Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/7ktGOCiuaxNVf6xdAfkeuisyla0.roa
File: 7ktGOCiuaxNVf6xdAfkeuisyla0.roa (raw, json)
Hash identifier: Cf1BWWAsGXAZCHjkjhZN3wO4tojImkJt3W6WEZhY+MU=
Subject key identifier: EE:4B:46:38:28:AE:6B:13:55:7F:AC:5D:01:F9:1E:BA:2B:32:95:AD
Certificate issuer: /CN=22373571c90249bf2aa948e78bed13e08528b87e
Certificate serial: 01942143D25C367C622E4170D82F7259C7EA
Authority key identifier: 22:37:35:71:C9:02:49:BF:2A:A9:48:E7:8B:ED:13:E0:85:28:B8:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/7ktGOCiuaxNVf6xdAfkeuisyla0.roa
Signing time: Wed 01 Jan 2025 09:48:00 +0000
ROA not before: Wed 01 Jan 2025 09:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204812
IP address blocks: 77.104.124.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/Ijc1cckCSb8qqUjni-0T4IUouH4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/Ijc1cckCSb8qqUjni-0T4IUouH4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:d2:5c:36:7c:62:2e:41:70:d8:2f:72:59:c7:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22373571c90249bf2aa948e78bed13e08528b87e
Validity
Not Before: Jan 1 09:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ee4b463828ae6b13557fac5d01f91eba2b3295ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:18:ac:ce:4f:9b:6d:12:59:a1:90:44:97:15:
f6:68:53:8e:23:95:f9:61:09:b5:1b:a5:ac:01:22:
31:69:1b:c5:a6:17:20:f7:7c:5a:05:18:65:59:d1:
3a:ee:87:70:77:fc:5a:49:e2:fc:55:37:e2:73:f7:
71:c5:4b:95:03:b1:19:e2:2d:9f:91:8a:da:45:4d:
80:90:38:55:d5:c3:06:89:f2:3f:0d:54:cf:18:9d:
30:0d:83:54:02:c9:af:23:8a:bd:16:c1:f2:87:cf:
c9:0d:9c:f0:96:16:46:97:57:b6:d7:25:4a:8e:b3:
9d:82:70:b1:53:3d:28:cc:0f:7a:d2:ff:bd:e3:c8:
ca:36:5f:46:92:a4:11:0a:7b:46:a9:56:3d:02:9f:
87:21:db:04:b7:b7:00:4b:c7:50:6a:e0:4f:7d:94:
36:ea:f7:70:3b:10:41:99:9e:3c:b8:da:be:90:ee:
77:05:2b:e6:64:b9:7d:0d:4e:3f:bd:01:2e:80:14:
80:74:c9:a9:e8:01:fb:5d:29:71:11:2f:fd:20:77:
7b:13:9c:3c:cc:0d:5c:f4:aa:73:7d:12:26:ab:3c:
7c:3c:ef:63:2c:0b:29:ca:9d:37:fe:9b:4e:41:7a:
d6:bb:50:8e:69:32:3b:fd:45:25:e6:28:77:a3:62:
50:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:4B:46:38:28:AE:6B:13:55:7F:AC:5D:01:F9:1E:BA:2B:32:95:AD
X509v3 Authority Key Identifier:
keyid:22:37:35:71:C9:02:49:BF:2A:A9:48:E7:8B:ED:13:E0:85:28:B8:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/7ktGOCiuaxNVf6xdAfkeuisyla0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/Ijc1cckCSb8qqUjni-0T4IUouH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.104.124.0/24
Signature Algorithm: sha256WithRSAEncryption
