Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/246d03-e090-4325-82f1-0bd095da78ef/1/kXlvgNGT0M_fb_-qmGB3FlkN85w.roa
File: kXlvgNGT0M_fb_-qmGB3FlkN85w.roa (raw, json)
Hash identifier: M89NbGfFWJGuspxS6G3ctJFxvooMQ1EluHCsGyLm9ME=
Subject key identifier: 91:79:6F:80:D1:93:D0:CF:DF:6F:FF:AA:98:60:77:16:59:0D:F3:9C
Certificate issuer: /CN=47bf2ffeda381e54818df07052cf67e222515f89
Certificate serial: 0194228E0774A6F80E492BD38045A053B02C
Authority key identifier: 47:BF:2F:FE:DA:38:1E:54:81:8D:F0:70:52:CF:67:E2:22:51:5F:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R78v_to4HlSBjfBwUs9n4iJRX4k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/246d03-e090-4325-82f1-0bd095da78ef/1/kXlvgNGT0M_fb_-qmGB3FlkN85w.roa
Signing time: Wed 01 Jan 2025 15:48:40 +0000
ROA not before: Wed 01 Jan 2025 15:48:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24819
IP address blocks: 91.216.7.0/24 maxlen: 24
193.111.104.0/22 maxlen: 22
2001:67c:1778::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/246d03-e090-4325-82f1-0bd095da78ef/1/R78v_to4HlSBjfBwUs9n4iJRX4k.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/246d03-e090-4325-82f1-0bd095da78ef/1/R78v_to4HlSBjfBwUs9n4iJRX4k.mft
rsync://rpki.ripe.net/repository/DEFAULT/R78v_to4HlSBjfBwUs9n4iJRX4k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 09:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:07:74:a6:f8:0e:49:2b:d3:80:45:a0:53:b0:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=47bf2ffeda381e54818df07052cf67e222515f89
Validity
Not Before: Jan 1 15:48:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=91796f80d193d0cfdf6fffaa98607716590df39c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:ff:10:d7:c5:9f:6c:92:68:c8:03:c3:28:ae:
b9:bd:ab:ae:f8:c1:ec:c8:3b:8f:21:22:1d:36:60:
70:b2:26:0a:4f:6c:bb:7b:c5:66:db:70:2c:29:5d:
f1:c9:ba:da:90:49:04:b5:86:cf:73:aa:8f:b2:eb:
c8:90:a6:1a:f7:27:be:4d:37:18:bb:9d:bb:09:35:
15:10:65:7e:11:b6:ff:a0:67:e5:00:77:f1:0c:60:
57:93:7e:dd:8c:36:b2:f1:2c:d7:88:2a:25:91:a8:
ed:08:5d:64:8c:31:3e:fc:94:48:60:5b:5b:c0:5d:
6d:f2:4f:cf:e4:15:08:4a:ae:01:cf:2c:91:72:e6:
d2:ab:c0:92:13:f3:d0:17:87:ac:dd:9b:07:84:83:
e3:5d:6c:88:02:56:af:31:25:ad:69:a1:ca:45:86:
1c:7b:f2:20:df:07:d9:6d:2a:b9:57:c6:9d:31:68:
24:ee:48:37:8e:56:e7:c0:bc:2a:b2:61:a9:f8:ae:
bb:fa:4f:82:6e:bc:1d:d4:0e:39:32:7f:de:15:eb:
08:44:a4:a1:ce:83:9b:d1:63:dc:27:fa:79:28:78:
0a:40:ef:5b:7b:e5:0c:9e:36:ee:0a:6f:91:eb:b6:
5a:ff:81:c9:d4:22:41:1c:02:6f:bb:fa:fd:18:78:
1c:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:79:6F:80:D1:93:D0:CF:DF:6F:FF:AA:98:60:77:16:59:0D:F3:9C
X509v3 Authority Key Identifier:
