Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/2b0928-5cb6-4d6b-a8ad-00e55a2499d0/1/AE5IQSZ07aDFdSNH0kV7_4HeAEw.roa
File: AE5IQSZ07aDFdSNH0kV7_4HeAEw.roa (raw, json)
Hash identifier: urftXRrLYNfHknYhlBilfeq0wuuzqoCnp0BIMu9jSb4=
Subject key identifier: 00:4E:48:41:26:74:ED:A0:C5:75:23:47:D2:45:7B:FF:81:DE:00:4C
Certificate issuer: /CN=9f783dfc289bfaa3c4ba1b324f1dbb57f586a01d
Certificate serial: 01941F8C70633A4C0D012172AE840564C619
Authority key identifier: 9F:78:3D:FC:28:9B:FA:A3:C4:BA:1B:32:4F:1D:BB:57:F5:86:A0:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n3g9_Cib-qPEuhsyTx27V_WGoB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/2b0928-5cb6-4d6b-a8ad-00e55a2499d0/1/AE5IQSZ07aDFdSNH0kV7_4HeAEw.roa
Signing time: Wed 01 Jan 2025 01:48:04 +0000
ROA not before: Wed 01 Jan 2025 01:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47133
IP address blocks: 91.203.188.0/24 maxlen: 24
91.203.189.0/24 maxlen: 24
91.203.190.0/24 maxlen: 24
91.203.191.0/24 maxlen: 24
2001:67c:f40::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/2b0928-5cb6-4d6b-a8ad-00e55a2499d0/1/n3g9_Cib-qPEuhsyTx27V_WGoB0.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/2b0928-5cb6-4d6b-a8ad-00e55a2499d0/1/n3g9_Cib-qPEuhsyTx27V_WGoB0.mft
rsync://rpki.ripe.net/repository/DEFAULT/n3g9_Cib-qPEuhsyTx27V_WGoB0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:70:63:3a:4c:0d:01:21:72:ae:84:05:64:c6:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f783dfc289bfaa3c4ba1b324f1dbb57f586a01d
Validity
Not Before: Jan 1 01:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=004e48412674eda0c5752347d2457bff81de004c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:2e:4d:72:47:80:46:1d:ca:50:a8:ac:4b:e0:
b5:77:90:5f:09:86:40:1e:fe:fc:f0:42:02:d9:b0:
be:b9:66:b6:a8:03:bb:1b:6e:0b:e9:26:12:03:26:
90:4d:6b:c8:9b:97:b0:4b:59:d2:bc:e3:b2:fa:a7:
03:1c:16:9e:aa:30:64:31:50:6e:02:cf:65:41:02:
58:64:27:8e:a3:e0:b3:89:21:00:23:56:00:99:65:
34:eb:23:66:13:fb:e5:54:df:e5:1c:5f:89:c9:f3:
82:68:b2:28:55:e0:df:bf:33:f9:73:6b:fb:62:fd:
ce:6d:7d:50:1f:5a:ca:a6:2a:52:32:a0:40:ee:02:
a9:15:b0:a7:59:a8:7e:c3:a7:14:53:9a:02:70:a1:
bf:29:aa:62:17:ab:35:6d:ab:5a:09:51:e6:8b:45:
3d:b4:92:22:4f:83:5d:dd:72:44:e9:9c:63:99:8b:
66:a4:6a:19:3b:a2:76:a7:ff:a6:40:63:24:fe:11:
d0:91:60:a4:5e:02:4e:92:08:37:1a:ff:c7:ab:15:
32:52:08:69:37:f2:24:fe:55:16:39:8d:ea:9b:bb:
f6:c3:e0:cd:30:fd:3e:81:ca:5e:7e:9a:3d:ad:1b:
05:ff:37:04:72:dc:c7:11:63:95:6c:26:a2:e4:6c:
3a:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:4E:48:41:26:74:ED:A0:C5:75:23:47:D2:45:7B:FF:81:DE:00:4C
X509v3 Authority Key Identifier:
