Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/8efd8b-e516-4c49-92cb-89296ccb35f5/1/A1lFiDlkwzd2kuuHtwLxrVifjIM.roa
File: A1lFiDlkwzd2kuuHtwLxrVifjIM.roa (raw, json)
Hash identifier: bheq6y6BKOc+FBTnE7aA9p7E54SloHCzl+8cgE33f9o=
Subject key identifier: 03:59:45:88:39:64:C3:37:76:92:EB:87:B7:02:F1:AD:58:9F:8C:83
Certificate issuer: /CN=4d0ade54c27e6fcddace262c4fdf790f320fed9c
Certificate serial: 019420D64D5CE9E03AF79798C7DF416E5632
Authority key identifier: 4D:0A:DE:54:C2:7E:6F:CD:DA:CE:26:2C:4F:DF:79:0F:32:0F:ED:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TQreVMJ-b83aziYsT995DzIP7Zw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/8efd8b-e516-4c49-92cb-89296ccb35f5/1/A1lFiDlkwzd2kuuHtwLxrVifjIM.roa
Signing time: Wed 01 Jan 2025 07:48:22 +0000
ROA not before: Wed 01 Jan 2025 07:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61227
IP address blocks: 176.110.116.0/23 maxlen: 23
2001:67c:1070::/47 maxlen: 47
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/8efd8b-e516-4c49-92cb-89296ccb35f5/1/TQreVMJ-b83aziYsT995DzIP7Zw.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/8efd8b-e516-4c49-92cb-89296ccb35f5/1/TQreVMJ-b83aziYsT995DzIP7Zw.mft
rsync://rpki.ripe.net/repository/DEFAULT/TQreVMJ-b83aziYsT995DzIP7Zw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:4d:5c:e9:e0:3a:f7:97:98:c7:df:41:6e:56:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d0ade54c27e6fcddace262c4fdf790f320fed9c
Validity
Not Before: Jan 1 07:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=035945883964c3377692eb87b702f1ad589f8c83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:0d:50:15:3e:ae:af:91:7d:a2:e4:00:ca:12:
bb:7f:c0:f3:b2:bc:0d:a1:62:9a:e4:e6:c3:6d:8d:
a4:42:fe:3a:4c:d1:34:00:9e:5d:17:55:0b:6c:22:
5f:30:a8:a5:5c:b0:66:0f:fd:a7:8a:e4:9d:cb:ca:
c8:af:08:5e:70:e1:bf:f6:8a:34:90:11:40:58:95:
b3:d1:13:ab:0a:43:e0:1a:9d:41:5d:9a:3a:fc:ab:
63:71:e2:89:d0:79:2e:dd:28:95:1a:87:af:23:b6:
0d:a1:60:40:2d:85:10:db:b8:30:0d:5a:a2:b4:9c:
4c:ba:fe:c9:89:34:77:61:ff:b2:84:a9:19:49:f4:
a5:9b:a3:a9:d7:30:27:2a:33:5d:b2:7f:9d:39:27:
6a:a9:46:80:3f:71:be:2a:2b:83:5a:e7:a6:91:e1:
75:6f:74:5d:22:13:2a:d7:31:60:da:6e:d1:be:2d:
e9:94:1e:a6:eb:51:25:89:2e:83:7d:b5:f5:39:0d:
7a:12:6e:44:41:4d:25:eb:82:c7:6c:09:2f:17:9e:
cd:16:cf:22:bb:75:a9:8e:9f:85:2a:b7:d3:73:7c:
fe:51:31:2a:46:10:f4:be:ef:67:5d:68:cc:9a:bd:
35:4e:59:65:df:b2:ee:ac:15:b9:c1:ea:0f:62:89:
de:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:59:45:88:39:64:C3:37:76:92:EB:87:B7:02:F1:AD:58:9F:8C:83
X509v3 Authority Key Identifier:
keyid:4D:0A:DE:54:C2:7E:6F:CD:DA:CE:26:2C:4F:DF:79:0F:32:0F:ED:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TQreVMJ-b83aziYsT995DzIP7Zw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/8efd8b-e516-4c49-92cb-89296ccb35f5/1/A1lFiDlkwzd2kuuHtwLxrVifjIM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/8efd8b-e516-4c49-92cb-89296ccb35f5/1/TQreVMJ-b83aziYsT995DzIP7Zw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.110.116.0/23
