Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/c6553e-9eac-4eaf-85fb-eb6591b877ae/1/ctXergtQbViumays4Ono_Wloemw.roa
File: ctXergtQbViumays4Ono_Wloemw.roa (raw, json)
Hash identifier: a+neR/aKDm0TTcExel5rgJgh8DlN9uyZuV72kD5h5x0=
Subject key identifier: 72:D5:DE:AE:0B:50:6D:58:AE:99:AC:AC:E0:E9:E8:FD:69:68:7A:6C
Certificate issuer: /CN=8b124b124942a5d7ead6bb7d37a64e58c7e6da41
Certificate serial: 0194214428878CFD622C17AA4C5EC7DB3613
Authority key identifier: 8B:12:4B:12:49:42:A5:D7:EA:D6:BB:7D:37:A6:4E:58:C7:E6:DA:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ixJLEklCpdfq1rt9N6ZOWMfm2kE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/c6553e-9eac-4eaf-85fb-eb6591b877ae/1/ctXergtQbViumays4Ono_Wloemw.roa
Signing time: Wed 01 Jan 2025 09:48:22 +0000
ROA not before: Wed 01 Jan 2025 09:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31477
IP address blocks: 91.206.136.0/23 maxlen: 24
2001:678:d0c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/c6553e-9eac-4eaf-85fb-eb6591b877ae/1/ixJLEklCpdfq1rt9N6ZOWMfm2kE.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/c6553e-9eac-4eaf-85fb-eb6591b877ae/1/ixJLEklCpdfq1rt9N6ZOWMfm2kE.mft
rsync://rpki.ripe.net/repository/DEFAULT/ixJLEklCpdfq1rt9N6ZOWMfm2kE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:28:87:8c:fd:62:2c:17:aa:4c:5e:c7:db:36:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b124b124942a5d7ead6bb7d37a64e58c7e6da41
Validity
Not Before: Jan 1 09:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=72d5deae0b506d58ae99acace0e9e8fd69687a6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ce:5e:af:f6:13:f2:e0:ee:56:7b:05:f1:e5:
22:93:70:75:1f:e2:39:c4:c7:bf:46:c6:42:22:ee:
0b:5d:da:8b:03:b0:e9:89:4b:5d:08:53:a5:25:ab:
59:0d:dc:04:c0:04:c0:50:86:d5:08:33:4e:f8:91:
e3:fd:2e:27:44:ab:9e:0f:d1:03:8f:aa:01:48:1b:
bb:d6:51:1e:6e:fc:9b:83:e8:ae:78:ba:c8:75:24:
49:b1:8d:77:9c:fb:79:93:4d:d8:9f:78:73:4a:67:
6d:5a:61:84:cb:9e:dc:b2:5f:4f:5e:40:6e:2f:35:
97:4c:42:4b:ea:5e:7d:5c:2b:af:bd:bc:ad:1c:17:
ec:d0:69:7d:ad:14:d0:47:17:b5:aa:05:60:75:03:
74:8b:e5:db:de:99:92:2f:d7:2f:44:0e:cb:ab:49:
49:ce:e1:7d:3f:d4:2b:5f:ac:63:04:52:70:77:fd:
38:67:3a:ae:c8:8d:bd:4d:0b:5a:6f:02:d1:e8:be:
fd:92:0d:a3:d8:90:7a:4c:2d:9a:72:0e:e0:be:b5:
77:c9:b0:25:8d:0b:5f:fe:c0:cf:de:12:5e:25:88:
19:84:a9:5a:78:90:7b:f3:48:bc:ca:06:06:52:15:
75:05:a6:64:d3:2d:03:3e:3a:07:9c:b0:7e:69:e6:
7c:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:D5:DE:AE:0B:50:6D:58:AE:99:AC:AC:E0:E9:E8:FD:69:68:7A:6C
X509v3 Authority Key Identifier:
keyid:8B:12:4B:12:49:42:A5:D7:EA:D6:BB:7D:37:A6:4E:58:C7:E6:DA:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ixJLEklCpdfq1rt9N6ZOWMfm2kE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/c6553e-9eac-4eaf-85fb-eb6591b877ae/1/ctXergtQbViumays4Ono_Wloemw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/c6553e-9eac-4eaf-85fb-eb6591b877ae/1/ixJLEklCpdfq1rt9N6ZOWMfm2kE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.136.0/23
