Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/050533-a57e-4a8b-bf0d-cee3b492902e/1/tb7b-pMyLuFzVUUaYd4D0tYvrVM.roa
File: tb7b-pMyLuFzVUUaYd4D0tYvrVM.roa (raw, json)
Hash identifier: kplquuozq7s5NkeQhsxsJ048qcIZPUbW30XHKIIbIL8=
Subject key identifier: B5:BE:DB:FA:93:32:2E:E1:73:55:45:1A:61:DE:03:D2:D6:2F:AD:53
Certificate issuer: /CN=87e965e78831a88ba8fa419432a9d7bac9db38a3
Certificate serial: 019424B2B6EB912F5C9E27AEA997517214EE
Authority key identifier: 87:E9:65:E7:88:31:A8:8B:A8:FA:41:94:32:A9:D7:BA:C9:DB:38:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h-ll54gxqIuo-kGUMqnXusnbOKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/050533-a57e-4a8b-bf0d-cee3b492902e/1/tb7b-pMyLuFzVUUaYd4D0tYvrVM.roa
Signing time: Thu 02 Jan 2025 01:47:59 +0000
ROA not before: Thu 02 Jan 2025 01:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215557
IP address blocks: 217.13.98.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/050533-a57e-4a8b-bf0d-cee3b492902e/1/h-ll54gxqIuo-kGUMqnXusnbOKM.crl
rsync://rpki.ripe.net/repository/DEFAULT/b3/050533-a57e-4a8b-bf0d-cee3b492902e/1/h-ll54gxqIuo-kGUMqnXusnbOKM.mft
rsync://rpki.ripe.net/repository/DEFAULT/h-ll54gxqIuo-kGUMqnXusnbOKM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:b6:eb:91:2f:5c:9e:27:ae:a9:97:51:72:14:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87e965e78831a88ba8fa419432a9d7bac9db38a3
Validity
Not Before: Jan 2 01:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b5bedbfa93322ee17355451a61de03d2d62fad53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:25:f6:12:bc:a1:ab:a1:e6:dc:b2:1d:61:55:
15:6e:f4:5a:e9:bf:26:f1:f9:69:b4:48:70:7d:0b:
5f:4e:7c:47:14:47:35:0b:17:a0:44:78:e6:20:1e:
79:d6:d5:0a:c8:80:4a:9e:46:59:3e:0b:f1:e1:d3:
8b:6d:2f:16:f8:ae:83:d7:2d:b0:c0:8b:9e:87:58:
f8:b2:5a:82:c7:09:53:90:c0:0c:95:da:c6:4a:21:
b1:ef:9a:b0:24:9a:8e:66:8a:7c:3c:e8:4b:d1:0f:
10:ec:d4:30:13:50:f8:07:af:70:f3:0f:19:0a:24:
8a:90:8a:fa:45:e0:ff:ec:ab:20:86:f0:aa:db:91:
3c:38:38:df:1e:ef:32:b4:89:ee:14:80:aa:47:df:
25:bf:59:cc:70:ec:ca:27:17:a9:52:8a:28:70:4d:
02:ed:b0:28:9a:e3:c3:27:ea:d0:31:f3:9c:27:4b:
59:03:11:a3:ef:36:11:ec:eb:56:4c:e1:08:ee:65:
e9:37:8f:93:13:bd:a4:69:00:d1:1b:e4:6a:70:d2:
a5:05:82:1e:ce:2f:15:7f:d8:ea:1a:ac:fd:fa:94:
6a:db:dd:9b:d0:a3:22:0b:66:31:56:14:27:af:51:
00:68:d5:4a:0c:2f:ab:76:53:6b:68:d7:1c:43:6d:
c8:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:BE:DB:FA:93:32:2E:E1:73:55:45:1A:61:DE:03:D2:D6:2F:AD:53
X509v3 Authority Key Identifier:
keyid:87:E9:65:E7:88:31:A8:8B:A8:FA:41:94:32:A9:D7:BA:C9:DB:38:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h-ll54gxqIuo-kGUMqnXusnbOKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/050533-a57e-4a8b-bf0d-cee3b492902e/1/tb7b-pMyLuFzVUUaYd4D0tYvrVM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/050533-a57e-4a8b-bf0d-cee3b492902e/1/h-ll54gxqIuo-kGUMqnXusnbOKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.13.98.0/24
