/6c2736-ab02-4897-9568-77f6e94e3dcc/1/0OhTHF6DxE3cyZK5YOwOI2V2BAI.roa
File: 0OhTHF6DxE3cyZK5YOwOI2V2BAI.roa (raw, json)
Hash identifier: xOeumj9MpchTNffEKnQPdj1nuV0b4wbm3GvMqDVnZVU=
Subject key identifier: D0:E8:53:1C:5E:83:C4:4D:DC:C9:92:B9:60:EC:0E:23:65:76:04:02
Certificate issuer: /CN=77f8e7fbd4ab69507fb1fe3579af343a56639086
Certificate serial: 019423D7CD9C218900F43E5F3F3B857B481F
Authority key identifier: 77:F8:E7:FB:D4:AB:69:50:7F:B1:FE:35:79:AF:34:3A:56:63:90:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d_jn-9SraVB_sf41ea80OlZjkIY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/6c2736-ab02-4897-9568-77f6e94e3dcc/1/0OhTHF6DxE3cyZK5YOwOI2V2BAI.roa
Signing time: Wed 01 Jan 2025 21:48:52 +0000
ROA not before: Wed 01 Jan 2025 21:48:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43648
IP address blocks: 109.107.138.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/6c2736-ab02-4897-9568-77f6e94e3dcc/1/d_jn-9SraVB_sf41ea80OlZjkIY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/6c2736-ab02-4897-9568-77f6e94e3dcc/1/d_jn-9SraVB_sf41ea80OlZjkIY.mft
rsync://rpki.ripe.net/repository/DEFAULT/d_jn-9SraVB_sf41ea80OlZjkIY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 14:00:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:cd:9c:21:89:00:f4:3e:5f:3f:3b:85:7b:48:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77f8e7fbd4ab69507fb1fe3579af343a56639086
Validity
Not Before: Jan 1 21:48:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d0e8531c5e83c44ddcc992b960ec0e2365760402
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:00:b9:36:15:3d:69:8e:4e:4f:1f:2a:18:8e:
1a:97:a3:2e:9c:7a:dd:53:7a:45:4f:08:94:ac:a2:
93:80:b1:28:85:1a:0a:00:e8:51:2c:a8:68:ca:29:
ce:9c:df:5e:63:a1:93:9f:a1:8c:e3:22:84:32:43:
63:76:55:01:12:85:dc:e6:45:8a:c3:15:62:77:05:
50:49:cb:e0:5a:5a:45:f8:da:4b:ed:55:dd:dd:75:
d9:b0:74:8e:79:0e:88:7c:b7:ea:d3:3b:55:96:b0:
85:92:d3:96:e8:5d:35:ab:7a:57:07:1b:c9:be:40:
4e:c3:f9:a2:95:4e:be:7c:71:a6:fd:00:4d:ae:9b:
7a:85:7d:40:71:10:44:61:eb:06:fc:e7:29:6c:7a:
70:04:19:66:a7:f1:65:01:5f:44:dc:2f:66:41:46:
4e:10:f0:3d:57:27:75:7b:34:86:5e:39:3c:0c:c9:
28:4e:e5:8a:fc:0a:49:8f:ef:dd:83:ec:87:a8:26:
35:b5:fa:0a:24:67:5b:e1:bd:51:40:bd:62:2e:d3:
9e:1a:75:cd:8e:93:e5:4c:17:94:e6:4e:16:57:af:
65:c1:e9:d9:16:d7:55:8a:83:a3:41:79:fb:22:3b:
72:2e:ba:0d:f7:49:54:00:47:a6:53:41:8e:42:33:
61:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:E8:53:1C:5E:83:C4:4D:DC:C9:92:B9:60:EC:0E:23:65:76:04:02
X509v3 Authority Key Identifier:
