Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/d6e796-0e14-45b1-9cf3-5ad58abfbb1f/1/i0TYuxJTadWsH2nNCaLA3ELCG_g.roa
File: i0TYuxJTadWsH2nNCaLA3ELCG_g.roa (raw, json)
Hash identifier: WKF6rqlqDJ5rXyoCDaodVLIXE1F+Y/5SEavY6SvlaFE=
Subject key identifier: 8B:44:D8:BB:12:53:69:D5:AC:1F:69:CD:09:A2:C0:DC:42:C2:1B:F8
Certificate issuer: /CN=93202129969576ce357fae26c9c7cf98a8250ea6
Certificate serial: 019425FDD06373923493D4CF6EE88FE6674F
Authority key identifier: 93:20:21:29:96:95:76:CE:35:7F:AE:26:C9:C7:CF:98:A8:25:0E:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kyAhKZaVds41f64mycfPmKglDqY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/d6e796-0e14-45b1-9cf3-5ad58abfbb1f/1/i0TYuxJTadWsH2nNCaLA3ELCG_g.roa
Signing time: Thu 02 Jan 2025 07:49:38 +0000
ROA not before: Thu 02 Jan 2025 07:49:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1299
IP address blocks: 31.209.192.0/18 maxlen: 24
85.220.0.0/17 maxlen: 24
157.157.0.0/16 maxlen: 24
2001:1a98::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b5/d6e796-0e14-45b1-9cf3-5ad58abfbb1f/1/kyAhKZaVds41f64mycfPmKglDqY.crl
rsync://rpki.ripe.net/repository/DEFAULT/b5/d6e796-0e14-45b1-9cf3-5ad58abfbb1f/1/kyAhKZaVds41f64mycfPmKglDqY.mft
rsync://rpki.ripe.net/repository/DEFAULT/kyAhKZaVds41f64mycfPmKglDqY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:d0:63:73:92:34:93:d4:cf:6e:e8:8f:e6:67:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93202129969576ce357fae26c9c7cf98a8250ea6
Validity
Not Before: Jan 2 07:49:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8b44d8bb125369d5ac1f69cd09a2c0dc42c21bf8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:73:49:30:67:26:42:c1:60:ff:51:74:47:ae:
98:3f:af:47:1f:43:25:80:58:ac:e0:c0:a4:f6:9c:
80:6b:89:dc:ac:21:0e:8a:c9:28:bd:23:84:8b:2f:
e4:ce:12:db:c4:2e:c9:23:ab:f7:79:cd:70:ca:bc:
cf:69:cf:05:8d:f5:0e:44:e6:49:71:6e:69:c9:40:
d7:99:a2:07:de:eb:a8:39:13:81:0e:24:5d:5b:c2:
29:e7:29:88:c6:c1:8e:91:d0:84:c5:ea:f3:66:9b:
12:2e:e1:e8:34:ab:cd:13:be:68:26:67:b1:69:07:
73:7a:06:c5:c1:a1:ff:ec:69:0e:3e:6a:6e:6c:b2:
df:7a:15:33:33:b6:78:45:72:8b:d4:3e:3c:8f:3f:
68:a3:53:67:6d:bd:1e:bf:b4:64:a4:83:9a:cf:27:
ed:68:db:ba:19:b8:24:ca:aa:e8:1b:ee:98:21:8d:
f0:d1:51:3c:38:c1:91:40:48:bb:32:50:f8:c4:de:
25:ad:ed:9d:5b:03:cf:e6:50:3e:66:9e:27:f4:39:
06:5c:04:10:72:85:12:cb:c8:94:6e:db:a1:20:62:
f9:26:29:cb:30:fb:ec:83:99:bc:f0:b0:21:6b:62:
df:59:a4:80:61:a0:95:77:3f:83:cf:97:b0:6d:47:
46:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:44:D8:BB:12:53:69:D5:AC:1F:69:CD:09:A2:C0:DC:42:C2:1B:F8
X509v3 Authority Key Identifier:
keyid:93:20:21:29:96:95:76:CE:35:7F:AE:26:C9:C7:CF:98:A8:25:0E:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kyAhKZaVds41f64mycfPmKglDqY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/d6e796-0e14-45b1-9cf3-5ad58abfbb1f/1/i0TYuxJTadWsH2nNCaLA3ELCG_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/d6e796-0e14-45b1-9cf3-5ad58abfbb1f/1/kyAhKZaVds41f64mycfPmKglDqY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.209.192.0/18
