Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/1-azSbIQFoiVO3W2ZCWv9_QAR8i8.roa
File: 1-azSbIQFoiVO3W2ZCWv9_QAR8i8.roa (raw, json)
Hash identifier: FijndDQD15Q5KHsLR44grscBnJeuQXrV0d05uzJTvBY=
Subject key identifier: F9:AC:D2:6C:84:05:A2:25:4E:DD:6D:99:09:6B:FD:FD:00:11:F2:2F
Certificate issuer: /CN=6d069e19e12c104004e8b4b75f8a7789b7e11396
Certificate serial: 019427B5A0C9E548F77A271981A10490654C
Authority key identifier: 6D:06:9E:19:E1:2C:10:40:04:E8:B4:B7:5F:8A:77:89:B7:E1:13:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/1-azSbIQFoiVO3W2ZCWv9_QAR8i8.roa
Signing time: Thu 02 Jan 2025 15:50:02 +0000
ROA not before: Thu 02 Jan 2025 15:50:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48037
IP address blocks: 144.43.0.0/16 maxlen: 24
144.43.0.0/17 maxlen: 24
144.43.128.0/18 maxlen: 24
144.43.192.0/19 maxlen: 24
144.43.224.0/20 maxlen: 24
144.43.248.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 09:01:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:a0:c9:e5:48:f7:7a:27:19:81:a1:04:90:65:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d069e19e12c104004e8b4b75f8a7789b7e11396
Validity
Not Before: Jan 2 15:50:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f9acd26c8405a2254edd6d99096bfdfd0011f22f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:68:ca:4d:dd:d5:4e:5d:6e:cf:23:98:d5:59:
01:b7:8f:63:72:06:5e:0b:3f:62:2b:18:6c:46:cf:
8b:a7:9f:24:d6:c5:a6:90:64:c5:d1:c3:3c:a2:65:
14:2d:34:68:53:e1:ac:42:ea:ed:9a:cc:b7:c4:36:
07:fb:bb:36:df:bf:51:d8:90:b3:74:65:59:01:e3:
da:4d:32:e2:17:2c:ca:92:1d:da:e7:5f:b3:07:41:
d3:72:14:ac:61:29:d7:e8:6f:b4:71:a5:06:3b:f2:
cc:a4:6e:5a:81:f9:58:9c:7e:4c:da:bb:4f:a7:1c:
f1:1f:65:4c:32:a8:de:84:b4:f6:2b:dc:63:2c:a6:
65:b9:13:e8:5e:bc:a4:1a:c5:7a:66:d8:43:e3:5f:
fa:79:ba:7e:15:1f:95:84:2b:55:ae:8d:37:81:98:
53:16:7d:5a:e9:b9:a1:27:3c:52:80:66:1a:b4:7c:
7c:9e:94:0b:6e:b6:3a:8f:ef:56:63:58:81:7e:70:
72:ce:3d:6b:7b:be:da:fa:9b:c3:b6:29:31:82:69:
52:b9:43:bb:44:32:61:53:eb:79:fb:bc:d4:45:90:
23:10:b6:5a:1f:e0:42:6c:7d:77:0b:09:8b:04:4c:
51:7c:47:fe:04:3b:69:1d:d4:22:31:6c:f4:00:e5:
64:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:AC:D2:6C:84:05:A2:25:4E:DD:6D:99:09:6B:FD:FD:00:11:F2:2F
X509v3 Authority Key Identifier:
keyid:6D:06:9E:19:E1:2C:10:40:04:E8:B4:B7:5F:8A:77:89:B7:E1:13:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/1-azSbIQFoiVO3W2ZCWv9_QAR8i8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.43.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4d:30:3a:29:09:6e:dc:33:ea:fa:19:46:7e:97:01:ce:b8:6d:
