Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/KbQ--oBtSgvSfZVrBwQ6M553Hwk.roa
File: KbQ--oBtSgvSfZVrBwQ6M553Hwk.roa (raw, json)
Hash identifier: NJgK04btjY64hOecbKh54mIt3v+Yqupp2O5zCZPtgv0=
Subject key identifier: 29:B4:3E:FA:80:6D:4A:0B:D2:7D:95:6B:07:04:3A:33:9E:77:1F:09
Certificate issuer: /CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Certificate serial: 01941F8C0AA613C112CCDF7425CDF123E17B
Authority key identifier: 32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/KbQ--oBtSgvSfZVrBwQ6M553Hwk.roa
Signing time: Wed 01 Jan 2025 01:47:38 +0000
ROA not before: Wed 01 Jan 2025 01:47:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210892
IP address blocks: 37.44.228.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.mft
rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:0a:a6:13:c1:12:cc:df:74:25:cd:f1:23:e1:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Validity
Not Before: Jan 1 01:47:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=29b43efa806d4a0bd27d956b07043a339e771f09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:c5:86:b7:9e:2d:ba:07:c4:4d:8f:4a:c6:ee:
db:cf:57:a8:47:8a:ed:5e:db:e7:30:87:54:44:c7:
ac:a7:24:3a:91:20:73:e5:ca:c2:9c:c4:ea:1d:2e:
22:2e:db:c1:e3:ac:9b:0f:6f:d9:50:dc:23:bf:63:
70:90:ac:4a:c7:51:69:63:d4:75:b6:43:68:f6:08:
38:63:5e:69:34:ab:b8:59:1f:b7:c6:4d:12:96:a1:
65:79:e6:d6:11:64:eb:cc:c6:58:23:9a:a1:56:ce:
9f:73:51:fb:06:46:c8:60:19:99:76:f2:16:38:ba:
d4:24:f6:9d:da:ef:75:da:29:41:db:a1:de:5b:4a:
ee:5f:33:e2:34:cd:8b:00:5e:c2:e4:c1:84:c5:cb:
7e:9e:5b:16:cd:50:2a:aa:8a:9a:77:d8:99:56:c7:
4f:f1:76:05:e4:f9:f3:1b:09:36:cb:77:48:b8:59:
dc:2c:d1:64:55:ee:a6:99:50:f0:3e:72:85:e2:3f:
3a:e3:dd:29:a7:ec:d0:a9:84:cc:fd:cd:8d:25:a7:
c7:10:e0:7b:2d:17:fd:cc:2a:ee:14:57:36:c1:bb:
43:61:c1:cc:fe:c3:88:e0:99:e3:59:1d:21:26:df:
74:06:b2:f0:cc:38:ad:e6:5c:c9:68:6e:6f:42:12:
08:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:B4:3E:FA:80:6D:4A:0B:D2:7D:95:6B:07:04:3A:33:9E:77:1F:09
X509v3 Authority Key Identifier:
keyid:32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/KbQ--oBtSgvSfZVrBwQ6M553Hwk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.44.228.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:a4:2e:ea:3c:c0:2b:1d:b4:32:88:9e:ca:a5:c1:40:fb:7a:
21:30:04:65:f5:46:ee:5f:15:2f:3b:de:7c:1b:18:e5:00:97:
20:0a:70:d3:7e:09:fc:1b:85:97:87:5e:4f:c0:0c:2c:cb:4b:
9e:4f:db:c4:d9:59:c2:35:cb:a7:a7:a6:af:a2:0f:96:1b:8c:
ad:88:00:09:3b:60:fd:58:fd:8b:f8:2d:45:f7:6a:ff:7e:e7:
c2:0c:f0:a0:e4:75:17:70:e4:34:08:8f:48:be:4c:95:37:d8:
35:28:2f:2b:53:8c:fa:9c:b2:40:11:ae:b0:57:a3:01:f8:df:
6a:e0:d0:09:54:fa:4d:dc:da:cd:84:9f:53:07:fc:f7:d0:04:
39:fe:e2:a9:7b:42:fb:60:6b:10:58:02:08:34:ed:07:0c:06:
e2:68:be:25:c2:e8:5f:0d:a6:17:e3:db:9c:d2:1c:d9:9e:f2:
d7:6c:62:32:fe:1b:80:2f:b9:99:83:c4:ad:25:11:30:3d:94:
6d:8b:0d:4d:a8:ea:70:1a:e4:ee:b5:97:18:f7:bc:80:06:cf:
21:51:12:0c:41:db:65:ce:a6:83:0d:d9:98:a0:ea:14:d5:24:
bc:3d:47:0b:9b:d1:16:49:5d:5b:7c:a6:cf:ac:c6:66:46:28:
d6:da:fa:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjAqmE8ESzN90Jc3xI+F7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNjM3ODdmZDBmOTRiMzc4MTNlZWYxNmJjODEzNzQyM2Vl
M2ZlZjMwHhcNMjUwMTAxMDE0NzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWI0M2VmYTgwNmQ0YTBiZDI3ZDk1NmIwNzA0M2EzMzllNzcxZjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA08WGt54tugfETY9Kxu7bz1eoR4rt
XtvnMIdURMespyQ6kSBz5crCnMTqHS4iLtvB46ybD2/ZUNwjv2NwkKxKx1FpY9R1
tkNo9gg4Y15pNKu4WR+3xk0SlqFleebWEWTrzMZYI5qhVs6fc1H7BkbIYBmZdvIW
OLrUJPad2u912ilB26HeW0ruXzPiNM2LAF7C5MGExct+nlsWzVAqqoqad9iZVsdP
8XYF5PnzGwk2y3dIuFncLNFkVe6mmVDwPnKF4j86490pp+zQqYTM/c2NJafHEOB7
LRf9zCruFFc2wbtDYcHM/sOI4JnjWR0hJt90BrLwzDit5lzJaG5vQhII2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCm0PvqAbUoL0n2VawcEOjOedx8JMB8GA1UdIwQY
MBaAFDJjeH/Q+Us3gT7vFryBN0I+4/7zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2Qt
NTk1ZTBiZjVjNjEzLzEvS2JRLS1vQnRTZ3ZTZlpWckJ3UTZNNTUzSHdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2QtNTk1ZTBiZjVjNjEz
LzEvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCJSzkMA0G
CSqGSIb3DQEBCwUAA4IBAQAvpC7qPMArHbQyiJ7KpcFA+3ohMARl9UbuXxUvO958
GxjlAJcgCnDTfgn8G4WXh15PwAwsy0ueT9vE2VnCNcunp6avog+WG4ytiAAJO2D9
WP2L+C1F92r/fufCDPCg5HUXcOQ0CI9IvkyVN9g1KC8rU4z6nLJAEa6wV6MB+N9q
4NAJVPpN3NrNhJ9TB/z30AQ5/uKpe0L7YGsQWAIINO0HDAbiaL4lwuhfDaYX49uc
0hzZnvLXbGIy/huAL7mZg8StJREwPZRtiw1NqOpwGuTutZcY97yABs8hURIMQdtl
zqaDDdmYoOoU1SS8PUcLm9EWSV1bfKbPrMZmRijW2vop
-----END CERTIFICATE-----
Generated at Wed Feb 5 08:40:12 2025 by rpki-client