Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/0ee921-a721-4f09-80f2-7113fc1b865b/1/IahDGP-i6VZriKXBsEnZCAjLxgQ.roa
File: IahDGP-i6VZriKXBsEnZCAjLxgQ.roa (raw, json)
Hash identifier: z6ZadpnmLWXnUrqDsvmd8VdfOzGOWV1JcSwpVi9K+wA=
Subject key identifier: 21:A8:43:18:FF:A2:E9:56:6B:88:A5:C1:B0:49:D9:08:08:CB:C6:04
Certificate issuer: /CN=bc8a3bc47d13c83f7d1cf72a137e0066f83d0608
Certificate serial: 0194266A442D5C935ACE4F353F3787B6769B
Authority key identifier: BC:8A:3B:C4:7D:13:C8:3F:7D:1C:F7:2A:13:7E:00:66:F8:3D:06:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vIo7xH0TyD99HPcqE34AZvg9Bgg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/0ee921-a721-4f09-80f2-7113fc1b865b/1/IahDGP-i6VZriKXBsEnZCAjLxgQ.roa
Signing time: Thu 02 Jan 2025 09:48:05 +0000
ROA not before: Thu 02 Jan 2025 09:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9076
IP address blocks: 212.104.1.0/24 maxlen: 24
212.104.10.0/24 maxlen: 24
212.104.14.0/24 maxlen: 24
212.104.43.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e3/0ee921-a721-4f09-80f2-7113fc1b865b/1/vIo7xH0TyD99HPcqE34AZvg9Bgg.crl
rsync://rpki.ripe.net/repository/DEFAULT/e3/0ee921-a721-4f09-80f2-7113fc1b865b/1/vIo7xH0TyD99HPcqE34AZvg9Bgg.mft
rsync://rpki.ripe.net/repository/DEFAULT/vIo7xH0TyD99HPcqE34AZvg9Bgg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 20 Apr 2025 16:41:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6a:44:2d:5c:93:5a:ce:4f:35:3f:37:87:b6:76:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc8a3bc47d13c83f7d1cf72a137e0066f83d0608
Validity
Not Before: Jan 2 09:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=21a84318ffa2e9566b88a5c1b049d90808cbc604
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:73:81:61:1f:8b:40:71:43:d0:c4:17:0f:97:
ce:36:53:46:8b:35:38:99:9e:17:15:d0:d5:a4:02:
91:69:2c:74:b4:53:d8:6a:25:ab:3c:72:0c:74:db:
0f:ff:2a:57:f7:02:85:27:ec:18:df:f6:8d:06:8e:
8f:61:78:37:57:a7:5c:3b:56:4a:d6:51:51:7a:b2:
1f:94:64:23:0e:ae:55:1b:ec:c3:75:ac:c3:67:ae:
20:bd:ca:4a:9e:1e:67:ac:5e:e2:c0:a3:4b:44:1f:
dd:e2:f3:3c:9e:1a:e7:e7:2e:e9:be:5b:82:5c:d2:
5d:08:8b:f7:66:ae:d5:5b:7c:3c:2c:9f:6f:d2:e0:
47:56:15:e9:f4:5c:d1:be:12:2d:02:8c:2a:e4:20:
a8:be:e1:2d:a8:a7:22:97:3e:d4:01:b4:3a:5c:f5:
cb:0f:6f:f0:ea:5c:81:63:50:a6:3a:8e:31:3a:7e:
25:3c:55:52:eb:cc:ae:3c:02:73:36:d6:ce:ae:be:
a2:7d:bc:49:41:9f:13:78:28:37:72:73:e8:57:83:
43:be:f6:f8:24:93:92:68:1b:ab:c8:8d:08:a6:61:
03:12:68:e1:c4:55:4b:98:f7:ce:c5:e5:a3:8a:54:
66:4d:b7:df:20:90:9a:e0:04:a9:41:ea:ca:40:67:
18:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:A8:43:18:FF:A2:E9:56:6B:88:A5:C1:B0:49:D9:08:08:CB:C6:04
X509v3 Authority Key Identifier:
keyid:BC:8A:3B:C4:7D:13:C8:3F:7D:1C:F7:2A:13:7E:00:66:F8:3D:06:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vIo7xH0TyD99HPcqE34AZvg9Bgg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/0ee921-a721-4f09-80f2-7113fc1b865b/1/IahDGP-i6VZriKXBsEnZCAjLxgQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/0ee921-a721-4f09-80f2-7113fc1b865b/1/vIo7xH0TyD99HPcqE34AZvg9Bgg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.104.1.0/24
212.104.10.0/24
212.104.14.0/24
212.104.43.0/24
Signature Algorithm: sha256WithRSAEncryption
59:2e:c9:a7:d4:6f:74:79:a2:79:d0:46:f4:48:18:21:b6:e4:
e7:ce:3a:15:07:f9:c5:73:04:62:7d:cb:98:e7:c4:30:96:dc:
91:00:91:12:09:65:3c:35:f9:85:c5:9b:d5:ea:f8:dc:ff:d0:
f7:b4:d3:07:2d:85:8c:5c:af:b9:88:92:4e:4e:68:9b:b3:a0:
14:73:5a:13:37:25:28:1d:df:e8:fe:98:e7:48:e3:2b:dc:2e:
0c:07:f2:97:7f:7e:c1:c0:13:b9:a8:72:5d:75:77:24:67:81:
61:7d:0b:93:7a:90:9a:cc:3c:0b:36:b5:74:1f:d0:8d:76:48:
ad:6d:fe:62:ca:85:fe:39:66:0b:2f:20:70:b4:75:2f:06:79:
71:ba:04:53:4e:4d:4d:65:ce:73:12:6a:92:a9:1c:f5:42:76:
25:36:03:82:e5:2f:01:b8:5c:ec:f2:14:c4:4e:6c:1f:90:bb:
f5:08:8a:ea:70:a9:c4:67:87:fe:13:7d:4b:fb:96:9a:06:e9:
58:8c:2d:09:cc:bf:45:f8:00:d4:2d:a5:2e:74:e6:4b:c5:3d:
fa:f2:26:86:a8:ee:08:bd:db:d3:81:ea:92:2c:3d:ac:55:75:
b4:1f:c4:ef:3e:88:ee:5e:b2:78:78:13:91:65:18:4e:1e:79:
ec:a7:2b:93
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQmakQtXJNazk81PzeHtnabMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjOGEzYmM0N2QxM2M4M2Y3ZDFjZjcyYTEzN2UwMDY2Zjgz
ZDA2MDgwHhcNMjUwMTAyMDk0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWE4NDMxOGZmYTJlOTU2NmI4OGE1YzFiMDQ5ZDkwODA4Y2JjNjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6HOBYR+LQHFD0MQXD5fONlNGizU4
mZ4XFdDVpAKRaSx0tFPYaiWrPHIMdNsP/ypX9wKFJ+wY3/aNBo6PYXg3V6dcO1ZK
1lFRerIflGQjDq5VG+zDdazDZ64gvcpKnh5nrF7iwKNLRB/d4vM8nhrn5y7pvluC
XNJdCIv3Zq7VW3w8LJ9v0uBHVhXp9FzRvhItAowq5CCovuEtqKcilz7UAbQ6XPXL
D2/w6lyBY1CmOo4xOn4lPFVS68yuPAJzNtbOrr6ifbxJQZ8TeCg3cnPoV4NDvvb4
JJOSaBuryI0IpmEDEmjhxFVLmPfOxeWjilRmTbffIJCa4ASpQerKQGcYcQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCGoQxj/oulWa4ilwbBJ2QgIy8YEMB8GA1UdIwQY
MBaAFLyKO8R9E8g/fRz3KhN+AGb4PQYIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdklvN3hIMFR5RDk5SFBjcUUzNEFadmc5QmdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy8wZWU5MjEtYTcyMS00ZjA5LTgwZjIt
NzExM2ZjMWI4NjViLzEvSWFoREdQLWk2VlpyaUtYQnNFblpDQWpMeGdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy8wZWU5MjEtYTcyMS00ZjA5LTgwZjItNzExM2ZjMWI4NjVi
LzEvdklvN3hIMFR5RDk5SFBjcUUzNEFadmc5QmdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQA1GgBAwQA
1GgKAwQA1GgOAwQA1GgrMA0GCSqGSIb3DQEBCwUAA4IBAQBZLsmn1G90eaJ50Eb0
SBghtuTnzjoVB/nFcwRifcuY58QwltyRAJESCWU8NfmFxZvV6vjc/9D3tNMHLYWM
XK+5iJJOTmibs6AUc1oTNyUoHd/o/pjnSOMr3C4MB/KXf37BwBO5qHJddXckZ4Fh
fQuTepCazDwLNrV0H9CNdkitbf5iyoX+OWYLLyBwtHUvBnlxugRTTk1NZc5zEmqS
qRz1QnYlNgOC5S8BuFzs8hTETmwfkLv1CIrqcKnEZ4f+E31L+5aaBulYjC0JzL9F
+ADULaUudOZLxT368iaGqO4IvdvTgeqSLD2sVXW0H8TvPojuXrJ4eBORZRhOHnns
pyuT
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:07:30 2025 by rpki-client