Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/277333-e1f3-42ec-a8ac-b1f56a454d82/1/iKoSCNAZjucl_5DmTaH10Tdpg9A.roa
File: iKoSCNAZjucl_5DmTaH10Tdpg9A.roa (raw, json)
Hash identifier: YVc4w2MJumvbAdOpOrjC4pr5c6N7CyHuK7cs3DXXsqo=
Subject key identifier: 88:AA:12:08:D0:19:8E:E7:25:FF:90:E6:4D:A1:F5:D1:37:69:83:D0
Certificate issuer: /CN=7a1b849c340702501363a1f927ec424099b94726
Certificate serial: 0194266B18715DCCBFAF9CF4FB825683BF2A
Authority key identifier: 7A:1B:84:9C:34:07:02:50:13:63:A1:F9:27:EC:42:40:99:B9:47:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ehuEnDQHAlATY6H5J-xCQJm5RyY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/277333-e1f3-42ec-a8ac-b1f56a454d82/1/iKoSCNAZjucl_5DmTaH10Tdpg9A.roa
Signing time: Thu 02 Jan 2025 09:49:00 +0000
ROA not before: Thu 02 Jan 2025 09:49:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29789
IP address blocks: 67.22.58.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/277333-e1f3-42ec-a8ac-b1f56a454d82/1/ehuEnDQHAlATY6H5J-xCQJm5RyY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/277333-e1f3-42ec-a8ac-b1f56a454d82/1/ehuEnDQHAlATY6H5J-xCQJm5RyY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ehuEnDQHAlATY6H5J-xCQJm5RyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 18:34:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:18:71:5d:cc:bf:af:9c:f4:fb:82:56:83:bf:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a1b849c340702501363a1f927ec424099b94726
Validity
Not Before: Jan 2 09:49:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=88aa1208d0198ee725ff90e64da1f5d1376983d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:b9:b2:e6:3c:53:68:3c:de:35:05:30:6c:1d:
01:41:60:93:72:40:16:0e:e2:6e:7f:58:91:4b:65:
b4:bf:e2:91:43:6b:8f:fd:8d:26:30:83:4a:42:73:
e8:b8:8f:2b:c7:3c:a9:92:c0:11:03:0c:66:03:cc:
f4:db:6f:d7:a9:84:1d:a8:fa:5d:df:81:5a:6a:5c:
cc:51:f4:1a:52:e0:5f:a5:b0:c0:ab:d2:80:65:c0:
f5:82:4d:a1:49:e8:8c:18:78:da:51:2b:70:dd:5c:
c5:78:10:ca:c1:49:2d:61:03:01:e2:16:56:91:64:
3d:06:aa:a6:20:35:cb:11:55:bf:bc:ea:8d:ac:fa:
99:19:6a:2f:d5:c3:7b:f9:4b:43:54:8c:b6:47:0c:
d9:04:ef:ee:0c:f7:86:08:94:8c:f2:99:97:bc:38:
a2:85:bb:2a:d8:1e:a3:a5:a8:27:31:6b:1f:8f:10:
3b:1e:a1:6d:e4:0e:f8:9b:03:c5:ee:c8:5a:41:c3:
fd:6d:91:4d:25:96:3b:17:a5:36:20:26:fe:a1:d0:
87:12:f9:52:55:3a:fe:19:92:4e:b8:a8:40:de:5f:
50:7a:2f:4b:e6:83:65:34:5a:ab:96:5c:7c:55:19:
77:4f:5c:ac:b9:72:e4:02:b8:1a:75:97:1e:a3:90:
d6:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:AA:12:08:D0:19:8E:E7:25:FF:90:E6:4D:A1:F5:D1:37:69:83:D0
X509v3 Authority Key Identifier:
keyid:7A:1B:84:9C:34:07:02:50:13:63:A1:F9:27:EC:42:40:99:B9:47:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ehuEnDQHAlATY6H5J-xCQJm5RyY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/277333-e1f3-42ec-a8ac-b1f56a454d82/1/iKoSCNAZjucl_5DmTaH10Tdpg9A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/277333-e1f3-42ec-a8ac-b1f56a454d82/1/ehuEnDQHAlATY6H5J-xCQJm5RyY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
67.22.58.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:da:44:67:74:16:07:fe:91:c4:f3:52:b8:47:9f:7b:cc:49:
ed:a9:3d:2f:b5:42:63:f3:3a:aa:80:e8:b6:8b:f0:d7:7d:c7:
03:06:22:23:99:61:14:31:61:71:78:cd:ce:c9:2b:af:b0:94:
fe:89:c0:f6:89:88:d0:6d:29:c6:b4:98:39:79:2c:42:87:66:
b2:74:62:9e:c7:39:e8:76:e1:cb:0f:1f:9d:72:04:0f:bd:e2:
54:55:16:15:6d:a0:bb:41:0c:23:9e:26:68:86:b2:a2:81:f8:
b9:82:cf:f2:8b:5c:10:7d:d6:8e:1a:b7:b0:0a:9d:5d:0b:74:
a2:6a:d4:1c:e1:bb:5e:0f:8d:50:b9:a0:08:0e:da:40:3c:ac:
a8:7e:dc:94:d4:e1:3a:1b:d8:6e:1f:15:a0:a6:b3:91:cc:94:
f1:80:9d:84:4e:9a:05:d6:c4:b4:fa:80:80:a8:bb:d2:e6:e2:
73:1d:44:9b:4a:d7:44:04:3e:cc:c7:fe:a6:2a:84:ff:1a:e2:
2d:90:dc:88:df:9c:e7:c1:d1:e4:75:2d:4d:84:57:a3:d8:c0:
ff:f2:f7:31:8d:6e:dc:44:c4:97:90:f2:c9:d7:4b:4a:17:94:
89:43:4a:a5:43:90:13:25:37:e0:41:e2:10:55:1b:c4:44:06:
26:c8:bd:8c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQmaxhxXcy/r5z0+4JWg78qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhMWI4NDljMzQwNzAyNTAxMzYzYTFmOTI3ZWM0MjQwOTli
OTQ3MjYwHhcNMjUwMTAyMDk0OTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGFhMTIwOGQwMTk4ZWU3MjVmZjkwZTY0ZGExZjVkMTM3Njk4M2QwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx7my5jxTaDzeNQUwbB0BQWCTckAW
DuJuf1iRS2W0v+KRQ2uP/Y0mMINKQnPouI8rxzypksARAwxmA8z022/XqYQdqPpd
34FaalzMUfQaUuBfpbDAq9KAZcD1gk2hSeiMGHjaUStw3VzFeBDKwUktYQMB4hZW
kWQ9BqqmIDXLEVW/vOqNrPqZGWov1cN7+UtDVIy2RwzZBO/uDPeGCJSM8pmXvDii
hbsq2B6jpagnMWsfjxA7HqFt5A74mwPF7shaQcP9bZFNJZY7F6U2ICb+odCHEvlS
VTr+GZJOuKhA3l9Qei9L5oNlNFqrllx8VRl3T1ysuXLkArgadZceo5DWewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIiqEgjQGY7nJf+Q5k2h9dE3aYPQMB8GA1UdIwQY
MBaAFHobhJw0BwJQE2Oh+SfsQkCZuUcmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWh1RW5EUUhBbEFUWTZINUoteENRSm01UnlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8yNzczMzMtZTFmMy00MmVjLWE4YWMt
YjFmNTZhNDU0ZDgyLzEvaUtvU0NOQVpqdWNsXzVEbVRhSDEwVGRwZzlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC8yNzczMzMtZTFmMy00MmVjLWE4YWMtYjFmNTZhNDU0ZDgy
LzEvZWh1RW5EUUhBbEFUWTZINUoteENRSm01UnlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAQxY6MA0G
CSqGSIb3DQEBCwUAA4IBAQC92kRndBYH/pHE81K4R597zEntqT0vtUJj8zqqgOi2
i/DXfccDBiIjmWEUMWFxeM3OySuvsJT+icD2iYjQbSnGtJg5eSxCh2aydGKexzno
duHLDx+dcgQPveJUVRYVbaC7QQwjniZohrKigfi5gs/yi1wQfdaOGrewCp1dC3Si
atQc4bteD41QuaAIDtpAPKyoftyU1OE6G9huHxWgprORzJTxgJ2ETpoF1sS0+oCA
qLvS5uJzHUSbStdEBD7Mx/6mKoT/GuItkNyI35znwdHkdS1NhFej2MD/8vcxjW7c
RMSXkPLJ10tKF5SJQ0qlQ5ATJTfgQeIQVRvERAYmyL2M
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:18:34 2025 by rpki-client