Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/9ea636-ec11-4159-b24b-b1e0dd2bf5c7/1/0FJsd9npeXZm-y2IZX9lSQoWGTw.roa
File: 0FJsd9npeXZm-y2IZX9lSQoWGTw.roa (raw, json)
Hash identifier: seYr2TgSYAgV0Fmm029FWcQdaKkWPovq3zFY6jEktrc=
Subject key identifier: D0:52:6C:77:D9:E9:79:76:66:FB:2D:88:65:7F:65:49:0A:16:19:3C
Certificate issuer: /CN=ba11ae23a3e9c8bc6f5a79c715fa99a78cf85dfe
Certificate serial: 0194F46402F226A125C6C3F5DD9BBB49FEB1
Authority key identifier: BA:11:AE:23:A3:E9:C8:BC:6F:5A:79:C7:15:FA:99:A7:8C:F8:5D:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uhGuI6PpyLxvWnnHFfqZp4z4Xf4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/9ea636-ec11-4159-b24b-b1e0dd2bf5c7/1/0FJsd9npeXZm-y2IZX9lSQoWGTw.roa
Signing time: Tue 11 Feb 2025 09:43:02 +0000
ROA not before: Tue 11 Feb 2025 09:43:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13030
IP address blocks: 91.228.60.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/de/9ea636-ec11-4159-b24b-b1e0dd2bf5c7/1/uhGuI6PpyLxvWnnHFfqZp4z4Xf4.crl
rsync://rpki.ripe.net/repository/DEFAULT/de/9ea636-ec11-4159-b24b-b1e0dd2bf5c7/1/uhGuI6PpyLxvWnnHFfqZp4z4Xf4.mft
rsync://rpki.ripe.net/repository/DEFAULT/uhGuI6PpyLxvWnnHFfqZp4z4Xf4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f4:64:02:f2:26:a1:25:c6:c3:f5:dd:9b:bb:49:fe:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba11ae23a3e9c8bc6f5a79c715fa99a78cf85dfe
Validity
Not Before: Feb 11 09:43:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d0526c77d9e9797666fb2d88657f65490a16193c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:65:9f:be:37:13:0a:82:dd:00:07:47:c5:34:
b1:6f:33:b0:f9:12:aa:8c:b5:f0:25:67:c3:1a:51:
86:9c:cb:fd:7b:39:f3:ce:11:ad:c6:e6:78:72:9a:
95:ad:ba:f5:51:37:1f:95:04:a4:fb:54:c8:c9:52:
45:b2:d8:a6:56:55:1c:53:06:af:c8:2b:59:87:cc:
83:a3:71:94:2f:e5:00:58:74:63:9f:06:05:2d:38:
81:60:b1:e4:46:4d:47:21:94:ce:90:07:18:af:1b:
84:6e:5b:5f:13:02:73:4d:78:9e:ab:39:fe:ef:bc:
0b:86:90:98:55:32:15:a3:03:4b:21:4e:aa:cb:3f:
d0:fb:0b:b3:6f:89:10:54:ec:7a:65:d7:4d:21:c7:
f8:d8:b2:15:29:35:d0:68:12:16:e3:5a:17:76:3f:
ae:6b:f7:08:02:36:cb:84:fb:2c:7a:90:57:74:88:
50:5d:00:68:60:a7:86:29:93:f4:50:e3:14:ab:5e:
ac:08:07:22:54:95:4f:24:4b:b7:42:c9:e4:c1:76:
92:57:a5:09:ad:42:89:62:6b:0f:37:88:67:09:3f:
2e:c5:31:43:75:2f:c6:4c:70:7b:59:6f:c7:0d:57:
15:9f:08:36:15:b3:be:ec:e1:75:0a:9c:04:53:ed:
eb:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:52:6C:77:D9:E9:79:76:66:FB:2D:88:65:7F:65:49:0A:16:19:3C
X509v3 Authority Key Identifier:
keyid:BA:11:AE:23:A3:E9:C8:BC:6F:5A:79:C7:15:FA:99:A7:8C:F8:5D:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uhGuI6PpyLxvWnnHFfqZp4z4Xf4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/9ea636-ec11-4159-b24b-b1e0dd2bf5c7/1/0FJsd9npeXZm-y2IZX9lSQoWGTw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/9ea636-ec11-4159-b24b-b1e0dd2bf5c7/1/uhGuI6PpyLxvWnnHFfqZp4z4Xf4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.60.0/23
