Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/lYSlQ-4feryLZZTaUJ-AJBOZotM.roa
File: lYSlQ-4feryLZZTaUJ-AJBOZotM.roa (raw, json)
Hash identifier: Z1Weo02vp6uD0aD+NKaCNak3b37ID56s/v4nECqj3gE=
Subject key identifier: 95:84:A5:43:EE:1F:7A:BC:8B:65:94:DA:50:9F:80:24:13:99:A2:D3
Certificate issuer: /CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4
Certificate serial: 019424448CB8F9DEDD6C0F6B9A67AC584381
Authority key identifier: 35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/lYSlQ-4feryLZZTaUJ-AJBOZotM.roa
Signing time: Wed 01 Jan 2025 23:47:39 +0000
ROA not before: Wed 01 Jan 2025 23:47:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34494
IP address blocks: 91.211.100.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/NRov1vXlr4fVzqCVBm-8w9PlRqQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/NRov1vXlr4fVzqCVBm-8w9PlRqQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 17:00:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:8c:b8:f9:de:dd:6c:0f:6b:9a:67:ac:58:43:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4
Validity
Not Before: Jan 1 23:47:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9584a543ee1f7abc8b6594da509f80241399a2d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:c5:df:fe:9b:8e:3f:f8:df:1a:0f:cd:90:8b:
ea:6e:01:2f:20:b8:dc:c8:5d:59:ca:74:29:ba:ac:
af:b2:f2:0f:df:3e:95:c1:d0:eb:ef:0c:df:42:28:
40:6d:fa:c4:4b:f0:a0:c6:e7:87:57:67:be:b2:63:
fa:19:91:f8:5a:b3:bb:9c:51:95:27:05:c0:a0:0d:
35:c5:30:6c:8c:a2:c3:f8:61:12:e4:3e:09:d3:ec:
43:f5:ba:d6:ad:58:b8:dd:a2:e0:c9:ad:2d:ca:44:
ad:05:df:85:92:ba:3d:18:fe:e9:64:a6:98:16:ba:
71:49:e4:81:03:7b:32:20:e4:7a:5a:dc:aa:eb:8e:
59:96:68:3e:f5:98:75:a9:59:4f:9b:e1:b8:f2:ae:
78:38:5d:c4:28:eb:1a:3b:71:b7:71:e1:c0:cb:2c:
cc:2d:52:13:c3:c1:ad:e5:4a:c5:ba:12:6a:69:9f:
cf:dc:f0:20:d0:21:cb:94:9c:16:98:21:47:9e:eb:
4c:ac:84:4d:be:ee:4a:3f:8d:3c:64:a2:be:4d:f4:
f9:14:86:91:12:af:0c:f8:89:f6:f3:80:3c:0b:f8:
16:be:c7:78:e9:7d:07:1d:3e:54:fe:49:fb:77:9a:
bf:b3:76:34:3f:d3:b6:16:42:04:f5:a3:f6:0b:fd:
84:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:84:A5:43:EE:1F:7A:BC:8B:65:94:DA:50:9F:80:24:13:99:A2:D3
X509v3 Authority Key Identifier:
keyid:35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/lYSlQ-4feryLZZTaUJ-AJBOZotM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/NRov1vXlr4fVzqCVBm-8w9PlRqQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.211.100.0/22
Signature Algorithm: sha256WithRSAEncryption
