Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/dPBOUNuMluSVUVsbkWd3r_lebgU.roa
File: dPBOUNuMluSVUVsbkWd3r_lebgU.roa (raw, json)
Hash identifier: pOELbtPhwT+Xz573ShVJg/36cMfG9CcY6YmD29hT1jk=
Subject key identifier: 74:F0:4E:50:DB:8C:96:E4:95:51:5B:1B:91:67:77:AF:F9:5E:6E:05
Certificate issuer: /CN=1a7f036e2592391fb45a3dd33caf0b07956973cf
Certificate serial: 019423D7A55F6784051D0FEEFE81D0FBD8EE
Authority key identifier: 1A:7F:03:6E:25:92:39:1F:B4:5A:3D:D3:3C:AF:0B:07:95:69:73:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/dPBOUNuMluSVUVsbkWd3r_lebgU.roa
Signing time: Wed 01 Jan 2025 21:48:42 +0000
ROA not before: Wed 01 Jan 2025 21:48:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199058
IP address blocks: 2.59.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.crl
rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.mft
rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:a5:5f:67:84:05:1d:0f:ee:fe:81:d0:fb:d8:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a7f036e2592391fb45a3dd33caf0b07956973cf
Validity
Not Before: Jan 1 21:48:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=74f04e50db8c96e495515b1b916777aff95e6e05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:36:cb:ab:41:3c:81:02:47:ad:5e:9a:8c:ae:
68:52:cd:92:85:f7:53:a3:a6:75:f2:b5:e7:9e:0c:
b8:ff:7e:1c:cd:da:80:fb:ea:7e:54:ac:04:d8:15:
c8:7e:b1:5f:b9:35:99:88:4e:81:a8:84:ca:f4:a5:
38:93:ed:80:8d:03:96:6f:e7:76:f2:d1:db:25:24:
51:3e:4f:52:99:a6:ed:78:58:8d:c0:2c:27:68:cd:
72:ba:57:c2:d5:47:59:e5:b4:3f:b9:a9:a7:f5:02:
4a:de:4f:a3:ae:fd:7a:75:78:d2:b7:9c:69:2e:e7:
13:b5:09:52:bf:0e:4e:e3:8f:24:9e:b1:64:9f:a0:
fa:89:cf:9c:5e:2e:20:55:21:00:68:f9:18:33:b0:
fd:7e:8b:f4:2d:c1:31:5f:c8:9e:34:4e:7e:2d:78:
43:b7:28:60:bf:ad:89:dd:33:c4:ec:bc:ac:cf:cf:
36:72:6d:bb:c3:b6:90:46:2f:45:4a:7b:50:55:3d:
5f:5a:dc:8a:bd:a6:3b:34:81:88:2c:6d:19:76:af:
90:4c:12:95:ee:94:c7:87:fc:a8:58:e3:c8:4c:7d:
d3:08:8b:df:7d:b1:b0:3d:e1:d1:ae:36:1c:fd:ac:
ef:ad:e9:98:01:cf:af:17:fc:20:35:9e:b8:8d:47:
b3:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:F0:4E:50:DB:8C:96:E4:95:51:5B:1B:91:67:77:AF:F9:5E:6E:05
X509v3 Authority Key Identifier:
keyid:1A:7F:03:6E:25:92:39:1F:B4:5A:3D:D3:3C:AF:0B:07:95:69:73:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/dPBOUNuMluSVUVsbkWd3r_lebgU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.183.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:c4:2b:e4:de:b6:54:ae:84:a1:49:60:53:86:2e:b1:0c:fa:
02:52:0e:77:ee:f5:dd:8a:f6:d3:e1:e0:16:15:13:eb:33:f0:
5a:df:92:63:e6:56:ae:16:16:3f:07:73:bd:3b:a5:52:12:ae:
9d:5d:44:e0:7a:49:98:19:72:4e:c8:ca:8c:7b:3e:f0:12:c3:
fb:36:7e:b8:12:3d:fa:83:39:e0:7e:45:d0:66:cb:e2:b7:bd:
eb:7a:7a:cc:6b:cb:01:5e:4f:90:dc:3e:e6:63:ea:74:ac:11:
6a:8c:20:c3:6b:e1:3b:f5:52:98:80:ab:90:7f:6e:11:ad:bc:
a6:2f:32:b9:b1:a8:75:5a:e3:ec:4a:ba:6c:00:39:5d:a7:93:
02:95:d6:b7:79:b1:2f:c3:90:2e:cc:b9:9e:e3:a5:0b:85:98:
a7:7f:23:78:1b:75:ed:09:45:75:98:9d:06:f6:4f:1f:6d:49:
0f:e3:85:ef:36:3f:db:d0:93:ca:9a:77:37:e0:7e:57:ed:3d:
29:3e:ea:15:6b:47:d6:c1:e6:e0:ef:83:e0:44:e6:92:74:c4:
07:d6:af:14:e2:db:54:05:c9:24:9a:fc:0e:5a:75:b1:89:90:
d8:cb:9a:3c:9a:93:66:24:32:c1:a8:58:49:a5:bf:65:09:ce:
2a:5b:2c:35
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj16VfZ4QFHQ/u/oHQ+9juMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhN2YwMzZlMjU5MjM5MWZiNDVhM2RkMzNjYWYwYjA3OTU2
OTczY2YwHhcNMjUwMTAxMjE0ODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGYwNGU1MGRiOGM5NmU0OTU1MTViMWI5MTY3NzdhZmY5NWU2ZTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTbLq0E8gQJHrV6ajK5oUs2ShfdT
o6Z18rXnngy4/34czdqA++p+VKwE2BXIfrFfuTWZiE6BqITK9KU4k+2AjQOWb+d2
8tHbJSRRPk9SmabteFiNwCwnaM1yulfC1UdZ5bQ/uamn9QJK3k+jrv16dXjSt5xp
LucTtQlSvw5O448knrFkn6D6ic+cXi4gVSEAaPkYM7D9fov0LcExX8ieNE5+LXhD
tyhgv62J3TPE7Lysz882cm27w7aQRi9FSntQVT1fWtyKvaY7NIGILG0Zdq+QTBKV
7pTHh/yoWOPITH3TCIvffbGwPeHRrjYc/azvremYAc+vF/wgNZ64jUeztwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHTwTlDbjJbklVFbG5Fnd6/5Xm4FMB8GA1UdIwQY
MBaAFBp/A24lkjkftFo90zyvCweVaXPPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR244RGJpV1NPUi0wV2ozVFBLOExCNVZwYzg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC8yNGJlMWEtMTZkYS00ODFjLThiY2It
MzQwZDYyNWM2ZGJhLzEvZFBCT1VOdU1sdVNWVVZzYmtXZDNyX2xlYmdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC8yNGJlMWEtMTZkYS00ODFjLThiY2ItMzQwZDYyNWM2ZGJh
LzEvR244RGJpV1NPUi0wV2ozVFBLOExCNVZwYzg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAju3MA0G
CSqGSIb3DQEBCwUAA4IBAQBrxCvk3rZUroShSWBThi6xDPoCUg537vXdivbT4eAW
FRPrM/Ba35Jj5lauFhY/B3O9O6VSEq6dXUTgekmYGXJOyMqMez7wEsP7Nn64Ej36
gzngfkXQZsvit73renrMa8sBXk+Q3D7mY+p0rBFqjCDDa+E79VKYgKuQf24Rrbym
LzK5sah1WuPsSrpsADldp5MClda3ebEvw5AuzLme46ULhZinfyN4G3XtCUV1mJ0G
9k8fbUkP44XvNj/b0JPKmnc34H5X7T0pPuoVa0fWwebg74PgROaSdMQH1q8U4ttU
BckkmvwOWnWxiZDYy5o8mpNmJDLBqFhJpb9lCc4qWyw1
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:47:39 2025 by rpki-client