Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/d6ba8d-150e-450e-849c-f38fa0e71d99/1/1-KGFkp6-58CAfMM59AAzTBwEK5A.roa
File: 1-KGFkp6-58CAfMM59AAzTBwEK5A.roa (raw, json)
Hash identifier: LpeybfjrfgjM/OjVBSR68hbsEhIa7z+y+IoR5F/Kfmc=
Subject key identifier: F8:A1:85:92:9E:BE:E7:C0:80:7C:C3:39:F4:00:33:4C:1C:04:2B:90
Certificate issuer: /CN=4e9f52fd550692be7eec192fc3ed2327f5a2f9ab
Certificate serial: 0194214460520D52DE5D37B2C567C7B63838
Authority key identifier: 4E:9F:52:FD:55:06:92:BE:7E:EC:19:2F:C3:ED:23:27:F5:A2:F9:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9S_VUGkr5-7Bkvw-0jJ_Wi-as.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/d6ba8d-150e-450e-849c-f38fa0e71d99/1/1-KGFkp6-58CAfMM59AAzTBwEK5A.roa
Signing time: Wed 01 Jan 2025 09:48:36 +0000
ROA not before: Wed 01 Jan 2025 09:48:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57520
IP address blocks: 194.60.226.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/d6ba8d-150e-450e-849c-f38fa0e71d99/1/Tp9S_VUGkr5-7Bkvw-0jJ_Wi-as.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/d6ba8d-150e-450e-849c-f38fa0e71d99/1/Tp9S_VUGkr5-7Bkvw-0jJ_Wi-as.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9S_VUGkr5-7Bkvw-0jJ_Wi-as.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:60:52:0d:52:de:5d:37:b2:c5:67:c7:b6:38:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f52fd550692be7eec192fc3ed2327f5a2f9ab
Validity
Not Before: Jan 1 09:48:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f8a185929ebee7c0807cc339f400334c1c042b90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:19:37:13:4e:c3:62:09:e8:b9:c9:5c:f9:ed:
89:d0:d6:0a:ed:d7:61:75:e7:e7:22:25:64:12:71:
17:bd:72:9c:a2:22:62:2d:72:22:10:3e:31:c9:1d:
f4:f4:aa:4a:79:fa:58:a0:fc:2e:f6:dd:f6:59:1f:
37:68:79:37:55:9e:9f:03:8d:8a:e9:50:98:da:18:
2e:e7:8e:64:e0:65:91:d8:ed:4b:b2:c2:3e:9d:18:
75:1d:73:c9:a3:25:ac:00:7a:25:77:d4:09:d3:84:
d8:12:23:57:54:8e:f5:59:23:13:20:0a:b9:32:f7:
3c:3c:f5:8b:1f:b4:ce:2f:b9:e1:35:76:d5:4a:50:
62:67:d5:f1:c5:b1:c5:56:cc:1b:6c:ac:59:2c:43:
b2:3c:59:c1:8a:f7:00:bb:1f:7c:f0:b9:76:4b:b5:
69:b4:be:39:d8:2e:6f:5e:42:1f:c3:a1:5c:7c:3b:
2e:44:5a:a3:f3:6b:cc:b0:5a:3c:11:90:7d:95:da:
fa:86:5e:77:53:ce:dc:dc:a0:02:61:e6:8e:e0:89:
3b:7b:bd:da:3b:27:78:93:d8:22:43:fe:ee:0f:d0:
74:20:62:5b:8c:ea:cf:22:df:d3:cc:1c:e8:c6:e7:
a9:7c:f7:90:1e:a4:29:f2:f1:a0:1b:c2:62:8c:43:
af:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:A1:85:92:9E:BE:E7:C0:80:7C:C3:39:F4:00:33:4C:1C:04:2B:90
X509v3 Authority Key Identifier:
keyid:4E:9F:52:FD:55:06:92:BE:7E:EC:19:2F:C3:ED:23:27:F5:A2:F9:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9S_VUGkr5-7Bkvw-0jJ_Wi-as.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/d6ba8d-150e-450e-849c-f38fa0e71d99/1/1-KGFkp6-58CAfMM59AAzTBwEK5A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/d6ba8d-150e-450e-849c-f38fa0e71d99/1/Tp9S_VUGkr5-7Bkvw-0jJ_Wi-as.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.60.226.0/23
