Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/Q9RONYChHkJpVu0B3M4T1lRm7H0.roa
File: Q9RONYChHkJpVu0B3M4T1lRm7H0.roa (raw, json)
Hash identifier: pYp1xN9Ks0qBXjl954zCy85VeRpJYUAlBaqb1ltmGc0=
Subject key identifier: 43:D4:4E:35:80:A1:1E:42:69:56:ED:01:DC:CE:13:D6:54:66:EC:7D
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 0194266C86C54CB5968C56ACA83EB974FA9D
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/Q9RONYChHkJpVu0B3M4T1lRm7H0.roa
Signing time: Thu 02 Jan 2025 09:50:34 +0000
ROA not before: Thu 02 Jan 2025 09:50:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203492
IP address blocks: 217.14.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 00:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:86:c5:4c:b5:96:8c:56:ac:a8:3e:b9:74:fa:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jan 2 09:50:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=43d44e3580a11e426956ed01dcce13d65466ec7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:f8:e3:f2:c3:3a:f8:34:6b:9f:8a:67:9a:f2:
7c:61:8e:64:de:dd:27:48:65:70:42:18:1c:6a:d3:
08:b8:83:62:98:92:d9:b3:53:5b:60:1e:9c:7a:3b:
25:a3:6f:cc:4c:7f:aa:44:ab:49:84:ce:50:46:89:
27:52:fc:59:1b:0a:99:b0:d4:41:b1:26:ea:6c:be:
21:47:ce:c3:51:20:55:4f:80:fd:18:38:95:64:0c:
d2:a0:02:1d:ef:25:a6:91:16:f5:ca:b0:ca:ac:4f:
1d:88:62:74:9d:85:f1:90:a4:64:9b:52:b7:e6:ba:
1b:25:ca:d2:61:b9:56:4a:3a:3c:e7:b4:5a:c0:f8:
74:7e:83:2f:33:a3:41:56:08:5d:a9:04:31:35:fc:
74:f6:a1:0f:5d:ad:e1:33:1e:e5:ca:00:08:b7:1c:
8f:fd:7e:a7:25:27:f2:a5:b2:dd:6a:74:d1:dc:2a:
9e:05:7e:d3:17:34:e1:b0:ae:aa:c1:5b:24:11:77:
68:9c:d7:1a:39:7d:34:82:7f:a2:70:3f:5a:05:1d:
f1:ee:52:52:8e:29:87:e9:93:a8:c1:63:81:16:b9:
c6:f8:24:8d:d2:90:92:7d:d8:a6:01:bb:fc:b4:7a:
ee:e8:54:b4:3d:46:02:af:02:71:26:25:3c:05:70:
4d:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:D4:4E:35:80:A1:1E:42:69:56:ED:01:DC:CE:13:D6:54:66:EC:7D
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/Q9RONYChHkJpVu0B3M4T1lRm7H0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.14.254.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:15:5a:7f:02:6a:72:e8:83:3b:91:99:90:45:3f:0c:9f:fd:
0d:a4:a8:e7:14:57:21:77:d2:18:35:80:40:e6:f7:e9:14:0a:
95:84:6f:8a:28:7d:57:bd:0f:9b:05:f8:d0:45:22:32:f7:49:
99:42:89:3b:8c:8e:b3:ff:ee:3f:4f:3e:60:59:31:da:26:05:
fc:b4:85:41:b4:c6:a5:dc:e2:c9:eb:12:58:fa:50:2d:4d:92:
ac:c8:50:00:b9:30:57:14:a2:3e:a0:b1:eb:fd:31:2e:87:d9:
af:1c:68:63:63:6b:d2:31:e9:6b:68:c0:e8:24:b8:b7:45:f3:
81:92:55:07:d1:f0:fd:ef:f5:89:9d:89:b0:4a:94:86:fa:a7:
fe:5a:8c:03:a6:16:1e:56:f6:f1:a0:7d:73:33:ad:58:0f:30:
59:d1:22:87:18:c5:9e:23:ec:9b:9d:4c:2b:2b:24:5a:53:e8:
bf:d4:1c:39:aa:7f:44:58:57:af:d4:ff:ae:ea:17:7b:19:20:
03:ec:64:c0:d0:85:bf:12:0e:7a:80:9f:df:28:69:a7:3e:b0:
92:16:9b:2f:88:86:fd:25:48:8c:e7:0c:7b:ce:26:e1:5d:e4:
89:13:4e:96:1a:e9:a4:79:7d:dc:7a:9e:af:1d:7e:f0:6f:d4:
0a:04:28:7f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQmbIbFTLWWjFasqD65dPqdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjUwMTAyMDk1MDM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2Q0NGUzNTgwYTExZTQyNjk1NmVkMDFkY2NlMTNkNjU0NjZlYzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1fjj8sM6+DRrn4pnmvJ8YY5k3t0n
SGVwQhgcatMIuINimJLZs1NbYB6cejslo2/MTH+qRKtJhM5QRoknUvxZGwqZsNRB
sSbqbL4hR87DUSBVT4D9GDiVZAzSoAId7yWmkRb1yrDKrE8diGJ0nYXxkKRkm1K3
5robJcrSYblWSjo857RawPh0foMvM6NBVghdqQQxNfx09qEPXa3hMx7lygAItxyP
/X6nJSfypbLdanTR3CqeBX7TFzThsK6qwVskEXdonNcaOX00gn+icD9aBR3x7lJS
jimH6ZOowWOBFrnG+CSN0pCSfdimAbv8tHru6FS0PUYCrwJxJiU8BXBN1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEPUTjWAoR5CaVbtAdzOE9ZUZux9MB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvUTlST05ZQ2hIa0pwVnUwQjNNNFQxbFJtN0gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2Q7+MA0G
CSqGSIb3DQEBCwUAA4IBAQA9FVp/Ampy6IM7kZmQRT8Mn/0NpKjnFFchd9IYNYBA
5vfpFAqVhG+KKH1XvQ+bBfjQRSIy90mZQok7jI6z/+4/Tz5gWTHaJgX8tIVBtMal
3OLJ6xJY+lAtTZKsyFAAuTBXFKI+oLHr/TEuh9mvHGhjY2vSMelraMDoJLi3RfOB
klUH0fD97/WJnYmwSpSG+qf+WowDphYeVvbxoH1zM61YDzBZ0SKHGMWeI+ybnUwr
KyRaU+i/1Bw5qn9EWFev1P+u6hd7GSAD7GTA0IW/Eg56gJ/fKGmnPrCSFpsviIb9
JUiM5wx7zibhXeSJE06WGumkeX3cep6vHX7wb9QKBCh/
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:33:30 2025 by rpki-client