Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/SrZ4RZPbkkulLRjDnKeeMWYxwzY.roa
File: SrZ4RZPbkkulLRjDnKeeMWYxwzY.roa (raw, json)
Hash identifier: xB6TzyhgS5V679nPp3RIvv2qtymA4YPYZ/DhJiBNbCg=
Subject key identifier: 4A:B6:78:45:93:DB:92:4B:A5:2D:18:C3:9C:A7:9E:31:66:31:C3:36
Certificate issuer: /CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Certificate serial: 0194266BC97E803CC70B9294533786494B5B
Authority key identifier: 87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/SrZ4RZPbkkulLRjDnKeeMWYxwzY.roa
Signing time: Thu 02 Jan 2025 09:49:45 +0000
ROA not before: Thu 02 Jan 2025 09:49:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51187
IP address blocks: 80.120.18.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.mft
rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 18:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:c9:7e:80:3c:c7:0b:92:94:53:37:86:49:4b:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Validity
Not Before: Jan 2 09:49:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4ab6784593db924ba52d18c39ca79e316631c336
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:a5:e6:92:5b:3d:ba:eb:86:48:4a:0c:12:e0:
d0:81:e0:51:a0:0d:15:71:00:21:ba:96:85:08:f9:
73:47:ff:10:75:ff:73:53:2c:f4:3c:5a:35:82:bf:
51:ee:f9:b6:f7:59:d8:84:11:10:6d:f7:9c:41:a5:
31:11:7f:69:c5:64:5f:7a:01:24:02:2d:3d:c9:ff:
c7:56:62:e5:c4:54:23:b9:4e:27:bd:96:08:18:15:
8c:31:7c:f7:a9:09:8d:ad:62:99:19:21:f8:4e:5d:
b4:8c:6e:34:fb:70:02:70:bb:e3:2e:23:b6:6f:29:
3c:70:e3:9d:f5:ad:94:3f:09:75:c0:6f:7d:cb:37:
a1:b6:2c:27:75:e8:84:57:bb:39:8a:97:7e:ed:05:
95:50:3e:0e:75:21:5a:98:0a:79:da:00:f8:e5:4c:
98:98:ba:d6:d3:04:04:9c:ae:0e:c6:65:8b:0e:8e:
fe:31:14:ef:cd:0d:5d:43:69:57:d3:c0:64:b6:a0:
46:ce:c6:1c:d1:60:c6:8e:6f:05:78:d7:01:3d:ab:
25:d3:ce:12:1c:5d:e6:a3:c2:79:62:6d:93:f2:b1:
e9:db:00:99:28:91:d0:95:c7:48:07:72:97:de:b5:
e7:75:49:9c:2d:1c:25:56:f4:0a:43:8d:07:cb:dd:
52:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:B6:78:45:93:DB:92:4B:A5:2D:18:C3:9C:A7:9E:31:66:31:C3:36
X509v3 Authority Key Identifier:
keyid:87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/SrZ4RZPbkkulLRjDnKeeMWYxwzY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.120.18.0/24
Signature Algorithm: sha256WithRSAEncryption
cf:1a:c7:97:06:1b:85:73:0e:53:78:56:03:4e:2f:60:6e:56:
0b:2a:d7:68:82:e8:02:a0:09:c8:a4:d8:bc:a7:64:7c:5c:ac:
e5:74:fa:54:d8:86:3f:da:51:54:2c:6a:aa:ee:cf:28:5a:4e:
26:33:9c:6b:c2:23:84:a4:4d:a4:05:f6:cd:db:47:37:dd:21:
55:92:e7:65:97:74:c5:cd:49:f2:7a:20:db:7f:7b:d9:f4:6a:
fe:16:76:a6:71:48:96:4a:2a:b2:f8:bd:79:19:0a:df:b4:97:
f1:3f:73:4b:fe:90:9d:96:93:56:08:8e:9b:1d:62:97:d8:ea:
38:f5:19:82:e7:02:79:e9:43:b4:54:74:e2:d9:79:a2:4e:2e:
e9:0e:3a:a2:c9:16:55:0a:5a:c0:f0:b2:46:04:10:22:b0:66:
42:fc:4e:71:c9:d3:2f:71:29:e7:bb:b6:ec:5a:64:10:4a:86:
59:b0:e8:c1:9e:3b:02:e6:ec:d3:48:02:80:5e:75:ab:d8:ab:
46:00:ae:3c:66:24:a0:9a:95:ce:1a:d5:fd:1d:a2:d1:bc:da:
f6:5d:50:ab:72:d2:e3:89:67:f4:fe:7c:84:98:85:27:3b:f2:
4c:a5:91:69:a0:ab:ea:c5:6a:f1:e4:18:33:54:c9:a1:07:ea:
df:e7:5f:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQma8l+gDzHC5KUUzeGSUtbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MGM1ODlhNGYyMmE5Y2EyZmY5OWI0YzQ4ZjhiZGY0OTI4
NzE3MjUwHhcNMjUwMTAyMDk0OTQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWI2Nzg0NTkzZGI5MjRiYTUyZDE4YzM5Y2E3OWUzMTY2MzFjMzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw6Xmkls9uuuGSEoMEuDQgeBRoA0V
cQAhupaFCPlzR/8Qdf9zUyz0PFo1gr9R7vm291nYhBEQbfecQaUxEX9pxWRfegEk
Ai09yf/HVmLlxFQjuU4nvZYIGBWMMXz3qQmNrWKZGSH4Tl20jG40+3ACcLvjLiO2
byk8cOOd9a2UPwl1wG99yzehtiwndeiEV7s5ipd+7QWVUD4OdSFamAp52gD45UyY
mLrW0wQEnK4OxmWLDo7+MRTvzQ1dQ2lX08BktqBGzsYc0WDGjm8FeNcBPasl084S
HF3mo8J5Ym2T8rHp2wCZKJHQlcdIB3KX3rXndUmcLRwlVvQKQ40Hy91SGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEq2eEWT25JLpS0Yw5ynnjFmMcM2MB8GA1UdIwQY
MBaAFIcMWJpPIqnKL/mbTEj4vfSShxclMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWIt
ODQ5ZDNhNmI5YzJkLzEvU3JaNFJaUGJra3VsTFJqRG5LZWVNV1l4d3pZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWItODQ5ZDNhNmI5YzJk
LzEvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUHgSMA0G
CSqGSIb3DQEBCwUAA4IBAQDPGseXBhuFcw5TeFYDTi9gblYLKtdogugCoAnIpNi8
p2R8XKzldPpU2IY/2lFULGqq7s8oWk4mM5xrwiOEpE2kBfbN20c33SFVkudll3TF
zUnyeiDbf3vZ9Gr+FnamcUiWSiqy+L15GQrftJfxP3NL/pCdlpNWCI6bHWKX2Oo4
9RmC5wJ56UO0VHTi2XmiTi7pDjqiyRZVClrA8LJGBBAisGZC/E5xydMvcSnnu7bs
WmQQSoZZsOjBnjsC5uzTSAKAXnWr2KtGAK48ZiSgmpXOGtX9HaLRvNr2XVCrctLj
iWf0/nyEmIUnO/JMpZFpoKvqxWrx5BgzVMmhB+rf51/6
-----END CERTIFICATE-----
Generated at Sat Apr 12 00:55:53 2025 by rpki-client