Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/48e1e8-328d-4f82-9398-3910a59a1121/1/8aTIb0puCina4qQH9DISIqfOc4Q.roa
File: 8aTIb0puCina4qQH9DISIqfOc4Q.roa (raw, json)
Hash identifier: 1Nu+gUGiEPO422nTi4SIHIM/055+/Bx1i4GdyYjGB6w=
Subject key identifier: F1:A4:C8:6F:4A:6E:0A:29:DA:E2:A4:07:F4:32:12:22:A7:CE:73:84
Certificate issuer: /CN=297ae7592ca52491dc166a30fe1477d712bd465d
Certificate serial: 0194228DC80316A80452719DCC0C3C9E9A5D
Authority key identifier: 29:7A:E7:59:2C:A5:24:91:DC:16:6A:30:FE:14:77:D7:12:BD:46:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KXrnWSylJJHcFmow_hR31xK9Rl0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/48e1e8-328d-4f82-9398-3910a59a1121/1/8aTIb0puCina4qQH9DISIqfOc4Q.roa
Signing time: Wed 01 Jan 2025 15:48:24 +0000
ROA not before: Wed 01 Jan 2025 15:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215730
IP address blocks: 94.159.96.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/48e1e8-328d-4f82-9398-3910a59a1121/1/KXrnWSylJJHcFmow_hR31xK9Rl0.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/48e1e8-328d-4f82-9398-3910a59a1121/1/KXrnWSylJJHcFmow_hR31xK9Rl0.mft
rsync://rpki.ripe.net/repository/DEFAULT/KXrnWSylJJHcFmow_hR31xK9Rl0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:c8:03:16:a8:04:52:71:9d:cc:0c:3c:9e:9a:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297ae7592ca52491dc166a30fe1477d712bd465d
Validity
Not Before: Jan 1 15:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f1a4c86f4a6e0a29dae2a407f4321222a7ce7384
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:e9:8e:71:da:d1:c7:ea:d8:e6:04:92:12:f9:
11:ab:be:56:c7:47:b6:5e:b2:4c:9a:a7:7f:13:59:
47:fa:75:60:e7:4a:17:7d:6b:bc:53:a4:de:88:0a:
df:37:ef:91:0c:e0:3d:06:03:53:b6:fb:bf:be:f9:
92:fd:38:ea:c2:6b:bf:ea:b2:1f:d3:3c:d7:b7:65:
6a:ef:38:91:6f:8d:1d:99:36:61:31:46:e5:a3:44:
e6:53:76:6f:ae:f8:ba:8e:f3:8b:3c:f4:ca:83:0c:
cf:da:0f:43:e7:af:c5:72:ac:6a:68:21:d1:13:38:
78:30:74:09:d3:7c:6b:22:93:7c:d0:3b:9c:a0:1d:
9e:e0:aa:08:09:bb:24:ed:c3:bf:c2:d2:5b:1c:60:
e4:69:4a:9f:68:35:03:28:50:88:09:bf:e9:ec:31:
f1:95:a5:8d:78:61:e8:51:39:82:f7:cc:17:17:70:
e2:e0:a8:a7:b7:3a:93:41:4c:0e:f0:2c:ea:d4:11:
1e:4b:0b:14:d2:d7:da:f4:f7:34:a0:47:15:e0:7b:
a8:1b:f8:a7:91:17:f1:ca:96:00:03:32:21:e4:c9:
a5:74:d2:8f:fa:45:76:3a:b2:67:2c:ed:58:5d:d7:
ff:5b:ea:e8:ac:8e:0a:90:a0:c3:a9:31:4d:92:8c:
8d:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:A4:C8:6F:4A:6E:0A:29:DA:E2:A4:07:F4:32:12:22:A7:CE:73:84
X509v3 Authority Key Identifier:
keyid:29:7A:E7:59:2C:A5:24:91:DC:16:6A:30:FE:14:77:D7:12:BD:46:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXrnWSylJJHcFmow_hR31xK9Rl0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/48e1e8-328d-4f82-9398-3910a59a1121/1/8aTIb0puCina4qQH9DISIqfOc4Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/48e1e8-328d-4f82-9398-3910a59a1121/1/KXrnWSylJJHcFmow_hR31xK9Rl0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.159.96.0/20