keyid:77:F8:E7:FB:D4:AB:69:50:7F:B1:FE:35:79:AF:34:3A:56:63:90:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_jn-9SraVB_sf41ea80OlZjkIY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/6c2736-ab02-4897-9568-77f6e94e3dcc/1/0OhTHF6DxE3cyZK5YOwOI2V2BAI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/6c2736-ab02-4897-9568-77f6e94e3dcc/1/d_jn-9SraVB_sf41ea80OlZjkIY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.107.138.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:19:ba:70:7e:b4:ec:90:c4:7a:ce:c2:91:e1:9d:45:2a:99:
06:d3:dd:55:8b:cf:d5:ab:c2:a7:82:01:61:cf:53:72:68:7f:
44:4f:3b:5a:e4:f3:2b:1c:d4:6a:9d:2e:35:1a:17:25:d3:3b:
15:70:61:49:1c:5c:e6:15:2b:55:6a:3e:50:4f:40:68:21:b1:
c2:72:96:9d:6d:bb:e3:ce:8d:b6:dd:07:56:3c:42:fe:cf:17:
3a:b0:e5:a8:45:eb:74:29:94:a4:9f:2d:12:d4:2a:0f:b1:fb:
ea:91:8f:1c:b3:4d:06:b7:3f:22:33:de:bf:ac:5f:96:a8:25:
99:a4:8d:a4:ba:94:8f:46:22:e2:00:48:d6:95:39:7e:fa:5e:
64:9a:4c:e2:7d:ea:59:f8:c3:c4:b6:1a:76:f3:5d:6b:bd:5d:
a1:ee:59:c1:e5:c2:26:47:da:a2:66:b2:2d:25:50:fa:43:61:
0c:94:f9:db:6b:b6:b8:42:d9:d0:0f:97:79:4b:55:e3:86:47:
0f:53:ea:73:dd:f7:81:2b:b2:19:c8:ad:43:af:b7:36:8d:d9:
50:50:f5:05:08:af:5c:a1:de:00:ae:8a:08:9b:21:9a:e0:20:
37:b5:c6:b7:49:05:80:04:f1:de:84:d1:af:fb:2e:40:93:23:
5a:06:52:b3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj182cIYkA9D5fPzuFe0gfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZjhlN2ZiZDRhYjY5NTA3ZmIxZmUzNTc5YWYzNDNhNTY2
MzkwODYwHhcNMjUwMTAxMjE0ODUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGU4NTMxYzVlODNjNDRkZGNjOTkyYjk2MGVjMGUyMzY1NzYwNDAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoAC5NhU9aY5OTx8qGI4al6MunHrd
U3pFTwiUrKKTgLEohRoKAOhRLKhoyinOnN9eY6GTn6GM4yKEMkNjdlUBEoXc5kWK
wxVidwVQScvgWlpF+NpL7VXd3XXZsHSOeQ6IfLfq0ztVlrCFktOW6F01q3pXBxvJ
vkBOw/milU6+fHGm/QBNrpt6hX1AcRBEYesG/OcpbHpwBBlmp/FlAV9E3C9mQUZO
EPA9Vyd1ezSGXjk8DMkoTuWK/ApJj+/dg+yHqCY1tfoKJGdb4b1RQL1iLtOeGnXN
jpPlTBeU5k4WV69lwenZFtdVioOjQXn7IjtyLroN90lUAEemU0GOQjNh6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNDoUxxeg8RN3MmSuWDsDiNldgQCMB8GA1UdIwQY
MBaAFHf45/vUq2lQf7H+NXmvNDpWY5CGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZF9qbi05U3JhVkJfc2Y0MWVhODBPbFpqa0lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC82YzI3MzYtYWIwMi00ODk3LTk1Njgt
NzdmNmU5NGUzZGNjLzEvME9oVEhGNkR4RTNjeVpLNVlPd09JMlYyQkFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC82YzI3MzYtYWIwMi00ODk3LTk1NjgtNzdmNmU5NGUzZGNj
LzEvZF9qbi05U3JhVkJfc2Y0MWVhODBPbFpqa0lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbWuKMA0G
CSqGSIb3DQEBCwUAA4IBAQBaGbpwfrTskMR6zsKR4Z1FKpkG091Vi8/Vq8KnggFh
z1NyaH9ETzta5PMrHNRqnS41Ghcl0zsVcGFJHFzmFStVaj5QT0BoIbHCcpadbbvj
zo223QdWPEL+zxc6sOWoRet0KZSkny0S1CoPsfvqkY8cs00Gtz8iM96/rF+WqCWZ
pI2kupSPRiLiAEjWlTl++l5kmkzifepZ+MPEthp2811rvV2h7lnB5cImR9qiZrIt
JVD6Q2EMlPnba7a4QtnQD5d5S1XjhkcPU+pz3feBK7IZyK1Dr7c2jdlQUPUFCK9c
od4ArooImyGa4CA3tca3SQWABPHehNGv+y5AkyNaBlKz
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:40:10 2025 by rpki-client