Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/af31ab-2e34-47fb-9611-223a4d94709e/1/dlFU-VFKr3DcjZAchl6XqyqKK5c.roa
File: dlFU-VFKr3DcjZAchl6XqyqKK5c.roa (raw, json)
Hash identifier: neVLf32lP2kuQND5P5wXOeNSgGn0qOcZGwTsUoY1fZs=
Subject key identifier: 76:51:54:F9:51:4A:AF:70:DC:8D:90:1C:86:5E:97:AB:2A:8A:2B:97
Certificate issuer: /CN=b32bb7f2fa8c414c67188bdabbfb76215693ba87
Certificate serial: 019422FC2BEC9228F8C53BA596F77007C26C
Authority key identifier: B3:2B:B7:F2:FA:8C:41:4C:67:18:8B:DA:BB:FB:76:21:56:93:BA:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/syu38vqMQUxnGIvau_t2IVaTuoc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/af31ab-2e34-47fb-9611-223a4d94709e/1/dlFU-VFKr3DcjZAchl6XqyqKK5c.roa
Signing time: Wed 01 Jan 2025 17:48:59 +0000
ROA not before: Wed 01 Jan 2025 17:48:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57550
IP address blocks: 91.232.236.0/23 maxlen: 23
91.232.236.0/24 maxlen: 24
91.232.237.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/af31ab-2e34-47fb-9611-223a4d94709e/1/syu38vqMQUxnGIvau_t2IVaTuoc.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/af31ab-2e34-47fb-9611-223a4d94709e/1/syu38vqMQUxnGIvau_t2IVaTuoc.mft
rsync://rpki.ripe.net/repository/DEFAULT/syu38vqMQUxnGIvau_t2IVaTuoc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:2b:ec:92:28:f8:c5:3b:a5:96:f7:70:07:c2:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b32bb7f2fa8c414c67188bdabbfb76215693ba87
Validity
Not Before: Jan 1 17:48:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=765154f9514aaf70dc8d901c865e97ab2a8a2b97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:a5:28:29:7a:66:1d:d7:4f:52:6f:16:2e:76:
ca:f1:9f:a9:b9:14:45:63:23:e4:e7:83:05:c4:ad:
15:79:32:37:5d:ce:fa:68:3d:ba:26:6a:bc:6a:23:
01:6b:02:7e:fd:9d:2c:8a:f4:b3:85:0e:3f:38:75:
e3:08:5a:2a:46:46:a8:bb:02:61:24:37:8f:6a:b8:
5c:8a:4b:fa:c7:07:cf:4d:a8:cd:04:ec:71:50:9b:
8f:66:b4:9d:2f:63:21:f2:0d:70:86:27:3a:61:40:
3b:2c:41:84:ee:82:b1:31:18:df:6b:1c:75:d1:d9:
da:9f:b6:fb:37:20:26:d1:11:54:b4:5d:7f:5c:11:
98:fd:7c:8a:72:4f:0a:d4:09:cd:91:dc:9f:90:de:
d1:de:ac:7a:48:90:41:f5:8f:8c:bb:81:0c:b0:b8:
b2:de:cd:5f:64:37:91:af:b6:13:66:46:92:c7:41:
a5:24:a7:71:60:f4:3d:6b:ab:ea:71:7d:48:79:74:
0e:eb:ff:49:e9:ef:95:9f:c0:4d:fd:70:1a:6c:b5:
f8:df:c6:e4:97:43:8c:0d:06:3a:f7:c5:4b:d5:cc:
2f:cb:f6:81:2f:33:46:34:a2:33:9f:3c:de:5a:77:
30:a8:e7:a2:18:2f:64:cb:20:56:09:18:f3:c5:fa:
d9:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:51:54:F9:51:4A:AF:70:DC:8D:90:1C:86:5E:97:AB:2A:8A:2B:97
X509v3 Authority Key Identifier:
