Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/1-dpFpZ66BUopKTWddAy3aYd5Q58.roa
File: 1-dpFpZ66BUopKTWddAy3aYd5Q58.roa (raw, json)
Hash identifier: a/nFyI+oVdi7douUuLnGlPqM2YOH9iXTA2Ltk7+EQUM=
Subject key identifier: F9:DA:45:A5:9E:BA:05:4A:29:29:35:9D:74:0C:B7:69:87:79:43:9F
Certificate issuer: /CN=4b529a4d22faef23135d6eff8912266623c49255
Certificate serial: 019426D9F23E0F6695272AEF16D349851F66
Authority key identifier: 4B:52:9A:4D:22:FA:EF:23:13:5D:6E:FF:89:12:26:66:23:C4:92:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S1KaTSL67yMTXW7_iRImZiPEklU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/1-dpFpZ66BUopKTWddAy3aYd5Q58.roa
Signing time: Thu 02 Jan 2025 11:50:05 +0000
ROA not before: Thu 02 Jan 2025 11:50:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207734
IP address blocks: 5.11.26.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/S1KaTSL67yMTXW7_iRImZiPEklU.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/S1KaTSL67yMTXW7_iRImZiPEklU.mft
rsync://rpki.ripe.net/repository/DEFAULT/S1KaTSL67yMTXW7_iRImZiPEklU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 15 Apr 2025 11:01:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:f2:3e:0f:66:95:27:2a:ef:16:d3:49:85:1f:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b529a4d22faef23135d6eff8912266623c49255
Validity
Not Before: Jan 2 11:50:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f9da45a59eba054a2929359d740cb7698779439f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:66:d4:74:6c:bf:22:34:b0:18:a0:e6:53:19:
4e:78:bc:56:b6:eb:17:31:b3:66:06:73:0b:df:a0:
3e:f6:d6:2a:20:ec:30:9f:5f:f9:cb:91:ae:d1:57:
6b:a4:b9:c8:ce:0f:56:4d:b5:c3:de:f3:cd:7b:98:
17:ed:b8:f0:ee:9d:92:a5:0c:5e:23:8a:a0:85:6f:
04:76:24:b0:69:7a:50:3e:1c:96:40:30:3a:98:20:
07:c2:e2:e7:8e:0c:37:1a:a8:42:09:4b:c4:04:64:
0d:66:dd:00:e3:f2:10:00:13:3f:fe:27:69:53:1f:
25:a8:eb:4b:08:0e:9a:2a:66:bf:39:89:fb:14:ef:
d5:df:13:0c:e3:ac:a9:32:da:7b:91:bb:e1:84:87:
68:b6:92:4e:f9:3b:26:19:b4:e3:d9:75:8f:26:02:
51:e2:1e:4d:ef:6f:66:65:11:bd:e6:5c:6b:86:a2:
02:52:3e:5d:d1:71:6f:c0:47:f6:1a:68:57:c0:c0:
ce:bc:cc:08:d5:51:73:8b:a3:79:4b:20:7d:6c:45:
a3:c8:0b:c6:4a:e2:28:fa:29:0c:9c:65:95:79:81:
f3:31:8c:d9:fb:3f:8c:f9:6a:c7:1d:69:9d:08:be:
6f:88:f8:60:14:28:b5:54:8d:eb:07:c9:8e:de:db:
ec:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:DA:45:A5:9E:BA:05:4A:29:29:35:9D:74:0C:B7:69:87:79:43:9F
X509v3 Authority Key Identifier:
keyid:4B:52:9A:4D:22:FA:EF:23:13:5D:6E:FF:89:12:26:66:23:C4:92:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S1KaTSL67yMTXW7_iRImZiPEklU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/1-dpFpZ66BUopKTWddAy3aYd5Q58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/S1KaTSL67yMTXW7_iRImZiPEklU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.11.26.0/23
