Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/9b733e-9839-4f6f-b4b6-ff5aa9eef4e2/1/pDFtrRqSytqofU52Bi4GLIxTxPM.roa
File: pDFtrRqSytqofU52Bi4GLIxTxPM.roa (raw, json)
Hash identifier: FhQVFWsHZFXcD5DtHy8k60bsokhKGFTiQLeglKl8pII=
Subject key identifier: A4:31:6D:AD:1A:92:CA:DA:A8:7D:4E:76:06:2E:06:2C:8C:53:C4:F3
Certificate issuer: /CN=bb4098e0fdedb612f239da524a04b5e0dea4c53f
Certificate serial: 01942444B5675D46240F9F4E7B3EE7AF4328
Authority key identifier: BB:40:98:E0:FD:ED:B6:12:F2:39:DA:52:4A:04:B5:E0:DE:A4:C5:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u0CY4P3tthLyOdpSSgS14N6kxT8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/9b733e-9839-4f6f-b4b6-ff5aa9eef4e2/1/pDFtrRqSytqofU52Bi4GLIxTxPM.roa
Signing time: Wed 01 Jan 2025 23:47:49 +0000
ROA not before: Wed 01 Jan 2025 23:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42223
IP address blocks: 91.233.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e2/9b733e-9839-4f6f-b4b6-ff5aa9eef4e2/1/u0CY4P3tthLyOdpSSgS14N6kxT8.crl
rsync://rpki.ripe.net/repository/DEFAULT/e2/9b733e-9839-4f6f-b4b6-ff5aa9eef4e2/1/u0CY4P3tthLyOdpSSgS14N6kxT8.mft
rsync://rpki.ripe.net/repository/DEFAULT/u0CY4P3tthLyOdpSSgS14N6kxT8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:b5:67:5d:46:24:0f:9f:4e:7b:3e:e7:af:43:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb4098e0fdedb612f239da524a04b5e0dea4c53f
Validity
Not Before: Jan 1 23:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a4316dad1a92cadaa87d4e76062e062c8c53c4f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:92:81:83:fc:7b:08:5a:dd:44:84:45:0c:f2:
8e:d1:ce:5b:7d:43:01:c9:95:f7:7d:ee:a7:db:2c:
58:d6:aa:f7:65:98:20:e3:57:be:88:a5:05:be:f7:
ea:f5:1c:be:ca:8d:df:dc:1f:c5:21:ef:59:0f:25:
44:29:cb:69:36:2b:46:c3:30:b3:89:46:94:1f:3f:
81:69:c2:6c:69:46:c9:85:96:08:fb:95:cb:23:f2:
41:9e:c0:60:95:36:99:bb:90:19:26:30:86:ea:b3:
72:64:45:2e:c3:98:9a:aa:e7:95:11:16:65:ce:51:
de:83:10:06:88:d8:85:d0:24:6d:1f:98:5a:81:48:
c6:96:da:ea:61:18:cc:aa:dd:75:f8:a8:85:59:5d:
a3:e1:66:f6:52:5c:06:d8:85:d9:ae:4a:bf:28:ed:
cd:18:cd:00:f2:70:2a:d2:42:82:d6:9a:cc:93:93:
c8:09:ee:3f:a2:04:70:98:6a:07:29:0f:f3:21:99:
e4:8b:8e:b3:64:fc:d9:85:cc:44:16:7c:30:a5:3d:
95:39:f8:50:af:9e:4a:3c:2c:7a:3a:55:46:a0:48:
1d:d9:7e:25:4a:59:49:d2:95:92:c3:8b:fb:2e:97:
2d:d8:ff:3a:29:85:9b:93:2a:15:2e:0a:fc:8e:a7:
67:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:31:6D:AD:1A:92:CA:DA:A8:7D:4E:76:06:2E:06:2C:8C:53:C4:F3
X509v3 Authority Key Identifier:
keyid:BB:40:98:E0:FD:ED:B6:12:F2:39:DA:52:4A:04:B5:E0:DE:A4:C5:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u0CY4P3tthLyOdpSSgS14N6kxT8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/9b733e-9839-4f6f-b4b6-ff5aa9eef4e2/1/pDFtrRqSytqofU52Bi4GLIxTxPM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/9b733e-9839-4f6f-b4b6-ff5aa9eef4e2/1/u0CY4P3tthLyOdpSSgS14N6kxT8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.233.15.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:ed:53:16:ce:7f:f9:6b:9b:ae:67:44:96:ef:c2:15:1e:35:
4c:0e:4f:0e:5a:be:a9:30:73:d3:a1:0d:63:b2:a5:68:14:98:
31:ec:2a:13:8e:30:e6:81:f2:66:4c:cd:a6:82:3d:4f:37:65:
9a:71:43:05:11:71:0f:ac:4c:f2:9e:eb:56:ae:cb:a4:26:a6:
66:7c:ed:d2:f7:a5:65:fa:de:cd:f3:40:e7:e9:d8:2f:e8:47:
16:15:bf:1c:d7:f8:6c:b5:29:b5:14:72:fa:25:7f:8f:c1:02:
54:68:0c:e8:e3:80:0d:17:d0:1a:c8:26:1a:a0:df:d2:1f:0e:
eb:6a:12:ff:80:c2:8f:7f:85:1d:3a:e0:72:34:d7:d0:b6:e1:
0a:5e:4d:9b:0b:32:71:9d:35:1a:32:e7:93:34:a0:82:c3:2d:
7c:b4:40:05:59:53:40:db:0b:f1:a0:2d:1b:7a:89:51:d0:d1:
cd:68:b9:30:6b:4d:15:82:06:b6:ea:71:a2:64:73:8c:f6:56:
51:dc:2e:17:bc:1b:63:07:36:9c:08:19:64:16:a0:95:b1:79:
ad:b9:d2:17:b1:c2:03:2f:55:18:a0:3a:bc:4a:66:f8:ef:73:
b3:b8:40:0a:1a:2e:43:94:ad:59:2d:8c:d8:8c:e1:e6:d1:67:
11:20:67:23
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRLVnXUYkD59Oez7nr0MoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiNDA5OGUwZmRlZGI2MTJmMjM5ZGE1MjRhMDRiNWUwZGVh
NGM1M2YwHhcNMjUwMTAxMjM0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDMxNmRhZDFhOTJjYWRhYTg3ZDRlNzYwNjJlMDYyYzhjNTNjNGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJKBg/x7CFrdRIRFDPKO0c5bfUMB
yZX3fe6n2yxY1qr3ZZgg41e+iKUFvvfq9Ry+yo3f3B/FIe9ZDyVEKctpNitGwzCz
iUaUHz+BacJsaUbJhZYI+5XLI/JBnsBglTaZu5AZJjCG6rNyZEUuw5iaqueVERZl
zlHegxAGiNiF0CRtH5hagUjGltrqYRjMqt11+KiFWV2j4Wb2UlwG2IXZrkq/KO3N
GM0A8nAq0kKC1prMk5PICe4/ogRwmGoHKQ/zIZnki46zZPzZhcxEFnwwpT2VOfhQ
r55KPCx6OlVGoEgd2X4lSllJ0pWSw4v7Lpct2P86KYWbkyoVLgr8jqdnEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKQxba0aksraqH1OdgYuBiyMU8TzMB8GA1UdIwQY
MBaAFLtAmOD97bYS8jnaUkoEteDepMU/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTBDWTRQM3R0aEx5T2RwU1NnUzE0TjZreFQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi85YjczM2UtOTgzOS00ZjZmLWI0YjYt
ZmY1YWE5ZWVmNGUyLzEvcERGdHJScVN5dHFvZlU1MkJpNEdMSXhUeFBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi85YjczM2UtOTgzOS00ZjZmLWI0YjYtZmY1YWE5ZWVmNGUy
LzEvdTBDWTRQM3R0aEx5T2RwU1NnUzE0TjZreFQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+kPMA0G
CSqGSIb3DQEBCwUAA4IBAQB77VMWzn/5a5uuZ0SW78IVHjVMDk8OWr6pMHPToQ1j
sqVoFJgx7CoTjjDmgfJmTM2mgj1PN2WacUMFEXEPrEzynutWrsukJqZmfO3S96Vl
+t7N80Dn6dgv6EcWFb8c1/hstSm1FHL6JX+PwQJUaAzo44ANF9AayCYaoN/SHw7r
ahL/gMKPf4UdOuByNNfQtuEKXk2bCzJxnTUaMueTNKCCwy18tEAFWVNA2wvxoC0b
eolR0NHNaLkwa00Vgga26nGiZHOM9lZR3C4XvBtjBzacCBlkFqCVsXmtudIXscID
L1UYoDq8Smb473OzuEAKGi5DlK1ZLYzYjOHm0WcRIGcj
-----END CERTIFICATE-----
Generated at Fri Apr 18 19:03:25 2025 by rpki-client