Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/a35f7f-2194-46d3-91bd-cc0f50bda159/1/iTC7AIloz6nQaL3mT_rFGYZ-wig.roa
File: iTC7AIloz6nQaL3mT_rFGYZ-wig.roa (raw, json)
Hash identifier: fesaTZGLmhO2WzwSQegYz6bFqw2Ey8O4XUX49y7XEFA=
Subject key identifier: 89:30:BB:00:89:68:CF:A9:D0:68:BD:E6:4F:FA:C5:19:86:7E:C2:28
Certificate issuer: /CN=4cdd6973493ce0c3849b8b919b7502ba5fa013d7
Certificate serial: 019426D911EB53C1E136184ADA2CFC11C24B
Authority key identifier: 4C:DD:69:73:49:3C:E0:C3:84:9B:8B:91:9B:75:02:BA:5F:A0:13:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TN1pc0k84MOEm4uRm3UCul-gE9c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/a35f7f-2194-46d3-91bd-cc0f50bda159/1/iTC7AIloz6nQaL3mT_rFGYZ-wig.roa
Signing time: Thu 02 Jan 2025 11:49:07 +0000
ROA not before: Thu 02 Jan 2025 11:49:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44644
IP address blocks: 92.43.192.0/21 maxlen: 24
2a01:9460::/32 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/a35f7f-2194-46d3-91bd-cc0f50bda159/1/TN1pc0k84MOEm4uRm3UCul-gE9c.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/a35f7f-2194-46d3-91bd-cc0f50bda159/1/TN1pc0k84MOEm4uRm3UCul-gE9c.mft
rsync://rpki.ripe.net/repository/DEFAULT/TN1pc0k84MOEm4uRm3UCul-gE9c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:11:eb:53:c1:e1:36:18:4a:da:2c:fc:11:c2:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4cdd6973493ce0c3849b8b919b7502ba5fa013d7
Validity
Not Before: Jan 2 11:49:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8930bb008968cfa9d068bde64ffac519867ec228
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:bd:3d:0d:4f:0d:c0:a8:ee:00:20:75:8d:d7:
49:41:e0:21:a8:f5:17:43:0f:30:9c:86:e5:e8:e5:
cd:8c:ff:f1:35:f7:7a:86:8c:1d:c6:79:7e:0d:38:
e2:ea:c8:30:a5:fa:4f:41:ce:83:f9:55:4b:77:e1:
bf:96:a6:c0:d2:4a:f6:91:b3:28:53:8f:30:a8:a9:
90:46:f6:9f:3c:de:3b:47:19:37:16:02:29:0b:88:
1a:6b:c3:72:45:1c:96:cd:53:36:f2:f8:f0:5d:29:
5c:c1:bc:ce:d7:69:97:99:57:19:e0:bb:f5:7a:06:
28:4d:1d:f9:28:1c:1a:7e:2c:c5:49:73:d6:1f:09:
ba:19:09:37:d4:c7:e5:68:20:d6:6e:49:f7:43:5d:
07:52:83:90:42:a6:14:c5:53:c8:05:f4:2f:e6:de:
1d:97:e2:35:8a:97:87:c0:34:8d:90:e2:85:be:10:
34:84:fd:dc:c0:60:ea:6d:09:63:55:a2:01:56:0a:
40:de:60:52:77:83:5d:51:25:33:9e:dc:e4:46:b1:
92:48:29:4d:2a:a5:c5:62:3c:ec:06:7a:d1:8d:e0:
0a:dc:aa:69:91:be:50:b4:6f:0c:ca:2a:8e:52:71:
0c:be:f1:8a:a0:84:77:f1:27:3c:21:e3:e5:e2:5a:
99:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:30:BB:00:89:68:CF:A9:D0:68:BD:E6:4F:FA:C5:19:86:7E:C2:28
X509v3 Authority Key Identifier:
keyid:4C:DD:69:73:49:3C:E0:C3:84:9B:8B:91:9B:75:02:BA:5F:A0:13:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TN1pc0k84MOEm4uRm3UCul-gE9c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/a35f7f-2194-46d3-91bd-cc0f50bda159/1/iTC7AIloz6nQaL3mT_rFGYZ-wig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/a35f7f-2194-46d3-91bd-cc0f50bda159/1/TN1pc0k84MOEm4uRm3UCul-gE9c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.43.192.0/21