IPv6:
2001:678:d0c::/48
Signature Algorithm: sha256WithRSAEncryption
6e:89:0d:80:6e:11:3c:ab:3c:92:9e:80:38:d3:0e:f9:80:04:
91:0b:d7:71:75:fc:7b:fd:fe:83:d7:1e:1d:a2:14:f2:90:43:
a2:e5:97:3d:0c:dd:d7:15:4e:1c:29:17:b7:62:e8:05:11:c6:
65:3a:fe:c5:03:16:10:6f:dd:df:00:2f:f0:76:bd:b9:cb:70:
c6:cf:22:f3:cf:6f:04:2f:95:36:13:4b:a9:04:4a:cc:f2:80:
f8:f7:41:2e:d9:38:6f:33:90:4a:6e:7b:02:d6:9e:9b:52:02:
3d:10:77:60:7a:63:be:6c:cf:ff:3b:a5:cb:3a:47:cc:99:e6:
e5:17:e2:1e:33:f2:fe:d8:b6:ca:4f:65:86:bf:bd:ae:9f:ed:
cc:a6:ae:66:6d:90:98:d1:d1:4b:e7:8a:a5:bf:e7:a8:62:9c:
69:4a:0c:e5:b6:59:01:9d:b8:13:42:7b:b7:f3:90:e0:93:55:
14:12:8f:ee:95:61:e9:1f:03:2e:42:6d:c2:93:97:2f:01:0b:
af:c6:20:da:58:86:b0:bb:99:d0:a5:69:98:87:0e:d8:bf:6a:
f5:d3:85:fe:a4:05:1b:ac:cd:36:6e:f4:42:0b:f5:4f:9c:f6:
0d:e0:86:2a:8f:4a:e4:22:4d:cb:5e:ae:03:51:59:f7:7b:26:
a5:5f:54:08
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQhRCiHjP1iLBeqTF7H2zYTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiMTI0YjEyNDk0MmE1ZDdlYWQ2YmI3ZDM3YTY0ZTU4Yzdl
NmRhNDEwHhcNMjUwMTAxMDk0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmQ1ZGVhZTBiNTA2ZDU4YWU5OWFjYWNlMGU5ZThmZDY5Njg3YTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtM5er/YT8uDuVnsF8eUik3B1H+I5
xMe/RsZCIu4LXdqLA7DpiUtdCFOlJatZDdwEwATAUIbVCDNO+JHj/S4nRKueD9ED
j6oBSBu71lEebvybg+iueLrIdSRJsY13nPt5k03Yn3hzSmdtWmGEy57csl9PXkBu
LzWXTEJL6l59XCuvvbytHBfs0Gl9rRTQRxe1qgVgdQN0i+Xb3pmSL9cvRA7Lq0lJ
zuF9P9QrX6xjBFJwd/04ZzquyI29TQtabwLR6L79kg2j2JB6TC2acg7gvrV3ybAl
jQtf/sDP3hJeJYgZhKlaeJB780i8ygYGUhV1BaZk0y0DPjoHnLB+aeZ8awIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHLV3q4LUG1YrpmsrODp6P1paHpsMB8GA1UdIwQY
MBaAFIsSSxJJQqXX6ta7fTemTljH5tpBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXhKTEVrbENwZGZxMXJ0OU42Wk9XTWZtMmtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9jNjU1M2UtOWVhYy00ZWFmLTg1ZmIt
ZWI2NTkxYjg3N2FlLzEvY3RYZXJndFFiVml1bWF5czRPbm9fV2xvZW13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9jNjU1M2UtOWVhYy00ZWFmLTg1ZmItZWI2NTkxYjg3N2Fl
LzEvaXhKTEVrbENwZGZxMXJ0OU42Wk9XTWZtMmtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBW86IMA8E
AgACMAkDBwAgAQZ4DQwwDQYJKoZIhvcNAQELBQADggEBAG6JDYBuETyrPJKegDjT
DvmABJEL13F1/Hv9/oPXHh2iFPKQQ6Lllz0M3dcVThwpF7di6AURxmU6/sUDFhBv
3d8AL/B2vbnLcMbPIvPPbwQvlTYTS6kESszygPj3QS7ZOG8zkEpuewLWnptSAj0Q
d2B6Y75sz/87pcs6R8yZ5uUX4h4z8v7YtspPZYa/va6f7cymrmZtkJjR0UvniqW/
56hinGlKDOW2WQGduBNCe7fzkOCTVRQSj+6VYekfAy5CbcKTly8BC6/GINpYhrC7
mdClaZiHDti/avXThf6kBRuszTZu9EIL9U+c9g3ghiqPSuQiTctergNRWfd7JqVf
VAg=
-----END CERTIFICATE-----
Generated at Fri Apr 18 02:05:30 2025 by rpki-client