Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/C-vYvlFYfUXiwi5hu4BNg-H_RfU.roa
File: C-vYvlFYfUXiwi5hu4BNg-H_RfU.roa (raw, json)
Hash identifier: Nlk7WgRdvB30t6f6caFVZOFs3Kxbuk6ZqeclTDKzs84=
Subject key identifier: 0B:EB:D8:BE:51:58:7D:45:E2:C2:2E:61:BB:80:4D:83:E1:FF:45:F5
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 019420D65FDE5CD7A1A6CCEC6F7AC328D2F2
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/C-vYvlFYfUXiwi5hu4BNg-H_RfU.roa
Signing time: Wed 01 Jan 2025 07:48:27 +0000
ROA not before: Wed 01 Jan 2025 07:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211192
IP address blocks: 94.177.113.0/24 maxlen: 24
94.177.118.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 02:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:5f:de:5c:d7:a1:a6:cc:ec:6f:7a:c3:28:d2:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Jan 1 07:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0bebd8be51587d45e2c22e61bb804d83e1ff45f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:53:c9:b1:e5:25:b0:6b:ef:7f:0e:10:72:d7:
e5:0f:9a:55:a0:bd:c3:06:9c:a4:2c:6b:26:cb:44:
4b:5d:e6:e2:91:5a:f6:38:29:5c:e2:eb:99:d1:a5:
5f:8c:43:98:39:42:df:11:03:09:1c:20:4f:7f:7b:
76:ce:2c:3a:b5:02:4e:51:98:0a:03:eb:d9:ab:e8:
60:dd:09:1e:b8:55:f3:d9:e9:d2:8d:54:c3:7c:ba:
c8:02:56:a4:ef:a3:c4:5d:73:67:6c:78:c0:ad:4f:
f9:40:32:59:b1:62:48:9e:c5:c5:22:d1:41:34:4a:
21:b6:08:18:7d:95:12:c6:2c:2c:2b:47:e7:a3:0a:
06:e9:20:5d:c2:16:7f:13:13:90:ac:b5:8b:3c:96:
45:37:28:f4:eb:e2:69:93:d1:57:f7:e6:5b:44:e3:
be:47:e0:0a:36:01:61:b3:09:ba:83:8c:c9:02:c2:
bc:ea:97:f3:75:55:79:90:42:84:29:4d:26:ea:c0:
ce:24:d7:39:93:0a:4c:a0:69:6c:b2:e4:7d:43:45:
30:6b:fe:13:5f:81:76:4f:66:d9:30:b1:94:d3:64:
14:93:84:b6:4b:f0:16:63:20:dd:b2:25:fe:e0:e6:
54:ab:b2:6d:ee:cf:3d:72:b6:6e:58:64:d0:bb:e9:
3e:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:EB:D8:BE:51:58:7D:45:E2:C2:2E:61:BB:80:4D:83:E1:FF:45:F5
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/C-vYvlFYfUXiwi5hu4BNg-H_RfU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.177.113.0/24
94.177.118.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:4e:e6:38:5e:b0:51:0a:45:91:b9:63:7e:9a:35:50:7b:03:
67:11:b0:2b:be:d6:de:ed:7b:23:e5:45:34:39:9d:b0:b7:11:
b0:6b:9b:2b:ca:c3:12:af:0b:4a:e3:8d:f6:d7:30:4e:df:13:
3b:83:79:eb:54:d5:b2:fb:61:30:0b:e2:c7:9c:39:c3:04:7d:
cc:85:92:f1:8b:2b:b9:12:ab:aa:84:10:f6:51:ec:b4:31:2c:
f2:a9:7a:6f:ee:63:1e:dc:cb:2c:ed:b3:5c:d4:fd:01:8b:59:
30:cf:f6:a4:f4:70:69:12:8f:ad:55:96:fb:a1:2a:0a:34:32:
c7:35:83:68:b5:4a:21:8c:f3:de:8e:d5:00:26:74:35:c1:dd:
f1:c2:7c:0e:c3:f9:a4:cb:fc:29:eb:f6:2e:6d:ab:8a:d4:4d:
d4:ac:85:fc:05:23:12:e0:2b:51:96:23:7a:63:80:2b:4d:6f:
7f:55:52:dc:ec:32:e5:bd:47:64:5a:84:78:c6:4a:e8:b8:17:
23:ad:cc:fc:29:28:22:58:2f:c0:89:51:4c:92:80:23:4c:37:
b8:db:de:4d:39:84:62:20:a2:cd:99:c4:de:68:c7:72:24:1f:
e1:e8:f6:0e:1c:86:4f:b9:79:98:c9:38:35:a4:c2:ff:76:c9:
c6:ca:b0:f3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQg1l/eXNehpszsb3rDKNLyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjUwMTAxMDc0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmViZDhiZTUxNTg3ZDQ1ZTJjMjJlNjFiYjgwNGQ4M2UxZmY0NWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzFPJseUlsGvvfw4QctflD5pVoL3D
BpykLGsmy0RLXebikVr2OClc4uuZ0aVfjEOYOULfEQMJHCBPf3t2ziw6tQJOUZgK
A+vZq+hg3QkeuFXz2enSjVTDfLrIAlak76PEXXNnbHjArU/5QDJZsWJInsXFItFB
NEohtggYfZUSxiwsK0fnowoG6SBdwhZ/ExOQrLWLPJZFNyj06+Jpk9FX9+ZbROO+
R+AKNgFhswm6g4zJAsK86pfzdVV5kEKEKU0m6sDOJNc5kwpMoGlssuR9Q0Uwa/4T
X4F2T2bZMLGU02QUk4S2S/AWYyDdsiX+4OZUq7Jt7s89crZuWGTQu+k+jQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAvr2L5RWH1F4sIuYbuATYPh/0X1MB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvQy12WXZsRllmVVhpd2k1aHU0Qk5nLUhfUmZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXrFxAwQA
XrF2MA0GCSqGSIb3DQEBCwUAA4IBAQANTuY4XrBRCkWRuWN+mjVQewNnEbArvtbe
7Xsj5UU0OZ2wtxGwa5srysMSrwtK44321zBO3xM7g3nrVNWy+2EwC+LHnDnDBH3M
hZLxiyu5EquqhBD2Uey0MSzyqXpv7mMe3Mss7bNc1P0Bi1kwz/ak9HBpEo+tVZb7
oSoKNDLHNYNotUohjPPejtUAJnQ1wd3xwnwOw/mky/wp6/YubauK1E3UrIX8BSMS
4CtRliN6Y4ArTW9/VVLc7DLlvUdkWoR4xkrouBcjrcz8KSgiWC/AiVFMkoAjTDe4
295NOYRiIKLNmcTeaMdyJB/h6PYOHIZPuXmYyTg1pML/dsnGyrDz
-----END CERTIFICATE-----
Generated at Wed Feb 5 11:45:20 2025 by rpki-client