Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/QOd_WFMEgwOyxqu-Xk2hZvgMcH8.roa
File: QOd_WFMEgwOyxqu-Xk2hZvgMcH8.roa (raw, json)
Hash identifier: uXkg5eescOxXc9nW3DCPgg8rcsXy8Kvy8S+sNh4PoXk=
Subject key identifier: 40:E7:7F:58:53:04:83:03:B2:C6:AB:BE:5E:4D:A1:66:F8:0C:70:7F
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 0194266B0E2374A31D3ABC89A4180FA4261B
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/QOd_WFMEgwOyxqu-Xk2hZvgMcH8.roa
Signing time: Thu 02 Jan 2025 09:48:57 +0000
ROA not before: Thu 02 Jan 2025 09:48:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209996
IP address blocks: 192.144.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 12:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:0e:23:74:a3:1d:3a:bc:89:a4:18:0f:a4:26:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Jan 2 09:48:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=40e77f5853048303b2c6abbe5e4da166f80c707f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:69:1a:13:e6:86:01:68:53:b9:08:4d:c1:9c:
4a:0d:0c:8a:ca:ac:90:f6:ad:4e:cd:56:2a:81:59:
c7:d9:87:7c:c2:66:e6:48:0b:fc:aa:94:e4:8c:6a:
d2:1f:1c:a9:ef:9b:67:93:9a:1d:11:41:c1:ea:08:
b7:fc:32:d3:1c:1a:8c:b3:b1:57:58:1c:b7:11:b8:
c7:53:7b:fe:d6:58:73:f2:74:54:aa:61:b8:1c:ce:
63:13:b6:9c:41:25:12:81:e8:f4:51:83:d1:5f:7b:
cd:b8:c6:0a:9d:84:f9:9f:b7:64:34:06:8b:9a:98:
a5:8a:1d:a2:64:49:cc:aa:ad:5c:5d:12:2a:21:dc:
5e:2a:4e:5c:b7:26:3c:39:90:43:8a:df:2e:b6:43:
2c:7d:12:68:e3:fe:5c:17:e5:37:65:42:01:7a:03:
a6:1c:d5:16:0c:c6:ef:bb:3c:7f:10:3f:06:4e:31:
80:be:d3:a0:f7:1d:4e:fb:cd:d0:7c:55:6a:52:5c:
7e:88:a4:32:cb:37:24:e1:f6:6b:6b:0e:30:f9:4c:
fa:9e:c6:76:90:c0:91:b1:19:0f:48:f1:4c:7e:f4:
46:6a:7f:5d:43:6e:3c:76:21:1c:75:9b:5a:7b:dc:
18:26:05:34:bd:21:5d:10:c6:f0:ae:00:f5:19:ed:
4a:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:E7:7F:58:53:04:83:03:B2:C6:AB:BE:5E:4D:A1:66:F8:0C:70:7F
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/QOd_WFMEgwOyxqu-Xk2hZvgMcH8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.144.35.0/24
Signature Algorithm: sha256WithRSAEncryption
50:12:49:bd:44:ce:39:f2:1f:08:b8:be:84:ef:45:02:a3:af:
69:8d:50:12:bf:d7:5e:b4:11:aa:45:91:22:24:42:58:da:28:
13:fc:e6:0b:7f:af:04:82:e2:9c:27:79:8c:95:f0:d8:f8:e9:
be:0d:9e:7d:0d:ef:c8:ef:f8:de:3a:89:a7:f1:38:38:16:93:
9d:e0:fe:65:63:5b:2d:42:1d:79:05:0b:56:38:63:81:22:ed:
c6:fa:7c:f0:bd:23:8a:90:10:50:7d:01:49:4c:85:42:ec:ff:
19:95:fc:5b:7f:0a:0f:62:23:56:a1:58:1c:50:58:91:d9:f0:
43:5a:f3:ab:5c:c0:ee:0e:be:f5:78:0a:77:5c:1f:55:af:0c:
b6:f6:42:c2:33:89:58:7e:4e:eb:82:cf:e2:71:da:42:b3:f1:
40:9b:47:1e:01:87:0b:73:58:09:98:81:60:71:74:0d:11:64:
19:90:ff:e4:97:07:95:38:3b:2a:0f:3a:4b:6c:22:dd:98:a0:
ed:e3:2d:08:e1:24:28:12:b0:38:57:21:17:bb:ae:03:13:69:
c7:1e:b1:38:52:0f:18:7f:0f:8a:d6:6e:39:73:ca:c5:2f:7f:
4b:0c:7a:79:ef:44:4d:b9:39:a3:17:03:b6:5c:0a:0f:02:eb:
61:ca:be:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQmaw4jdKMdOryJpBgPpCYbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjUwMTAyMDk0ODU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGU3N2Y1ODUzMDQ4MzAzYjJjNmFiYmU1ZTRkYTE2NmY4MGM3MDdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0WkaE+aGAWhTuQhNwZxKDQyKyqyQ
9q1OzVYqgVnH2Yd8wmbmSAv8qpTkjGrSHxyp75tnk5odEUHB6gi3/DLTHBqMs7FX
WBy3EbjHU3v+1lhz8nRUqmG4HM5jE7acQSUSgej0UYPRX3vNuMYKnYT5n7dkNAaL
mpilih2iZEnMqq1cXRIqIdxeKk5ctyY8OZBDit8utkMsfRJo4/5cF+U3ZUIBegOm
HNUWDMbvuzx/ED8GTjGAvtOg9x1O+83QfFVqUlx+iKQyyzck4fZraw4w+Uz6nsZ2
kMCRsRkPSPFMfvRGan9dQ248diEcdZtae9wYJgU0vSFdEMbwrgD1Ge1KawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEDnf1hTBIMDssarvl5NoWb4DHB/MB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvUU9kX1dGTUVnd095eHF1LVhrMmhadmdNY0g4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwJAjMA0G
CSqGSIb3DQEBCwUAA4IBAQBQEkm9RM458h8IuL6E70UCo69pjVASv9detBGqRZEi
JEJY2igT/OYLf68EguKcJ3mMlfDY+Om+DZ59De/I7/jeOomn8Tg4FpOd4P5lY1st
Qh15BQtWOGOBIu3G+nzwvSOKkBBQfQFJTIVC7P8ZlfxbfwoPYiNWoVgcUFiR2fBD
WvOrXMDuDr71eAp3XB9Vrwy29kLCM4lYfk7rgs/icdpCs/FAm0ceAYcLc1gJmIFg
cXQNEWQZkP/klweVODsqDzpLbCLdmKDt4y0I4SQoErA4VyEXu64DE2nHHrE4Ug8Y
fw+K1m45c8rFL39LDHp570RNuTmjFwO2XAoPAuthyr4p
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:48:06 2025 by rpki-client