Signature Algorithm: sha256WithRSAEncryption
28:6e:b9:7c:27:f8:5a:4f:d1:ab:58:d0:b2:d9:08:1c:c3:f9:
58:1d:d2:9c:99:b7:66:f0:c9:1e:b4:5e:ad:4f:45:a1:78:c4:
d9:9a:75:22:15:ba:91:9a:69:55:0a:a3:93:cf:28:97:6d:2c:
fc:27:aa:3f:3c:05:29:e2:a6:ba:99:d0:53:bd:f7:41:b2:16:
6a:62:3e:61:c9:cf:d9:a1:2c:2c:7a:1b:6e:40:60:c6:8a:8c:
0e:91:16:1a:62:8e:c9:1c:a2:8c:56:a6:ac:37:d6:be:a9:48:
b3:05:2b:78:63:4e:4c:75:8c:14:14:b4:d2:3c:6d:d7:c1:01:
16:05:17:34:df:c4:9c:59:9d:70:69:20:6b:eb:64:fc:64:22:
6e:f3:d3:6f:0a:9b:1b:3b:51:25:fd:b8:5c:84:f7:af:86:d8:
c4:61:67:d2:e1:fc:4e:e2:99:74:ca:e2:57:c0:fe:29:5f:2e:
31:8f:65:29:b6:23:e2:b4:f6:ba:90:33:ff:07:00:17:0e:f0:
25:ad:f4:f0:b7:47:87:42:e2:86:b5:8f:f4:cd:fc:74:d6:4d:
d8:e3:74:bc:b4:e1:aa:ad:e9:1b:f1:31:f2:f0:3e:c9:8a:a5:
e6:96:09:55:a9:e2:24:20:78:2d:32:be:4c:b2:22:6a:86:0e:
4b:f4:ca:90
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQm2fI+D2aVJyrvFtNJhR9mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNTI5YTRkMjJmYWVmMjMxMzVkNmVmZjg5MTIyNjY2MjNj
NDkyNTUwHhcNMjUwMTAyMTE1MDA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWRhNDVhNTllYmEwNTRhMjkyOTM1OWQ3NDBjYjc2OTg3Nzk0MzlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0WbUdGy/IjSwGKDmUxlOeLxWtusX
MbNmBnML36A+9tYqIOwwn1/5y5Gu0VdrpLnIzg9WTbXD3vPNe5gX7bjw7p2SpQxe
I4qghW8EdiSwaXpQPhyWQDA6mCAHwuLnjgw3GqhCCUvEBGQNZt0A4/IQABM//idp
Ux8lqOtLCA6aKma/OYn7FO/V3xMM46ypMtp7kbvhhIdotpJO+TsmGbTj2XWPJgJR
4h5N729mZRG95lxrhqICUj5d0XFvwEf2GmhXwMDOvMwI1VFzi6N5SyB9bEWjyAvG
SuIo+ikMnGWVeYHzMYzZ+z+M+WrHHWmdCL5viPhgFCi1VI3rB8mO3tvs1wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPnaRaWeugVKKSk1nXQMt2mHeUOfMB8GA1UdIwQY
MBaAFEtSmk0i+u8jE11u/4kSJmYjxJJVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzFLYVRTTDY3eU1UWFc3X2lSSW1aaVBFa2xVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8xZDliMDUtZWM2MS00YzMzLWEwOTct
MzZhZTc2ZWU5ODNlLzEvMS1kcEZwWjY2QlVvcEtUV2RkQXkzYVlkNVE1OC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZDMvMWQ5YjA1LWVjNjEtNGMzMy1hMDk3LTM2YWU3NmVlOTgz
ZS8xL1MxS2FUU0w2N3lNVFhXN19pUkltWmlQRWtsVS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAQULGjAN
BgkqhkiG9w0BAQsFAAOCAQEAKG65fCf4Wk/Rq1jQstkIHMP5WB3SnJm3ZvDJHrRe
rU9FoXjE2Zp1IhW6kZppVQqjk88ol20s/CeqPzwFKeKmupnQU733QbIWamI+YcnP
2aEsLHobbkBgxoqMDpEWGmKOyRyijFamrDfWvqlIswUreGNOTHWMFBS00jxt18EB
FgUXNN/EnFmdcGkga+tk/GQibvPTbwqbGztRJf24XIT3r4bYxGFn0uH8TuKZdMri
V8D+KV8uMY9lKbYj4rT2upAz/wcAFw7wJa308LdHh0LihrWP9M38dNZN2ON0vLTh
qq3pG/Ex8vA+yYql5pYJVaniJCB4LTK+TLIiaoYOS/TKkA==
-----END CERTIFICATE-----
Generated at Mon Apr 14 16:35:49 2025 by rpki-client