Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/2cfdfd-1b3b-4aaa-bd82-3f78bc3de3a8/1/e4pYTgrST_OIh_0Qkxb1VUF6r3Y.roa
File: e4pYTgrST_OIh_0Qkxb1VUF6r3Y.roa (raw, json)
Hash identifier: CwIOS1Io6ZhDFcyydlZIo2WNdIO73K5UrPWTpvd7EH0=
Subject key identifier: 7B:8A:58:4E:0A:D2:4F:F3:88:87:FD:10:93:16:F5:55:41:7A:AF:76
Certificate issuer: /CN=a55004661a09e2675fc1599d4e40027d778c404c
Certificate serial: 01942444F498B8BBE4F15A4501B82828A4C1
Authority key identifier: A5:50:04:66:1A:09:E2:67:5F:C1:59:9D:4E:40:02:7D:77:8C:40:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pVAEZhoJ4mdfwVmdTkACfXeMQEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/2cfdfd-1b3b-4aaa-bd82-3f78bc3de3a8/1/e4pYTgrST_OIh_0Qkxb1VUF6r3Y.roa
Signing time: Wed 01 Jan 2025 23:48:06 +0000
ROA not before: Wed 01 Jan 2025 23:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56988
IP address blocks: 91.229.224.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/2cfdfd-1b3b-4aaa-bd82-3f78bc3de3a8/1/pVAEZhoJ4mdfwVmdTkACfXeMQEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/cc/2cfdfd-1b3b-4aaa-bd82-3f78bc3de3a8/1/pVAEZhoJ4mdfwVmdTkACfXeMQEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/pVAEZhoJ4mdfwVmdTkACfXeMQEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:f4:98:b8:bb:e4:f1:5a:45:01:b8:28:28:a4:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a55004661a09e2675fc1599d4e40027d778c404c
Validity
Not Before: Jan 1 23:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7b8a584e0ad24ff38887fd109316f555417aaf76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:78:c2:07:87:59:5e:ee:43:cf:61:79:e4:c3:
70:97:be:2c:83:4b:d2:cb:68:40:f5:f1:72:70:46:
1f:fd:63:04:49:3f:87:5f:a7:f3:c4:5d:0a:e5:aa:
22:3c:bc:ff:0a:71:ea:9f:9f:f9:9c:17:8e:81:29:
64:48:32:74:1e:b6:06:be:e9:41:a0:db:f9:d7:fc:
69:84:dd:3e:3a:cc:f7:2a:36:ac:09:1e:df:e5:7f:
82:0a:53:dc:6d:18:dd:bf:fc:e4:48:60:9a:3c:3e:
83:ea:f4:72:de:33:b3:1e:ae:8c:1b:8f:92:a8:28:
74:15:b8:46:72:7d:ab:0a:e5:0b:3a:14:ad:47:7e:
51:12:b3:b7:e8:30:35:b1:49:c1:9a:dd:65:23:58:
67:d6:d8:d4:57:79:7a:de:2e:59:99:5f:c3:16:42:
68:2a:2b:77:eb:f6:47:2e:38:7f:07:58:c5:6a:2c:
fd:98:7c:98:83:5f:e2:ac:ab:fe:80:01:87:82:20:
12:7a:47:e9:c7:40:3d:69:80:be:52:ed:be:86:c6:
15:cb:fb:01:7c:34:d1:c0:76:de:cc:84:d9:88:d1:
ff:8c:71:13:2f:9f:a3:af:51:12:22:67:94:ca:cc:
08:15:f3:c3:47:8a:47:4a:31:dc:16:cc:a4:45:76:
c4:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:8A:58:4E:0A:D2:4F:F3:88:87:FD:10:93:16:F5:55:41:7A:AF:76
X509v3 Authority Key Identifier:
keyid:A5:50:04:66:1A:09:E2:67:5F:C1:59:9D:4E:40:02:7D:77:8C:40:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pVAEZhoJ4mdfwVmdTkACfXeMQEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/2cfdfd-1b3b-4aaa-bd82-3f78bc3de3a8/1/e4pYTgrST_OIh_0Qkxb1VUF6r3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/2cfdfd-1b3b-4aaa-bd82-3f78bc3de3a8/1/pVAEZhoJ4mdfwVmdTkACfXeMQEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.229.224.0/24
