Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/453efc-f193-427b-a498-17903a302ec0/1/787yu0Xx7LAqYI4eV6FlvWwe4sU.roa
File: 787yu0Xx7LAqYI4eV6FlvWwe4sU.roa (raw, json)
Hash identifier: 0rdw2IxnG2UduKLMx9SDd9m8DvhrTv12ADsR6eydjg0=
Subject key identifier: EF:CE:F2:BB:45:F1:EC:B0:2A:60:8E:1E:57:A1:65:BD:6C:1E:E2:C5
Certificate issuer: /CN=7e04619ab0f1209b70f10598c69944bf34dbf232
Certificate serial: 019421444C1EE656D0A54D86D770728A933D
Authority key identifier: 7E:04:61:9A:B0:F1:20:9B:70:F1:05:98:C6:99:44:BF:34:DB:F2:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fgRhmrDxIJtw8QWYxplEvzTb8jI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/453efc-f193-427b-a498-17903a302ec0/1/787yu0Xx7LAqYI4eV6FlvWwe4sU.roa
Signing time: Wed 01 Jan 2025 09:48:31 +0000
ROA not before: Wed 01 Jan 2025 09:48:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44395
IP address blocks: 91.210.40.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/453efc-f193-427b-a498-17903a302ec0/1/fgRhmrDxIJtw8QWYxplEvzTb8jI.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/453efc-f193-427b-a498-17903a302ec0/1/fgRhmrDxIJtw8QWYxplEvzTb8jI.mft
rsync://rpki.ripe.net/repository/DEFAULT/fgRhmrDxIJtw8QWYxplEvzTb8jI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:4c:1e:e6:56:d0:a5:4d:86:d7:70:72:8a:93:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e04619ab0f1209b70f10598c69944bf34dbf232
Validity
Not Before: Jan 1 09:48:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=efcef2bb45f1ecb02a608e1e57a165bd6c1ee2c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:65:44:50:c3:9f:f4:ae:b7:c1:6d:64:f5:64:
42:a5:a6:97:78:05:a3:4f:28:5a:58:01:ca:68:17:
ab:d3:9d:52:9c:7f:d1:d8:47:55:88:6b:18:70:84:
c7:9c:0b:d2:39:21:71:b6:2d:30:fb:13:fe:49:3b:
ef:fa:74:14:b6:48:e5:74:35:15:b3:e7:a9:57:57:
be:1e:86:62:1f:c1:26:34:86:c8:8b:dc:c9:e6:0a:
c9:68:38:28:9b:9e:ef:c5:83:a2:7c:29:82:8b:86:
6a:8d:e0:6f:7d:08:20:b8:43:01:17:f0:1a:84:44:
85:a5:a9:86:8d:8d:a0:d3:cf:33:17:e1:b2:91:a4:
37:ca:d4:01:c0:b0:32:9f:e2:9c:25:4b:9e:bf:d3:
6d:04:04:f8:ba:41:00:61:bf:fa:ab:42:b7:b0:20:
7b:d7:bc:f8:35:4f:86:7a:21:6c:01:2e:06:6f:bf:
f7:f9:fa:5b:6c:c0:76:35:b8:ca:ed:3f:db:c0:ed:
56:b2:0f:79:3b:fe:5d:83:02:15:f8:18:bd:54:2e:
47:7c:1a:ef:29:3d:8c:0b:ed:ed:38:9e:1b:35:13:
b8:d0:a9:53:26:ac:1f:87:e5:d5:ef:3c:cf:a7:ee:
98:ae:74:60:d4:72:43:ff:aa:7d:f9:b7:ea:b7:66:
49:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:CE:F2:BB:45:F1:EC:B0:2A:60:8E:1E:57:A1:65:BD:6C:1E:E2:C5
X509v3 Authority Key Identifier:
keyid:7E:04:61:9A:B0:F1:20:9B:70:F1:05:98:C6:99:44:BF:34:DB:F2:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fgRhmrDxIJtw8QWYxplEvzTb8jI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/453efc-f193-427b-a498-17903a302ec0/1/787yu0Xx7LAqYI4eV6FlvWwe4sU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/453efc-f193-427b-a498-17903a302ec0/1/fgRhmrDxIJtw8QWYxplEvzTb8jI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.210.40.0/22
