Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/v8fW1qhoEObeJyByxx1AMwbaEEw.roa
File: v8fW1qhoEObeJyByxx1AMwbaEEw.roa (raw, json)
Hash identifier: iJzI2Wd7PNPlcCPluKj7aCECPRT5nRIaU6xK8fyP1bE=
Subject key identifier: BF:C7:D6:D6:A8:68:10:E6:DE:27:20:72:C7:1D:40:33:06:DA:10:4C
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 0194266C6C226CD092D286C9F2C1D27A1FFF
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/v8fW1qhoEObeJyByxx1AMwbaEEw.roa
Signing time: Thu 02 Jan 2025 09:50:27 +0000
ROA not before: Thu 02 Jan 2025 09:50:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31496
IP address blocks: 213.158.16.0/24 maxlen: 24
213.158.17.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:6c:22:6c:d0:92:d2:86:c9:f2:c1:d2:7a:1f:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jan 2 09:50:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bfc7d6d6a86810e6de272072c71d403306da104c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:4d:5b:1b:f7:81:13:a1:55:4f:32:fc:c4:6a:
05:1a:52:b5:d9:30:d5:15:93:25:5a:c6:80:0d:f5:
30:5f:3c:39:64:7e:d2:de:3c:a3:f7:98:ff:ea:d0:
c3:c1:3f:a2:1e:82:ad:49:40:63:57:c8:e2:9f:d0:
44:5d:b1:72:68:fa:0c:0f:d5:ce:f3:e5:47:2c:4a:
f5:ee:a8:d1:21:8a:07:0b:97:65:8f:b4:09:d6:1c:
43:a6:0f:ca:5a:02:1f:62:1f:fb:3a:ef:9f:ae:62:
44:10:56:fb:33:0c:df:57:06:09:bc:67:9e:49:d9:
fc:02:53:09:14:eb:1f:de:4a:b7:31:2f:88:32:c1:
cd:d2:27:14:70:36:fd:2e:2d:fb:0a:d9:69:2d:71:
82:97:45:fc:59:c4:f0:68:b3:7d:c6:60:1a:43:e9:
91:ee:9b:58:c8:c2:2d:c8:99:ce:a9:cb:aa:42:6b:
12:86:1a:88:b1:bd:b6:e4:6f:26:cd:65:c4:03:c6:
91:0b:13:13:b8:b0:e9:92:ef:c2:2f:1c:b1:bc:4a:
92:4f:95:4a:b0:83:73:f7:91:cc:ef:f6:b3:31:57:
37:7a:74:ef:0f:d5:30:b4:d4:42:ac:c8:27:b2:c1:
33:34:b0:f3:0b:99:1e:50:80:5c:56:89:41:51:6e:
5f:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:C7:D6:D6:A8:68:10:E6:DE:27:20:72:C7:1D:40:33:06:DA:10:4C
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/v8fW1qhoEObeJyByxx1AMwbaEEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.158.16.0/23
Signature Algorithm: sha256WithRSAEncryption
93:db:d1:0c:3c:51:2a:54:58:37:a2:6d:94:1a:76:8f:2a:df:
4e:6e:ac:9b:8c:67:f6:2b:02:3c:4c:03:b5:37:f5:e5:3e:61:
6d:2b:a3:5f:e2:de:85:f1:0b:a4:60:96:36:24:26:4d:24:2c:
83:21:59:36:da:45:5c:15:3f:97:49:3d:6f:65:14:7f:fe:db:
7d:73:ac:2c:a7:52:c6:ec:fa:72:3e:86:80:f0:12:cc:c2:7a:
61:0a:de:0d:43:36:06:63:ce:d3:14:7b:b1:5a:c5:5c:23:2f:
ff:e9:aa:14:cc:09:43:78:ef:bb:36:49:5d:d4:ee:03:2a:88:
72:3e:b3:3f:92:22:fe:c3:d1:e5:2d:9c:77:6c:06:42:5c:0b:
80:9b:77:4a:7d:9a:20:20:13:e1:7c:94:9b:01:09:d9:04:6e:
4f:1d:7d:87:0d:f6:fd:07:d7:b7:e1:ed:b3:b9:ba:b3:39:1d:
23:cc:86:02:78:2c:85:c1:f3:cc:d6:2e:91:f8:d5:02:ee:66:
5d:4d:a0:3d:6a:e8:b5:1e:62:46:82:f1:10:3a:81:05:ca:95:
c9:87:d2:e2:65:29:7b:e9:1f:90:0e:c4:34:36:e6:be:a4:cb:
4e:67:96:da:94:7c:30:09:50:ff:7c:e9:a6:dd:77:4f:90:bf:
f6:a1:6f:58
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQmbGwibNCS0obJ8sHSeh//MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjUwMTAyMDk1MDI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmM3ZDZkNmE4NjgxMGU2ZGUyNzIwNzJjNzFkNDAzMzA2ZGExMDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp01bG/eBE6FVTzL8xGoFGlK12TDV
FZMlWsaADfUwXzw5ZH7S3jyj95j/6tDDwT+iHoKtSUBjV8jin9BEXbFyaPoMD9XO
8+VHLEr17qjRIYoHC5dlj7QJ1hxDpg/KWgIfYh/7Ou+frmJEEFb7MwzfVwYJvGee
Sdn8AlMJFOsf3kq3MS+IMsHN0icUcDb9Li37CtlpLXGCl0X8WcTwaLN9xmAaQ+mR
7ptYyMItyJnOqcuqQmsShhqIsb225G8mzWXEA8aRCxMTuLDpku/CLxyxvEqST5VK
sINz95HM7/azMVc3enTvD9UwtNRCrMgnssEzNLDzC5keUIBcVolBUW5fdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL/H1taoaBDm3icgcscdQDMG2hBMMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvdjhmVzFxaG9FT2JlSnlCeXh4MUFNd2JhRUV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB1Z4QMA0G
CSqGSIb3DQEBCwUAA4IBAQCT29EMPFEqVFg3om2UGnaPKt9ObqybjGf2KwI8TAO1
N/XlPmFtK6Nf4t6F8QukYJY2JCZNJCyDIVk22kVcFT+XST1vZRR//tt9c6wsp1LG
7PpyPoaA8BLMwnphCt4NQzYGY87TFHuxWsVcIy//6aoUzAlDeO+7Nkld1O4DKohy
PrM/kiL+w9HlLZx3bAZCXAuAm3dKfZogIBPhfJSbAQnZBG5PHX2HDfb9B9e34e2z
ubqzOR0jzIYCeCyFwfPM1i6R+NUC7mZdTaA9aui1HmJGgvEQOoEFypXJh9LiZSl7
6R+QDsQ0Nua+pMtOZ5balHwwCVD/fOmm3XdPkL/2oW9Y
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:20:33 2025 by rpki-client