keyid:47:BF:2F:FE:DA:38:1E:54:81:8D:F0:70:52:CF:67:E2:22:51:5F:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R78v_to4HlSBjfBwUs9n4iJRX4k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/246d03-e090-4325-82f1-0bd095da78ef/1/kXlvgNGT0M_fb_-qmGB3FlkN85w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/246d03-e090-4325-82f1-0bd095da78ef/1/R78v_to4HlSBjfBwUs9n4iJRX4k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.7.0/24
193.111.104.0/22
IPv6:
2001:67c:1778::/48
Signature Algorithm: sha256WithRSAEncryption
77:de:51:a9:48:0a:62:56:c4:13:ab:e9:2d:6d:60:a7:9f:f5:
a6:a8:6e:41:23:80:a4:1e:45:c5:4a:dd:6e:05:45:96:50:df:
5a:38:43:5a:d8:4e:1b:a2:cc:07:22:c3:b4:6c:c9:29:85:dd:
17:4d:33:b8:be:69:e6:1f:95:0e:f4:af:f0:79:66:7a:f2:c5:
4b:0a:38:4b:a5:24:e2:3a:21:24:b1:57:57:67:05:9a:83:70:
62:06:14:a2:84:bf:ee:81:74:33:33:37:1b:01:56:fc:d3:19:
1b:a4:c1:51:89:1c:50:6f:0f:a0:30:dd:5c:33:a3:48:0b:8f:
81:08:6b:b2:63:0a:ba:33:6b:53:f1:66:45:07:5f:d1:71:49:
2e:87:f2:18:49:ed:ba:96:88:79:27:ac:9e:83:9c:9c:5d:68:
4a:e7:0e:77:e5:55:f7:a6:18:44:8e:5f:25:43:37:81:75:7b:
7c:93:43:2b:d3:85:51:dd:9d:29:70:27:08:ef:11:3d:86:0c:
47:d3:9e:6b:59:10:b2:5e:c2:9e:ec:78:39:23:cb:c7:a2:71:
56:f3:b0:39:5e:9e:20:a4:d7:18:e8:cc:b7:e2:20:b4:49:92:
7e:50:60:18:d8:ec:22:f8:71:f0:3a:f3:15:45:ba:ee:c7:31:
d4:aa:0e:46
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQijgd0pvgOSSvTgEWgU7AsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3YmYyZmZlZGEzODFlNTQ4MThkZjA3MDUyY2Y2N2UyMjI1
MTVmODkwHhcNMjUwMTAxMTU0ODQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTc5NmY4MGQxOTNkMGNmZGY2ZmZmYWE5ODYwNzcxNjU5MGRmMzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1v8Q18WfbJJoyAPDKK65vauu+MHs
yDuPISIdNmBwsiYKT2y7e8Vm23AsKV3xybrakEkEtYbPc6qPsuvIkKYa9ye+TTcY
u527CTUVEGV+Ebb/oGflAHfxDGBXk37djDay8SzXiColkajtCF1kjDE+/JRIYFtb
wF1t8k/P5BUISq4BzyyRcubSq8CSE/PQF4es3ZsHhIPjXWyIAlavMSWtaaHKRYYc
e/Ig3wfZbSq5V8adMWgk7kg3jlbnwLwqsmGp+K67+k+Cbrwd1A45Mn/eFesIRKSh
zoOb0WPcJ/p5KHgKQO9be+UMnjbuCm+R67Za/4HJ1CJBHAJvu/r9GHgcJQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFJF5b4DRk9DP32//qphgdxZZDfOcMB8GA1UdIwQY
MBaAFEe/L/7aOB5UgY3wcFLPZ+IiUV+JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjc4dl90bzRIbFNCamZCd1VzOW40aUpSWDRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy8yNDZkMDMtZTA5MC00MzI1LTgyZjEt
MGJkMDk1ZGE3OGVmLzEva1hsdmdOR1QwTV9mYl8tcW1HQjNGbGtOODV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy8yNDZkMDMtZTA5MC00MzI1LTgyZjEtMGJkMDk1ZGE3OGVm
LzEvUjc4dl90bzRIbFNCamZCd1VzOW40aUpSWDRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAW9gHAwQC
wW9oMA8EAgACMAkDBwAgAQZ8F3gwDQYJKoZIhvcNAQELBQADggEBAHfeUalICmJW
xBOr6S1tYKef9aaobkEjgKQeRcVK3W4FRZZQ31o4Q1rYThuizAciw7RsySmF3RdN
M7i+aeYflQ70r/B5ZnryxUsKOEulJOI6ISSxV1dnBZqDcGIGFKKEv+6BdDMzNxsB
VvzTGRukwVGJHFBvD6Aw3Vwzo0gLj4EIa7JjCroza1PxZkUHX9FxSS6H8hhJ7bqW
iHknrJ6DnJxdaErnDnflVfemGESOXyVDN4F1e3yTQyvThVHdnSlwJwjvET2GDEfT
nmtZELJewp7seDkjy8eicVbzsDleniCk1xjozLfiILRJkn5QYBjY7CL4cfA68xVF
uu7HMdSqDkY=
-----END CERTIFICATE-----
Generated at Fri Apr 11 19:00:14 2025 by rpki-client