Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/480f4a-a937-4149-aee8-e32924ac7b63/1/f-KSc4wFUzfvZQxAvj3mfcCpucM.roa
File: f-KSc4wFUzfvZQxAvj3mfcCpucM.roa (raw, json)
Hash identifier: jxojV7c/UkeXwjtEc1twZKEIj7PGNnhxGiRkNs0JqvY=
Subject key identifier: 7F:E2:92:73:8C:05:53:37:EF:65:0C:40:BE:3D:E6:7D:C0:A9:B9:C3
Certificate issuer: /CN=b78678bd654ca6b10a5c773bc269754dc234cfd5
Certificate serial: 0196241E5D96D51DA5C05166001F2C8D16E5
Authority key identifier: B7:86:78:BD:65:4C:A6:B1:0A:5C:77:3B:C2:69:75:4D:C2:34:CF:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t4Z4vWVMprEKXHc7wml1TcI0z9U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/480f4a-a937-4149-aee8-e32924ac7b63/1/f-KSc4wFUzfvZQxAvj3mfcCpucM.roa
Signing time: Fri 11 Apr 2025 09:11:31 +0000
ROA not before: Fri 11 Apr 2025 09:11:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62412
IP address blocks: 192.140.228.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ae/480f4a-a937-4149-aee8-e32924ac7b63/1/t4Z4vWVMprEKXHc7wml1TcI0z9U.crl
rsync://rpki.ripe.net/repository/DEFAULT/ae/480f4a-a937-4149-aee8-e32924ac7b63/1/t4Z4vWVMprEKXHc7wml1TcI0z9U.mft
rsync://rpki.ripe.net/repository/DEFAULT/t4Z4vWVMprEKXHc7wml1TcI0z9U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 14:46:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:24:1e:5d:96:d5:1d:a5:c0:51:66:00:1f:2c:8d:16:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b78678bd654ca6b10a5c773bc269754dc234cfd5
Validity
Not Before: Apr 11 09:11:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7fe292738c055337ef650c40be3de67dc0a9b9c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:df:47:33:00:53:24:42:4e:14:c9:5d:d8:d3:
7e:10:d6:e4:ca:17:a4:28:0e:19:5a:d7:a3:3e:c6:
9d:81:39:e3:7b:2d:be:e7:b3:99:2e:a5:a2:5d:ae:
3d:69:bd:95:0a:82:8f:bd:57:08:56:46:27:0c:b2:
bd:44:d9:de:5e:50:74:b7:34:0c:cb:32:15:43:f0:
46:23:cd:77:54:fa:19:e6:b6:2d:e0:d7:cb:6d:17:
5d:73:e5:8c:b0:ea:2a:bc:b0:81:7e:98:8b:f5:6c:
05:a4:fe:17:74:01:1b:c1:26:14:4c:b0:0e:eb:a7:
16:04:8b:31:52:78:9a:99:c1:90:46:ab:52:7f:0a:
94:46:ac:b9:54:b7:02:d3:fd:70:de:b3:19:1a:41:
8f:87:7b:2c:b4:4a:7f:12:03:d8:a8:4c:e5:78:3e:
f8:b4:ff:0e:04:ce:82:72:dc:2c:de:72:6f:6f:16:
1a:3c:a6:63:dc:2f:a0:7d:79:48:94:88:7f:ed:6e:
59:f4:a2:33:bf:b9:67:dc:95:76:39:f6:35:2c:8d:
e7:2f:ac:f7:4b:9d:86:fb:04:b8:96:21:8d:59:e3:
ef:0e:d3:b1:48:f2:33:e3:92:41:f7:1e:37:be:49:
61:b9:50:b4:b9:be:5d:50:74:01:d2:24:df:d9:fe:
e6:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:E2:92:73:8C:05:53:37:EF:65:0C:40:BE:3D:E6:7D:C0:A9:B9:C3
X509v3 Authority Key Identifier:
keyid:B7:86:78:BD:65:4C:A6:B1:0A:5C:77:3B:C2:69:75:4D:C2:34:CF:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t4Z4vWVMprEKXHc7wml1TcI0z9U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/480f4a-a937-4149-aee8-e32924ac7b63/1/f-KSc4wFUzfvZQxAvj3mfcCpucM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/480f4a-a937-4149-aee8-e32924ac7b63/1/t4Z4vWVMprEKXHc7wml1TcI0z9U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.140.228.0/24
Signature Algorithm: sha256WithRSAEncryption
35:af:64:6b:c7:07:bd:8e:1e:70:70:5e:2f:6f:01:4c:53:89:
c2:a9:8c:8b:02:4e:d4:e3:0a:72:05:e0:6a:0f:8e:74:d4:55:
76:51:13:4d:66:b5:3a:f5:96:17:10:a1:9f:2e:0c:b1:f9:fc:
61:dc:1d:27:b9:d0:26:70:4f:b1:89:3f:70:15:5a:df:86:b5:
05:20:78:2a:fa:b8:4c:e2:fe:35:04:cc:83:6c:ba:a3:3b:bf:
c7:ce:d9:6f:71:cd:75:1b:c5:78:a3:9d:f7:78:8b:aa:92:83:
7e:58:54:00:fa:b3:6c:0f:ee:51:e1:a7:36:a9:b4:d2:ae:02:
81:e8:1b:f1:be:de:37:cf:ee:08:12:45:55:b6:cf:b6:09:bb:
0c:69:83:3c:9e:74:f0:3e:ba:02:75:b5:51:39:f1:68:4b:e2:
bd:3d:d2:9d:78:35:a8:d6:6b:d8:ab:a2:1a:04:e7:b9:f8:77:
35:e5:4c:8a:56:a8:ca:8a:24:f7:7b:9b:b9:89:6e:0a:9f:d5:
11:11:02:1d:9f:1f:f1:74:28:61:e0:f3:34:76:4e:b0:13:a5:
87:11:9a:fd:d4:85:58:07:0c:c5:f7:f2:9c:82:92:07:a7:f2:
25:ce:b3:7e:9b:f9:74:7f:70:1e:f4:99:4d:2f:27:30:a8:c4:
98:f9:cf:e6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZYkHl2W1R2lwFFmAB8sjRblMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3ODY3OGJkNjU0Y2E2YjEwYTVjNzczYmMyNjk3NTRkYzIz
NGNmZDUwHhcNMjUwNDExMDkxMTMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmUyOTI3MzhjMDU1MzM3ZWY2NTBjNDBiZTNkZTY3ZGMwYTliOWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz99HMwBTJEJOFMld2NN+ENbkyhek
KA4ZWtejPsadgTnjey2+57OZLqWiXa49ab2VCoKPvVcIVkYnDLK9RNneXlB0tzQM
yzIVQ/BGI813VPoZ5rYt4NfLbRddc+WMsOoqvLCBfpiL9WwFpP4XdAEbwSYUTLAO
66cWBIsxUniamcGQRqtSfwqURqy5VLcC0/1w3rMZGkGPh3sstEp/EgPYqEzleD74
tP8OBM6Cctws3nJvbxYaPKZj3C+gfXlIlIh/7W5Z9KIzv7ln3JV2OfY1LI3nL6z3
S52G+wS4liGNWePvDtOxSPIz45JB9x43vklhuVC0ub5dUHQB0iTf2f7m7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH/iknOMBVM372UMQL495n3AqbnDMB8GA1UdIwQY
MBaAFLeGeL1lTKaxClx3O8JpdU3CNM/VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDRaNHZXVk1wckVLWEhjN3dtbDFUY0kwejlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS80ODBmNGEtYTkzNy00MTQ5LWFlZTgt
ZTMyOTI0YWM3YjYzLzEvZi1LU2M0d0ZVemZ2WlF4QXZqM21mY0NwdWNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS80ODBmNGEtYTkzNy00MTQ5LWFlZTgtZTMyOTI0YWM3YjYz
LzEvdDRaNHZXVk1wckVLWEhjN3dtbDFUY0kwejlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwIzkMA0G
CSqGSIb3DQEBCwUAA4IBAQA1r2Rrxwe9jh5wcF4vbwFMU4nCqYyLAk7U4wpyBeBq
D4501FV2URNNZrU69ZYXEKGfLgyx+fxh3B0nudAmcE+xiT9wFVrfhrUFIHgq+rhM
4v41BMyDbLqjO7/Hztlvcc11G8V4o533eIuqkoN+WFQA+rNsD+5R4ac2qbTSrgKB
6Bvxvt43z+4IEkVVts+2CbsMaYM8nnTwProCdbVROfFoS+K9PdKdeDWo1mvYq6Ia
BOe5+Hc15UyKVqjKiiT3e5u5iW4Kn9UREQIdnx/xdChh4PM0dk6wE6WHEZr91IVY
BwzF9/KcgpIHp/IlzrN+m/l0f3Ae9JlNLycwqMSY+c/m
-----END CERTIFICATE-----
Generated at Tue Apr 22 20:54:16 2025 by rpki-client