Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/0059b5-f637-4265-a3e4-a3b58628060d/1/rFvQ7kKYqXPkmLuwIzu6v_5kUm4.roa
File: rFvQ7kKYqXPkmLuwIzu6v_5kUm4.roa (raw, json)
Hash identifier: sOutQCKMagct2n7Im9fbDePApSglLVIsuSmVsFlE9uM=
Subject key identifier: AC:5B:D0:EE:42:98:A9:73:E4:98:BB:B0:23:3B:BA:BF:FE:64:52:6E
Certificate issuer: /CN=6851a3fee77e924146177123dd6753b06fde2452
Certificate serial: 019421B21F2B209A8313958338B7CFFB8DA5
Authority key identifier: 68:51:A3:FE:E7:7E:92:41:46:17:71:23:DD:67:53:B0:6F:DE:24:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aFGj_ud-kkFGF3Ej3WdTsG_eJFI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/0059b5-f637-4265-a3e4-a3b58628060d/1/rFvQ7kKYqXPkmLuwIzu6v_5kUm4.roa
Signing time: Wed 01 Jan 2025 11:48:29 +0000
ROA not before: Wed 01 Jan 2025 11:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 559
IP address blocks: 130.223.0.0/16 maxlen: 16
192.42.180.0/22 maxlen: 22
192.42.184.0/21 maxlen: 21
192.42.192.0/21 maxlen: 21
192.42.200.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/0059b5-f637-4265-a3e4-a3b58628060d/1/aFGj_ud-kkFGF3Ej3WdTsG_eJFI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/0059b5-f637-4265-a3e4-a3b58628060d/1/aFGj_ud-kkFGF3Ej3WdTsG_eJFI.mft
rsync://rpki.ripe.net/repository/DEFAULT/aFGj_ud-kkFGF3Ej3WdTsG_eJFI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 11 Apr 2025 20:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:1f:2b:20:9a:83:13:95:83:38:b7:cf:fb:8d:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6851a3fee77e924146177123dd6753b06fde2452
Validity
Not Before: Jan 1 11:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ac5bd0ee4298a973e498bbb0233bbabffe64526e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:03:cb:6e:2e:7b:2b:24:61:30:c2:d3:aa:5c:
f2:3e:6d:85:ae:7c:a1:f6:ad:6e:10:bd:e8:ba:fe:
9c:4d:ce:c4:2d:e3:1f:ff:b7:06:26:a5:82:85:2e:
a7:56:3b:38:d1:69:a8:7f:2c:8d:c3:ce:84:fa:06:
12:27:5d:96:aa:8f:bc:84:76:8b:14:4a:2e:97:53:
c7:a2:6e:4a:99:bb:6d:dd:25:14:7c:97:74:5d:27:
a7:f3:b8:aa:37:60:d5:34:c7:44:ff:ec:b4:7d:32:
2e:17:85:7a:bd:aa:c2:75:d0:e5:40:e4:f7:8a:1d:
72:9d:0e:b4:ad:95:d9:17:69:b7:d1:fe:86:2e:d0:
a0:f7:1d:44:96:85:9d:1f:e0:18:6a:48:94:88:3e:
8d:39:32:12:c1:fb:f3:8b:49:93:91:33:80:d6:07:
ce:10:96:e1:ed:56:b2:4d:d1:b0:6e:09:ad:06:93:
ee:24:20:8b:aa:d9:e3:60:a7:01:75:40:9a:0a:19:
fb:cc:5c:fb:4b:80:3e:c8:91:c7:72:27:da:ec:41:
82:3f:06:c0:dd:f6:dc:69:6a:e9:ae:e8:46:74:9c:
75:7c:b1:e2:3f:df:9d:8f:4f:63:a8:9f:ec:dc:e5:
9d:50:61:f5:bb:59:79:17:5f:e8:90:6d:56:81:6c:
21:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:5B:D0:EE:42:98:A9:73:E4:98:BB:B0:23:3B:BA:BF:FE:64:52:6E
X509v3 Authority Key Identifier:
