Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/i4BvPEbIU0LE_KGbaw2Du_jwtCU.roa
File: i4BvPEbIU0LE_KGbaw2Du_jwtCU.roa (raw, json)
Hash identifier: /Y2NvzZtZ5IYW3kWzP26GGHk2SWDVIrWTwCk4pyyB7E=
Subject key identifier: 8B:80:6F:3C:46:C8:53:42:C4:FC:A1:9B:6B:0D:83:BB:F8:F0:B4:25
Certificate issuer: /CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
Certificate serial: 0196C42AA228F41696D8710434D2EAC6F601
Authority key identifier: 43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/i4BvPEbIU0LE_KGbaw2Du_jwtCU.roa
Signing time: Mon 12 May 2025 11:04:10 +0000
ROA not before: Mon 12 May 2025 11:04:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205080
IP address blocks: 57.188.0.0/18 maxlen: 24
57.188.20.0/24 maxlen: 24
2a0a:90c0:1000::/40 maxlen: 48
2a0a:90c0:1066::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 06:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c4:2a:a2:28:f4:16:96:d8:71:04:34:d2:ea:c6:f6:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
Validity
Not Before: May 12 11:04:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8b806f3c46c85342c4fca19b6b0d83bbf8f0b425
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:25:dc:50:a1:4b:56:c1:3c:3b:c5:33:f4:51:
1b:3f:cf:fd:15:08:89:a7:ea:17:04:93:56:5f:45:
50:06:5b:44:c3:0d:e8:e0:da:39:09:f9:57:c9:c8:
a8:b7:9b:e1:12:1a:5c:5a:2e:c2:41:31:87:a6:ff:
0b:b6:0d:23:2f:65:16:57:9e:e2:ce:d3:1f:26:0b:
af:ef:71:7e:fb:99:47:46:ca:2b:10:5f:f9:bf:6b:
40:21:f7:19:c2:cf:8d:c8:2d:76:10:fa:ab:59:7e:
73:a2:27:1e:2c:5e:da:0e:40:69:4d:1e:6b:7a:db:
3e:cb:4f:2f:eb:4e:1a:53:fb:b5:c8:a7:69:fa:b4:
b3:4d:ae:95:3d:60:10:71:6a:cb:6f:9d:6f:87:12:
e3:0d:2a:75:51:42:b8:0c:36:47:8b:3e:65:17:1b:
57:5e:4b:6d:32:2b:f3:b1:47:33:18:5e:d5:6a:92:
19:bc:62:c6:34:81:a6:d8:d8:0c:59:c9:93:f6:f9:
b7:23:e4:90:d7:75:c9:21:3f:e9:88:05:75:7c:7a:
e1:7f:4d:ff:db:17:db:c6:30:02:bf:11:e3:75:58:
e1:96:3d:b4:f9:f7:a2:5c:72:bb:98:02:f4:8f:62:
65:10:da:d5:25:a1:a0:39:30:86:15:33:a2:ed:00:
2a:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:80:6F:3C:46:C8:53:42:C4:FC:A1:9B:6B:0D:83:BB:F8:F0:B4:25
X509v3 Authority Key Identifier:
keyid:43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/i4BvPEbIU0LE_KGbaw2Du_jwtCU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.188.0.0/18
IPv6:
2a0a:90c0:1000::/40
Signature Algorithm: sha256WithRSAEncryption
45:05:48:45:fe:7c:b6:21:f0:ae:5e:e1:0d:fc:99:21:20:25:
d8:90:d6:6f:66:8d:a4:9e:dc:f9:f6:bf:5f:86:a6:6c:0c:a3:
c8:93:6a:f1:b7:4d:e1:99:f1:0b:b2:d5:e8:3f:b7:63:19:ae:
94:e4:8b:19:ca:83:05:c5:60:57:97:1a:02:a6:64:29:cc:ba:
23:b9:89:56:ae:e5:22:13:57:8f:a7:c8:66:26:f0:a9:6c:ae:
30:f1:4f:55:99:8b:dc:50:47:17:91:30:e7:8f:f2:77:51:d5:
83:da:13:38:84:25:28:4f:fe:c3:32:54:41:07:dc:6d:c4:4f:
51:eb:82:09:30:ad:59:e1:bd:d4:6d:fd:99:85:86:ac:21:2b:
7f:9f:f2:92:2d:04:2d:fb:30:69:1c:7f:0e:4b:01:bc:fa:60:
28:c0:17:00:53:47:78:5d:84:aa:46:24:f1:97:e6:1f:16:69:
b9:1f:62:5c:7d:cc:29:fb:16:88:e8:58:16:9b:e6:72:a7:7a:
80:27:15:f2:d3:e2:3d:32:ca:39:6b:4b:a7:3a:d7:56:d8:fc:
52:b1:6d:20:8d:a9:17:aa:b9:3f:c6:48:0a:14:d0:56:52:2a:
92:cf:c1:11:3d:bd:ec:f7:cc:48:ba:02:17:04:98:ae:a6:64:
8a:08:ea:c7
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZbEKqIo9BaW2HEENNLqxvYBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZDViYTA4MTVjOWY1MTkzZjgwOTg5ZWU4OTNhY2FjYzRi
YTg4NDkwHhcNMjUwNTEyMTEwNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjgwNmYzYzQ2Yzg1MzQyYzRmY2ExOWI2YjBkODNiYmY4ZjBiNDI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2yXcUKFLVsE8O8Uz9FEbP8/9FQiJ
p+oXBJNWX0VQBltEww3o4No5CflXyciot5vhEhpcWi7CQTGHpv8Ltg0jL2UWV57i
ztMfJguv73F++5lHRsorEF/5v2tAIfcZws+NyC12EPqrWX5zoiceLF7aDkBpTR5r
ets+y08v604aU/u1yKdp+rSzTa6VPWAQcWrLb51vhxLjDSp1UUK4DDZHiz5lFxtX
XkttMivzsUczGF7VapIZvGLGNIGm2NgMWcmT9vm3I+SQ13XJIT/piAV1fHrhf03/
2xfbxjACvxHjdVjhlj20+feiXHK7mAL0j2JlENrVJaGgOTCGFTOi7QAqVwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFIuAbzxGyFNCxPyhm2sNg7v48LQlMB8GA1UdIwQY
MBaAFEPVuggVyfUZP4CYnuiTrKzEuohJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEt
ZTEzZTU1NzljNWRjLzEvaTRCdlBFYklVMExFX0tHYmF3MkR1X2p3dENVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEtZTEzZTU1NzljNWRj
LzEvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQGObwAMA4E
AgACMAgDBgAqCpDAEDANBgkqhkiG9w0BAQsFAAOCAQEARQVIRf58tiHwrl7hDfyZ
ISAl2JDWb2aNpJ7c+fa/X4ambAyjyJNq8bdN4ZnxC7LV6D+3YxmulOSLGcqDBcVg
V5caAqZkKcy6I7mJVq7lIhNXj6fIZibwqWyuMPFPVZmL3FBHF5Ew54/yd1HVg9oT
OIQlKE/+wzJUQQfcbcRPUeuCCTCtWeG91G39mYWGrCErf5/yki0ELfswaRx/DksB
vPpgKMAXAFNHeF2EqkYk8ZfmHxZpuR9iXH3MKfsWiOhYFpvmcqd6gCcV8tPiPTLK
OWtLpzrXVtj8UrFtII2pF6q5P8ZIChTQVlIqks/BET297PfMSLoCFwSYrqZkigjq
xw==
-----END CERTIFICATE-----
Generated at Sat Jun 7 13:40:08 2025 by rpki-client