IPv6:
2001:67c:1070::/47
Signature Algorithm: sha256WithRSAEncryption
09:22:c7:f9:09:43:11:16:8d:44:6e:79:a7:c1:fe:81:b3:46:
32:0d:98:1a:bd:a9:e0:26:4b:da:f4:e3:01:8d:65:8b:f6:d4:
72:b2:ed:27:b7:c7:c5:0d:8f:90:a4:16:b2:7f:78:34:d9:a0:
1e:2a:e8:49:23:39:31:d4:0b:27:33:58:6d:39:80:08:1e:32:
bb:b3:0c:a5:c5:40:2d:f2:ef:2d:01:ec:a7:26:2e:68:53:f7:
17:d6:ce:1d:e1:61:71:61:36:67:81:11:eb:d5:aa:d5:0e:c6:
67:c1:29:df:98:fd:02:24:dc:e9:47:51:1d:c2:7c:91:b9:ff:
c5:0a:f7:84:4b:44:e3:5e:bf:de:fd:fa:84:cb:79:5b:ba:1c:
d4:bf:96:25:30:9c:78:eb:6d:e7:af:c2:ed:30:6e:fb:26:3a:
9a:02:37:21:32:81:37:c3:5e:6f:9d:e9:4c:89:52:8a:bd:fb:
8b:92:16:ea:8c:92:5f:f7:bb:48:e6:c1:a2:d3:2a:25:6a:f2:
7c:2c:27:ff:c8:cf:b8:77:57:97:23:f2:7e:45:cc:eb:31:15:
03:73:71:30:07:45:68:ae:b1:a2:71:04:b5:af:d8:0e:2d:cb:
19:ac:d6:6b:8b:29:2a:e9:4b:00:a2:d1:c5:d0:22:85:89:f5:
f1:d1:83:4a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQg1k1c6eA695eYx99BblYyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMGFkZTU0YzI3ZTZmY2RkYWNlMjYyYzRmZGY3OTBmMzIw
ZmVkOWMwHhcNMjUwMTAxMDc0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzU5NDU4ODM5NjRjMzM3NzY5MmViODdiNzAyZjFhZDU4OWY4YzgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqA1QFT6ur5F9ouQAyhK7f8DzsrwN
oWKa5ObDbY2kQv46TNE0AJ5dF1ULbCJfMKilXLBmD/2niuSdy8rIrwhecOG/9oo0
kBFAWJWz0ROrCkPgGp1BXZo6/KtjceKJ0Hku3SiVGoevI7YNoWBALYUQ27gwDVqi
tJxMuv7JiTR3Yf+yhKkZSfSlm6Op1zAnKjNdsn+dOSdqqUaAP3G+KiuDWuemkeF1
b3RdIhMq1zFg2m7Rvi3plB6m61EliS6DfbX1OQ16Em5EQU0l64LHbAkvF57NFs8i
u3Wpjp+FKrfTc3z+UTEqRhD0vu9nXWjMmr01Tlll37LurBW5weoPYone1QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFANZRYg5ZMM3dpLrh7cC8a1Yn4yDMB8GA1UdIwQY
MBaAFE0K3lTCfm/N2s4mLE/feQ8yD+2cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFFyZVZNSi1iODNhemlZc1Q5OTVEeklQN1p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC84ZWZkOGItZTUxNi00YzQ5LTkyY2It
ODkyOTZjY2IzNWY1LzEvQTFsRmlEbGt3emQya3V1SHR3THhyVmlmaklNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC84ZWZkOGItZTUxNi00YzQ5LTkyY2ItODkyOTZjY2IzNWY1
LzEvVFFyZVZNSi1iODNhemlZc1Q5OTVEeklQN1p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBsG50MA8E
AgACMAkDBwEgAQZ8EHAwDQYJKoZIhvcNAQELBQADggEBAAkix/kJQxEWjURueafB
/oGzRjINmBq9qeAmS9r04wGNZYv21HKy7Se3x8UNj5CkFrJ/eDTZoB4q6EkjOTHU
CyczWG05gAgeMruzDKXFQC3y7y0B7KcmLmhT9xfWzh3hYXFhNmeBEevVqtUOxmfB
Kd+Y/QIk3OlHUR3CfJG5/8UK94RLRONev979+oTLeVu6HNS/liUwnHjrbeevwu0w
bvsmOpoCNyEygTfDXm+d6UyJUoq9+4uSFuqMkl/3u0jmwaLTKiVq8nwsJ//Iz7h3
V5cj8n5FzOsxFQNzcTAHRWiusaJxBLWv2A4tyxms1muLKSrpSwCi0cXQIoWJ9fHR
g0o=
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:59:29 2025 by rpki-client