IPv6:
2a01:9460::/32
Signature Algorithm: sha256WithRSAEncryption
28:e6:98:2d:9f:ac:81:5b:21:a1:37:1c:de:c3:71:c1:15:ca:
23:fd:4f:2f:0b:0c:7a:e9:cf:0c:1d:96:fa:c6:e2:b8:8d:4c:
49:03:d5:ef:bb:0a:3e:98:ca:65:5c:ab:95:d1:ad:11:a4:fb:
6f:56:1e:cc:cd:46:3f:b3:cf:d2:4b:b9:7d:72:6d:db:b1:f7:
75:3f:da:54:aa:0c:47:da:c8:40:44:fd:46:68:e2:7a:14:57:
6d:a9:95:14:7d:84:73:fa:bf:d8:5c:2d:68:eb:db:1b:1d:3b:
5e:27:f8:54:44:dc:77:12:a5:b4:24:ae:00:0a:ab:1a:1a:86:
c2:dd:f5:93:c2:22:92:40:07:e3:74:b1:29:b1:ec:4c:5c:cb:
bb:db:c5:2c:08:e5:c8:a3:1c:7f:66:32:de:76:07:4d:e5:98:
58:39:a7:14:92:45:6c:b3:43:a4:41:1f:8f:2b:3b:6c:c0:5e:
6c:99:f7:e3:58:f3:1d:17:58:a1:ed:45:7b:cb:8e:c8:25:db:
0b:72:93:fc:2c:8e:97:b3:07:f5:ad:57:74:0e:00:5f:c0:84:
6a:c7:5b:ab:d5:fa:0c:8d:08:07:51:ee:d7:8b:a6:9c:ab:46:
b6:76:59:c4:da:bf:0e:30:3c:69:6a:1f:c3:46:e7:cd:72:9b:
03:9a:6d:8c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQm2RHrU8HhNhhK2iz8EcJLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZGQ2OTczNDkzY2UwYzM4NDliOGI5MTliNzUwMmJhNWZh
MDEzZDcwHhcNMjUwMTAyMTE0OTA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTMwYmIwMDg5NjhjZmE5ZDA2OGJkZTY0ZmZhYzUxOTg2N2VjMjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAir09DU8NwKjuACB1jddJQeAhqPUX
Qw8wnIbl6OXNjP/xNfd6howdxnl+DTji6sgwpfpPQc6D+VVLd+G/lqbA0kr2kbMo
U48wqKmQRvafPN47Rxk3FgIpC4gaa8NyRRyWzVM28vjwXSlcwbzO12mXmVcZ4Lv1
egYoTR35KBwafizFSXPWHwm6GQk31MflaCDWbkn3Q10HUoOQQqYUxVPIBfQv5t4d
l+I1ipeHwDSNkOKFvhA0hP3cwGDqbQljVaIBVgpA3mBSd4NdUSUzntzkRrGSSClN
KqXFYjzsBnrRjeAK3Kppkb5QtG8MyiqOUnEMvvGKoIR38Sc8IePl4lqZIQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIkwuwCJaM+p0Gi95k/6xRmGfsIoMB8GA1UdIwQY
MBaAFEzdaXNJPODDhJuLkZt1ArpfoBPXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVE4xcGMwazg0TU9FbTR1Um0zVUN1bC1nRTljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9hMzVmN2YtMjE5NC00NmQzLTkxYmQt
Y2MwZjUwYmRhMTU5LzEvaVRDN0FJbG96Nm5RYUwzbVRfckZHWVotd2lnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9hMzVmN2YtMjE5NC00NmQzLTkxYmQtY2MwZjUwYmRhMTU5
LzEvVE4xcGMwazg0TU9FbTR1Um0zVUN1bC1nRTljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDXCvAMA0E
AgACMAcDBQAqAZRgMA0GCSqGSIb3DQEBCwUAA4IBAQAo5pgtn6yBWyGhNxzew3HB
Fcoj/U8vCwx66c8MHZb6xuK4jUxJA9Xvuwo+mMplXKuV0a0RpPtvVh7MzUY/s8/S
S7l9cm3bsfd1P9pUqgxH2shARP1GaOJ6FFdtqZUUfYRz+r/YXC1o69sbHTteJ/hU
RNx3EqW0JK4ACqsaGobC3fWTwiKSQAfjdLEpsexMXMu728UsCOXIoxx/ZjLedgdN
5ZhYOacUkkVss0OkQR+PKztswF5smffjWPMdF1ih7UV7y47IJdsLcpP8LI6Xswf1
rVd0DgBfwIRqx1ur1foMjQgHUe7Xi6acq0a2dlnE2r8OMDxpah/DRufNcpsDmm2M
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:05:32 2025 by rpki-client