Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/3838c4-6e46-49a8-8c14-ae8b8d788700/1/I_El3VD2zizuoyNdnUn9kOdcLek.roa
File: I_El3VD2zizuoyNdnUn9kOdcLek.roa (raw, json)
Hash identifier: 74aqpCJ0dpEabBMkIS/h3jijqMv/0y3rfXL3oZ/vRAo=
Subject key identifier: 23:F1:25:DD:50:F6:CE:2C:EE:A3:23:5D:9D:49:FD:90:E7:5C:2D:E9
Certificate issuer: /CN=2cda5f03eaf513a77f2ec20de5bb1672c5d279ab
Certificate serial: 019420682EDCB20A739ACE708917914479A7
Authority key identifier: 2C:DA:5F:03:EA:F5:13:A7:7F:2E:C2:0D:E5:BB:16:72:C5:D2:79:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LNpfA-r1E6d_LsIN5bsWcsXSeas.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/3838c4-6e46-49a8-8c14-ae8b8d788700/1/I_El3VD2zizuoyNdnUn9kOdcLek.roa
Signing time: Wed 01 Jan 2025 05:48:06 +0000
ROA not before: Wed 01 Jan 2025 05:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56532
IP address blocks: 91.224.226.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/3838c4-6e46-49a8-8c14-ae8b8d788700/1/LNpfA-r1E6d_LsIN5bsWcsXSeas.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/3838c4-6e46-49a8-8c14-ae8b8d788700/1/LNpfA-r1E6d_LsIN5bsWcsXSeas.mft
rsync://rpki.ripe.net/repository/DEFAULT/LNpfA-r1E6d_LsIN5bsWcsXSeas.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 18:34:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:2e:dc:b2:0a:73:9a:ce:70:89:17:91:44:79:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2cda5f03eaf513a77f2ec20de5bb1672c5d279ab
Validity
Not Before: Jan 1 05:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=23f125dd50f6ce2ceea3235d9d49fd90e75c2de9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:2e:c2:60:6d:be:8d:e6:e5:51:7d:1f:7c:32:
07:62:35:22:7a:40:e3:aa:ae:80:3d:0c:26:7b:c7:
bc:33:3d:72:4d:da:55:ad:da:fd:25:78:91:53:31:
52:ee:ba:d4:0a:84:84:c5:c5:93:39:4b:50:c3:93:
50:82:74:ce:46:64:90:b5:5d:49:e4:74:5a:2e:de:
a1:74:38:1e:4a:51:b8:22:42:14:a7:77:b6:d8:77:
9e:4c:86:a5:3d:c6:55:45:29:62:d9:6a:1b:81:ab:
ef:b5:fe:0f:b6:4d:bb:e9:47:b3:34:93:28:80:a6:
64:28:1d:dc:71:55:bd:dd:81:28:fb:22:2d:5e:ac:
44:58:d4:40:a8:89:b7:c4:c6:40:0d:09:c1:dd:ab:
27:c1:92:7d:7e:d7:fd:31:67:db:a6:06:35:17:a3:
f4:98:d7:11:81:68:3e:08:67:6c:63:66:de:4c:14:
02:de:06:39:d2:8f:7a:50:73:61:bd:9f:7e:10:8b:
bd:2c:8c:08:9f:80:4d:29:1c:e8:1e:1b:31:6d:ba:
06:6d:40:d1:43:77:20:2e:09:44:2d:4c:dc:b5:91:
51:57:aa:a8:16:c9:0e:6c:42:af:09:5e:6b:d1:f3:
5e:59:4a:35:c3:81:de:b0:e7:9d:62:16:cd:46:3c:
df:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:F1:25:DD:50:F6:CE:2C:EE:A3:23:5D:9D:49:FD:90:E7:5C:2D:E9
X509v3 Authority Key Identifier:
