Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/b993ef-aaa7-400c-8db7-96d304c8db02/1/kpFxxzn5rxVSC7pUTip-34ePAH8.roa
File: kpFxxzn5rxVSC7pUTip-34ePAH8.roa (raw, json)
Hash identifier: 2PbpsfTlZEwOXoeKMnWL66QR3WBkUd2nLs/ZQj9Tcq4=
Subject key identifier: 92:91:71:C7:39:F9:AF:15:52:0B:BA:54:4E:2A:7E:DF:87:8F:00:7F
Certificate issuer: /CN=b8207697d0b7c24199e6dd1282b49b56cef0244f
Certificate serial: 0194258FBA2E180755B9736EBA337B473F50
Authority key identifier: B8:20:76:97:D0:B7:C2:41:99:E6:DD:12:82:B4:9B:56:CE:F0:24:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uCB2l9C3wkGZ5t0SgrSbVs7wJE8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/b993ef-aaa7-400c-8db7-96d304c8db02/1/kpFxxzn5rxVSC7pUTip-34ePAH8.roa
Signing time: Thu 02 Jan 2025 05:49:23 +0000
ROA not before: Thu 02 Jan 2025 05:49:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51248
IP address blocks: 91.209.77.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/b993ef-aaa7-400c-8db7-96d304c8db02/1/uCB2l9C3wkGZ5t0SgrSbVs7wJE8.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/b993ef-aaa7-400c-8db7-96d304c8db02/1/uCB2l9C3wkGZ5t0SgrSbVs7wJE8.mft
rsync://rpki.ripe.net/repository/DEFAULT/uCB2l9C3wkGZ5t0SgrSbVs7wJE8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 05:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:ba:2e:18:07:55:b9:73:6e:ba:33:7b:47:3f:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8207697d0b7c24199e6dd1282b49b56cef0244f
Validity
Not Before: Jan 2 05:49:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=929171c739f9af15520bba544e2a7edf878f007f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:63:6a:7a:56:fc:98:af:9d:8d:28:98:d1:93:
74:a8:08:2a:07:75:28:23:af:ec:37:82:e4:f8:8d:
3b:5f:f8:ac:20:ac:c7:ba:b7:5a:52:14:5b:50:75:
5b:43:04:bb:97:5f:e1:3f:cf:1b:9f:49:94:13:68:
4e:95:39:7c:e0:7f:21:fe:d4:91:0c:4f:8b:64:80:
6a:e5:8a:9c:9b:f0:ce:61:be:85:27:19:9b:81:d0:
a9:11:78:e6:ad:a7:ef:c0:47:7e:6c:c1:63:be:31:
73:9d:6d:e7:1b:49:53:00:02:99:ea:0a:1f:46:e8:
c4:20:07:a6:40:e5:33:f7:20:44:ac:de:e6:d2:c4:
47:62:b6:04:d3:a6:d5:4b:5e:42:97:4a:95:25:00:
1f:2b:96:7b:30:1e:3f:51:c0:06:bc:0b:8f:f3:d3:
1c:ea:43:f5:48:3b:02:e9:5b:4d:dd:53:40:45:69:
e7:1f:78:89:6c:ac:9c:2b:77:95:1a:21:46:0e:9e:
c3:ad:ef:20:4b:23:3e:52:eb:55:64:28:c1:74:67:
4b:b1:89:18:6a:5b:11:23:83:02:d8:35:dd:02:67:
ab:9e:06:89:45:cf:3c:ae:68:2b:7c:56:f5:1c:f0:
ef:b6:2e:c2:9f:d8:55:2c:15:5b:5e:17:5a:ad:13:
d4:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:91:71:C7:39:F9:AF:15:52:0B:BA:54:4E:2A:7E:DF:87:8F:00:7F
X509v3 Authority Key Identifier:
keyid:B8:20:76:97:D0:B7:C2:41:99:E6:DD:12:82:B4:9B:56:CE:F0:24:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uCB2l9C3wkGZ5t0SgrSbVs7wJE8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/b993ef-aaa7-400c-8db7-96d304c8db02/1/kpFxxzn5rxVSC7pUTip-34ePAH8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/b993ef-aaa7-400c-8db7-96d304c8db02/1/uCB2l9C3wkGZ5t0SgrSbVs7wJE8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.77.0/24
Signature Algorithm: sha256WithRSAEncryption
08:82:b6:10:6a:19:03:a7:13:68:2f:5e:bc:a2:b8:02:09:6a:
0a:a2:b4:63:24:7b:96:5a:4b:eb:ef:59:9e:af:08:1a:10:6c:
ff:6e:0a:46:3f:91:9e:fd:e7:1c:34:82:cc:80:92:3d:d9:2c:
5b:1d:c3:c1:68:e8:b7:1f:d5:e1:64:9b:39:1f:60:0f:b2:dc:
e8:63:7b:d3:0f:be:6e:8b:93:55:17:00:a1:6c:02:88:dd:c0:
5c:39:f7:23:1a:f2:b2:54:81:d8:c7:2f:1d:7d:df:a7:55:99:
d9:22:6d:89:06:be:43:0d:14:48:20:33:c4:61:f4:a9:02:d1:
7d:8c:91:70:b4:42:16:57:37:c8:4c:4c:81:bd:20:50:65:1b:
13:02:5e:34:53:47:45:66:c1:de:79:7c:97:69:f1:7a:7e:57:
2d:f5:b0:ac:02:ce:70:a8:e3:45:8e:0e:5c:bf:b9:ea:d9:cd:
ef:b8:67:30:9c:da:8e:43:31:53:62:d5:af:55:89:fc:d5:9a:
55:e4:e9:13:2c:6d:02:ac:cb:2c:15:68:56:de:f3:56:16:ee:
92:89:5b:56:12:13:70:99:23:eb:0f:d6:e9:7c:60:95:a1:86:
53:31:7a:08:e5:6a:90:c0:2f:44:8f:13:9f:c5:6b:d0:84:6c:
0f:d8:d1:d8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlj7ouGAdVuXNuujN7Rz9QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MjA3Njk3ZDBiN2MyNDE5OWU2ZGQxMjgyYjQ5YjU2Y2Vm
MDI0NGYwHhcNMjUwMTAyMDU0OTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjkxNzFjNzM5ZjlhZjE1NTIwYmJhNTQ0ZTJhN2VkZjg3OGYwMDdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWNqelb8mK+djSiY0ZN0qAgqB3Uo
I6/sN4Lk+I07X/isIKzHurdaUhRbUHVbQwS7l1/hP88bn0mUE2hOlTl84H8h/tSR
DE+LZIBq5Yqcm/DOYb6FJxmbgdCpEXjmrafvwEd+bMFjvjFznW3nG0lTAAKZ6gof
RujEIAemQOUz9yBErN7m0sRHYrYE06bVS15Cl0qVJQAfK5Z7MB4/UcAGvAuP89Mc
6kP1SDsC6VtN3VNARWnnH3iJbKycK3eVGiFGDp7Dre8gSyM+UutVZCjBdGdLsYkY
alsRI4MC2DXdAmerngaJRc88rmgrfFb1HPDvti7Cn9hVLBVbXhdarRPUlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJKRccc5+a8VUgu6VE4qft+HjwB/MB8GA1UdIwQY
MBaAFLggdpfQt8JBmebdEoK0m1bO8CRPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUNCMmw5QzN3a0daNXQwU2dyU2JWczd3SkU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi9iOTkzZWYtYWFhNy00MDBjLThkYjct
OTZkMzA0YzhkYjAyLzEva3BGeHh6bjVyeFZTQzdwVVRpcC0zNGVQQUg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi9iOTkzZWYtYWFhNy00MDBjLThkYjctOTZkMzA0YzhkYjAy
LzEvdUNCMmw5QzN3a0daNXQwU2dyU2JWczd3SkU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9FNMA0G
CSqGSIb3DQEBCwUAA4IBAQAIgrYQahkDpxNoL168orgCCWoKorRjJHuWWkvr71me
rwgaEGz/bgpGP5Ge/eccNILMgJI92SxbHcPBaOi3H9XhZJs5H2APstzoY3vTD75u
i5NVFwChbAKI3cBcOfcjGvKyVIHYxy8dfd+nVZnZIm2JBr5DDRRIIDPEYfSpAtF9
jJFwtEIWVzfITEyBvSBQZRsTAl40U0dFZsHeeXyXafF6flct9bCsAs5wqONFjg5c
v7nq2c3vuGcwnNqOQzFTYtWvVYn81ZpV5OkTLG0CrMssFWhW3vNWFu6SiVtWEhNw
mSPrD9bpfGCVoYZTMXoI5WqQwC9EjxOfxWvQhGwP2NHY
-----END CERTIFICATE-----
Generated at Tue Apr 8 14:31:51 2025 by rpki-client