Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/a453fe-a664-47a2-8b8a-ce5e01e71c91/1/3WOk5xXxxuij6cp4c509MovFTR4.roa
File: 3WOk5xXxxuij6cp4c509MovFTR4.roa (raw, json)
Hash identifier: BRAq5QglZZSLB27mttfzU3uMrFESkt4pXeL0Rv1+KDY=
Subject key identifier: DD:63:A4:E7:15:F1:C6:E8:A3:E9:CA:78:73:9D:3D:32:8B:C5:4D:1E
Certificate issuer: /CN=c6e1c8c65c86e8d26ddbeb68658a39a7a8e27866
Certificate serial: 0194F92C68E7F6EF2A7364D38997BCD7EBAB
Authority key identifier: C6:E1:C8:C6:5C:86:E8:D2:6D:DB:EB:68:65:8A:39:A7:A8:E2:78:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xuHIxlyG6NJt2-toZYo5p6jieGY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/a453fe-a664-47a2-8b8a-ce5e01e71c91/1/3WOk5xXxxuij6cp4c509MovFTR4.roa
Signing time: Wed 12 Feb 2025 08:00:24 +0000
ROA not before: Wed 12 Feb 2025 08:00:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211904
IP address blocks: 92.114.51.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/a453fe-a664-47a2-8b8a-ce5e01e71c91/1/xuHIxlyG6NJt2-toZYo5p6jieGY.crl
rsync://rpki.ripe.net/repository/DEFAULT/ee/a453fe-a664-47a2-8b8a-ce5e01e71c91/1/xuHIxlyG6NJt2-toZYo5p6jieGY.mft
rsync://rpki.ripe.net/repository/DEFAULT/xuHIxlyG6NJt2-toZYo5p6jieGY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f9:2c:68:e7:f6:ef:2a:73:64:d3:89:97:bc:d7:eb:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6e1c8c65c86e8d26ddbeb68658a39a7a8e27866
Validity
Not Before: Feb 12 08:00:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dd63a4e715f1c6e8a3e9ca78739d3d328bc54d1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:69:c0:bd:ae:59:d3:60:83:03:f3:c8:e9:81:
a7:e1:1d:ef:ee:d9:c6:5a:b1:e1:5b:9c:fc:a9:68:
36:5c:96:2a:e8:14:0d:82:f3:2b:59:aa:40:91:99:
c1:47:9d:9d:5f:fd:48:0c:8d:6c:3d:8b:6b:66:b3:
d8:1a:3f:aa:9d:09:8e:44:53:31:86:f3:b5:01:2b:
4e:a2:f6:f0:ff:c5:9f:d5:4c:7c:9d:74:be:a4:2e:
40:28:42:d4:11:18:1d:d2:e3:b4:93:87:e7:e7:63:
a7:81:58:08:0a:58:f5:78:c8:c3:f4:07:ba:62:07:
c8:3b:0c:c5:8c:0c:a8:3a:4e:ce:a2:ae:0c:44:55:
0a:06:3f:58:0f:cb:e5:79:01:c0:67:3f:fa:aa:57:
a1:28:cc:f1:a7:53:7f:5e:44:29:c2:0a:83:49:f9:
4f:df:05:e3:aa:34:bc:be:2f:91:3b:cc:81:8f:fa:
3a:19:76:c9:50:1e:3f:50:1b:fa:28:fe:45:e2:4d:
10:07:71:7c:1a:32:35:fb:c7:97:60:ae:8c:03:5b:
c9:cf:0d:bb:da:1e:d7:93:e8:10:3b:74:79:79:d6:
2b:69:90:fa:78:55:10:7f:a4:3c:56:a1:fc:46:23:
eb:59:4b:6f:62:64:33:19:99:86:f4:75:4a:ee:b0:
af:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:63:A4:E7:15:F1:C6:E8:A3:E9:CA:78:73:9D:3D:32:8B:C5:4D:1E
X509v3 Authority Key Identifier:
keyid:C6:E1:C8:C6:5C:86:E8:D2:6D:DB:EB:68:65:8A:39:A7:A8:E2:78:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xuHIxlyG6NJt2-toZYo5p6jieGY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/a453fe-a664-47a2-8b8a-ce5e01e71c91/1/3WOk5xXxxuij6cp4c509MovFTR4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/a453fe-a664-47a2-8b8a-ce5e01e71c91/1/xuHIxlyG6NJt2-toZYo5p6jieGY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.114.51.0/24
