Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/maJe0twk0jHUKhn6qEXTWPjV5eI.roa
File: maJe0twk0jHUKhn6qEXTWPjV5eI.roa (raw, json)
Hash identifier: 0m4OEYrI4CcCGyO5aAk+n8OSRpp2ki0PY4/59YYBq4o=
Subject key identifier: 99:A2:5E:D2:DC:24:D2:31:D4:2A:19:FA:A8:45:D3:58:F8:D5:E5:E2
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 019427B56AA6FA29FD9A43372DFD67B735EC
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/maJe0twk0jHUKhn6qEXTWPjV5eI.roa
Signing time: Thu 02 Jan 2025 15:49:48 +0000
ROA not before: Thu 02 Jan 2025 15:49:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199961
IP address blocks: 194.28.227.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft
rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 12:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:6a:a6:fa:29:fd:9a:43:37:2d:fd:67:b7:35:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Jan 2 15:49:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=99a25ed2dc24d231d42a19faa845d358f8d5e5e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:60:65:29:c9:22:4d:af:c9:56:61:6a:3c:07:
3f:dc:d3:8a:3c:86:fa:8e:18:1c:a7:6b:66:2c:7b:
33:42:92:59:eb:5f:48:48:3e:8b:b4:4d:a6:6a:1c:
66:f6:f8:9c:fa:1e:85:66:85:c8:e4:60:72:22:d5:
07:5e:d6:e2:67:7b:c7:3d:3a:a7:88:27:11:26:2b:
b7:af:20:3a:43:9e:71:e3:f1:09:c5:27:67:1f:51:
da:98:9f:e2:1d:e1:bc:5a:8e:25:9f:82:d2:fd:92:
44:38:ab:34:76:fa:37:74:94:82:ce:72:60:84:d8:
0e:06:3e:4a:1a:45:d4:e8:78:6d:10:54:c3:51:44:
a8:14:16:1b:c6:83:08:fc:58:c2:82:2f:f1:32:49:
f9:0f:f7:54:19:29:9c:95:89:82:7e:2b:be:f0:e9:
da:66:6f:89:f6:82:1c:0a:b9:66:32:98:ca:58:30:
cd:f4:a6:62:7d:64:c3:5e:0e:71:64:f6:fb:2c:28:
c1:f0:f6:fb:bc:03:a3:8e:77:c8:70:ef:df:5b:42:
cd:6e:7a:96:07:2f:1f:a5:10:16:7f:10:0d:ee:13:
b0:e4:f8:9c:71:04:30:40:cd:e2:e6:3b:d9:32:2b:
4b:23:a1:f8:b7:7a:55:c7:92:f9:b2:27:69:46:90:
4e:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:A2:5E:D2:DC:24:D2:31:D4:2A:19:FA:A8:45:D3:58:F8:D5:E5:E2
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/maJe0twk0jHUKhn6qEXTWPjV5eI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.28.227.0/24
Signature Algorithm: sha256WithRSAEncryption
d3:a1:02:fc:eb:80:60:50:e3:86:95:fc:72:50:61:be:c3:ea:
8b:ef:27:13:7a:48:ed:bc:25:28:79:ca:48:dc:88:73:f9:f6:
a3:54:16:6b:30:9c:b5:23:38:1e:c3:d4:a3:fb:8d:f0:8a:8c:
a8:76:0a:3c:7e:bf:a2:c4:9c:3d:3e:c9:c5:78:19:9f:13:67:
21:c4:72:d8:7d:e4:1a:fa:aa:a5:b5:bf:0b:72:07:13:47:b5:
bf:6b:12:62:14:48:6f:35:89:0d:fb:29:91:cb:55:79:d9:6a:
74:90:eb:b4:e5:96:e7:1a:03:1f:84:17:e4:b0:85:18:f0:9a:
f3:5d:08:96:52:8c:21:b6:eb:d0:4f:19:7a:0f:b6:5f:ed:ce:
ef:a3:21:2e:6f:ab:fb:c8:b5:80:c5:e3:2d:b3:71:e0:f8:ec:
35:86:4f:15:0a:b5:8e:fe:26:00:99:81:86:63:5a:60:c4:a9:
4f:75:e6:64:81:aa:a1:77:d1:da:a7:21:f5:cf:e9:63:7f:ea:
9e:75:7b:9b:cc:fe:1a:14:3c:9e:ac:35:03:fd:92:ad:37:37:
37:3d:c6:e2:8a:2a:09:c6:ab:ae:ac:b7:74:21:e1:6b:4b:86:
00:52:83:48:00:50:a0:45:1b:90:db:74:3f:4d:38:4d:11:fa:
c9:d2:f4:98
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntWqm+in9mkM3Lf1ntzXsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjUwMTAyMTU0OTQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWEyNWVkMmRjMjRkMjMxZDQyYTE5ZmFhODQ1ZDM1OGY4ZDVlNWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmWBlKckiTa/JVmFqPAc/3NOKPIb6
jhgcp2tmLHszQpJZ619ISD6LtE2mahxm9vic+h6FZoXI5GByItUHXtbiZ3vHPTqn
iCcRJiu3ryA6Q55x4/EJxSdnH1HamJ/iHeG8Wo4ln4LS/ZJEOKs0dvo3dJSCznJg
hNgOBj5KGkXU6HhtEFTDUUSoFBYbxoMI/FjCgi/xMkn5D/dUGSmclYmCfiu+8Ona
Zm+J9oIcCrlmMpjKWDDN9KZifWTDXg5xZPb7LCjB8Pb7vAOjjnfIcO/fW0LNbnqW
By8fpRAWfxAN7hOw5PiccQQwQM3i5jvZMitLI6H4t3pVx5L5sidpRpBOgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJmiXtLcJNIx1CoZ+qhF01j41eXiMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvbWFKZTB0d2swakhVS2huNnFFWFRXUGpWNWVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwhzjMA0G
CSqGSIb3DQEBCwUAA4IBAQDToQL864BgUOOGlfxyUGG+w+qL7ycTekjtvCUoecpI
3Ihz+fajVBZrMJy1Izgew9Sj+43wioyodgo8fr+ixJw9PsnFeBmfE2chxHLYfeQa
+qqltb8LcgcTR7W/axJiFEhvNYkN+ymRy1V52Wp0kOu05ZbnGgMfhBfksIUY8Jrz
XQiWUowhtuvQTxl6D7Zf7c7voyEub6v7yLWAxeMts3Hg+Ow1hk8VCrWO/iYAmYGG
Y1pgxKlPdeZkgaqhd9HapyH1z+ljf+qedXubzP4aFDyerDUD/ZKtNzc3PcbiiioJ
xquurLd0IeFrS4YAUoNIAFCgRRuQ23Q/TThNEfrJ0vSY
-----END CERTIFICATE-----
Generated at Sun Apr 6 21:43:18 2025 by rpki-client