Signature Algorithm: sha256WithRSAEncryption
3f:b9:b3:47:7f:c9:be:de:08:73:af:a9:96:66:bc:5b:f6:63:
31:f7:75:0c:e8:a1:6c:bb:7a:c9:c6:7c:0e:ac:a9:93:9a:94:
87:93:a4:8c:f3:4e:b1:61:8f:6f:c4:68:6c:61:fd:d4:b2:f5:
b0:11:ac:3c:73:39:ef:78:da:ee:cb:4b:63:2b:ea:73:f0:9b:
77:8f:50:61:f7:81:de:44:ac:46:35:16:ee:c5:b0:68:cd:40:
58:7a:1e:49:f3:90:9e:ee:a5:51:6f:66:29:dd:d4:ca:c7:4e:
ad:a2:09:7a:15:4e:81:d5:47:65:0c:64:09:90:8c:a3:83:1a:
11:45:f9:64:ed:13:b1:d1:86:ac:a0:db:2f:94:7c:ee:f7:12:
9a:8b:3d:94:e5:f4:51:b5:e5:58:68:5c:ac:d9:40:85:3e:95:
96:21:c9:bb:58:71:2f:c2:33:25:78:47:9d:0b:89:0c:4e:a0:
f6:0e:6f:09:bd:02:4b:04:0d:2d:a7:28:e2:ed:8c:8e:df:a4:
84:fa:9d:83:a1:e8:53:38:67:98:cb:f0:0d:8d:be:92:20:25:
ca:89:a6:81:f5:3e:8b:74:b8:f4:c4:d4:59:1e:f7:d8:2d:4c:
d6:d1:8a:33:24:81:d8:ea:31:ab:ce:3d:99:31:82:d4:5c:5e:
51:16:63:29
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQhRGBSDVLeXTeyxWfHtjg4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlOWY1MmZkNTUwNjkyYmU3ZWVjMTkyZmMzZWQyMzI3ZjVh
MmY5YWIwHhcNMjUwMTAxMDk0ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGExODU5MjllYmVlN2MwODA3Y2MzMzlmNDAwMzM0YzFjMDQyYjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArRk3E07DYgnouclc+e2J0NYK7ddh
defnIiVkEnEXvXKcoiJiLXIiED4xyR309KpKefpYoPwu9t32WR83aHk3VZ6fA42K
6VCY2hgu545k4GWR2O1LssI+nRh1HXPJoyWsAHold9QJ04TYEiNXVI71WSMTIAq5
Mvc8PPWLH7TOL7nhNXbVSlBiZ9XxxbHFVswbbKxZLEOyPFnBivcAux988Ll2S7Vp
tL452C5vXkIfw6FcfDsuRFqj82vMsFo8EZB9ldr6hl53U87c3KACYeaO4Ik7e73a
Oyd4k9giQ/7uD9B0IGJbjOrPIt/TzBzoxuepfPeQHqQp8vGgG8JijEOv0wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPihhZKevufAgHzDOfQAM0wcBCuQMB8GA1UdIwQY
MBaAFE6fUv1VBpK+fuwZL8PtIyf1ovmrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHA5U19WVUdrcjUtN0JrdnctMGpKX1dpLWFzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9kNmJhOGQtMTUwZS00NTBlLTg0OWMt
ZjM4ZmEwZTcxZDk5LzEvMS1LR0ZrcDYtNThDQWZNTTU5QUF6VEJ3RUs1QS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzEvZDZiYThkLTE1MGUtNDUwZS04NDljLWYzOGZhMGU3MWQ5
OS8xL1RwOVNfVlVHa3I1LTdCa3Z3LTBqSl9XaS1hcy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcI84jAN
BgkqhkiG9w0BAQsFAAOCAQEAP7mzR3/Jvt4Ic6+plma8W/ZjMfd1DOihbLt6ycZ8
Dqypk5qUh5OkjPNOsWGPb8RobGH91LL1sBGsPHM573ja7stLYyvqc/Cbd49QYfeB
3kSsRjUW7sWwaM1AWHoeSfOQnu6lUW9mKd3UysdOraIJehVOgdVHZQxkCZCMo4Ma
EUX5ZO0TsdGGrKDbL5R87vcSmos9lOX0UbXlWGhcrNlAhT6VliHJu1hxL8IzJXhH
nQuJDE6g9g5vCb0CSwQNLaco4u2Mjt+khPqdg6HoUzhnmMvwDY2+kiAlyommgfU+
i3S49MTUWR732C1M1tGKMySB2Ooxq849mTGC1FxeURZjKQ==
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:55:26 2025 by rpki-client