43:d2:ff:e1:8c:6f:a1:22:fc:6b:a6:8b:9c:4d:ad:ca:5f:79:
b2:3d:cc:ff:35:f7:7c:28:cc:cf:49:01:02:57:92:2d:58:df:
bc:64:1c:a0:c4:62:6b:c2:df:11:bf:54:77:e1:6e:de:6d:39:
39:d5:29:55:43:c8:90:0c:46:f3:9a:84:44:24:2f:93:33:95:
39:9d:cd:2a:e9:b1:02:d5:37:96:0c:66:ef:15:ee:4c:32:62:
34:8d:17:2e:73:c1:b8:ab:e6:39:1f:08:eb:05:71:1b:cb:fd:
31:6d:40:9b:2b:dc:00:97:b1:43:01:96:aa:89:48:b7:1c:87:
79:69:e9:f0:66:4c:4f:d2:24:51:b3:22:6e:77:37:c8:29:1f:
98:68:c9:28:01:6c:94:3d:9d:16:94:24:a6:75:78:99:84:16:
4b:26:dc:ea:bd:05:68:aa:f5:61:d1:e5:11:ac:3c:30:7e:8d:
33:84:6b:a6:e3:fc:5c:10:e4:b6:46:a4:37:48:36:88:49:7d:
f2:ad:d5:18:f8:cb:79:86:f9:c7:11:86:a6:56:4d:39:09:39:
dc:83:89:ca:54:ad:73:c2:fa:5d:5d:a5:d7:63:28:9d:a6:9b:
e3:e8:00:42:e8:00:97:ea:19:f5:78:6e:17:eb:f6:74:42:89:
2d:75:af:55
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhQ9JcNnxiLkFw2C9yWcfqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMzczNTcxYzkwMjQ5YmYyYWE5NDhlNzhiZWQxM2UwODUy
OGI4N2UwHhcNMjUwMTAxMDk0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTRiNDYzODI4YWU2YjEzNTU3ZmFjNWQwMWY5MWViYTJiMzI5NWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBiszk+bbRJZoZBElxX2aFOOI5X5
YQm1G6WsASIxaRvFphcg93xaBRhlWdE67odwd/xaSeL8VTfic/dxxUuVA7EZ4i2f
kYraRU2AkDhV1cMGifI/DVTPGJ0wDYNUAsmvI4q9FsHyh8/JDZzwlhZGl1e21yVK
jrOdgnCxUz0ozA960v+948jKNl9GkqQRCntGqVY9Ap+HIdsEt7cAS8dQauBPfZQ2
6vdwOxBBmZ48uNq+kO53BSvmZLl9DU4/vQEugBSAdMmp6AH7XSlxES/9IHd7E5w8
zA1c9KpzfRImqzx8PO9jLAspyp03/ptOQXrWu1COaTI7/UUl5ih3o2JQEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO5LRjgormsTVX+sXQH5HrorMpWtMB8GA1UdIwQY
MBaAFCI3NXHJAkm/KqlI54vtE+CFKLh+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWpjMWNja0NTYjhxcVVqbmktMFQ0SVVvdUg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS84NjZlNWUtODMxZS00Y2IxLWJkNTEt
YjQ1NDBjNzRjOTRiLzEvN2t0R09DaXVheE5WZjZ4ZEFma2V1aXN5bGEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS84NjZlNWUtODMxZS00Y2IxLWJkNTEtYjQ1NDBjNzRjOTRi
LzEvSWpjMWNja0NTYjhxcVVqbmktMFQ0SVVvdUg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATWh8MA0G
CSqGSIb3DQEBCwUAA4IBAQBD0v/hjG+hIvxrpoucTa3KX3myPcz/Nfd8KMzPSQEC
V5ItWN+8ZBygxGJrwt8Rv1R34W7ebTk51SlVQ8iQDEbzmoREJC+TM5U5nc0q6bEC
1TeWDGbvFe5MMmI0jRcuc8G4q+Y5HwjrBXEby/0xbUCbK9wAl7FDAZaqiUi3HId5
aenwZkxP0iRRsyJudzfIKR+YaMkoAWyUPZ0WlCSmdXiZhBZLJtzqvQVoqvVh0eUR
rDwwfo0zhGum4/xcEOS2RqQ3SDaISX3yrdUY+Mt5hvnHEYamVk05CTncg4nKVK1z
wvpdXaXXYyidppvj6ABC6ACX6hn1eG4X6/Z0Qoktda9V
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:47:46 2025 by rpki-client