keyid:68:51:A3:FE:E7:7E:92:41:46:17:71:23:DD:67:53:B0:6F:DE:24:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aFGj_ud-kkFGF3Ej3WdTsG_eJFI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/0059b5-f637-4265-a3e4-a3b58628060d/1/rFvQ7kKYqXPkmLuwIzu6v_5kUm4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/0059b5-f637-4265-a3e4-a3b58628060d/1/aFGj_ud-kkFGF3Ej3WdTsG_eJFI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.223.0.0/16
192.42.180.0-192.42.201.255
Signature Algorithm: sha256WithRSAEncryption
ad:1c:8c:67:c2:c0:d8:e2:b6:2c:05:62:92:1b:5c:1b:0c:94:
b5:10:97:8c:60:8f:f0:7d:94:57:45:20:da:9c:33:e2:d8:fa:
0a:c2:75:a8:23:9b:a9:cd:b4:bd:56:a1:79:1d:da:93:fc:5d:
6d:97:c2:37:4c:ea:84:8a:d5:87:7a:4d:48:e7:5f:90:b7:62:
7d:10:04:94:bd:59:00:9f:76:ce:1a:39:f8:7f:d4:3d:90:a4:
e9:56:d6:4a:f1:d2:24:11:37:0a:2f:48:de:b6:fd:14:6b:d7:
31:0a:05:74:f0:a0:4e:3f:cb:8e:0d:cc:14:1f:97:50:dd:25:
bc:32:70:d6:64:bd:f8:ba:41:9d:55:2d:9e:53:8e:76:c3:97:
67:e6:43:3d:fb:9c:ab:35:fc:66:8d:9d:f4:82:79:f0:c4:2a:
d8:13:d3:92:67:80:57:2a:e8:50:6d:8f:04:fb:f2:7a:07:f5:
d8:f1:18:bf:99:f1:26:38:30:48:a6:9b:da:20:41:ad:16:f9:
1f:18:1a:1d:52:1b:98:fa:55:7a:31:3d:81:b0:69:75:89:1e:
4e:6d:5c:54:27:89:28:30:31:2b:9f:f9:cf:f3:51:08:10:e9:
5a:89:67:cd:45:10:7c:27:25:04:08:cf:84:70:94:c3:f8:0b:
11:0b:84:e7
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZQhsh8rIJqDE5WDOLfP+42lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4NTFhM2ZlZTc3ZTkyNDE0NjE3NzEyM2RkNjc1M2IwNmZk
ZTI0NTIwHhcNMjUwMTAxMTE0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzViZDBlZTQyOThhOTczZTQ5OGJiYjAyMzNiYmFiZmZlNjQ1MjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApAPLbi57KyRhMMLTqlzyPm2Frnyh
9q1uEL3ouv6cTc7ELeMf/7cGJqWChS6nVjs40WmofyyNw86E+gYSJ12Wqo+8hHaL
FEoul1PHom5Kmbtt3SUUfJd0XSen87iqN2DVNMdE/+y0fTIuF4V6varCddDlQOT3
ih1ynQ60rZXZF2m30f6GLtCg9x1EloWdH+AYakiUiD6NOTISwfvzi0mTkTOA1gfO
EJbh7VayTdGwbgmtBpPuJCCLqtnjYKcBdUCaChn7zFz7S4A+yJHHcifa7EGCPwbA
3fbcaWrpruhGdJx1fLHiP9+dj09jqJ/s3OWdUGH1u1l5F1/okG1WgWwhHwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFKxb0O5CmKlz5Ji7sCM7ur/+ZFJuMB8GA1UdIwQY
MBaAFGhRo/7nfpJBRhdxI91nU7Bv3iRSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUZHal91ZC1ra0ZHRjNFajNXZFRzR19lSkZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy8wMDU5YjUtZjYzNy00MjY1LWEzZTQt
YTNiNTg2MjgwNjBkLzEvckZ2UTdrS1lxWFBrbUx1d0l6dTZ2XzVrVW00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy8wMDU5YjUtZjYzNy00MjY1LWEzZTQtYTNiNTg2MjgwNjBk
LzEvYUZHal91ZC1ra0ZHRjNFajNXZFRzR19lSkZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAATATAwMAgt8wDAME
AsAqtAMEAcAqyDANBgkqhkiG9w0BAQsFAAOCAQEArRyMZ8LA2OK2LAVikhtcGwyU
tRCXjGCP8H2UV0Ug2pwz4tj6CsJ1qCObqc20vVaheR3ak/xdbZfCN0zqhIrVh3pN
SOdfkLdifRAElL1ZAJ92zho5+H/UPZCk6VbWSvHSJBE3Ci9I3rb9FGvXMQoFdPCg
Tj/Ljg3MFB+XUN0lvDJw1mS9+LpBnVUtnlOOdsOXZ+ZDPfucqzX8Zo2d9IJ58MQq
2BPTkmeAVyroUG2PBPvyegf12PEYv5nxJjgwSKab2iBBrRb5HxgaHVIbmPpVejE9
gbBpdYkeTm1cVCeJKDAxK5/5z/NRCBDpWolnzUUQfCclBAjPhHCUw/gLEQuE5w==
-----END CERTIFICATE-----
Generated at Fri Apr 11 05:03:20 2025 by rpki-client