Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/gzFSDIvuo1g8SYBgsWmT7skIWNo.roa
File: gzFSDIvuo1g8SYBgsWmT7skIWNo.roa (raw, json)
Hash identifier: D7BWQwJQV9C+IDJ4nn09iuxJOEha5Pi+Tmqs9uYeqYg=
Subject key identifier: 83:31:52:0C:8B:EE:A3:58:3C:49:80:60:B1:69:93:EE:C9:08:58:DA
Certificate issuer: /CN=9a24b27d9f3df6e14ebc79e146e8be32754bf800
Certificate serial: 01942368D68509E3F23F772B6789A376F0C1
Authority key identifier: 9A:24:B2:7D:9F:3D:F6:E1:4E:BC:79:E1:46:E8:BE:32:75:4B:F8:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/miSyfZ899uFOvHnhRui-MnVL-AA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/gzFSDIvuo1g8SYBgsWmT7skIWNo.roa
Signing time: Wed 01 Jan 2025 19:47:40 +0000
ROA not before: Wed 01 Jan 2025 19:47:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209854
IP address blocks: 92.249.36.0/24 maxlen: 24
92.249.37.0/24 maxlen: 24
92.249.38.0/24 maxlen: 24
92.249.39.0/24 maxlen: 24
203.21.66.0/24 maxlen: 24
2a09:a700::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/miSyfZ899uFOvHnhRui-MnVL-AA.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/miSyfZ899uFOvHnhRui-MnVL-AA.mft
rsync://rpki.ripe.net/repository/DEFAULT/miSyfZ899uFOvHnhRui-MnVL-AA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 22:01:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:68:d6:85:09:e3:f2:3f:77:2b:67:89:a3:76:f0:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a24b27d9f3df6e14ebc79e146e8be32754bf800
Validity
Not Before: Jan 1 19:47:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8331520c8beea3583c498060b16993eec90858da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:d7:bd:92:4c:bd:d8:92:3c:f9:cb:ae:9d:35:
c3:46:06:84:66:38:5b:16:54:bf:4e:c3:f5:93:d9:
25:bf:aa:3a:0f:7b:44:cf:01:f8:dd:af:10:51:42:
8e:e1:59:c6:96:cf:d6:fd:bb:46:9c:d8:dc:e6:9a:
07:99:68:81:14:dd:7b:61:d4:2b:fe:78:e5:f4:7a:
83:ea:17:d2:a3:d4:2b:0a:4e:f0:db:6d:42:b1:6b:
7c:7d:50:52:2c:6a:66:62:97:ba:1d:86:5d:db:e7:
37:5f:06:f9:6c:09:eb:4d:d3:70:c7:08:9b:f5:a8:
bd:6c:f1:ae:d8:fd:e1:dc:81:40:50:06:41:ba:02:
1f:e4:6a:2b:13:6a:c5:26:f7:ec:2a:80:0f:31:95:
01:12:14:fe:b9:56:57:01:e1:e8:6c:8b:61:22:9d:
5d:04:09:31:6a:11:d1:be:5c:5e:ed:c7:b0:1b:ba:
0a:65:2c:57:4f:2b:c1:a6:3c:81:7d:b5:24:98:94:
48:6a:88:09:8d:3a:99:d0:69:b8:ac:ec:05:b2:58:
99:5a:03:39:61:36:c6:64:ca:ff:7c:60:ad:bc:df:
24:da:4d:1a:1e:70:eb:76:4a:a6:0b:c3:80:4f:e0:
2b:3f:f5:49:de:6a:7e:f7:30:c4:5a:08:2c:b8:3a:
99:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:31:52:0C:8B:EE:A3:58:3C:49:80:60:B1:69:93:EE:C9:08:58:DA
X509v3 Authority Key Identifier:
keyid:9A:24:B2:7D:9F:3D:F6:E1:4E:BC:79:E1:46:E8:BE:32:75:4B:F8:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/miSyfZ899uFOvHnhRui-MnVL-AA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/gzFSDIvuo1g8SYBgsWmT7skIWNo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/miSyfZ899uFOvHnhRui-MnVL-AA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.249.36.0/22