Signature Algorithm: sha256WithRSAEncryption
29:b0:33:41:3e:e2:21:f6:c8:93:9e:fa:ae:9f:f3:06:ec:4e:
f5:7b:34:2b:3d:19:fa:45:06:a7:82:af:ce:32:4e:d3:05:15:
f1:a5:01:d3:1d:fe:b0:ee:88:85:12:44:c0:6b:50:60:7a:e5:
03:a1:10:32:0f:86:3c:38:7e:b6:74:cd:d2:0f:7e:d9:58:d6:
75:25:b1:e6:b6:a4:91:78:c1:62:08:ab:31:f2:7c:6a:47:39:
da:31:36:67:36:14:ec:25:4f:9d:58:16:38:9b:ae:5d:a4:e7:
bc:c8:d9:db:d1:fa:9e:9c:a3:09:0c:6a:3e:c4:c1:4f:9f:51:
22:79:b3:26:a7:98:4a:9f:c6:3d:b0:06:e7:94:17:6b:43:ea:
95:c8:5d:56:46:89:e8:e8:56:22:38:5e:85:16:e9:91:f8:35:
b5:25:64:0c:13:16:74:83:f0:70:d8:57:93:8b:77:02:4f:e9:
94:28:9b:a6:58:ac:b4:7e:31:b4:61:d6:a6:2f:0d:41:de:cb:
c4:8b:61:14:49:6a:52:8a:2a:02:34:46:08:59:81:31:a3:bf:
d0:8e:39:86:bd:c3:b4:96:13:c3:e2:50:e3:77:9c:c6:8b:3d:
49:b6:da:d4:17:25:69:72:39:5d:70:14:cb:25:9b:32:bf:ee:
67:2e:0a:8d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQksrbrkS9cnieuqZdRchTuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZTk2NWU3ODgzMWE4OGJhOGZhNDE5NDMyYTlkN2JhYzlk
YjM4YTMwHhcNMjUwMTAyMDE0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWJlZGJmYTkzMzIyZWUxNzM1NTQ1MWE2MWRlMDNkMmQ2MmZhZDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAliX2Eryhq6Hm3LIdYVUVbvRa6b8m
8flptEhwfQtfTnxHFEc1CxegRHjmIB551tUKyIBKnkZZPgvx4dOLbS8W+K6D1y2w
wIueh1j4slqCxwlTkMAMldrGSiGx75qwJJqOZop8POhL0Q8Q7NQwE1D4B69w8w8Z
CiSKkIr6ReD/7KsghvCq25E8ODjfHu8ytInuFICqR98lv1nMcOzKJxepUooocE0C
7bAomuPDJ+rQMfOcJ0tZAxGj7zYR7OtWTOEI7mXpN4+TE72kaQDRG+RqcNKlBYIe
zi8Vf9jqGqz9+pRq292b0KMiC2YxVhQnr1EAaNVKDC+rdlNraNccQ23IWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLW+2/qTMi7hc1VFGmHeA9LWL61TMB8GA1UdIwQY
MBaAFIfpZeeIMaiLqPpBlDKp17rJ2zijMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaC1sbDU0Z3hxSXVvLWtHVU1xblh1c25iT0tNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy8wNTA1MzMtYTU3ZS00YThiLWJmMGQt
Y2VlM2I0OTI5MDJlLzEvdGI3Yi1wTXlMdUZ6VlVVYVlkNEQwdFl2clZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy8wNTA1MzMtYTU3ZS00YThiLWJmMGQtY2VlM2I0OTI5MDJl
LzEvaC1sbDU0Z3hxSXVvLWtHVU1xblh1c25iT0tNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2Q1iMA0G
CSqGSIb3DQEBCwUAA4IBAQApsDNBPuIh9siTnvqun/MG7E71ezQrPRn6RQangq/O
Mk7TBRXxpQHTHf6w7oiFEkTAa1BgeuUDoRAyD4Y8OH62dM3SD37ZWNZ1JbHmtqSR
eMFiCKsx8nxqRznaMTZnNhTsJU+dWBY4m65dpOe8yNnb0fqenKMJDGo+xMFPn1Ei
ebMmp5hKn8Y9sAbnlBdrQ+qVyF1WRono6FYiOF6FFumR+DW1JWQMExZ0g/Bw2FeT
i3cCT+mUKJumWKy0fjG0YdamLw1B3svEi2EUSWpSiioCNEYIWYExo7/QjjmGvcO0
lhPD4lDjd5zGiz1JttrUFyVpcjldcBTLJZsyv+5nLgqN
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:05:42 2025 by rpki-client