Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/44c42c-1e68-4aab-839d-9593e3a43725/1/JtxbWq9ormth5LcKwN5vG4Q3apo.roa
File: JtxbWq9ormth5LcKwN5vG4Q3apo.roa (raw, json)
Hash identifier: lQXeYw4zv4cIzlRUFSI2nS9Q4llqbkuImnCVCQNKPmM=
Subject key identifier: 26:DC:5B:5A:AF:68:AE:6B:61:E4:B7:0A:C0:DE:6F:1B:84:37:6A:9A
Certificate issuer: /CN=990c4bb38e35cd70320eb791520c6cad34a4b271
Certificate serial: 0194206845A6FC063BC4B856319FA21FBC19
Authority key identifier: 99:0C:4B:B3:8E:35:CD:70:32:0E:B7:91:52:0C:6C:AD:34:A4:B2:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mQxLs441zXAyDreRUgxsrTSksnE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/44c42c-1e68-4aab-839d-9593e3a43725/1/JtxbWq9ormth5LcKwN5vG4Q3apo.roa
Signing time: Wed 01 Jan 2025 05:48:12 +0000
ROA not before: Wed 01 Jan 2025 05:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56505
IP address blocks: 91.223.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/44c42c-1e68-4aab-839d-9593e3a43725/1/mQxLs441zXAyDreRUgxsrTSksnE.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/44c42c-1e68-4aab-839d-9593e3a43725/1/mQxLs441zXAyDreRUgxsrTSksnE.mft
rsync://rpki.ripe.net/repository/DEFAULT/mQxLs441zXAyDreRUgxsrTSksnE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:45:a6:fc:06:3b:c4:b8:56:31:9f:a2:1f:bc:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=990c4bb38e35cd70320eb791520c6cad34a4b271
Validity
Not Before: Jan 1 05:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=26dc5b5aaf68ae6b61e4b70ac0de6f1b84376a9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:9f:16:8f:65:3a:ae:7d:22:45:7b:9f:8e:9f:
02:9c:85:ea:55:55:13:09:a1:11:8f:91:5b:5e:70:
4c:05:f3:c1:b0:e5:92:74:cb:71:7c:ca:23:24:e2:
5d:e6:0c:e8:04:b5:5d:d5:50:6a:a7:b6:ef:3a:d9:
4c:42:ed:54:ce:99:c1:7b:e3:c6:83:0d:cb:1d:dc:
cd:4c:21:1b:78:f4:2b:40:ea:90:e8:ff:17:df:3c:
09:db:fa:3e:88:81:54:b9:d2:61:b2:20:14:bc:92:
0c:2b:26:9e:28:c0:0e:85:1f:1f:aa:56:5c:72:80:
e2:86:a9:d4:dd:7f:d9:00:54:81:66:a0:d4:7f:e9:
ec:06:d4:c4:1d:85:9c:9e:9a:d7:d8:ce:90:61:52:
21:fb:bc:9c:1b:6b:67:df:9b:2f:47:61:dc:d2:48:
ed:ce:8a:61:90:8b:d4:2d:20:a5:27:ed:06:72:a5:
51:92:c6:88:a0:ef:e1:83:de:cb:a7:30:cd:3c:14:
bd:31:bf:49:31:75:6b:91:0f:77:f8:88:14:8a:cb:
3c:ee:8f:d1:75:f9:67:b2:46:c1:e1:70:f8:f9:d0:
d3:74:18:4e:42:08:60:b2:a1:01:be:84:35:4b:15:
36:73:79:5c:83:a9:73:19:bc:6b:27:07:50:77:91:
8a:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:DC:5B:5A:AF:68:AE:6B:61:E4:B7:0A:C0:DE:6F:1B:84:37:6A:9A
X509v3 Authority Key Identifier:
keyid:99:0C:4B:B3:8E:35:CD:70:32:0E:B7:91:52:0C:6C:AD:34:A4:B2:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mQxLs441zXAyDreRUgxsrTSksnE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/44c42c-1e68-4aab-839d-9593e3a43725/1/JtxbWq9ormth5LcKwN5vG4Q3apo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/44c42c-1e68-4aab-839d-9593e3a43725/1/mQxLs441zXAyDreRUgxsrTSksnE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.198.0/24