203.21.66.0/24
IPv6:
2a09:a700::/29
Signature Algorithm: sha256WithRSAEncryption
8b:8e:cc:5f:9f:96:f9:d6:32:b3:82:b3:fc:96:ba:ab:4c:d7:
9c:6a:6b:cf:18:ec:fe:71:31:e6:2b:bf:e3:e2:d4:43:f0:6f:
22:c7:32:1a:5d:cd:2d:34:d7:28:c1:e2:fc:14:f3:48:8e:52:
25:c1:5a:e8:57:e1:21:11:8d:b1:f3:7e:37:a3:c2:23:70:db:
36:83:0c:21:dd:0d:e0:28:72:79:96:85:cc:66:04:f9:b0:98:
23:df:9c:e1:0a:16:52:4b:7c:67:06:13:67:af:3a:0d:1f:9c:
0b:86:19:af:c8:07:9c:7a:09:3a:f7:3a:65:3a:97:1a:a4:8f:
7e:69:6e:2c:10:43:fc:10:fa:29:92:fb:23:01:e9:dd:cb:d4:
2a:e6:5d:b1:93:d0:f3:54:27:a7:0b:2d:07:a2:9f:bc:59:27:
70:94:df:97:8a:f4:30:16:a2:e9:cc:aa:a8:af:96:e2:e2:95:
a1:52:34:3f:ef:71:43:ef:49:46:bc:a3:8c:f9:84:28:95:c1:
c0:d7:0e:bd:78:49:21:59:51:0b:47:4b:29:89:1a:6c:14:a5:
97:c3:0d:5d:f1:e4:70:0c:ee:47:28:24:33:e7:77:eb:0a:96:
64:f7:7e:56:e5:53:e8:c1:b7:e1:56:fa:83:2f:df:4a:e3:29:
8f:0b:9d:80
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQjaNaFCePyP3crZ4mjdvDBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMjRiMjdkOWYzZGY2ZTE0ZWJjNzllMTQ2ZThiZTMyNzU0
YmY4MDAwHhcNMjUwMTAxMTk0NzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzMxNTIwYzhiZWVhMzU4M2M0OTgwNjBiMTY5OTNlZWM5MDg1OGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnde9kky92JI8+cuunTXDRgaEZjhb
FlS/TsP1k9klv6o6D3tEzwH43a8QUUKO4VnGls/W/btGnNjc5poHmWiBFN17YdQr
/njl9HqD6hfSo9QrCk7w221CsWt8fVBSLGpmYpe6HYZd2+c3Xwb5bAnrTdNwxwib
9ai9bPGu2P3h3IFAUAZBugIf5GorE2rFJvfsKoAPMZUBEhT+uVZXAeHobIthIp1d
BAkxahHRvlxe7cewG7oKZSxXTyvBpjyBfbUkmJRIaogJjTqZ0Gm4rOwFsliZWgM5
YTbGZMr/fGCtvN8k2k0aHnDrdkqmC8OAT+ArP/VJ3mp+9zDEWggsuDqZvwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIMxUgyL7qNYPEmAYLFpk+7JCFjaMB8GA1UdIwQY
MBaAFJoksn2fPfbhTrx54UbovjJ1S/gAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWlTeWZaODk5dUZPdkhuaFJ1aS1NblZMLUFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8wMjUxZjItYTFiYi00NGZiLWI5MDgt
NDhkNWZmNGJhMjU1LzEvZ3pGU0RJdnVvMWc4U1lCZ3NXbVQ3c2tJV05vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8wMjUxZjItYTFiYi00NGZiLWI5MDgtNDhkNWZmNGJhMjU1
LzEvbWlTeWZaODk5dUZPdkhuaFJ1aS1NblZMLUFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCXPkkAwQA
yxVCMA0EAgACMAcDBQMqCacAMA0GCSqGSIb3DQEBCwUAA4IBAQCLjsxfn5b51jKz
grP8lrqrTNecamvPGOz+cTHmK7/j4tRD8G8ixzIaXc0tNNcoweL8FPNIjlIlwVro
V+EhEY2x8343o8IjcNs2gwwh3Q3gKHJ5loXMZgT5sJgj35zhChZSS3xnBhNnrzoN
H5wLhhmvyAecegk69zplOpcapI9+aW4sEEP8EPopkvsjAendy9Qq5l2xk9DzVCen
Cy0Hop+8WSdwlN+XivQwFqLpzKqor5bi4pWhUjQ/73FD70lGvKOM+YQolcHA1w69
eEkhWVELR0spiRpsFKWXww1d8eRwDO5HKCQz53frCpZk935W5VPowbfhVvqDL99K
4ymPC52A
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:52:40 2025 by rpki-client