89:a0:de:ca:ff:8c:dc:46:95:d9:d8:5d:18:1f:4b:75:ef:1d:
05:9a:5e:97:95:84:f5:91:12:78:bd:f7:12:57:99:0a:ff:aa:
9f:21:03:6e:3a:7a:9e:6b:34:5e:4d:cd:33:f4:5e:d4:16:33:
e5:d9:30:0e:47:85:2d:10:06:b3:e8:3c:de:1d:1f:b8:b5:fe:
60:83:a9:90:43:18:11:58:c9:2f:60:bc:70:ed:e9:b6:6f:88:
d4:1b:98:ca:77:c2:2c:2e:9a:b3:9a:bf:4c:cb:9a:59:73:99:
77:2c:4c:b9:e8:7e:37:04:2b:46:e5:f6:85:c2:68:86:9c:d4:
f3:0f:85:a6:fd:eb:97:f7:5b:eb:9e:14:a0:06:b2:a4:14:97:
cb:d6:87:13:fe:27:31:7f:25:c8:fa:a2:c7:6e:11:9b:9a:4d:
7e:0d:b6:75:e1:d3:a6:3c:81:42:f6:e1:6f:b5:a9:c5:ea:bc:
67:9b:a7:64:ba:2d:14:d6:e9:1f:31:5b:c0:3c:95:2c:d0:79:
cd:b0:7f:e8:b4:24:b0:2b:29:fa:a3:21:b0:82:b1:c7:bb:ac:
76:58:af:a3:8a:87:e2:c4:1f:cb:ce:24:32:2b:b2:c7:6a:91:
d4:08:23:23:16:f0:ea:bd:75:ae:f2:0c:2d:96:ba:a9:52:ff:
45:a9:11:28
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRIy4+d7dbA9rmmesWEOBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MWEyZmQ2ZjVlNWFmODdkNWNlYTA5NTA2NmZiY2MzZDNl
NTQ2YTQwHhcNMjUwMTAxMjM0NzM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTg0YTU0M2VlMWY3YWJjOGI2NTk0ZGE1MDlmODAyNDEzOTlhMmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2cXf/puOP/jfGg/NkIvqbgEvILjc
yF1ZynQpuqyvsvIP3z6VwdDr7wzfQihAbfrES/CgxueHV2e+smP6GZH4WrO7nFGV
JwXAoA01xTBsjKLD+GES5D4J0+xD9brWrVi43aLgya0tykStBd+Fkro9GP7pZKaY
FrpxSeSBA3syIOR6Wtyq645Zlmg+9Zh1qVlPm+G48q54OF3EKOsaO3G3ceHAyyzM
LVITw8Gt5UrFuhJqaZ/P3PAg0CHLlJwWmCFHnutMrIRNvu5KP408ZKK+TfT5FIaR
Eq8M+In284A8C/gWvsd46X0HHT5U/kn7d5q/s3Y0P9O2FkIE9aP2C/2EBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJWEpUPuH3q8i2WU2lCfgCQTmaLTMB8GA1UdIwQY
MBaAFDUaL9b15a+H1c6glQZvvMPT5UakMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJvdjF2WGxyNGZWenFDVkJtLTh3OVBsUnFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9jZGRkZDUtODE3YS00MTEzLThiODIt
MjMwNDllNGQyZjEyLzEvbFlTbFEtNGZlcnlMWlpUYVVKLUFKQk9ab3RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9jZGRkZDUtODE3YS00MTEzLThiODItMjMwNDllNGQyZjEy
LzEvTlJvdjF2WGxyNGZWenFDVkJtLTh3OVBsUnFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW9NkMA0G
CSqGSIb3DQEBCwUAA4IBAQCJoN7K/4zcRpXZ2F0YH0t17x0Fml6XlYT1kRJ4vfcS
V5kK/6qfIQNuOnqeazReTc0z9F7UFjPl2TAOR4UtEAaz6DzeHR+4tf5gg6mQQxgR
WMkvYLxw7em2b4jUG5jKd8IsLpqzmr9My5pZc5l3LEy56H43BCtG5faFwmiGnNTz
D4Wm/euX91vrnhSgBrKkFJfL1ocT/icxfyXI+qLHbhGbmk1+DbZ14dOmPIFC9uFv
tanF6rxnm6dkui0U1ukfMVvAPJUs0HnNsH/otCSwKyn6oyGwgrHHu6x2WK+jiofi
xB/LziQyK7LHapHUCCMjFvDqvXWu8gwtlrqpUv9FqREo
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:46:20 2025 by rpki-client