Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1NsIqndst_On9nYnvKQbaIFnFBo.roa
File: 1NsIqndst_On9nYnvKQbaIFnFBo.roa (raw, json)
Hash identifier: ygRz+eSAvso8HH5S7ovVpP8CDuvADuXq1qx+4OzSDkg=
Subject key identifier: D4:DB:08:AA:77:6C:B7:F3:A7:F6:76:27:BC:A4:1B:68:81:67:14:1A
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 019420D65E77502C148A3ECFED1762E34752
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1NsIqndst_On9nYnvKQbaIFnFBo.roa
Signing time: Wed 01 Jan 2025 07:48:27 +0000
ROA not before: Wed 01 Jan 2025 07:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206092
IP address blocks: 192.109.205.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 02:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:5e:77:50:2c:14:8a:3e:cf:ed:17:62:e3:47:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Jan 1 07:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d4db08aa776cb7f3a7f67627bca41b688167141a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:51:b5:7e:b5:6e:1c:fb:c4:db:b3:24:f8:e7:
2f:bc:e5:39:9c:de:f2:b8:4c:1f:df:77:b4:64:34:
d9:4f:e0:bb:3c:96:b2:0e:a4:bf:69:53:9b:1b:eb:
5b:07:77:90:75:07:e6:b1:78:3e:5c:71:dd:c7:ee:
3b:50:24:b8:be:ea:a9:0d:63:fd:4b:d9:f5:a8:87:
16:81:05:b2:dc:f1:ad:c1:ff:fe:f8:79:27:8f:a2:
bf:41:fe:4e:d3:a8:9d:b1:37:3c:a3:13:25:3f:9d:
14:6c:e7:29:0a:e4:93:07:49:8d:04:e9:11:f5:81:
67:34:ab:56:e1:83:43:ee:f0:1d:f3:30:58:9c:f4:
aa:eb:b1:34:92:ce:39:22:66:03:12:ee:91:4c:56:
36:69:ab:9b:0a:32:aa:e4:4a:eb:7c:72:a6:dd:00:
90:5c:54:3f:f1:08:b3:b0:49:ca:d1:d6:31:d4:b5:
3d:08:75:b1:f6:9f:2e:81:29:d6:e2:6a:71:98:f9:
5f:75:90:be:d3:cd:60:3a:fa:f4:24:3b:97:ce:1b:
52:6f:53:ca:ad:f9:89:ca:32:14:e1:23:3b:ec:b3:
f7:69:44:c1:d5:40:af:39:37:03:69:79:ab:ec:df:
d6:46:f7:a5:e7:f0:09:98:e3:32:7f:7c:00:e3:56:
5d:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:DB:08:AA:77:6C:B7:F3:A7:F6:76:27:BC:A4:1B:68:81:67:14:1A
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1NsIqndst_On9nYnvKQbaIFnFBo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.205.0/24
Signature Algorithm: sha256WithRSAEncryption
42:49:0c:0c:5b:70:a5:0d:40:39:e3:5a:38:1c:25:76:5b:21:
39:5b:a2:cc:68:46:d0:72:6c:8f:d6:ed:5e:00:53:77:7f:ab:
56:92:70:a2:6a:9a:d1:d0:18:ed:05:2c:75:2f:76:26:42:d8:
f3:00:ad:09:f9:84:e7:f9:59:e7:91:16:5c:b7:25:ee:d5:7d:
f3:09:72:ef:b4:05:6f:7e:20:1a:3f:44:97:66:07:24:6d:9b:
6d:2e:5a:04:3d:03:ba:4d:02:a4:8b:fb:9c:92:9c:c0:f2:6c:
b9:9e:3c:40:dd:90:06:9d:65:c7:f7:31:79:e7:c4:de:b7:b4:
d7:17:a7:20:18:b4:9e:9a:0d:c1:0b:b4:5f:07:ee:0a:61:da:
fa:17:8f:01:76:f2:ee:07:a4:bb:32:44:b0:e6:34:12:0a:69:
b6:73:a2:ba:b6:ac:14:7b:09:30:16:e7:74:02:1d:2c:10:b8:
0b:95:4b:d8:25:a5:74:b6:d2:63:0c:2c:2a:ee:9f:d1:39:f5:
ac:e5:89:4e:32:16:c3:39:b4:3f:73:50:d6:4f:71:29:54:e9:
2d:39:0f:e3:6c:9f:7f:59:dd:26:b3:2f:a0:a3:4f:d2:d2:f3:
4c:54:b7:d1:37:cf:6c:1c:c7:ad:ab:0c:e2:44:20:58:1f:34:
18:41:93:2a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1l53UCwUij7P7Rdi40dSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjUwMTAxMDc0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGRiMDhhYTc3NmNiN2YzYTdmNjc2MjdiY2E0MWI2ODgxNjcxNDFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp1G1frVuHPvE27Mk+OcvvOU5nN7y
uEwf33e0ZDTZT+C7PJayDqS/aVObG+tbB3eQdQfmsXg+XHHdx+47UCS4vuqpDWP9
S9n1qIcWgQWy3PGtwf/++Hknj6K/Qf5O06idsTc8oxMlP50UbOcpCuSTB0mNBOkR
9YFnNKtW4YND7vAd8zBYnPSq67E0ks45ImYDEu6RTFY2aaubCjKq5ErrfHKm3QCQ
XFQ/8QizsEnK0dYx1LU9CHWx9p8ugSnW4mpxmPlfdZC+081gOvr0JDuXzhtSb1PK
rfmJyjIU4SM77LP3aUTB1UCvOTcDaXmr7N/WRvel5/AJmOMyf3wA41ZdBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNTbCKp3bLfzp/Z2J7ykG2iBZxQaMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvMU5zSXFuZHN0X09uOW5ZbnZLUWJhSUZuRkJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwG3NMA0G
CSqGSIb3DQEBCwUAA4IBAQBCSQwMW3ClDUA541o4HCV2WyE5W6LMaEbQcmyP1u1e
AFN3f6tWknCiaprR0BjtBSx1L3YmQtjzAK0J+YTn+VnnkRZctyXu1X3zCXLvtAVv
fiAaP0SXZgckbZttLloEPQO6TQKki/uckpzA8my5njxA3ZAGnWXH9zF558Tet7TX
F6cgGLSemg3BC7RfB+4KYdr6F48BdvLuB6S7MkSw5jQSCmm2c6K6tqwUewkwFud0
Ah0sELgLlUvYJaV0ttJjDCwq7p/ROfWs5YlOMhbDObQ/c1DWT3EpVOktOQ/jbJ9/
Wd0msy+go0/S0vNMVLfRN89sHMetqwziRCBYHzQYQZMq
-----END CERTIFICATE-----
Generated at Wed Feb 5 11:39:29 2025 by rpki-client