Signature Algorithm: sha256WithRSAEncryption
35:1a:70:3f:d8:0a:34:4f:f4:29:e7:44:69:31:03:dd:c4:5c:
de:f2:09:c6:49:32:db:bd:98:4b:e0:f8:84:2a:fe:83:07:93:
d7:1d:21:ca:4c:7e:64:01:98:cc:65:81:bf:8e:8c:2a:c5:2b:
43:a7:3d:36:d5:c7:26:d9:0a:29:5f:ae:84:b1:bd:ff:de:67:
e6:3b:63:18:aa:7b:ea:17:f2:83:94:cc:fe:c5:3f:0d:3d:32:
2b:e9:41:fe:a5:10:63:3e:b1:c6:2c:dd:af:94:48:7e:4a:9c:
a3:e7:62:ed:68:87:26:d5:4d:f8:2d:6d:b9:c7:11:64:e6:45:
48:1f:b5:e3:c4:32:be:93:bd:1c:dc:fe:8a:14:12:0c:af:a3:
e1:47:f7:c1:72:7b:31:99:ca:67:f1:d8:a6:33:70:2f:66:6c:
5e:2e:89:61:76:9e:25:d0:b5:03:f6:03:b9:bf:3b:fd:f6:a8:
61:60:9e:76:c5:15:6f:fa:60:60:58:61:42:46:4a:71:57:83:
e3:09:a8:8a:9a:70:80:92:5c:39:60:85:9d:31:3f:07:49:09:
2e:e3:9c:e8:59:d4:b6:e1:25:d3:b5:3d:f4:77:6f:ed:81:d3:
03:11:65:93:b7:6d:d2:b1:de:40:c3:3c:1f:ea:f2:35:3f:d6:
0a:46:98:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZT5LGjn9u8qc2TTiZe81+urMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2ZTFjOGM2NWM4NmU4ZDI2ZGRiZWI2ODY1OGEzOWE3YThl
Mjc4NjYwHhcNMjUwMjEyMDgwMDI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDYzYTRlNzE1ZjFjNmU4YTNlOWNhNzg3MzlkM2QzMjhiYzU0ZDFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmnAva5Z02CDA/PI6YGn4R3v7tnG
WrHhW5z8qWg2XJYq6BQNgvMrWapAkZnBR52dX/1IDI1sPYtrZrPYGj+qnQmORFMx
hvO1AStOovbw/8Wf1Ux8nXS+pC5AKELUERgd0uO0k4fn52OngVgIClj1eMjD9Ae6
YgfIOwzFjAyoOk7Ooq4MRFUKBj9YD8vleQHAZz/6qlehKMzxp1N/XkQpwgqDSflP
3wXjqjS8vi+RO8yBj/o6GXbJUB4/UBv6KP5F4k0QB3F8GjI1+8eXYK6MA1vJzw27
2h7Xk+gQO3R5edYraZD6eFUQf6Q8VqH8RiPrWUtvYmQzGZmG9HVK7rCv6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN1jpOcV8cboo+nKeHOdPTKLxU0eMB8GA1UdIwQY
MBaAFMbhyMZchujSbdvraGWKOaeo4nhmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHVISXhseUc2Tkp0Mi10b1pZbzVwNmppZUdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9hNDUzZmUtYTY2NC00N2EyLThiOGEt
Y2U1ZTAxZTcxYzkxLzEvM1dPazV4WHh4dWlqNmNwNGM1MDlNb3ZGVFI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9hNDUzZmUtYTY2NC00N2EyLThiOGEtY2U1ZTAxZTcxYzkx
LzEveHVISXhseUc2Tkp0Mi10b1pZbzVwNmppZUdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXHIzMA0G
CSqGSIb3DQEBCwUAA4IBAQA1GnA/2Ao0T/Qp50RpMQPdxFze8gnGSTLbvZhL4PiE
Kv6DB5PXHSHKTH5kAZjMZYG/jowqxStDpz021ccm2QopX66Esb3/3mfmO2MYqnvq
F/KDlMz+xT8NPTIr6UH+pRBjPrHGLN2vlEh+Spyj52LtaIcm1U34LW25xxFk5kVI
H7XjxDK+k70c3P6KFBIMr6PhR/fBcnsxmcpn8dimM3AvZmxeLolhdp4l0LUD9gO5
vzv99qhhYJ52xRVv+mBgWGFCRkpxV4PjCaiKmnCAklw5YIWdMT8HSQku45zoWdS2
4SXTtT30d2/tgdMDEWWTt23Ssd5Awzwf6vI1P9YKRpgV
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:44:58 2025 by rpki-client