Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/1e777f-986b-4e34-8d81-7d4bb2380487/1/L28NpBoao3Pa3xUMhUeIlTWycwI.roa
File: L28NpBoao3Pa3xUMhUeIlTWycwI.roa (raw, json)
Hash identifier: JJ0Hw6tLmgmw+4N0PuUc739/Jd0W5Amgk51pa7BbiAk=
Subject key identifier: 2F:6F:0D:A4:1A:1A:A3:73:DA:DF:15:0C:85:47:88:95:35:B2:73:02
Certificate issuer: /CN=0170a169b6cd411022279e9ff997f134ff54ab1c
Certificate serial: 01942521E4E2D27F55B4DB84E7DCB811CF97
Authority key identifier: 01:70:A1:69:B6:CD:41:10:22:27:9E:9F:F9:97:F1:34:FF:54:AB:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AXChabbNQRAiJ56f-ZfxNP9Uqxw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/1e777f-986b-4e34-8d81-7d4bb2380487/1/L28NpBoao3Pa3xUMhUeIlTWycwI.roa
Signing time: Thu 02 Jan 2025 03:49:25 +0000
ROA not before: Thu 02 Jan 2025 03:49:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206926
IP address blocks: 91.126.90.0/23 maxlen: 24
91.126.101.0/24 maxlen: 24
91.126.102.0/24 maxlen: 24
91.126.103.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/1e777f-986b-4e34-8d81-7d4bb2380487/1/AXChabbNQRAiJ56f-ZfxNP9Uqxw.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/1e777f-986b-4e34-8d81-7d4bb2380487/1/AXChabbNQRAiJ56f-ZfxNP9Uqxw.mft
rsync://rpki.ripe.net/repository/DEFAULT/AXChabbNQRAiJ56f-ZfxNP9Uqxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 05:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:e4:e2:d2:7f:55:b4:db:84:e7:dc:b8:11:cf:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0170a169b6cd411022279e9ff997f134ff54ab1c
Validity
Not Before: Jan 2 03:49:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2f6f0da41a1aa373dadf150c8547889535b27302
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:83:e9:13:5a:79:50:62:c3:92:04:e8:5c:a7:
0a:53:3d:a7:24:e1:9d:32:39:d0:71:cf:f9:c2:fd:
d5:9c:fa:3e:f5:03:fb:4f:1c:df:44:ed:c0:eb:84:
77:e6:28:fe:68:80:8c:cd:44:8c:c0:ee:56:48:e9:
f0:33:b7:1b:13:54:bf:d7:69:a8:b8:4a:5e:ee:dc:
b4:ad:f0:fe:5b:69:29:20:da:a1:e7:ac:92:ce:1d:
79:ea:d1:d3:65:ab:db:be:b3:db:d1:bf:20:96:34:
76:d9:17:10:f9:68:4f:b6:5a:64:19:8e:94:8b:33:
78:76:0d:68:80:a6:40:ee:8a:1a:b9:76:65:0b:ad:
07:39:3f:84:be:32:0c:c5:86:2b:85:3b:96:3a:b6:
f3:16:21:88:49:04:ad:e8:b1:4a:fa:60:cc:81:e8:
e9:64:ec:39:75:0e:96:af:99:1c:14:ec:53:3d:8c:
08:06:ed:eb:c8:60:61:90:88:36:00:1a:6b:1f:0a:
b2:18:db:a1:67:97:6a:c0:1e:04:e8:b3:34:93:a9:
0e:47:27:79:c8:de:9c:c8:87:8d:0b:d8:ca:4d:e8:
26:95:30:99:35:2a:15:d3:ac:55:e9:d9:fb:5d:b2:
c3:53:b9:e3:59:ac:bd:28:26:ff:d7:fa:83:a0:18:
bc:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:6F:0D:A4:1A:1A:A3:73:DA:DF:15:0C:85:47:88:95:35:B2:73:02
X509v3 Authority Key Identifier:
keyid:01:70:A1:69:B6:CD:41:10:22:27:9E:9F:F9:97:F1:34:FF:54:AB:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AXChabbNQRAiJ56f-ZfxNP9Uqxw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/1e777f-986b-4e34-8d81-7d4bb2380487/1/L28NpBoao3Pa3xUMhUeIlTWycwI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/1e777f-986b-4e34-8d81-7d4bb2380487/1/AXChabbNQRAiJ56f-ZfxNP9Uqxw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.126.90.0/23
91.126.101.0-91.126.103.255
Signature Algorithm: sha256WithRSAEncryption
8b:8f:ea:76:3b:87:56:57:97:1c:29:99:de:14:f1:55:22:8c:
0d:a1:be:a9:ef:fe:51:12:9e:9e:96:fa:ef:83:24:04:ff:c0:
22:f4:f6:ed:72:72:d4:f4:b2:44:c1:81:f0:97:ea:51:85:92:
81:14:d5:5f:db:4c:d6:3c:81:68:3e:37:a9:7b:69:39:5b:bd:
9d:31:e5:81:d2:8a:d8:81:c3:b9:ee:87:8e:97:63:71:e1:80:
69:bc:81:8b:3c:39:42:bc:5d:15:ed:6a:af:7c:0a:53:31:c3:
d1:43:f5:4a:46:26:18:54:8a:26:4c:b0:77:d9:2c:f7:32:0d:
89:93:6f:25:56:cd:be:dc:ef:3a:f6:a8:a7:76:22:88:01:fe:
ef:77:32:c8:f0:a0:43:a5:04:74:5d:1d:ff:5e:50:d2:cd:7e:
ec:5e:30:e3:d4:f2:02:50:50:05:13:c2:ed:5b:cd:0a:a2:b6:
7c:73:02:b3:ef:f2:ea:64:93:b5:17:99:c2:5e:91:be:54:a7:
c8:47:3d:20:4d:4f:3e:44:5b:af:f5:c8:69:f4:bd:a4:7d:e4:
cb:cf:75:c8:4a:b9:e5:2d:2f:9c:a2:b5:69:d1:00:f0:35:9a:
d9:3c:54:bc:80:22:c2:cc:a3:e2:65:88:17:b6:31:af:be:c5:
c0:73:a1:a8
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQlIeTi0n9VtNuE59y4Ec+XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNzBhMTY5YjZjZDQxMTAyMjI3OWU5ZmY5OTdmMTM0ZmY1
NGFiMWMwHhcNMjUwMTAyMDM0OTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjZmMGRhNDFhMWFhMzczZGFkZjE1MGM4NTQ3ODg5NTM1YjI3MzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqIPpE1p5UGLDkgToXKcKUz2nJOGd
MjnQcc/5wv3VnPo+9QP7TxzfRO3A64R35ij+aICMzUSMwO5WSOnwM7cbE1S/12mo
uEpe7ty0rfD+W2kpINqh56ySzh156tHTZavbvrPb0b8gljR22RcQ+WhPtlpkGY6U
izN4dg1ogKZA7ooauXZlC60HOT+EvjIMxYYrhTuWOrbzFiGISQSt6LFK+mDMgejp
ZOw5dQ6Wr5kcFOxTPYwIBu3ryGBhkIg2ABprHwqyGNuhZ5dqwB4E6LM0k6kORyd5
yN6cyIeNC9jKTegmlTCZNSoV06xV6dn7XbLDU7njWay9KCb/1/qDoBi8XwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFC9vDaQaGqNz2t8VDIVHiJU1snMCMB8GA1UdIwQY
MBaAFAFwoWm2zUEQIieen/mX8TT/VKscMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVhDaGFiYk5RUkFpSjU2Zi1aZnhOUDlVcXh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC8xZTc3N2YtOTg2Yi00ZTM0LThkODEt
N2Q0YmIyMzgwNDg3LzEvTDI4TnBCb2FvM1BhM3hVTWhVZUlsVFd5Y3dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC8xZTc3N2YtOTg2Yi00ZTM0LThkODEtN2Q0YmIyMzgwNDg3
LzEvQVhDaGFiYk5RUkFpSjU2Zi1aZnhOUDlVcXh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBW35aMAwD
BABbfmUDBANbfmAwDQYJKoZIhvcNAQELBQADggEBAIuP6nY7h1ZXlxwpmd4U8VUi
jA2hvqnv/lESnp6W+u+DJAT/wCL09u1yctT0skTBgfCX6lGFkoEU1V/bTNY8gWg+
N6l7aTlbvZ0x5YHSitiBw7nuh46XY3HhgGm8gYs8OUK8XRXtaq98ClMxw9FD9UpG
JhhUiiZMsHfZLPcyDYmTbyVWzb7c7zr2qKd2IogB/u93MsjwoEOlBHRdHf9eUNLN
fuxeMOPU8gJQUAUTwu1bzQqitnxzArPv8upkk7UXmcJekb5Up8hHPSBNTz5EW6/1
yGn0vaR95MvPdchKueUtL5yitWnRAPA1mtk8VLyAIsLMo+JliBe2Ma++xcBzoag=
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:17:33 2025 by rpki-client