Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/099705-4a3b-4a68-b6bd-538af1017509/1/SOjICIUf3Q5KcvZmv_NHH5baNJY.roa
File: SOjICIUf3Q5KcvZmv_NHH5baNJY.roa (raw, json)
Hash identifier: CIXb+faY/LyAGhWDjXy0Uzmt28hgw4zuuv1ZndxzjNQ=
Subject key identifier: 48:E8:C8:08:85:1F:DD:0E:4A:72:F6:66:BF:F3:47:1F:96:DA:34:96
Certificate issuer: /CN=63e2caa7e18af2dfbdb3a6269da2e06dedcb6cf0
Certificate serial: 0194258E9D521099191658645C71BF2A6EE7
Authority key identifier: 63:E2:CA:A7:E1:8A:F2:DF:BD:B3:A6:26:9D:A2:E0:6D:ED:CB:6C:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-LKp-GK8t-9s6YmnaLgbe3LbPA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/099705-4a3b-4a68-b6bd-538af1017509/1/SOjICIUf3Q5KcvZmv_NHH5baNJY.roa
Signing time: Thu 02 Jan 2025 05:48:10 +0000
ROA not before: Thu 02 Jan 2025 05:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44882
IP address blocks: 109.230.128.0/19 maxlen: 19
109.230.160.0/21 maxlen: 21
109.230.176.0/20 maxlen: 20
2a01:98c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ec/099705-4a3b-4a68-b6bd-538af1017509/1/Y-LKp-GK8t-9s6YmnaLgbe3LbPA.crl
rsync://rpki.ripe.net/repository/DEFAULT/ec/099705-4a3b-4a68-b6bd-538af1017509/1/Y-LKp-GK8t-9s6YmnaLgbe3LbPA.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-LKp-GK8t-9s6YmnaLgbe3LbPA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:9d:52:10:99:19:16:58:64:5c:71:bf:2a:6e:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e2caa7e18af2dfbdb3a6269da2e06dedcb6cf0
Validity
Not Before: Jan 2 05:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=48e8c808851fdd0e4a72f666bff3471f96da3496
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:61:16:8e:92:17:2c:ce:46:50:ae:a4:18:10:
fe:22:2b:63:29:27:d6:5e:b2:20:ef:d8:90:68:c4:
5b:00:f2:5b:76:69:a3:de:a9:63:f8:56:35:03:9e:
b8:b6:8c:68:5f:69:1f:e0:3e:4a:6a:96:55:56:04:
26:6d:3b:2b:66:4c:1b:8d:75:2b:2b:2e:2d:e0:5d:
6a:3c:fe:24:49:4b:0a:88:01:e0:67:76:8c:8f:c2:
7c:d0:f5:86:50:df:ef:a7:b1:8d:5d:f9:30:47:34:
57:3a:6b:4d:a7:eb:c1:8a:56:30:c2:d8:6a:12:36:
34:5f:ba:24:a0:35:d6:13:ac:df:4d:58:d0:f8:eb:
2b:85:8a:db:10:cd:56:30:aa:b1:a3:4e:dd:03:f0:
42:2e:91:9c:5e:8b:c9:5a:ae:19:ed:57:d0:f8:f8:
d7:4f:d7:bb:c4:30:a7:c5:54:82:26:49:ef:6d:f6:
49:a3:7f:31:d9:79:33:72:6c:b4:ce:22:0f:20:5b:
5c:b1:e0:53:b6:37:1f:fb:0c:c8:1a:d9:dc:3a:7f:
81:42:22:0e:76:e2:44:64:1a:43:4a:4c:47:cf:e0:
49:a8:3a:71:ea:b2:d2:95:fd:ff:e0:6c:16:cd:7c:
65:55:ed:2a:6b:c2:6f:85:6c:b1:6e:e9:19:b0:e7:
ca:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:E8:C8:08:85:1F:DD:0E:4A:72:F6:66:BF:F3:47:1F:96:DA:34:96
X509v3 Authority Key Identifier:
keyid:63:E2:CA:A7:E1:8A:F2:DF:BD:B3:A6:26:9D:A2:E0:6D:ED:CB:6C:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-LKp-GK8t-9s6YmnaLgbe3LbPA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/099705-4a3b-4a68-b6bd-538af1017509/1/SOjICIUf3Q5KcvZmv_NHH5baNJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/099705-4a3b-4a68-b6bd-538af1017509/1/Y-LKp-GK8t-9s6YmnaLgbe3LbPA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.230.128.0-109.230.167.255
