Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/f1d697-bc8e-4f14-8b37-b53e30e1412a/1/rQI6zOSTMPr-5aSxylwS7FyovQ4.roa
File: rQI6zOSTMPr-5aSxylwS7FyovQ4.roa (raw, json)
Hash identifier: rfEafPW5O0SAZQwvAq0I4Fkx0LFGcfF/mHD1nsLYnQk=
Subject key identifier: AD:02:3A:CC:E4:93:30:FA:FE:E5:A4:B1:CA:5C:12:EC:5C:A8:BD:0E
Certificate issuer: /CN=92bf6464ce6e19a4dcf8a32b27a2f1cbe1551055
Certificate serial: 019422FC35FF701DC3934053CC62F2366618
Authority key identifier: 92:BF:64:64:CE:6E:19:A4:DC:F8:A3:2B:27:A2:F1:CB:E1:55:10:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kr9kZM5uGaTc-KMrJ6Lxy-FVEFU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/f1d697-bc8e-4f14-8b37-b53e30e1412a/1/rQI6zOSTMPr-5aSxylwS7FyovQ4.roa
Signing time: Wed 01 Jan 2025 17:49:01 +0000
ROA not before: Wed 01 Jan 2025 17:49:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200296
IP address blocks: 5.56.135.0/24 maxlen: 24
79.143.85.0/24 maxlen: 24
87.236.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/f1d697-bc8e-4f14-8b37-b53e30e1412a/1/kr9kZM5uGaTc-KMrJ6Lxy-FVEFU.crl
rsync://rpki.ripe.net/repository/DEFAULT/d7/f1d697-bc8e-4f14-8b37-b53e30e1412a/1/kr9kZM5uGaTc-KMrJ6Lxy-FVEFU.mft
rsync://rpki.ripe.net/repository/DEFAULT/kr9kZM5uGaTc-KMrJ6Lxy-FVEFU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 17:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:35:ff:70:1d:c3:93:40:53:cc:62:f2:36:66:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92bf6464ce6e19a4dcf8a32b27a2f1cbe1551055
Validity
Not Before: Jan 1 17:49:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ad023acce49330fafee5a4b1ca5c12ec5ca8bd0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:57:8a:55:ab:54:f8:c4:41:3a:d7:19:af:22:
b8:25:80:89:06:ee:f8:5b:af:13:92:d9:90:3d:85:
10:ba:cc:16:03:fc:77:5b:e7:0c:70:08:dd:bf:78:
75:34:b7:0d:6d:93:cc:79:87:d5:3a:0c:c5:78:a2:
c9:cb:15:1b:9a:a9:df:f6:59:43:e7:d2:8e:66:05:
d0:28:29:d5:57:bb:d1:e3:af:98:44:9b:4d:4f:8a:
a1:d0:69:7e:d0:fd:90:1f:68:37:98:1d:78:f2:66:
bb:27:b3:7d:db:23:3f:dc:69:82:1b:8e:9c:81:2e:
f9:40:e3:8c:1f:0d:26:e4:71:f5:4a:69:7f:35:a7:
79:15:2f:66:48:50:bf:f6:78:37:f4:dc:1c:f9:44:
3a:03:5f:f2:fa:84:8e:f1:a9:9f:53:10:3f:14:ce:
f9:c3:83:60:e8:04:59:27:04:84:89:70:dc:52:06:
17:4e:b9:cb:76:02:f1:97:ef:48:66:92:f0:96:d2:
28:61:ec:a6:0f:81:47:89:19:fc:94:41:d0:87:72:
fc:ca:28:af:6d:42:29:18:77:f2:c4:95:04:fb:5c:
c3:25:63:6f:9d:ab:33:bf:a3:80:ba:5a:ba:67:9a:
2e:a6:03:34:2a:99:5a:03:30:aa:64:82:2d:bd:c7:
4f:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:02:3A:CC:E4:93:30:FA:FE:E5:A4:B1:CA:5C:12:EC:5C:A8:BD:0E
X509v3 Authority Key Identifier:
keyid:92:BF:64:64:CE:6E:19:A4:DC:F8:A3:2B:27:A2:F1:CB:E1:55:10:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kr9kZM5uGaTc-KMrJ6Lxy-FVEFU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/f1d697-bc8e-4f14-8b37-b53e30e1412a/1/rQI6zOSTMPr-5aSxylwS7FyovQ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/f1d697-bc8e-4f14-8b37-b53e30e1412a/1/kr9kZM5uGaTc-KMrJ6Lxy-FVEFU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.56.135.0/24
79.143.85.0/24
87.236.211.0/24
Signature Algorithm: sha256WithRSAEncryption
40:85:ec:a8:eb:ed:d1:b3:89:6e:10:3f:5f:e1:23:50:cb:40:
d0:d8:36:5c:fd:45:ad:38:01:9b:70:0c:8c:26:4c:ff:64:31:
94:11:e2:02:2b:c3:b4:fe:cd:7c:32:36:ec:dc:eb:49:f4:b1:
71:46:f0:e4:fe:4b:18:33:dc:f1:7f:26:ed:59:b5:2d:b5:57:
ba:03:75:9b:a4:e5:a2:5e:aa:7a:77:5b:1b:71:5e:de:69:e9:
d8:a5:5c:3e:f2:98:c0:f5:94:27:1d:af:d6:df:d5:ce:7c:77:
07:45:3e:43:7e:98:bd:fc:26:72:58:1a:74:6c:f2:c2:72:8e:
64:23:87:48:3a:60:c7:e3:34:b5:17:81:6c:0a:9e:9a:7d:a5:
59:ca:d8:4c:ec:90:c1:4e:47:76:dc:68:8c:22:62:86:6f:f3:
6d:c4:db:5b:47:bb:bc:54:30:5a:af:c0:73:ca:1b:d0:9b:44:
0a:aa:c9:c3:6c:eb:43:63:f5:a9:5a:21:1f:14:c4:18:f5:05:
51:a3:e9:65:33:0c:be:e7:ea:77:b3:ff:44:ec:79:b9:5b:f5:
c3:c0:f0:70:ce:3d:b0:c0:36:d3:8f:e3:db:fd:89:fd:1d:6e:
e8:e1:94:e0:14:5a:2b:8c:0d:ad:9d:5f:60:76:2f:3f:78:ef:
e7:33:c2:7c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQi/DX/cB3Dk0BTzGLyNmYYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyYmY2NDY0Y2U2ZTE5YTRkY2Y4YTMyYjI3YTJmMWNiZTE1
NTEwNTUwHhcNMjUwMTAxMTc0OTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDAyM2FjY2U0OTMzMGZhZmVlNWE0YjFjYTVjMTJlYzVjYThiZDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0leKVatU+MRBOtcZryK4JYCJBu74
W68TktmQPYUQuswWA/x3W+cMcAjdv3h1NLcNbZPMeYfVOgzFeKLJyxUbmqnf9llD
59KOZgXQKCnVV7vR46+YRJtNT4qh0Gl+0P2QH2g3mB148ma7J7N92yM/3GmCG46c
gS75QOOMHw0m5HH1Sml/Nad5FS9mSFC/9ng39Nwc+UQ6A1/y+oSO8amfUxA/FM75
w4Ng6ARZJwSEiXDcUgYXTrnLdgLxl+9IZpLwltIoYeymD4FHiRn8lEHQh3L8yiiv
bUIpGHfyxJUE+1zDJWNvnaszv6OAulq6Z5oupgM0KplaAzCqZIItvcdPMwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFK0COszkkzD6/uWkscpcEuxcqL0OMB8GA1UdIwQY
MBaAFJK/ZGTObhmk3PijKyei8cvhVRBVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3I5a1pNNXVHYVRjLUtNcko2THh5LUZWRUZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9mMWQ2OTctYmM4ZS00ZjE0LThiMzct
YjUzZTMwZTE0MTJhLzEvclFJNnpPU1RNUHItNWFTeHlsd1M3RnlvdlE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9mMWQ2OTctYmM4ZS00ZjE0LThiMzctYjUzZTMwZTE0MTJh
LzEva3I5a1pNNXVHYVRjLUtNcko2THh5LUZWRUZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABTiHAwQA
T49VAwQAV+zTMA0GCSqGSIb3DQEBCwUAA4IBAQBAheyo6+3Rs4luED9f4SNQy0DQ
2DZc/UWtOAGbcAyMJkz/ZDGUEeICK8O0/s18Mjbs3OtJ9LFxRvDk/ksYM9zxfybt
WbUttVe6A3WbpOWiXqp6d1sbcV7eaenYpVw+8pjA9ZQnHa/W39XOfHcHRT5Dfpi9
/CZyWBp0bPLCco5kI4dIOmDH4zS1F4FsCp6afaVZythM7JDBTkd23GiMImKGb/Nt
xNtbR7u8VDBar8BzyhvQm0QKqsnDbOtDY/WpWiEfFMQY9QVRo+llMwy+5+p3s/9E
7Hm5W/XDwPBwzj2wwDbTj+Pb/Yn9HW7o4ZTgFForjA2tnV9gdi8/eO/nM8J8
-----END CERTIFICATE-----
Generated at Thu Apr 17 03:39:20 2025 by rpki-client