Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/aM74eRxe3qvYps18QkemwvlEERg.roa
File: aM74eRxe3qvYps18QkemwvlEERg.roa (raw, json)
Hash identifier: d1uNBo1LpOAwuxgvOjU9UYt7UIRv/2a/h8W4+pr7gNw=
Subject key identifier: 68:CE:F8:79:1C:5E:DE:AB:D8:A6:CD:7C:42:47:A6:C2:F9:44:11:18
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 0194266C8304E20CE04112D04EC30C15C237
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/aM74eRxe3qvYps18QkemwvlEERg.roa
Signing time: Thu 02 Jan 2025 09:50:33 +0000
ROA not before: Thu 02 Jan 2025 09:50:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 196747
IP address blocks: 109.207.0.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 00:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:83:04:e2:0c:e0:41:12:d0:4e:c3:0c:15:c2:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jan 2 09:50:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=68cef8791c5edeabd8a6cd7c4247a6c2f9441118
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:49:af:f0:e1:8d:d8:bb:9e:28:0b:33:e7:15:
a8:72:75:41:a5:5d:0a:db:8e:22:92:06:d9:ba:e0:
df:06:9a:43:8b:96:77:a8:07:5c:2d:cb:7d:59:80:
e2:c7:1b:7d:87:f3:fc:91:aa:56:e8:d6:68:6c:e5:
e5:04:f1:1e:4f:4e:59:28:8b:97:ba:50:0d:1a:d6:
03:f2:0a:d6:79:57:75:a4:8d:3c:15:be:87:45:73:
a8:c9:2b:1c:06:b4:b8:10:49:89:55:99:67:d0:63:
fe:a3:44:58:4c:5c:fd:6a:f3:c7:c0:8d:20:ff:30:
81:50:64:24:30:1d:7f:75:95:0c:b4:90:f7:7e:fa:
95:06:51:48:b1:5f:96:32:f2:1f:1d:09:7c:cb:da:
68:fd:7f:3c:ab:68:94:2b:d9:b3:d9:67:cc:48:5a:
0f:d8:5a:a8:31:6c:dd:03:51:88:d5:4b:d7:89:6e:
c5:bc:6b:20:07:f1:68:30:6c:61:c1:fc:c0:a0:ac:
e1:e1:4e:9f:d3:8c:d4:06:82:98:57:75:76:36:f1:
55:bf:b9:37:74:17:0d:b2:1b:69:42:2a:4c:94:d6:
f2:e2:9a:52:41:0b:62:47:19:17:bd:48:1a:5f:7a:
32:2c:28:45:74:a4:2d:4a:6c:ab:c4:1b:2c:7c:5a:
5d:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:CE:F8:79:1C:5E:DE:AB:D8:A6:CD:7C:42:47:A6:C2:F9:44:11:18
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/aM74eRxe3qvYps18QkemwvlEERg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.207.0.0/20
Signature Algorithm: sha256WithRSAEncryption
51:1f:61:88:6d:ad:37:e7:0b:d1:0b:53:79:d8:24:a5:27:6d:
57:e7:46:ff:1c:97:3d:28:f8:6a:55:0e:bc:e8:a6:96:38:06:
b2:91:52:a5:41:43:06:b9:88:e8:7b:69:db:e6:c8:1c:0a:57:
3d:ae:58:4e:f8:a2:e3:e2:05:36:c3:62:74:7a:75:7f:e5:43:
db:be:0a:6c:d8:6c:7a:96:bf:3a:03:32:28:4f:a2:20:1a:1b:
c2:e8:71:c0:9f:e5:7e:01:d9:87:65:63:c5:f3:7a:3b:55:ab:
2b:36:99:79:bd:82:07:f3:42:5f:c9:17:7c:aa:4f:da:bf:2e:
74:d8:52:33:f8:d0:57:1c:46:eb:8a:24:95:8a:94:26:ac:44:
35:70:8e:d8:cc:20:7d:e6:b1:a2:1a:14:a9:c5:d8:e0:eb:bc:
67:ce:0d:d9:68:00:f9:f0:9b:a0:25:b2:78:0b:8f:15:89:b2:
23:40:a2:0d:90:1a:7f:10:1c:93:5d:2f:c6:7d:68:d9:52:10:
84:67:c8:b1:06:94:88:38:43:c8:ef:20:0c:aa:28:65:e9:0e:
9c:d6:2a:be:f6:8a:ad:d8:24:6b:b3:80:16:27:16:00:57:7d:
3e:6a:13:5b:c5:81:e5:ee:75:04:04:93:cf:88:91:05:bc:f9:
2d:91:89:be
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQmbIME4gzgQRLQTsMMFcI3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjUwMTAyMDk1MDMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGNlZjg3OTFjNWVkZWFiZDhhNmNkN2M0MjQ3YTZjMmY5NDQxMTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq0mv8OGN2LueKAsz5xWocnVBpV0K
244ikgbZuuDfBppDi5Z3qAdcLct9WYDixxt9h/P8kapW6NZobOXlBPEeT05ZKIuX
ulANGtYD8grWeVd1pI08Fb6HRXOoySscBrS4EEmJVZln0GP+o0RYTFz9avPHwI0g
/zCBUGQkMB1/dZUMtJD3fvqVBlFIsV+WMvIfHQl8y9po/X88q2iUK9mz2WfMSFoP
2FqoMWzdA1GI1UvXiW7FvGsgB/FoMGxhwfzAoKzh4U6f04zUBoKYV3V2NvFVv7k3
dBcNshtpQipMlNby4ppSQQtiRxkXvUgaX3oyLChFdKQtSmyrxBssfFpd3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGjO+HkcXt6r2KbNfEJHpsL5RBEYMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvYU03NGVSeGUzcXZZcHMxOFFrZW13dmxFRVJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEbc8AMA0G
CSqGSIb3DQEBCwUAA4IBAQBRH2GIba035wvRC1N52CSlJ21X50b/HJc9KPhqVQ68
6KaWOAaykVKlQUMGuYjoe2nb5sgcClc9rlhO+KLj4gU2w2J0enV/5UPbvgps2Gx6
lr86AzIoT6IgGhvC6HHAn+V+AdmHZWPF83o7VasrNpl5vYIH80JfyRd8qk/avy50
2FIz+NBXHEbriiSVipQmrEQ1cI7YzCB95rGiGhSpxdjg67xnzg3ZaAD58JugJbJ4
C48VibIjQKINkBp/EByTXS/GfWjZUhCEZ8ixBpSIOEPI7yAMqihl6Q6c1iq+9oqt
2CRrs4AWJxYAV30+ahNbxYHl7nUEBJPPiJEFvPktkYm+
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:12:51 2025 by rpki-client