Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/1-rtI9dIBDPGpB7XLgp5LO6PPhNw.roa
File: 1-rtI9dIBDPGpB7XLgp5LO6PPhNw.roa (raw, json)
Hash identifier: ZOyoK37XAa4AMrftPMDpS57217i8QyMPPSqOrLIuDh0=
Subject key identifier: FA:BB:48:F5:D2:01:0C:F1:A9:07:B5:CB:82:9E:4B:3B:A3:CF:84:DC
Certificate issuer: /CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Certificate serial: 01942522002DBD7C30A78B06A16DF0220096
Authority key identifier: 92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/1-rtI9dIBDPGpB7XLgp5LO6PPhNw.roa
Signing time: Thu 02 Jan 2025 03:49:32 +0000
ROA not before: Thu 02 Jan 2025 03:49:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 63473
IP address blocks: 150.107.200.0/24 maxlen: 32
150.107.201.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.mft
rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 21:01:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:00:2d:bd:7c:30:a7:8b:06:a1:6d:f0:22:00:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Validity
Not Before: Jan 2 03:49:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fabb48f5d2010cf1a907b5cb829e4b3ba3cf84dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:82:c7:8f:e6:8a:62:65:b5:96:0d:fe:f9:76:
df:d7:e6:98:91:52:f7:bb:6d:17:ae:88:18:8a:b9:
0b:a9:ad:33:0e:d2:fc:f3:65:14:c8:8e:b1:e8:f6:
93:ee:85:e6:47:01:19:e0:e5:a4:45:f2:6a:61:43:
26:d9:4f:a1:5e:8c:d7:cb:06:b6:be:98:f6:54:62:
c9:62:ad:14:42:09:71:c2:87:a4:f6:2d:4a:0c:be:
f7:c5:74:e8:eb:0b:68:51:c7:3e:b3:e2:a7:af:b9:
42:9d:e7:43:05:02:46:a0:88:67:38:ad:3b:99:b6:
a6:fb:55:0f:73:dc:dc:7e:1c:5d:85:dc:9e:33:da:
ab:73:ff:f6:70:47:7a:0a:df:ca:14:d1:d4:b0:5b:
bd:0c:55:0e:16:b6:4a:37:19:70:f4:03:3d:12:61:
93:4a:42:19:07:3b:ed:70:ff:8c:d4:2c:ec:35:e3:
2d:23:bd:9c:7a:53:7d:10:83:15:94:8d:e2:b2:69:
97:2a:e4:64:b1:c6:f5:d8:0d:6d:59:89:a3:4a:a5:
30:6d:93:2d:c2:ce:33:0f:01:e5:44:72:c8:34:aa:
b4:1b:31:8f:b6:4d:1d:33:a4:a2:37:c5:9a:03:13:
09:45:90:82:29:0b:42:5c:41:3d:41:74:9a:b3:d1:
c1:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:BB:48:F5:D2:01:0C:F1:A9:07:B5:CB:82:9E:4B:3B:A3:CF:84:DC
X509v3 Authority Key Identifier:
keyid:92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/1-rtI9dIBDPGpB7XLgp5LO6PPhNw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
150.107.200.0/23
Signature Algorithm: sha256WithRSAEncryption
4e:8f:26:5d:14:07:d0:cd:17:8b:ef:cb:87:dc:93:4f:67:33:
d6:99:0a:5b:b1:ce:a8:4c:e1:d7:90:21:59:89:ca:66:de:38:
95:4a:d0:83:2b:50:6f:8c:d9:dc:e2:74:aa:57:36:ec:fd:b8:
28:dc:38:81:54:fc:f6:3e:7d:58:29:d3:34:1a:34:54:18:b4:
46:51:06:66:3c:05:07:c2:ef:bf:a4:dc:1b:56:cc:46:00:f9:
28:48:51:d4:a4:a2:9d:52:c7:ce:09:15:99:47:33:bd:1e:0f:
36:75:b2:1a:a6:22:7e:f4:28:5e:d1:6d:0b:e2:7e:9e:0c:b4:
f3:a9:64:e2:3f:ca:92:1f:c5:a7:f2:56:49:7b:ac:35:80:07:
e8:b5:7c:a8:b8:35:76:39:95:0d:83:71:42:28:b2:9d:44:77:
dd:3f:1a:15:10:87:d6:9d:30:ec:2c:b2:26:d8:9f:4e:24:29:
77:84:5a:c6:5f:aa:87:2b:50:73:a5:4f:3c:b3:4a:ed:34:61:
3d:a3:39:d6:c7:1a:30:a5:ed:ab:80:8d:ac:08:df:a1:30:d6:
ca:25:93:bf:07:2b:5a:1b:8e:69:52:7b:16:70:16:05:d3:53:
9b:8c:1f:61:c3:18:24:c1:1d:dd:9d:08:c5:93:9d:9e:51:2e:
15:b7:d8:dd
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQlIgAtvXwwp4sGoW3wIgCWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMjIwOGI0N2I2YTg2NGQ5ZDFmZjMzZTA2YWE4MWQxMzgx
OWE3NGUwHhcNMjUwMTAyMDM0OTMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWJiNDhmNWQyMDEwY2YxYTkwN2I1Y2I4MjllNGIzYmEzY2Y4NGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiYLHj+aKYmW1lg3++Xbf1+aYkVL3
u20XrogYirkLqa0zDtL882UUyI6x6PaT7oXmRwEZ4OWkRfJqYUMm2U+hXozXywa2
vpj2VGLJYq0UQglxwoek9i1KDL73xXTo6wtoUcc+s+Knr7lCnedDBQJGoIhnOK07
mbam+1UPc9zcfhxdhdyeM9qrc//2cEd6Ct/KFNHUsFu9DFUOFrZKNxlw9AM9EmGT
SkIZBzvtcP+M1CzsNeMtI72celN9EIMVlI3ismmXKuRkscb12A1tWYmjSqUwbZMt
ws4zDwHlRHLINKq0GzGPtk0dM6SiN8WaAxMJRZCCKQtCXEE9QXSas9HBRwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPq7SPXSAQzxqQe1y4KeSzujz4TcMB8GA1UdIwQY
MBaAFJIiCLR7aoZNnR/zPgaqgdE4GadOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTct
OTViMDhlMzY2MGNmLzEvMS1ydEk5ZElCRFBHcEI3WExncDVMTzZQUGhOdy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjUvNjk5MGU5LWMzYzAtNDc4YS05OTk3LTk1YjA4ZTM2NjBj
Zi8xL2tpSUl0SHRxaGsyZEhfTS1CcXFCMFRnWnAwNC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAZZryDAN
BgkqhkiG9w0BAQsFAAOCAQEATo8mXRQH0M0Xi+/Lh9yTT2cz1pkKW7HOqEzh15Ah
WYnKZt44lUrQgytQb4zZ3OJ0qlc27P24KNw4gVT89j59WCnTNBo0VBi0RlEGZjwF
B8Lvv6TcG1bMRgD5KEhR1KSinVLHzgkVmUczvR4PNnWyGqYifvQoXtFtC+J+ngy0
86lk4j/Kkh/Fp/JWSXusNYAH6LV8qLg1djmVDYNxQiiynUR33T8aFRCH1p0w7Cyy
JtifTiQpd4Raxl+qhytQc6VPPLNK7TRhPaM51scaMKXtq4CNrAjfoTDWyiWTvwcr
WhuOaVJ7FnAWBdNTm4wfYcMYJMEd3Z0IxZOdnlEuFbfY3Q==
-----END CERTIFICATE-----
Generated at Sun Apr 6 04:40:17 2025 by rpki-client