Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/a0e01a-9bbc-44ee-98a3-597b6e2492ab/1/_kZUir8n1AqIU0qtCf0tRxbZpds.roa
File: _kZUir8n1AqIU0qtCf0tRxbZpds.roa (raw, json)
Hash identifier: i0Gwqdkr5/j/wsvWbuGrhf4MKjNKMEm96rfhCoH477Y=
Subject key identifier: FE:46:54:8A:BF:27:D4:0A:88:53:4A:AD:09:FD:2D:47:16:D9:A5:DB
Certificate issuer: /CN=bba35cf8ab6f3eaa2aebadd9e2373dec0893625e
Certificate serial: 0194221FB4C7CB63CB9DDAD6A7E1A6CC2F00
Authority key identifier: BB:A3:5C:F8:AB:6F:3E:AA:2A:EB:AD:D9:E2:37:3D:EC:08:93:62:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u6Nc-KtvPqoq663Z4jc97AiTYl4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/a0e01a-9bbc-44ee-98a3-597b6e2492ab/1/_kZUir8n1AqIU0qtCf0tRxbZpds.roa
Signing time: Wed 01 Jan 2025 13:48:10 +0000
ROA not before: Wed 01 Jan 2025 13:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 46557
IP address blocks: 157.23.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/a0e01a-9bbc-44ee-98a3-597b6e2492ab/1/u6Nc-KtvPqoq663Z4jc97AiTYl4.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/a0e01a-9bbc-44ee-98a3-597b6e2492ab/1/u6Nc-KtvPqoq663Z4jc97AiTYl4.mft
rsync://rpki.ripe.net/repository/DEFAULT/u6Nc-KtvPqoq663Z4jc97AiTYl4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 08:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:b4:c7:cb:63:cb:9d:da:d6:a7:e1:a6:cc:2f:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bba35cf8ab6f3eaa2aebadd9e2373dec0893625e
Validity
Not Before: Jan 1 13:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fe46548abf27d40a88534aad09fd2d4716d9a5db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:5c:fd:d2:ab:13:75:cb:26:50:a4:db:f9:a0:
4d:cb:ee:4c:89:12:28:7e:ae:f9:88:6c:d3:d3:61:
c1:5f:84:d9:ef:d1:0e:4c:6c:18:15:a3:3e:9c:0a:
9f:1d:d3:68:64:8f:71:24:8e:59:34:b5:5a:12:58:
57:cb:5b:aa:af:7d:06:c7:cc:47:e8:84:0b:9c:82:
4f:8b:b7:0a:9f:11:a2:bc:00:5f:f1:81:fc:66:c3:
f8:52:9c:68:23:71:13:24:bf:5d:c3:57:42:cc:ca:
2e:71:63:a4:8c:c1:9a:08:20:5d:78:db:57:36:86:
aa:aa:8a:b9:39:12:1a:0f:41:20:c7:ab:5c:f1:60:
18:0d:ae:62:62:66:fe:c1:7b:9d:4f:cf:a1:d4:9e:
06:bc:ec:3c:b7:a3:1a:81:2a:35:c8:18:a3:fb:01:
04:b3:8a:8e:9c:53:7f:9f:7a:9f:ee:8b:18:3d:1b:
f3:35:11:80:85:36:c7:ea:8a:fc:74:f0:5d:61:7c:
ec:36:a5:d9:ef:3b:54:f9:0c:66:14:27:64:4c:08:
e8:80:ce:26:6a:9e:a6:26:67:59:95:39:ba:31:85:
8f:68:11:60:22:32:9e:0d:b6:f5:22:66:24:f4:89:
60:54:8f:f8:d6:fa:ef:7d:cf:4f:24:11:96:d2:0e:
4b:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:46:54:8A:BF:27:D4:0A:88:53:4A:AD:09:FD:2D:47:16:D9:A5:DB
X509v3 Authority Key Identifier:
keyid:BB:A3:5C:F8:AB:6F:3E:AA:2A:EB:AD:D9:E2:37:3D:EC:08:93:62:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u6Nc-KtvPqoq663Z4jc97AiTYl4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/a0e01a-9bbc-44ee-98a3-597b6e2492ab/1/_kZUir8n1AqIU0qtCf0tRxbZpds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/a0e01a-9bbc-44ee-98a3-597b6e2492ab/1/u6Nc-KtvPqoq663Z4jc97AiTYl4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.23.250.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:a4:c3:88:fd:03:d5:8c:84:5c:50:8d:ca:80:0b:41:d2:bb:
e9:e2:97:69:2d:a8:a8:68:6d:d5:b9:c5:e5:6f:9a:04:02:5f:
52:1e:b1:68:41:f8:24:4c:87:2b:b2:6b:1b:5a:66:6e:35:4d:
c0:70:19:3c:0a:80:3d:6f:56:a0:39:ca:4e:46:64:a9:87:fd:
d8:3c:75:7d:e1:95:99:bf:8d:5a:68:40:dc:e6:4b:68:4e:bc:
ee:0b:29:58:08:1b:3a:e9:eb:7f:0b:ef:78:6a:01:65:a3:77:
37:b2:e3:38:82:9e:a0:38:f3:65:b6:59:67:6b:3f:f1:97:d0:
e6:7d:06:30:3a:97:54:7c:bb:a2:e5:87:cb:6e:4d:49:12:31:
3b:75:f5:f1:9e:7c:e2:5d:95:d8:83:7c:df:ed:61:93:5d:76:
f7:9a:73:39:91:ea:0a:25:cc:eb:e2:ec:ef:93:58:88:00:86:
17:12:2c:3e:2f:f1:da:ff:bc:df:f4:ba:75:69:ca:19:17:e6:
2f:51:f9:0a:14:ca:4c:12:2a:b9:e0:e6:f0:5e:22:e3:1c:a6:
d7:bb:6c:f2:8d:3f:62:af:d5:31:f3:85:91:1e:9f:35:9a:a5:
da:78:8e:54:08:87:b5:71:ba:ae:0f:bf:25:07:d8:d2:d7:f9:
8f:c6:f8:df
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH7THy2PLndrWp+GmzC8AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiYTM1Y2Y4YWI2ZjNlYWEyYWViYWRkOWUyMzczZGVjMDg5
MzYyNWUwHhcNMjUwMTAxMTM0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTQ2NTQ4YWJmMjdkNDBhODg1MzRhYWQwOWZkMmQ0NzE2ZDlhNWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkVz90qsTdcsmUKTb+aBNy+5MiRIo
fq75iGzT02HBX4TZ79EOTGwYFaM+nAqfHdNoZI9xJI5ZNLVaElhXy1uqr30Gx8xH
6IQLnIJPi7cKnxGivABf8YH8ZsP4UpxoI3ETJL9dw1dCzMoucWOkjMGaCCBdeNtX
Noaqqoq5ORIaD0Egx6tc8WAYDa5iYmb+wXudT8+h1J4GvOw8t6MagSo1yBij+wEE
s4qOnFN/n3qf7osYPRvzNRGAhTbH6or8dPBdYXzsNqXZ7ztU+QxmFCdkTAjogM4m
ap6mJmdZlTm6MYWPaBFgIjKeDbb1ImYk9IlgVI/41vrvfc9PJBGW0g5LkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP5GVIq/J9QKiFNKrQn9LUcW2aXbMB8GA1UdIwQY
MBaAFLujXPirbz6qKuut2eI3PewIk2JeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTZOYy1LdHZQcW9xNjYzWjRqYzk3QWlUWWw0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9hMGUwMWEtOWJiYy00NGVlLTk4YTMt
NTk3YjZlMjQ5MmFiLzEvX2taVWlyOG4xQXFJVTBxdENmMHRSeGJacGRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9hMGUwMWEtOWJiYy00NGVlLTk4YTMtNTk3YjZlMjQ5MmFi
LzEvdTZOYy1LdHZQcW9xNjYzWjRqYzk3QWlUWWw0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnRf6MA0G
CSqGSIb3DQEBCwUAA4IBAQAdpMOI/QPVjIRcUI3KgAtB0rvp4pdpLaioaG3VucXl
b5oEAl9SHrFoQfgkTIcrsmsbWmZuNU3AcBk8CoA9b1agOcpORmSph/3YPHV94ZWZ
v41aaEDc5ktoTrzuCylYCBs66et/C+94agFlo3c3suM4gp6gOPNltllnaz/xl9Dm
fQYwOpdUfLui5YfLbk1JEjE7dfXxnnziXZXYg3zf7WGTXXb3mnM5keoKJczr4uzv
k1iIAIYXEiw+L/Ha/7zf9Lp1acoZF+YvUfkKFMpMEiq54ObwXiLjHKbXu2zyjT9i
r9Ux84WRHp81mqXaeI5UCIe1cbquD78lB9jS1/mPxvjf
-----END CERTIFICATE-----
Generated at Sun Apr 13 15:41:50 2025 by rpki-client