Signature Algorithm: sha256WithRSAEncryption
20:0a:28:90:45:fe:ad:8e:d8:53:19:02:30:e0:9d:65:58:40:
0b:ed:45:cb:a7:a4:97:28:52:9d:0e:32:70:c7:fe:cb:ff:45:
9f:40:3e:6b:7a:31:ac:cc:2c:07:f0:96:14:fd:77:7f:3c:b4:
38:3e:9c:21:23:b2:68:45:db:78:eb:ae:6b:79:c0:f7:e1:0d:
b0:1a:21:da:bf:fd:6a:bd:9b:9e:80:e2:d8:89:fd:4e:42:e6:
a8:aa:b5:d6:0b:b5:2c:98:f0:4e:bf:f0:ca:b2:30:9a:87:af:
b4:f8:98:70:52:ad:08:e1:a6:df:ec:bf:c0:06:88:76:90:e1:
8c:e1:b0:ec:b5:aa:d2:77:1b:8f:ae:fb:28:94:bb:c5:f0:f3:
0a:d0:c9:5e:41:00:b7:02:2f:ed:99:6b:9f:6e:fd:2f:2e:7d:
02:d9:e2:74:af:6b:91:17:f2:c3:6e:2b:46:8a:9c:12:30:66:
5f:2f:3a:b1:a4:5f:22:ff:64:c6:ae:41:86:8c:7c:1f:63:de:
ee:fc:12:72:a0:25:b2:42:78:e5:10:a1:02:9c:83:d8:1c:46:
3d:c7:2a:9c:09:26:10:6c:c1:3a:cf:4d:85:8c:76:ed:3b:19:
53:fd:14:3e:6d:4a:a7:02:24:0d:90:d1:1a:6d:37:12:87:cf:
f8:69:9b:ee
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRPSYuLvk8VpFAbgoKKTBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NTAwNDY2MWEwOWUyNjc1ZmMxNTk5ZDRlNDAwMjdkNzc4
YzQwNGMwHhcNMjUwMTAxMjM0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjhhNTg0ZTBhZDI0ZmYzODg4N2ZkMTA5MzE2ZjU1NTQxN2FhZjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2njCB4dZXu5Dz2F55MNwl74sg0vS
y2hA9fFycEYf/WMEST+HX6fzxF0K5aoiPLz/CnHqn5/5nBeOgSlkSDJ0HrYGvulB
oNv51/xphN0+Osz3KjasCR7f5X+CClPcbRjdv/zkSGCaPD6D6vRy3jOzHq6MG4+S
qCh0FbhGcn2rCuULOhStR35RErO36DA1sUnBmt1lI1hn1tjUV3l63i5ZmV/DFkJo
Kit36/ZHLjh/B1jFaiz9mHyYg1/irKv+gAGHgiASekfpx0A9aYC+Uu2+hsYVy/sB
fDTRwHbezITZiNH/jHETL5+jr1ESImeUyswIFfPDR4pHSjHcFsykRXbE2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHuKWE4K0k/ziIf9EJMW9VVBeq92MB8GA1UdIwQY
MBaAFKVQBGYaCeJnX8FZnU5AAn13jEBMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFZBRVpob0o0bWRmd1ZtZFRrQUNmWGVNUUV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8yY2ZkZmQtMWIzYi00YWFhLWJkODIt
M2Y3OGJjM2RlM2E4LzEvZTRwWVRnclNUX09JaF8wUWt4YjFWVUY2cjNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8yY2ZkZmQtMWIzYi00YWFhLWJkODItM2Y3OGJjM2RlM2E4
LzEvcFZBRVpob0o0bWRmd1ZtZFRrQUNmWGVNUUV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+XgMA0G
CSqGSIb3DQEBCwUAA4IBAQAgCiiQRf6tjthTGQIw4J1lWEAL7UXLp6SXKFKdDjJw
x/7L/0WfQD5rejGszCwH8JYU/Xd/PLQ4PpwhI7JoRdt4665recD34Q2wGiHav/1q
vZuegOLYif1OQuaoqrXWC7UsmPBOv/DKsjCah6+0+JhwUq0I4abf7L/ABoh2kOGM
4bDstarSdxuPrvsolLvF8PMK0MleQQC3Ai/tmWufbv0vLn0C2eJ0r2uRF/LDbitG
ipwSMGZfLzqxpF8i/2TGrkGGjHwfY97u/BJyoCWyQnjlEKECnIPYHEY9xyqcCSYQ
bME6z02FjHbtOxlT/RQ+bUqnAiQNkNEabTcSh8/4aZvu
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:59:56 2025 by rpki-client