Signature Algorithm: sha256WithRSAEncryption
5b:68:3a:00:17:55:67:65:20:01:4f:de:c4:b8:3f:be:72:0c:
a9:bd:9e:20:fc:75:5f:2f:62:0b:a2:f1:b5:95:41:90:6b:2f:
a5:03:bd:ef:8d:2b:05:db:b2:9b:b7:d9:ea:95:c5:10:57:11:
66:3d:45:0e:af:58:67:84:82:41:5d:7b:89:24:a9:d1:da:6a:
cf:f5:e0:c7:8b:58:ab:a5:cc:48:44:65:7c:21:10:ab:9d:41:
68:26:f4:60:8a:61:bc:46:54:06:21:a6:0a:2d:bf:3d:30:87:
0c:65:ae:a0:db:53:62:97:30:81:01:5c:57:8a:7e:18:0c:8c:
7c:77:77:35:74:c1:9e:1c:1c:60:d3:fd:08:fa:7c:68:52:8c:
09:41:1b:7f:b1:01:e1:ad:1a:93:6a:47:c0:50:ea:11:a0:25:
39:f1:7f:a0:92:b5:75:e1:0e:21:ad:ee:9a:b1:2f:32:e0:03:
f6:66:db:e1:76:06:8d:be:22:f7:5d:0b:0f:c3:af:e9:3e:c2:
3a:2d:8e:7a:e9:51:b9:bf:2a:9c:97:bf:70:25:34:aa:48:d1:
fe:17:2e:f8:23:08:93:7f:c3:ee:8d:3f:a2:02:a4:3e:1b:30:
39:2f:2a:ef:0c:0c:74:6f:52:db:9b:69:c5:a0:5b:a9:31:b5:
7f:80:93:a3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijcgDFqgEUnGdzAw8nppdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2FlNzU5MmNhNTI0OTFkYzE2NmEzMGZlMTQ3N2Q3MTJi
ZDQ2NWQwHhcNMjUwMTAxMTU0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWE0Yzg2ZjRhNmUwYTI5ZGFlMmE0MDdmNDMyMTIyMmE3Y2U3Mzg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1umOcdrRx+rY5gSSEvkRq75Wx0e2
XrJMmqd/E1lH+nVg50oXfWu8U6TeiArfN++RDOA9BgNTtvu/vvmS/Tjqwmu/6rIf
0zzXt2Vq7ziRb40dmTZhMUblo0TmU3Zvrvi6jvOLPPTKgwzP2g9D56/FcqxqaCHR
Ezh4MHQJ03xrIpN80DucoB2e4KoICbsk7cO/wtJbHGDkaUqfaDUDKFCICb/p7DHx
laWNeGHoUTmC98wXF3Di4KintzqTQUwO8Czq1BEeSwsU0tfa9Pc0oEcV4HuoG/in
kRfxypYAAzIh5MmldNKP+kV2OrJnLO1YXdf/W+rorI4KkKDDqTFNkoyNawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPGkyG9Kbgop2uKkB/QyEiKnznOEMB8GA1UdIwQY
MBaAFCl651kspSSR3BZqMP4Ud9cSvUZdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1hybldTeWxKSkhjRm1vd19oUjMxeEs5UmwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS80OGUxZTgtMzI4ZC00ZjgyLTkzOTgt
MzkxMGE1OWExMTIxLzEvOGFUSWIwcHVDaW5hNHFRSDlESVNJcWZPYzRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS80OGUxZTgtMzI4ZC00ZjgyLTkzOTgtMzkxMGE1OWExMTIx
LzEvS1hybldTeWxKSkhjRm1vd19oUjMxeEs5UmwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEXp9gMA0G
CSqGSIb3DQEBCwUAA4IBAQBbaDoAF1VnZSABT97EuD++cgypvZ4g/HVfL2ILovG1
lUGQay+lA73vjSsF27Kbt9nqlcUQVxFmPUUOr1hnhIJBXXuJJKnR2mrP9eDHi1ir
pcxIRGV8IRCrnUFoJvRgimG8RlQGIaYKLb89MIcMZa6g21NilzCBAVxXin4YDIx8
d3c1dMGeHBxg0/0I+nxoUowJQRt/sQHhrRqTakfAUOoRoCU58X+gkrV14Q4hre6a
sS8y4AP2ZtvhdgaNviL3XQsPw6/pPsI6LY566VG5vyqcl79wJTSqSNH+Fy74IwiT
f8PujT+iAqQ+GzA5LyrvDAx0b1Lbm2nFoFupMbV/gJOj
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:19:06 2025 by rpki-client