Signature Algorithm: sha256WithRSAEncryption
4a:f9:7c:73:65:95:17:96:97:9b:4c:8d:7b:12:0f:ad:c4:3d:
22:cf:bc:fc:84:05:f2:5c:c1:70:9b:28:58:5d:5a:88:39:12:
fa:f4:ba:32:93:62:5f:74:03:46:ad:22:52:82:8e:66:da:50:
1b:03:12:21:b2:8e:99:5b:47:2a:59:88:43:0c:be:e8:ea:07:
ca:e2:0e:24:f4:05:ce:2b:53:3e:82:fa:13:9a:b0:a1:7f:63:
c1:0b:ca:ca:38:eb:37:8a:31:1d:fd:ac:a5:ba:59:a8:20:fb:
cb:6b:87:f5:e6:22:fa:d0:47:2a:88:11:60:f0:0a:91:2f:1e:
a0:25:35:7f:06:24:1e:6d:82:55:c5:8a:40:7f:2d:f3:ff:71:
e8:0f:87:eb:d6:4f:15:92:5e:65:b3:3e:e6:d7:74:a4:44:dc:
50:b4:52:40:ac:90:f7:0e:e1:b7:75:b4:84:4e:5a:53:db:b8:
37:fb:46:0f:7a:a3:c2:76:00:df:5c:62:ae:76:d4:03:20:cf:
d7:7a:6d:96:e2:9c:88:21:ba:31:c7:ca:30:d4:6f:cb:b5:cf:
bd:26:60:18:cd:c6:92:51:48:8b:7b:2d:ce:27:c9:ae:6a:18:
9d:f5:44:bd:e8:7e:59:a0:9f:1d:12:2b:4c:9c:3a:a4:71:df:
4d:e1:76:1e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZT0ZALyJqElxsP13Zu7Sf6xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhMTFhZTIzYTNlOWM4YmM2ZjVhNzljNzE1ZmE5OWE3OGNm
ODVkZmUwHhcNMjUwMjExMDk0MzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDUyNmM3N2Q5ZTk3OTc2NjZmYjJkODg2NTdmNjU0OTBhMTYxOTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1mWfvjcTCoLdAAdHxTSxbzOw+RKq
jLXwJWfDGlGGnMv9eznzzhGtxuZ4cpqVrbr1UTcflQSk+1TIyVJFstimVlUcUwav
yCtZh8yDo3GUL+UAWHRjnwYFLTiBYLHkRk1HIZTOkAcYrxuEbltfEwJzTXieqzn+
77wLhpCYVTIVowNLIU6qyz/Q+wuzb4kQVOx6ZddNIcf42LIVKTXQaBIW41oXdj+u
a/cIAjbLhPssepBXdIhQXQBoYKeGKZP0UOMUq16sCAciVJVPJEu3QsnkwXaSV6UJ
rUKJYmsPN4hnCT8uxTFDdS/GTHB7WW/HDVcVnwg2FbO+7OF1CpwEU+3rAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNBSbHfZ6Xl2ZvstiGV/ZUkKFhk8MB8GA1UdIwQY
MBaAFLoRriOj6ci8b1p5xxX6maeM+F3+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWhHdUk2UHB5THh2V25uSEZmcVpwNHo0WGY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS85ZWE2MzYtZWMxMS00MTU5LWIyNGIt
YjFlMGRkMmJmNWM3LzEvMEZKc2Q5bnBlWFptLXkySVpYOWxTUW9XR1R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS85ZWE2MzYtZWMxMS00MTU5LWIyNGItYjFlMGRkMmJmNWM3
LzEvdWhHdUk2UHB5THh2V25uSEZmcVpwNHo0WGY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW+Q8MA0G
CSqGSIb3DQEBCwUAA4IBAQBK+XxzZZUXlpebTI17Eg+txD0iz7z8hAXyXMFwmyhY
XVqIORL69Loyk2JfdANGrSJSgo5m2lAbAxIhso6ZW0cqWYhDDL7o6gfK4g4k9AXO
K1M+gvoTmrChf2PBC8rKOOs3ijEd/aylulmoIPvLa4f15iL60EcqiBFg8AqRLx6g
JTV/BiQebYJVxYpAfy3z/3HoD4fr1k8Vkl5lsz7m13SkRNxQtFJArJD3DuG3dbSE
TlpT27g3+0YPeqPCdgDfXGKudtQDIM/Xem2W4pyIIboxx8ow1G/Ltc+9JmAYzcaS
UUiLey3OJ8muahid9US96H5ZoJ8dEitMnDqkcd9N4XYe
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:40:30 2025 by rpki-client