109.230.176.0/20
IPv6:
2a01:98c0::/48
Signature Algorithm: sha256WithRSAEncryption
39:a3:3d:28:90:32:59:ad:a3:78:6c:2d:a5:3f:d2:e3:b1:71:
8c:e6:31:7c:f8:56:51:2f:0c:03:52:82:d9:c1:51:cc:bf:69:
d8:39:97:cc:cd:17:09:90:32:1e:f4:d6:44:f4:71:7b:4d:50:
e4:e8:f2:d9:fd:e8:45:d1:96:66:79:42:f9:89:db:6e:db:2f:
0d:fd:6f:0a:5a:b8:b9:1a:ea:cc:27:78:3b:2e:7e:7c:52:f5:
e9:33:19:a1:93:05:23:2b:6e:96:ff:74:c5:94:84:9d:d7:f5:
96:f0:7d:90:0e:f4:64:c5:18:57:70:22:eb:09:22:38:0b:c5:
a1:d0:b5:50:fd:fd:57:fb:56:3b:1d:12:05:94:5f:01:c4:c2:
99:ec:0e:a2:2d:6d:a5:b3:96:e5:f9:9b:94:df:9b:1c:05:4d:
55:ea:7b:2a:7b:b3:28:bf:54:9b:19:28:7b:c5:21:26:84:f8:
a8:0b:c8:b0:82:9f:1e:a3:b5:39:35:81:82:9a:c1:b7:e1:47:
7c:c1:56:07:ef:d3:de:f0:b1:d8:d4:27:00:93:df:ae:2f:21:
b3:c2:99:50:51:27:8d:e6:04:ca:9b:b1:08:f1:d4:4b:5c:bd:
d4:e0:b6:60:16:d2:a8:a9:f9:fe:c8:70:7a:1b:1a:37:48:fe:
f4:50:63:cc
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAZQljp1SEJkZFlhkXHG/Km7nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTJjYWE3ZTE4YWYyZGZiZGIzYTYyNjlkYTJlMDZkZWRj
YjZjZjAwHhcNMjUwMTAyMDU0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGU4YzgwODg1MWZkZDBlNGE3MmY2NjZiZmYzNDcxZjk2ZGEzNDk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsmEWjpIXLM5GUK6kGBD+IitjKSfW
XrIg79iQaMRbAPJbdmmj3qlj+FY1A564toxoX2kf4D5KapZVVgQmbTsrZkwbjXUr
Ky4t4F1qPP4kSUsKiAHgZ3aMj8J80PWGUN/vp7GNXfkwRzRXOmtNp+vBilYwwthq
EjY0X7okoDXWE6zfTVjQ+OsrhYrbEM1WMKqxo07dA/BCLpGcXovJWq4Z7VfQ+PjX
T9e7xDCnxVSCJknvbfZJo38x2Xkzcmy0ziIPIFtcseBTtjcf+wzIGtncOn+BQiIO
duJEZBpDSkxHz+BJqDpx6rLSlf3/4GwWzXxlVe0qa8JvhWyxbukZsOfKTwIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFEjoyAiFH90OSnL2Zr/zRx+W2jSWMB8GA1UdIwQY
MBaAFGPiyqfhivLfvbOmJp2i4G3ty2zwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1MS3AtR0s4dC05czZZbW5hTGdiZTNMYlBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy8wOTk3MDUtNGEzYi00YTY4LWI2YmQt
NTM4YWYxMDE3NTA5LzEvU09qSUNJVWYzUTVLY3ZabXZfTkhINWJhTkpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy8wOTk3MDUtNGEzYi00YTY4LWI2YmQtNTM4YWYxMDE3NTA5
LzEvWS1MS3AtR0s4dC05czZZbW5hTGdiZTNMYlBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAaBAIAATAUMAwDBAdt5oAD
BANt5qADBARt5rAwDwQCAAIwCQMHACoBmMAAADANBgkqhkiG9w0BAQsFAAOCAQEA
OaM9KJAyWa2jeGwtpT/S47FxjOYxfPhWUS8MA1KC2cFRzL9p2DmXzM0XCZAyHvTW
RPRxe01Q5Ojy2f3oRdGWZnlC+YnbbtsvDf1vClq4uRrqzCd4Oy5+fFL16TMZoZMF
Iytulv90xZSEndf1lvB9kA70ZMUYV3Ai6wkiOAvFodC1UP39V/tWOx0SBZRfAcTC
mewOoi1tpbOW5fmblN+bHAVNVep7KnuzKL9Umxkoe8UhJoT4qAvIsIKfHqO1OTWB
gprBt+FHfMFWB+/T3vCx2NQnAJPfri8hs8KZUFEnjeYEypuxCPHUS1y91OC2YBbS
qKn5/shwehsaN0j+9FBjzA==
-----END CERTIFICATE-----
Generated at Thu Apr 17 07:38:30 2025 by rpki-client