Signature Algorithm: sha256WithRSAEncryption
36:0e:5a:b0:2b:77:3f:a2:1d:6e:e1:06:fa:84:5c:bc:60:ab:
a1:89:d4:40:10:f1:6e:bb:f1:fa:f9:ff:ca:1f:bf:4e:49:ad:
9d:09:c5:08:29:0a:e3:15:f7:3a:06:0b:c9:1f:db:29:8a:b5:
8d:72:77:a1:13:87:34:7c:56:9c:78:dd:58:4b:50:b1:18:41:
8d:b5:55:01:94:c3:ee:ae:c2:bb:55:b0:35:5e:ab:aa:ef:05:
e4:66:4d:a1:ae:c6:62:15:a9:94:43:2f:1b:e2:1c:e9:ba:d2:
e4:7d:cb:fa:8f:77:95:39:41:7c:f2:42:56:82:b7:ab:d0:34:
ac:7c:eb:8c:8d:02:cf:a2:68:ab:0d:89:87:ae:e6:3c:e1:10:
00:5a:bb:7c:81:55:e4:5a:b6:32:ab:8a:0b:4a:40:67:33:e0:
e8:32:0a:92:76:3a:35:8f:83:f6:d4:6f:33:d6:f9:e9:4e:3c:
17:bb:c8:10:b9:f5:ea:88:67:a2:1a:1a:99:0f:8b:81:96:01:
5f:c5:94:eb:2e:38:a3:63:f8:d9:ca:06:b9:28:52:8b:f2:da:
b8:0d:0d:ea:63:d3:9c:b3:6a:bb:92:41:75:8e:66:b8:e2:09:
71:62:de:3a:b0:17:24:9e:a7:54:72:62:44:d2:10:79:60:f7:
ec:9d:65:8b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhREwe5lbQpU2G13ByipM9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMDQ2MTlhYjBmMTIwOWI3MGYxMDU5OGM2OTk0NGJmMzRk
YmYyMzIwHhcNMjUwMTAxMDk0ODMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZmNlZjJiYjQ1ZjFlY2IwMmE2MDhlMWU1N2ExNjViZDZjMWVlMmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6WVEUMOf9K63wW1k9WRCpaaXeAWj
TyhaWAHKaBer051SnH/R2EdViGsYcITHnAvSOSFxti0w+xP+STvv+nQUtkjldDUV
s+epV1e+HoZiH8EmNIbIi9zJ5grJaDgom57vxYOifCmCi4ZqjeBvfQgguEMBF/Aa
hESFpamGjY2g088zF+GykaQ3ytQBwLAyn+KcJUuev9NtBAT4ukEAYb/6q0K3sCB7
17z4NU+GeiFsAS4Gb7/3+fpbbMB2NbjK7T/bwO1Wsg95O/5dgwIV+Bi9VC5HfBrv
KT2MC+3tOJ4bNRO40KlTJqwfh+XV7zzPp+6YrnRg1HJD/6p9+bfqt2ZJ2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO/O8rtF8eywKmCOHlehZb1sHuLFMB8GA1UdIwQY
MBaAFH4EYZqw8SCbcPEFmMaZRL802/IyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmdSaG1yRHhJSnR3OFFXWXhwbEV2elRiOGpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi80NTNlZmMtZjE5My00MjdiLWE0OTgt
MTc5MDNhMzAyZWMwLzEvNzg3eXUwWHg3TEFxWUk0ZVY2Rmx2V3dlNHNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi80NTNlZmMtZjE5My00MjdiLWE0OTgtMTc5MDNhMzAyZWMw
LzEvZmdSaG1yRHhJSnR3OFFXWXhwbEV2elRiOGpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW9IoMA0G
CSqGSIb3DQEBCwUAA4IBAQA2DlqwK3c/oh1u4Qb6hFy8YKuhidRAEPFuu/H6+f/K
H79OSa2dCcUIKQrjFfc6BgvJH9spirWNcnehE4c0fFaceN1YS1CxGEGNtVUBlMPu
rsK7VbA1Xquq7wXkZk2hrsZiFamUQy8b4hzputLkfcv6j3eVOUF88kJWgrer0DSs
fOuMjQLPomirDYmHruY84RAAWrt8gVXkWrYyq4oLSkBnM+DoMgqSdjo1j4P21G8z
1vnpTjwXu8gQufXqiGeiGhqZD4uBlgFfxZTrLjijY/jZyga5KFKL8tq4DQ3qY9Oc
s2q7kkF1jma44glxYt46sBcknqdUcmJE0hB5YPfsnWWL
-----END CERTIFICATE-----
Generated at Wed Apr 16 22:06:56 2025 by rpki-client