85.220.0.0/17
157.157.0.0/16
IPv6:
2001:1a98::/32
Signature Algorithm: sha256WithRSAEncryption
4f:25:1d:63:c8:1d:44:9c:41:a1:9f:d3:f7:fc:cd:de:bf:81:
d2:5d:d9:27:74:93:3f:57:16:c9:a7:aa:5c:60:52:bb:5a:46:
50:07:af:41:22:a1:d4:f2:fe:e6:6b:53:78:bb:65:d9:bd:42:
39:75:f9:a9:d3:1e:f6:a9:8c:05:0b:2f:ab:e6:9f:24:c7:95:
c8:d3:e4:39:01:c9:11:a4:13:48:32:7b:89:56:97:fd:32:ec:
21:42:27:3e:03:1d:77:68:b6:97:b4:b3:ce:a8:bd:e1:dd:10:
fd:32:c1:38:24:e3:d3:58:6b:28:44:e9:64:11:72:56:b1:8b:
06:05:1c:9b:5e:7e:85:8b:5a:da:b9:6b:4a:6d:8b:d9:11:ce:
5b:81:0c:70:38:25:ad:d9:74:d8:9c:59:fb:9e:ff:f8:86:ad:
f9:44:28:33:c7:d0:69:63:d2:d4:29:ec:d3:82:90:7e:57:0e:
9f:d5:b6:d5:c4:b5:30:09:04:f9:5f:ed:2b:65:00:4d:43:a2:
44:4f:b8:3c:54:dd:d0:6f:9f:dd:99:14:16:63:3b:be:c3:02:
1a:d8:6b:20:73:9b:7b:9e:8e:bd:fe:93:2f:64:f7:c1:96:b4:
be:c0:ed:88:99:0d:1e:63:14:89:27:46:29:e4:b3:be:6b:ab:
82:48:58:32
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQl/dBjc5I0k9TPbuiP5mdPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzMjAyMTI5OTY5NTc2Y2UzNTdmYWUyNmM5YzdjZjk4YTgy
NTBlYTYwHhcNMjUwMTAyMDc0OTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjQ0ZDhiYjEyNTM2OWQ1YWMxZjY5Y2QwOWEyYzBkYzQyYzIxYmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA63NJMGcmQsFg/1F0R66YP69HH0Ml
gFis4MCk9pyAa4ncrCEOiskovSOEiy/kzhLbxC7JI6v3ec1wyrzPac8FjfUOROZJ
cW5pyUDXmaIH3uuoOROBDiRdW8Ip5ymIxsGOkdCExerzZpsSLuHoNKvNE75oJmex
aQdzegbFwaH/7GkOPmpubLLfehUzM7Z4RXKL1D48jz9oo1Nnbb0ev7RkpIOazyft
aNu6GbgkyqroG+6YIY3w0VE8OMGRQEi7MlD4xN4lre2dWwPP5lA+Zp4n9DkGXAQQ
coUSy8iUbtuhIGL5JinLMPvsg5m88LAha2LfWaSAYaCVdz+Dz5ewbUdGQwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFItE2LsSU2nVrB9pzQmiwNxCwhv4MB8GA1UdIwQY
MBaAFJMgISmWlXbONX+uJsnHz5ioJQ6mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3lBaEtaYVZkczQxZjY0bXljZlBtS2dsRHFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS9kNmU3OTYtMGUxNC00NWIxLTljZjMt
NWFkNThhYmZiYjFmLzEvaTBUWXV4SlRhZFdzSDJuTkNhTEEzRUxDR19nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS9kNmU3OTYtMGUxNC00NWIxLTljZjMtNWFkNThhYmZiYjFm
LzEva3lBaEtaYVZkczQxZjY0bXljZlBtS2dsRHFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAXBAIAATARAwQGH9HAAwQH
VdwAAwMAnZ0wDQQCAAIwBwMFACABGpgwDQYJKoZIhvcNAQELBQADggEBAE8lHWPI
HUScQaGf0/f8zd6/gdJd2Sd0kz9XFsmnqlxgUrtaRlAHr0EiodTy/uZrU3i7Zdm9
Qjl1+anTHvapjAULL6vmnyTHlcjT5DkByRGkE0gye4lWl/0y7CFCJz4DHXdotpe0
s86oveHdEP0ywTgk49NYayhE6WQRclaxiwYFHJtefoWLWtq5a0pti9kRzluBDHA4
Ja3ZdNicWfue//iGrflEKDPH0Glj0tQp7NOCkH5XDp/VttXEtTAJBPlf7StlAE1D
okRPuDxU3dBvn92ZFBZjO77DAhrYayBzm3uejr3+ky9k98GWtL7A7YiZDR5jFIkn
Rinks75rq4JIWDI=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:51:42 2025 by rpki-client