Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/8wn9fj0PqtCdtrjvVjs-x_2PjzQ.roa
File: 8wn9fj0PqtCdtrjvVjs-x_2PjzQ.roa (raw, json)
Hash identifier: 7UcC6PjtAm8ZGmqmm7X7V/2fmUSDRZoPvvaJOMKRRsE=
Subject key identifier: F3:09:FD:7E:3D:0F:AA:D0:9D:B6:B8:EF:56:3B:3E:C7:FD:8F:8F:34
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 019420D65D2D8839CF5041A02765FD3670AD
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/8wn9fj0PqtCdtrjvVjs-x_2PjzQ.roa
Signing time: Wed 01 Jan 2025 07:48:26 +0000
ROA not before: Wed 01 Jan 2025 07:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197537
IP address blocks: 178.255.246.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 02:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:5d:2d:88:39:cf:50:41:a0:27:65:fd:36:70:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Jan 1 07:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f309fd7e3d0faad09db6b8ef563b3ec7fd8f8f34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:be:fe:82:0c:37:c2:3d:29:94:c1:50:96:99:
dc:b0:d0:7d:a5:8a:10:9d:13:29:b9:d8:8c:54:7a:
cd:24:f6:02:a1:d7:8f:0f:71:c6:38:f9:18:1e:2a:
cb:ab:47:d9:7c:1b:81:23:82:00:e9:45:43:62:ca:
e5:ab:22:24:32:bd:a8:84:7b:ea:ce:93:6f:96:d9:
35:13:09:14:4e:eb:aa:cb:bf:2a:a8:4a:0b:31:7a:
c2:0b:ba:94:ea:e5:1e:25:1b:8c:1d:4e:b6:c4:17:
62:73:f6:cf:f0:73:eb:06:53:26:e8:13:c5:c7:dc:
d7:aa:e0:dd:4a:61:e8:14:c8:8b:66:a6:f0:be:33:
48:ac:1a:bb:f6:d8:53:4c:60:24:b3:17:82:b0:49:
b6:e3:0d:b1:16:ec:9e:46:80:25:13:bf:40:6a:bd:
ec:45:ad:db:fd:d4:e3:a6:2d:78:af:b3:79:f0:61:
71:0b:6a:39:af:8f:9f:90:89:57:9d:f3:49:c0:7d:
35:61:0c:5a:35:20:e1:9b:c0:c9:00:ce:2d:a4:0f:
61:97:07:7f:5f:68:40:c8:34:90:8c:67:7b:b5:ba:
72:54:c4:5b:6f:c2:08:0e:b6:35:04:af:56:47:67:
b3:a6:94:5a:0e:e7:d7:2f:da:3a:42:8c:04:28:82:
83:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:09:FD:7E:3D:0F:AA:D0:9D:B6:B8:EF:56:3B:3E:C7:FD:8F:8F:34
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/8wn9fj0PqtCdtrjvVjs-x_2PjzQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.255.246.0/23
Signature Algorithm: sha256WithRSAEncryption
69:82:45:be:74:9f:e6:88:9e:70:b6:cf:83:16:7c:99:9a:6f:
1e:81:ea:6f:1e:7e:89:0f:2f:c6:45:b1:0f:a1:e4:6e:7b:fb:
ef:82:b0:4b:60:cf:4f:03:b8:be:15:83:f7:f7:e6:e8:fb:e7:
3b:4d:35:ad:62:cd:db:c9:16:58:66:e5:27:85:3a:1f:38:69:
8f:11:52:13:1a:a2:fe:c5:c1:cb:49:37:74:8f:54:7e:c4:1a:
18:c1:1b:5e:9a:12:dd:8f:0e:fa:7c:b5:32:e1:42:d6:52:a0:
08:d0:0d:8c:37:60:e8:d9:bf:19:86:bf:7e:c0:03:75:90:ab:
5c:ac:cb:35:65:fd:e9:8c:8d:1e:6d:9b:77:f1:ec:31:95:75:
eb:f0:94:2c:d3:ce:14:0e:9b:f6:fa:76:cd:87:a2:ea:7e:87:
8e:6f:6c:d5:7e:bf:9e:dc:c8:09:31:94:b7:8a:98:7d:23:53:
c6:81:38:c5:9e:59:9a:1b:99:36:71:be:73:95:83:10:d9:f9:
18:f9:d0:35:4b:53:4f:c9:d8:48:a7:18:b6:f7:e5:0f:2a:e7:
a7:cc:f7:1b:59:e9:9b:38:bc:9a:39:31:0b:2a:a7:b9:ea:bb:
d7:bd:be:7e:7b:b4:97:ed:6c:2d:88:2c:e7:d1:c0:3f:22:db:
a4:a0:2b:ae
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1l0tiDnPUEGgJ2X9NnCtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjUwMTAxMDc0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzA5ZmQ3ZTNkMGZhYWQwOWRiNmI4ZWY1NjNiM2VjN2ZkOGY4ZjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3b7+ggw3wj0plMFQlpncsNB9pYoQ
nRMpudiMVHrNJPYCodePD3HGOPkYHirLq0fZfBuBI4IA6UVDYsrlqyIkMr2ohHvq
zpNvltk1EwkUTuuqy78qqEoLMXrCC7qU6uUeJRuMHU62xBdic/bP8HPrBlMm6BPF
x9zXquDdSmHoFMiLZqbwvjNIrBq79thTTGAksxeCsEm24w2xFuyeRoAlE79Aar3s
Ra3b/dTjpi14r7N58GFxC2o5r4+fkIlXnfNJwH01YQxaNSDhm8DJAM4tpA9hlwd/
X2hAyDSQjGd7tbpyVMRbb8IIDrY1BK9WR2ezppRaDufXL9o6QowEKIKDeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPMJ/X49D6rQnba471Y7Psf9j480MB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvOHduOWZqMFBxdENkdHJqdlZqcy14XzJQanpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBsv/2MA0G
CSqGSIb3DQEBCwUAA4IBAQBpgkW+dJ/miJ5wts+DFnyZmm8egepvHn6JDy/GRbEP
oeRue/vvgrBLYM9PA7i+FYP39+bo++c7TTWtYs3byRZYZuUnhTofOGmPEVITGqL+
xcHLSTd0j1R+xBoYwRtemhLdjw76fLUy4ULWUqAI0A2MN2Do2b8Zhr9+wAN1kKtc
rMs1Zf3pjI0ebZt38ewxlXXr8JQs084UDpv2+nbNh6LqfoeOb2zVfr+e3MgJMZS3
iph9I1PGgTjFnlmaG5k2cb5zlYMQ2fkY+dA1S1NPydhIpxi29+UPKuenzPcbWemb
OLyaOTELKqe56rvXvb5+e7SX7WwtiCzn0cA/ItukoCuu
-----END CERTIFICATE-----
Generated at Wed Feb 5 12:00:01 2025 by rpki-client