keyid:B3:2B:B7:F2:FA:8C:41:4C:67:18:8B:DA:BB:FB:76:21:56:93:BA:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/syu38vqMQUxnGIvau_t2IVaTuoc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/af31ab-2e34-47fb-9611-223a4d94709e/1/dlFU-VFKr3DcjZAchl6XqyqKK5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/af31ab-2e34-47fb-9611-223a4d94709e/1/syu38vqMQUxnGIvau_t2IVaTuoc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.232.236.0/23
Signature Algorithm: sha256WithRSAEncryption
3e:98:ff:31:4f:96:5e:35:e7:34:11:27:51:0f:61:ae:2c:e2:
63:57:a3:0a:2e:86:c6:31:5e:e6:14:92:2b:75:79:0e:53:50:
c6:bc:75:a1:7e:34:65:ec:d5:34:52:3c:f5:74:06:d3:39:4c:
2a:1b:c7:e1:72:11:f3:eb:a5:ba:a0:4b:50:71:99:f9:70:cb:
b7:37:6c:fc:db:15:6b:f1:85:b6:79:fb:68:5e:13:79:a6:62:
72:f4:36:64:da:bf:7f:71:74:25:a3:d3:c4:6c:d9:cb:da:13:
c2:13:82:83:0a:e8:f2:09:a9:dd:46:71:30:4b:d1:16:88:31:
33:3d:cf:69:70:c7:9f:cf:4b:0a:84:d8:df:88:95:79:d0:77:
14:d0:2f:71:09:85:21:10:0b:78:ee:1c:dd:26:21:8a:84:9a:
c2:6d:5d:60:04:d2:16:1c:5b:ac:a2:14:c8:56:c3:c8:a6:f4:
d7:7f:67:7f:9a:ae:6a:07:69:51:41:73:2b:f0:8b:7f:59:29:
74:a9:93:6a:5d:f1:d8:b3:37:e1:ba:53:b9:99:6b:c9:81:0e:
cd:13:a9:af:f2:1c:53:5d:9b:b3:25:45:ee:87:a4:1f:16:3d:
f8:2f:41:1f:88:62:9e:fc:79:33:13:07:1d:32:9a:a4:a2:9b:
0b:8f:81:86
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi/Cvskij4xTullvdwB8JsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMmJiN2YyZmE4YzQxNGM2NzE4OGJkYWJiZmI3NjIxNTY5
M2JhODcwHhcNMjUwMTAxMTc0ODU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjUxNTRmOTUxNGFhZjcwZGM4ZDkwMWM4NjVlOTdhYjJhOGEyYjk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzaUoKXpmHddPUm8WLnbK8Z+puRRF
YyPk54MFxK0VeTI3Xc76aD26Jmq8aiMBawJ+/Z0sivSzhQ4/OHXjCFoqRkaouwJh
JDeParhcikv6xwfPTajNBOxxUJuPZrSdL2Mh8g1whic6YUA7LEGE7oKxMRjfaxx1
0dnan7b7NyAm0RFUtF1/XBGY/XyKck8K1AnNkdyfkN7R3qx6SJBB9Y+Mu4EMsLiy
3s1fZDeRr7YTZkaSx0GlJKdxYPQ9a6vqcX1IeXQO6/9J6e+Vn8BN/XAabLX438bk
l0OMDQY698VL1cwvy/aBLzNGNKIznzzeWncwqOeiGC9kyyBWCRjzxfrZ1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHZRVPlRSq9w3I2QHIZel6sqiiuXMB8GA1UdIwQY
MBaAFLMrt/L6jEFMZxiL2rv7diFWk7qHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3l1Mzh2cU1RVXhuR0l2YXVfdDJJVmFUdW9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZjMxYWItMmUzNC00N2ZiLTk2MTEt
MjIzYTRkOTQ3MDllLzEvZGxGVS1WRktyM0RjalpBY2hsNlhxeXFLSzVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZjMxYWItMmUzNC00N2ZiLTk2MTEtMjIzYTRkOTQ3MDll
LzEvc3l1Mzh2cU1RVXhuR0l2YXVfdDJJVmFUdW9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW+jsMA0G
CSqGSIb3DQEBCwUAA4IBAQA+mP8xT5ZeNec0ESdRD2GuLOJjV6MKLobGMV7mFJIr
dXkOU1DGvHWhfjRl7NU0Ujz1dAbTOUwqG8fhchHz66W6oEtQcZn5cMu3N2z82xVr
8YW2eftoXhN5pmJy9DZk2r9/cXQlo9PEbNnL2hPCE4KDCujyCandRnEwS9EWiDEz
Pc9pcMefz0sKhNjfiJV50HcU0C9xCYUhEAt47hzdJiGKhJrCbV1gBNIWHFusohTI
VsPIpvTXf2d/mq5qB2lRQXMr8It/WSl0qZNqXfHYszfhulO5mWvJgQ7NE6mv8hxT
XZuzJUXuh6QfFj34L0EfiGKe/HkzEwcdMpqkopsLj4GG
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:48:51 2025 by rpki-client