Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/ALRKLiQTgt5YtnjpG0N8CtMLGW4.roa
File: ALRKLiQTgt5YtnjpG0N8CtMLGW4.roa (raw, json)
Hash identifier: Ef1V8OSKPS7+zkPMvhiIp0iYy5On/Lqq0H5ne5CO22Y=
Subject key identifier: 00:B4:4A:2E:24:13:82:DE:58:B6:78:E9:1B:43:7C:0A:D3:0B:19:6E
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 0194236A576C0E0373AE9BC5A48CC7BF4556
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/ALRKLiQTgt5YtnjpG0N8CtMLGW4.roa
Signing time: Wed 01 Jan 2025 19:49:19 +0000
ROA not before: Wed 01 Jan 2025 19:49:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213018
IP address blocks: 2.57.253.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.mft
rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 06:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:57:6c:0e:03:73:ae:9b:c5:a4:8c:c7:bf:45:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 1 19:49:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=00b44a2e241382de58b678e91b437c0ad30b196e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:ce:32:45:59:5b:58:40:19:82:9a:da:3b:04:
1d:58:bc:8f:d7:24:ce:dc:e4:50:3d:47:19:50:a5:
4f:39:48:3f:a7:55:fa:0e:0e:d7:96:0c:b1:b0:3c:
28:3a:60:6a:09:96:00:ef:37:04:5f:02:57:36:13:
2b:43:08:6f:3f:38:3b:99:26:7b:5b:3f:7c:d5:f5:
78:56:1b:a9:78:81:8c:73:5d:c7:d9:c5:26:a6:75:
96:d9:93:06:b5:d0:49:a9:1d:25:f9:3e:4a:ca:f6:
90:dd:f5:6f:0f:ce:6b:73:c9:34:27:43:e7:33:14:
3b:32:69:17:53:83:ef:23:94:79:87:58:1d:b8:77:
a7:0e:58:90:74:50:a2:82:1f:61:3d:c1:35:32:10:
58:37:6d:0a:ce:2b:91:6f:4d:48:5d:b8:eb:c7:82:
c4:fa:01:ad:bb:b9:91:ad:2f:f8:41:21:3b:5e:eb:
24:e9:82:8d:73:a5:69:cb:15:d6:9c:ea:4d:9b:2b:
57:51:9f:59:91:2a:ce:4d:be:f9:c4:e0:47:dc:5f:
bf:77:f1:a8:24:a8:80:e7:c6:bf:89:f1:b4:67:82:
65:ff:5f:77:7d:b5:d0:df:ad:72:4e:1a:34:20:6e:
74:f1:c8:ae:1f:3c:b1:b3:75:51:fb:54:6c:86:cc:
6c:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:B4:4A:2E:24:13:82:DE:58:B6:78:E9:1B:43:7C:0A:D3:0B:19:6E
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/ALRKLiQTgt5YtnjpG0N8CtMLGW4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.253.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:08:d0:84:ad:98:10:c9:22:c6:23:85:dd:b8:27:c2:d1:3e:
77:0b:99:a9:47:dc:99:97:8b:4c:7e:66:18:42:06:e2:45:f9:
9e:45:b0:87:d4:5d:39:77:a2:a4:e2:38:e6:87:78:fd:e0:42:
66:fe:13:da:74:c1:71:6a:31:36:32:2c:c9:fa:d3:1c:b2:05:
57:a1:d8:d3:d1:d8:21:04:54:be:50:2a:be:b8:6f:e4:21:8f:
0e:de:f2:92:bb:d6:b0:38:75:ca:9d:ff:92:2d:2f:10:9a:b5:
25:aa:cf:73:01:80:ec:d6:81:ea:a4:62:25:88:9d:c7:12:2f:
50:8f:04:9d:0e:15:78:21:af:a6:e4:b4:c9:f2:11:68:26:b5:
6a:9b:12:c8:8d:f4:bd:f9:f1:8b:67:54:b1:53:3c:cd:17:53:
81:31:7f:69:f0:9e:51:e1:72:29:d0:2f:62:b1:6a:17:be:94:
cf:c7:17:46:01:9f:4d:56:33:71:8b:1f:31:ff:d8:92:ec:a0:
ef:1a:cd:d8:1d:02:68:1e:b3:a6:ec:95:93:c9:76:2a:58:80:
74:39:d5:02:6b:d9:cc:92:2a:81:ea:0e:39:9a:8a:11:c9:d6:
5b:ae:57:f7:16:61:7b:7b:a4:34:67:3a:50:17:c6:47:48:83:
bc:59:8c:56
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjaldsDgNzrpvFpIzHv0VWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjUwMTAxMTk0OTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGI0NGEyZTI0MTM4MmRlNThiNjc4ZTkxYjQzN2MwYWQzMGIxOTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwc4yRVlbWEAZgpraOwQdWLyP1yTO
3ORQPUcZUKVPOUg/p1X6Dg7XlgyxsDwoOmBqCZYA7zcEXwJXNhMrQwhvPzg7mSZ7
Wz981fV4VhupeIGMc13H2cUmpnWW2ZMGtdBJqR0l+T5KyvaQ3fVvD85rc8k0J0Pn
MxQ7MmkXU4PvI5R5h1gduHenDliQdFCigh9hPcE1MhBYN20KziuRb01IXbjrx4LE
+gGtu7mRrS/4QSE7Xusk6YKNc6VpyxXWnOpNmytXUZ9ZkSrOTb75xOBH3F+/d/Go
JKiA58a/ifG0Z4Jl/193fbXQ361yTho0IG508ciuHzyxs3VR+1RshsxsKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAC0Si4kE4LeWLZ46RtDfArTCxluMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvQUxSS0xpUVRndDVZdG5qcEcwTjhDdE1MR1c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjn9MA0G
CSqGSIb3DQEBCwUAA4IBAQCtCNCErZgQySLGI4XduCfC0T53C5mpR9yZl4tMfmYY
QgbiRfmeRbCH1F05d6Kk4jjmh3j94EJm/hPadMFxajE2MizJ+tMcsgVXodjT0dgh
BFS+UCq+uG/kIY8O3vKSu9awOHXKnf+SLS8QmrUlqs9zAYDs1oHqpGIliJ3HEi9Q
jwSdDhV4Ia+m5LTJ8hFoJrVqmxLIjfS9+fGLZ1SxUzzNF1OBMX9p8J5R4XIp0C9i
sWoXvpTPxxdGAZ9NVjNxix8x/9iS7KDvGs3YHQJoHrOm7JWTyXYqWIB0OdUCa9nM
kiqB6g45mooRydZbrlf3FmF7e6Q0ZzpQF8ZHSIO8WYxW
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:40:02 2025 by rpki-client