Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/9TaqhsU24aQ2AxAQwMy4XQKH6LU.roa
File: 9TaqhsU24aQ2AxAQwMy4XQKH6LU.roa (raw, json)
Hash identifier: WgoS/nhvjW9XMI8XzrVgZor+FdLw77EJZ11j3yQR76E=
Subject key identifier: F5:36:AA:86:C5:36:E1:A4:36:03:10:10:C0:CC:B8:5D:02:87:E8:B5
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 019427B561F75EEC95E58144F37C77FE4582
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/9TaqhsU24aQ2AxAQwMy4XQKH6LU.roa
Signing time: Thu 02 Jan 2025 15:49:46 +0000
ROA not before: Thu 02 Jan 2025 15:49:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47550
IP address blocks: 89.23.111.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft
rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 13:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:61:f7:5e:ec:95:e5:81:44:f3:7c:77:fe:45:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Jan 2 15:49:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f536aa86c536e1a436031010c0ccb85d0287e8b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:8a:03:fd:72:c4:cb:d4:7f:6e:55:3c:4d:cd:
3f:36:a9:b4:8b:f8:78:44:93:d2:ca:2e:24:91:38:
26:01:03:a8:ac:1e:af:3d:9d:1a:53:c8:4f:31:6a:
ff:ec:ea:16:33:bd:e5:a4:31:a2:84:61:40:39:af:
85:60:d2:c8:62:94:d0:d5:de:45:ec:59:16:be:95:
1e:0e:7d:29:88:f2:73:68:30:3c:a8:04:af:3e:30:
b3:01:17:54:7f:2b:e6:36:83:5f:3c:86:4d:38:75:
3d:1a:85:fb:89:d6:c6:13:2c:8a:c8:49:96:62:d0:
0c:49:a8:1c:cf:13:fc:4c:ad:76:fd:bf:71:2e:ab:
b5:a6:fe:18:09:8a:c4:9e:b8:db:48:ce:6d:37:cd:
81:ac:eb:d4:53:17:94:0c:89:fd:4f:0b:7b:a7:b3:
67:81:1f:e1:ec:31:bf:e0:cc:23:86:f4:74:10:99:
9c:5c:be:00:8e:91:be:f7:1d:bc:e7:85:ca:64:23:
2a:1c:b1:4e:6d:db:a7:2e:22:f2:37:59:41:86:6a:
f8:f4:3e:48:93:c7:03:50:5e:c6:a0:81:6f:b5:11:
5a:78:52:2e:f7:09:cf:3f:8b:3b:58:4e:74:02:f3:
c4:e4:2b:a2:ba:b9:74:54:fc:25:94:15:55:25:29:
66:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:36:AA:86:C5:36:E1:A4:36:03:10:10:C0:CC:B8:5D:02:87:E8:B5
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/9TaqhsU24aQ2AxAQwMy4XQKH6LU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.23.111.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:b7:fa:d9:9a:48:25:d3:30:73:21:b3:44:22:45:6d:f8:0d:
c8:a4:70:3e:4e:94:54:65:d6:fd:ae:e0:a1:57:41:fe:b2:9b:
62:42:5d:71:28:47:46:c0:a2:8b:d9:3d:1a:b6:a0:54:6b:58:
88:18:4c:12:e9:c0:b8:7f:0c:61:8c:01:fb:9f:d2:1d:23:fb:
7e:e4:7e:a4:0d:94:76:38:8a:9f:e3:74:b4:41:04:13:67:17:
89:e6:39:e0:3e:a6:26:84:bb:39:86:89:c5:85:e2:d9:02:6e:
66:3f:30:63:02:7b:f5:6a:f0:88:3d:20:3d:4a:16:aa:62:55:
b2:00:aa:3b:20:30:28:a1:36:06:3f:6a:0a:10:c2:a3:1b:30:
46:34:cc:ab:c9:c8:82:3b:d7:24:c7:6c:88:1b:ae:a1:fb:86:
a4:3e:7c:e4:57:62:f6:d0:bc:f1:ed:0c:bd:3a:5e:9a:98:cc:
01:57:7d:3f:83:46:6e:18:b0:7f:87:38:3d:2e:f1:e5:40:79:
c9:d4:78:2a:24:5d:6f:e9:78:91:e9:a7:c6:ef:80:a2:84:ed:
67:5e:6c:16:9f:8c:9b:60:86:87:3c:c4:e5:db:19:22:95:22:
fc:30:1a:66:93:df:57:fe:cc:f8:a3:48:92:1a:ce:e7:b4:62:
c9:29:61:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntWH3XuyV5YFE83x3/kWCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjUwMTAyMTU0OTQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTM2YWE4NmM1MzZlMWE0MzYwMzEwMTBjMGNjYjg1ZDAyODdlOGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnIoD/XLEy9R/blU8Tc0/Nqm0i/h4
RJPSyi4kkTgmAQOorB6vPZ0aU8hPMWr/7OoWM73lpDGihGFAOa+FYNLIYpTQ1d5F
7FkWvpUeDn0piPJzaDA8qASvPjCzARdUfyvmNoNfPIZNOHU9GoX7idbGEyyKyEmW
YtAMSagczxP8TK12/b9xLqu1pv4YCYrEnrjbSM5tN82BrOvUUxeUDIn9Twt7p7Nn
gR/h7DG/4MwjhvR0EJmcXL4AjpG+9x2854XKZCMqHLFObdunLiLyN1lBhmr49D5I
k8cDUF7GoIFvtRFaeFIu9wnPP4s7WE50AvPE5Cuiurl0VPwllBVVJSlmNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPU2qobFNuGkNgMQEMDMuF0Ch+i1MB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvOVRhcWhzVTI0YVEyQXhBUXdNeTRYUUtINkxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWRdvMA0G
CSqGSIb3DQEBCwUAA4IBAQC4t/rZmkgl0zBzIbNEIkVt+A3IpHA+TpRUZdb9ruCh
V0H+sptiQl1xKEdGwKKL2T0atqBUa1iIGEwS6cC4fwxhjAH7n9IdI/t+5H6kDZR2
OIqf43S0QQQTZxeJ5jngPqYmhLs5honFheLZAm5mPzBjAnv1avCIPSA9ShaqYlWy
AKo7IDAooTYGP2oKEMKjGzBGNMyryciCO9ckx2yIG66h+4akPnzkV2L20Lzx7Qy9
Ol6amMwBV30/g0ZuGLB/hzg9LvHlQHnJ1HgqJF1v6XiR6afG74CihO1nXmwWn4yb
YIaHPMTl2xkilSL8MBpmk99X/sz4o0iSGs7ntGLJKWFi
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:06:55 2025 by rpki-client