5c:b5:66:eb:6b:d5:e4:dc:58:68:e2:88:04:8e:72:37:77:89:
5f:e6:d1:26:46:97:d1:6f:29:97:8e:0d:87:6d:c4:3a:d5:a4:
f3:9f:db:24:7e:d3:0b:e1:53:45:5a:ac:e3:50:84:bb:1f:53:
06:60:94:33:88:f8:0f:0c:b5:3c:de:27:59:a6:ba:83:d2:eb:
e2:ce:fa:49:be:c9:c8:41:fc:1d:0a:ed:12:da:13:2d:8f:2f:
aa:c5:e4:d7:5a:06:3b:57:a6:5c:74:0b:f7:ea:14:02:3c:0f:
dc:4c:82:ea:3a:0e:65:f8:57:7b:6e:b7:8e:8e:6b:9a:bb:a1:
8b:95:2b:f5:74:fb:cd:dc:85:a8:44:82:b0:10:e8:8f:11:da:
32:60:fe:dd:4b:18:60:15:e9:d2:51:f7:1c:4a:0e:82:9a:6b:
75:7d:10:21:9e:a3:8f:75:28:13:1a:96:61:e7:9f:9f:f0:05:
41:58:87:2f:b7:27:85:14:e8:c3:70:2f:fb:2c:4e:31:8a:3c:
f9:92:aa:81:38:dc:8c:05:54:63:a4:65:7b:95:61:8f:73:16:
7d:c4:02:71:75:89:46:f9:11:41:d1:ed:6b:62:c0:69:57:c7:
24:ba:39:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntaDJ5Uj3eicZgaEEkGVMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMDY5ZTE5ZTEyYzEwNDAwNGU4YjRiNzVmOGE3Nzg5Yjdl
MTEzOTYwHhcNMjUwMTAyMTU1MDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWFjZDI2Yzg0MDVhMjI1NGVkZDZkOTkwOTZiZmRmZDAwMTFmMjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGjKTd3VTl1uzyOY1VkBt49jcgZe
Cz9iKxhsRs+Lp58k1sWmkGTF0cM8omUULTRoU+GsQurtmsy3xDYH+7s2379R2JCz
dGVZAePaTTLiFyzKkh3a51+zB0HTchSsYSnX6G+0caUGO/LMpG5agflYnH5M2rtP
pxzxH2VMMqjehLT2K9xjLKZluRPoXrykGsV6ZthD41/6ebp+FR+VhCtVro03gZhT
Fn1a6bmhJzxSgGYatHx8npQLbrY6j+9WY1iBfnByzj1re77a+pvDtikxgmlSuUO7
RDJhU+t5+7zURZAjELZaH+BCbH13CwmLBExRfEf+BDtpHdQiMWz0AOVkdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPms0myEBaIlTt1tmQlr/f0AEfIvMB8GA1UdIwQY
MBaAFG0GnhnhLBBABOi0t1+Kd4m34ROWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlFhZUdlRXNFRUFFNkxTM1g0cDNpYmZoRTVZLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9jZjY0ZjYtMDc4OS00M2UzLWJkNmIt
N2JmZjI5NmM2YjAyLzEvMS1helNiSVFGb2lWTzNXMlpDV3Y5X1FBUjhpOC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZmIvY2Y2NGY2LTA3ODktNDNlMy1iZDZiLTdiZmYyOTZjNmIw
Mi8xL2JRYWVHZUVzRUVBRTZMUzNYNHAzaWJmaEU1WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJArMA0G
CSqGSIb3DQEBCwUAA4IBAQBNMDopCW7cM+r6GUZ+lwHOuG1ctWbra9Xk3Fho4ogE
jnI3d4lf5tEmRpfRbymXjg2HbcQ61aTzn9skftML4VNFWqzjUIS7H1MGYJQziPgP
DLU83idZprqD0uvizvpJvsnIQfwdCu0S2hMtjy+qxeTXWgY7V6ZcdAv36hQCPA/c
TILqOg5l+Fd7breOjmuau6GLlSv1dPvN3IWoRIKwEOiPEdoyYP7dSxhgFenSUfcc
Sg6Cmmt1fRAhnqOPdSgTGpZh55+f8AVBWIcvtyeFFOjDcC/7LE4xijz5kqqBONyM
BVRjpGV7lWGPcxZ9xAJxdYlG+RFB0e1rYsBpV8ckujkl
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:01:15 2025 by rpki-client