Signature Algorithm: sha256WithRSAEncryption
50:45:c5:c7:29:fb:86:7f:cf:be:19:11:5a:c4:df:ce:b8:df:
7f:04:06:95:3b:dd:b0:d4:9d:6b:57:55:31:9f:45:39:33:b7:
09:00:c9:96:6f:67:30:69:13:50:9d:b0:a1:97:6c:1f:3b:79:
f0:a6:1a:81:5a:2c:3c:16:40:5a:c8:5b:b7:d6:8a:ec:35:00:
10:bb:3a:4e:81:f3:ba:63:46:32:86:d0:2d:b5:82:ad:54:97:
d3:ac:d3:b2:82:0f:0d:fd:d0:6a:c0:0c:4b:7d:b9:9e:b6:bd:
e4:6c:b2:e5:cb:79:33:5e:73:35:52:d2:0f:c5:b4:54:18:91:
ac:8a:15:1f:69:e4:5a:55:cf:97:3c:7a:94:6d:4c:92:71:5f:
cd:47:34:23:e7:4d:f9:0c:b4:4c:19:9b:87:ff:0b:4e:e7:1d:
b7:15:24:f4:ec:9e:4c:bf:4c:a6:c4:0c:16:55:53:19:db:fa:
76:ff:b9:a1:aa:3a:ab:ef:f8:07:51:8b:69:96:31:6a:2c:32:
5d:d6:f9:c9:3c:8c:80:43:9b:2e:06:65:ea:22:df:5c:39:dc:
dc:02:0c:f7:77:86:f7:10:92:f9:66:c6:ad:98:f2:eb:46:e7:
fc:84:11:96:35:4a:29:40:d7:68:db:57:52:c4:69:bd:28:74:
69:b8:ae:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaEWm/AY7xLhWMZ+iH7wZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5MGM0YmIzOGUzNWNkNzAzMjBlYjc5MTUyMGM2Y2FkMzRh
NGIyNzEwHhcNMjUwMTAxMDU0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmRjNWI1YWFmNjhhZTZiNjFlNGI3MGFjMGRlNmYxYjg0Mzc2YTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmp8Wj2U6rn0iRXufjp8CnIXqVVUT
CaERj5FbXnBMBfPBsOWSdMtxfMojJOJd5gzoBLVd1VBqp7bvOtlMQu1UzpnBe+PG
gw3LHdzNTCEbePQrQOqQ6P8X3zwJ2/o+iIFUudJhsiAUvJIMKyaeKMAOhR8fqlZc
coDihqnU3X/ZAFSBZqDUf+nsBtTEHYWcnprX2M6QYVIh+7ycG2tn35svR2Hc0kjt
zophkIvULSClJ+0GcqVRksaIoO/hg97LpzDNPBS9Mb9JMXVrkQ93+IgUiss87o/R
dflnskbB4XD4+dDTdBhOQghgsqEBvoQ1SxU2c3lcg6lzGbxrJwdQd5GKwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCbcW1qvaK5rYeS3CsDebxuEN2qaMB8GA1UdIwQY
MBaAFJkMS7OONc1wMg63kVIMbK00pLJxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVF4THM0NDF6WEF5RHJlUlVneHNyVFNrc25FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi80NGM0MmMtMWU2OC00YWFiLTgzOWQt
OTU5M2UzYTQzNzI1LzEvSnR4YldxOW9ybXRoNUxjS3dONXZHNFEzYXBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi80NGM0MmMtMWU2OC00YWFiLTgzOWQtOTU5M2UzYTQzNzI1
LzEvbVF4THM0NDF6WEF5RHJlUlVneHNyVFNrc25FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9/GMA0G
CSqGSIb3DQEBCwUAA4IBAQBQRcXHKfuGf8++GRFaxN/OuN9/BAaVO92w1J1rV1Ux
n0U5M7cJAMmWb2cwaRNQnbChl2wfO3nwphqBWiw8FkBayFu31orsNQAQuzpOgfO6
Y0YyhtAttYKtVJfTrNOygg8N/dBqwAxLfbmetr3kbLLly3kzXnM1UtIPxbRUGJGs
ihUfaeRaVc+XPHqUbUyScV/NRzQj5035DLRMGZuH/wtO5x23FST07J5Mv0ymxAwW
VVMZ2/p2/7mhqjqr7/gHUYtpljFqLDJd1vnJPIyAQ5suBmXqIt9cOdzcAgz3d4b3
EJL5ZsatmPLrRuf8hBGWNUopQNdo21dSxGm9KHRpuK6a
-----END CERTIFICATE-----
Generated at Thu Mar 13 07:42:03 2025 by rpki-client