keyid:9F:78:3D:FC:28:9B:FA:A3:C4:BA:1B:32:4F:1D:BB:57:F5:86:A0:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n3g9_Cib-qPEuhsyTx27V_WGoB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/2b0928-5cb6-4d6b-a8ad-00e55a2499d0/1/AE5IQSZ07aDFdSNH0kV7_4HeAEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/2b0928-5cb6-4d6b-a8ad-00e55a2499d0/1/n3g9_Cib-qPEuhsyTx27V_WGoB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.203.188.0/22
IPv6:
2001:67c:f40::/48
Signature Algorithm: sha256WithRSAEncryption
7f:ea:bd:82:23:ac:91:1f:83:b1:01:42:b2:25:63:51:d2:01:
a3:81:b8:97:ff:07:c5:30:ab:32:21:ae:44:dd:e3:3a:84:49:
e9:4d:0a:a3:08:0c:51:59:d0:20:d5:6e:1f:5c:00:e2:67:5c:
66:82:79:3e:b0:0c:cc:26:19:5d:54:71:04:dc:11:40:4c:bf:
f2:db:9d:c9:97:43:c5:d4:d4:14:fc:44:21:d4:99:be:3f:48:
ea:88:e3:6e:0d:ce:c0:eb:cb:fc:3e:73:84:df:a8:23:04:dc:
4f:5e:73:9a:e7:2a:1b:19:68:8e:28:aa:54:14:92:1b:76:6d:
a6:61:36:fe:36:8b:6c:72:cf:cd:8a:66:f2:15:24:e4:64:2d:
ec:d0:9a:46:55:51:7d:6e:20:a2:40:e7:4f:75:c7:93:67:96:
48:db:23:32:7b:3e:39:d3:08:72:e0:0b:f3:72:69:d8:81:b5:
75:5b:d5:dc:71:c0:3c:f9:aa:0e:a8:ba:e1:cc:33:e8:9d:86:
e4:69:a0:54:66:7f:3e:45:0d:98:49:0c:70:90:8f:7a:9f:28:
99:ef:3f:ce:48:19:1c:f3:4b:89:4f:69:f4:fd:b7:d3:30:55:
bf:f3:4a:f1:cb:54:41:07:de:0c:df:d4:57:42:2c:12:ec:3b:
ed:44:ac:68
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQfjHBjOkwNASFyroQFZMYZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmNzgzZGZjMjg5YmZhYTNjNGJhMWIzMjRmMWRiYjU3ZjU4
NmEwMWQwHhcNMjUwMTAxMDE0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDRlNDg0MTI2NzRlZGEwYzU3NTIzNDdkMjQ1N2JmZjgxZGUwMDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAti5NckeARh3KUKisS+C1d5BfCYZA
Hv788EIC2bC+uWa2qAO7G24L6SYSAyaQTWvIm5ewS1nSvOOy+qcDHBaeqjBkMVBu
As9lQQJYZCeOo+CziSEAI1YAmWU06yNmE/vlVN/lHF+JyfOCaLIoVeDfvzP5c2v7
Yv3ObX1QH1rKpipSMqBA7gKpFbCnWah+w6cUU5oCcKG/KapiF6s1bataCVHmi0U9
tJIiT4Nd3XJE6ZxjmYtmpGoZO6J2p/+mQGMk/hHQkWCkXgJOkgg3Gv/HqxUyUghp
N/Ik/lUWOY3qm7v2w+DNMP0+gcpefpo9rRsF/zcEctzHEWOVbCai5Gw6kwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFABOSEEmdO2gxXUjR9JFe/+B3gBMMB8GA1UdIwQY
MBaAFJ94Pfwom/qjxLobMk8du1f1hqAdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjNnOV9DaWItcVBFdWhzeVR4MjdWX1dHb0IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS8yYjA5MjgtNWNiNi00ZDZiLWE4YWQt
MDBlNTVhMjQ5OWQwLzEvQUU1SVFTWjA3YURGZFNOSDBrVjdfNEhlQUV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS8yYjA5MjgtNWNiNi00ZDZiLWE4YWQtMDBlNTVhMjQ5OWQw
LzEvbjNnOV9DaWItcVBFdWhzeVR4MjdWX1dHb0IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCW8u8MA8E
AgACMAkDBwAgAQZ8D0AwDQYJKoZIhvcNAQELBQADggEBAH/qvYIjrJEfg7EBQrIl
Y1HSAaOBuJf/B8UwqzIhrkTd4zqESelNCqMIDFFZ0CDVbh9cAOJnXGaCeT6wDMwm
GV1UcQTcEUBMv/LbncmXQ8XU1BT8RCHUmb4/SOqI424NzsDry/w+c4TfqCME3E9e
c5rnKhsZaI4oqlQUkht2baZhNv42i2xyz82KZvIVJORkLezQmkZVUX1uIKJA5091
x5NnlkjbIzJ7PjnTCHLgC/NyadiBtXVb1dxxwDz5qg6ouuHMM+idhuRpoFRmfz5F
DZhJDHCQj3qfKJnvP85IGRzzS4lPafT9t9MwVb/zSvHLVEEH3gzf1FdCLBLsO+1E
rGg=
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:58:56 2025 by rpki-client