keyid:2C:DA:5F:03:EA:F5:13:A7:7F:2E:C2:0D:E5:BB:16:72:C5:D2:79:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LNpfA-r1E6d_LsIN5bsWcsXSeas.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/3838c4-6e46-49a8-8c14-ae8b8d788700/1/I_El3VD2zizuoyNdnUn9kOdcLek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/3838c4-6e46-49a8-8c14-ae8b8d788700/1/LNpfA-r1E6d_LsIN5bsWcsXSeas.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.224.226.0/23
Signature Algorithm: sha256WithRSAEncryption
88:d6:26:66:89:4b:30:c7:1a:2f:3b:80:3c:45:4d:8a:0f:7f:
33:8f:6d:05:33:e0:f1:bd:bf:dc:ae:07:cb:06:1d:ec:0e:56:
e9:d2:19:fd:9c:61:c7:69:63:be:59:23:a1:2a:91:da:b4:ea:
fd:18:6b:95:2e:c9:92:08:81:45:36:a9:00:0d:36:26:51:92:
4d:5b:2e:10:0e:11:60:85:bc:68:42:ee:4a:74:bc:cd:54:58:
aa:de:be:c2:70:b8:d6:9b:d5:65:8a:df:29:eb:5c:49:8a:05:
51:b4:47:73:16:86:c5:a6:42:d5:30:61:d8:8c:f8:a6:3b:89:
10:76:0b:8b:93:ba:70:ee:df:8d:9a:81:c3:1b:3f:6f:7f:f2:
ca:b4:22:68:98:7a:cd:eb:9b:9c:71:bc:33:de:d8:5f:aa:5d:
61:0f:0b:6d:93:4d:6a:18:3c:00:d3:4f:3a:0e:df:2e:41:0f:
bd:09:00:21:f4:d6:ea:f7:85:61:ec:a2:ca:b2:fd:6c:ea:eb:
b0:e2:5d:72:de:a7:a4:07:37:8d:7c:6e:d7:9a:bd:a0:6a:d4:
a2:93:a3:a3:84:50:4e:b5:c3:1f:42:ef:15:62:de:fe:e2:52:
d7:ea:3d:e6:3b:47:c6:af:2b:5b:53:3f:59:56:4f:f6:18:1f:
81:90:31:ed
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaC7csgpzms5wiReRRHmnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjZGE1ZjAzZWFmNTEzYTc3ZjJlYzIwZGU1YmIxNjcyYzVk
Mjc5YWIwHhcNMjUwMTAxMDU0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2YxMjVkZDUwZjZjZTJjZWVhMzIzNWQ5ZDQ5ZmQ5MGU3NWMyZGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0i7CYG2+jeblUX0ffDIHYjUiekDj
qq6APQwme8e8Mz1yTdpVrdr9JXiRUzFS7rrUCoSExcWTOUtQw5NQgnTORmSQtV1J
5HRaLt6hdDgeSlG4IkIUp3e22HeeTIalPcZVRSli2Wobgavvtf4Ptk276UezNJMo
gKZkKB3ccVW93YEo+yItXqxEWNRAqIm3xMZADQnB3asnwZJ9ftf9MWfbpgY1F6P0
mNcRgWg+CGdsY2beTBQC3gY50o96UHNhvZ9+EIu9LIwIn4BNKRzoHhsxbboGbUDR
Q3cgLglELUzctZFRV6qoFskObEKvCV5r0fNeWUo1w4HesOedYhbNRjzfJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCPxJd1Q9s4s7qMjXZ1J/ZDnXC3pMB8GA1UdIwQY
MBaAFCzaXwPq9ROnfy7CDeW7FnLF0nmrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTE5wZkEtcjFFNmRfTHNJTjVic1djc1hTZWFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS8zODM4YzQtNmU0Ni00OWE4LThjMTQt
YWU4YjhkNzg4NzAwLzEvSV9FbDNWRDJ6aXp1b3lOZG5VbjlrT2RjTGVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS8zODM4YzQtNmU0Ni00OWE4LThjMTQtYWU4YjhkNzg4NzAw
LzEvTE5wZkEtcjFFNmRfTHNJTjVic1djc1hTZWFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW+DiMA0G
CSqGSIb3DQEBCwUAA4IBAQCI1iZmiUswxxovO4A8RU2KD38zj20FM+Dxvb/crgfL
Bh3sDlbp0hn9nGHHaWO+WSOhKpHatOr9GGuVLsmSCIFFNqkADTYmUZJNWy4QDhFg
hbxoQu5KdLzNVFiq3r7CcLjWm9Vlit8p61xJigVRtEdzFobFpkLVMGHYjPimO4kQ
dguLk7pw7t+NmoHDGz9vf/LKtCJomHrN65uccbwz3thfql1hDwttk01qGDwA0086
Dt8uQQ+9CQAh9Nbq94Vh7KLKsv1s6uuw4l1y3qekBzeNfG7Xmr2gatSik6OjhFBO
tcMfQu8VYt7+4lLX6j3mO0fGrytbUz9ZVk/2GB+BkDHt
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:15:23 2025 by rpki-client