Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/b1c50e-af27-4a62-ae23-b6f1cfaa6985/1/DxU6Tj_sH9i6nYuhG62Zr3rykbI.roa
File: DxU6Tj_sH9i6nYuhG62Zr3rykbI.roa (raw, json)
Hash identifier: m10v06RZq7QrBohirh1LPManMxgfja3ZfQ1j9hj5ZLI=
Subject key identifier: 0F:15:3A:4E:3F:EC:1F:D8:BA:9D:8B:A1:1B:AD:99:AF:7A:F2:91:B2
Certificate issuer: /CN=aa35f907ec7dbf9c65b815aa3d7202b6dfae3148
Certificate serial: 01941F8C3649528B5F96B214B2BDB3238A3D
Authority key identifier: AA:35:F9:07:EC:7D:BF:9C:65:B8:15:AA:3D:72:02:B6:DF:AE:31:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qjX5B-x9v5xluBWqPXICtt-uMUg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/b1c50e-af27-4a62-ae23-b6f1cfaa6985/1/DxU6Tj_sH9i6nYuhG62Zr3rykbI.roa
Signing time: Wed 01 Jan 2025 01:47:50 +0000
ROA not before: Wed 01 Jan 2025 01:47:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20647
IP address blocks: 91.102.8.0/21 maxlen: 21
185.27.156.0/22 maxlen: 22
194.29.224.0/19 maxlen: 19
2a02:f28::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/b1c50e-af27-4a62-ae23-b6f1cfaa6985/1/qjX5B-x9v5xluBWqPXICtt-uMUg.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/b1c50e-af27-4a62-ae23-b6f1cfaa6985/1/qjX5B-x9v5xluBWqPXICtt-uMUg.mft
rsync://rpki.ripe.net/repository/DEFAULT/qjX5B-x9v5xluBWqPXICtt-uMUg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 22:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:36:49:52:8b:5f:96:b2:14:b2:bd:b3:23:8a:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa35f907ec7dbf9c65b815aa3d7202b6dfae3148
Validity
Not Before: Jan 1 01:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0f153a4e3fec1fd8ba9d8ba11bad99af7af291b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:a4:ab:5c:ea:b3:b6:a8:8e:0b:8c:9c:75:a8:
fd:f1:7d:14:4f:cf:1f:1b:e6:62:af:e8:83:5f:6e:
df:10:85:ca:f6:92:45:bc:9e:db:71:1d:0f:d6:9e:
41:51:b8:cb:9e:35:6e:23:fe:03:21:9c:e1:dc:7e:
8d:64:d2:34:96:05:05:a1:f3:98:48:84:8a:80:b7:
a7:a1:b3:ff:76:75:cc:16:2b:3c:e0:74:62:c1:d2:
07:3f:41:54:d5:e8:0d:7e:3f:d6:94:b1:27:5b:b5:
4f:07:e3:0a:f4:92:13:3a:f6:04:a9:6a:31:10:89:
2b:49:1d:88:55:00:6d:70:b0:bc:a3:a8:5d:9a:c2:
12:d6:ca:7c:80:12:db:5c:6b:bb:4a:73:05:4b:17:
9e:44:8b:5b:41:06:9f:1a:72:63:4d:05:ab:16:81:
5b:87:fa:14:34:0c:14:5a:27:07:e3:8e:6e:70:57:
48:1f:c1:f4:e9:76:a7:b0:03:3b:25:a0:39:e2:f1:
e7:c9:a2:28:8c:3a:eb:77:0d:da:82:b3:79:74:89:
8a:c5:cf:a7:0e:5e:01:dd:99:dd:76:bd:33:7e:88:
d7:83:1d:55:21:d3:37:d2:34:f8:b1:72:46:46:26:
b8:2c:48:43:3a:ab:d2:96:5e:85:89:c5:f1:2e:f7:
23:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:15:3A:4E:3F:EC:1F:D8:BA:9D:8B:A1:1B:AD:99:AF:7A:F2:91:B2
X509v3 Authority Key Identifier:
keyid:AA:35:F9:07:EC:7D:BF:9C:65:B8:15:AA:3D:72:02:B6:DF:AE:31:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qjX5B-x9v5xluBWqPXICtt-uMUg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/b1c50e-af27-4a62-ae23-b6f1cfaa6985/1/DxU6Tj_sH9i6nYuhG62Zr3rykbI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/b1c50e-af27-4a62-ae23-b6f1cfaa6985/1/qjX5B-x9v5xluBWqPXICtt-uMUg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.102.8.0/21
185.27.156.0/22
194.29.224.0/19
IPv6:
2a02:f28::/32
Signature Algorithm: sha256WithRSAEncryption
24:6c:4c:b2:77:00:78:99:ac:bd:1c:a5:07:4e:2e:0c:c0:f2:
6d:9a:de:4d:46:67:41:a8:8b:f7:40:d7:61:24:5a:59:a4:74:
75:56:12:96:1f:04:6d:aa:aa:1a:12:58:15:4f:55:9b:98:a6:
59:27:9e:a4:d5:ed:f5:0f:e9:61:c5:4b:b9:29:a3:c4:4f:f5:
05:59:28:5c:26:e8:5d:a1:c8:a7:38:35:a6:c8:8d:f6:02:bb:
a9:7a:2e:80:92:9f:d7:bd:02:3f:82:72:45:5d:10:8c:e5:9b:
61:23:18:58:53:7b:5e:d4:36:a7:bb:d7:64:98:d3:e4:b8:af:
35:29:0b:f7:5a:b7:01:f1:b5:fd:90:94:56:82:50:ba:0f:b2:
91:d4:1c:2f:3b:dd:dc:76:fe:b0:2c:6d:e9:ff:8a:ce:a5:10:
9c:50:57:9d:ea:54:e1:91:63:e3:f8:d9:45:28:27:f3:1e:1b:
93:37:3c:a2:cf:35:c3:05:69:60:c2:cf:ca:18:87:d5:76:0d:
bd:39:9c:9b:80:fb:27:4b:f3:d5:f5:1c:5a:a0:12:36:a2:5f:
89:b2:5d:3e:0a:3d:bc:4f:3a:30:73:09:49:3a:64:1c:de:14:
9d:1f:d7:aa:11:ec:13:6d:c3:cb:c9:20:46:84:3d:ae:35:70:
a7:b0:e5:9d
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQfjDZJUotflrIUsr2zI4o9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMzVmOTA3ZWM3ZGJmOWM2NWI4MTVhYTNkNzIwMmI2ZGZh
ZTMxNDgwHhcNMjUwMTAxMDE0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjE1M2E0ZTNmZWMxZmQ4YmE5ZDhiYTExYmFkOTlhZjdhZjI5MWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6SrXOqztqiOC4ycdaj98X0UT88f
G+Zir+iDX27fEIXK9pJFvJ7bcR0P1p5BUbjLnjVuI/4DIZzh3H6NZNI0lgUFofOY
SISKgLenobP/dnXMFis84HRiwdIHP0FU1egNfj/WlLEnW7VPB+MK9JITOvYEqWox
EIkrSR2IVQBtcLC8o6hdmsIS1sp8gBLbXGu7SnMFSxeeRItbQQafGnJjTQWrFoFb
h/oUNAwUWicH445ucFdIH8H06XansAM7JaA54vHnyaIojDrrdw3agrN5dImKxc+n
Dl4B3Znddr0zfojXgx1VIdM30jT4sXJGRia4LEhDOqvSll6FicXxLvcjrwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFA8VOk4/7B/Yup2LoRutma968pGyMB8GA1UdIwQY
MBaAFKo1+Qfsfb+cZbgVqj1yArbfrjFIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWpYNUIteDl2NXhsdUJXcVBYSUN0dC11TVVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9iMWM1MGUtYWYyNy00YTYyLWFlMjMt
YjZmMWNmYWE2OTg1LzEvRHhVNlRqX3NIOWk2bll1aEc2MlpyM3J5a2JJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9iMWM1MGUtYWYyNy00YTYyLWFlMjMtYjZmMWNmYWE2OTg1
LzEvcWpYNUIteDl2NXhsdUJXcVBYSUN0dC11TVVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDW2YIAwQC
uRucAwQFwh3gMA0EAgACMAcDBQAqAg8oMA0GCSqGSIb3DQEBCwUAA4IBAQAkbEyy
dwB4may9HKUHTi4MwPJtmt5NRmdBqIv3QNdhJFpZpHR1VhKWHwRtqqoaElgVT1Wb
mKZZJ56k1e31D+lhxUu5KaPET/UFWShcJuhdocinODWmyI32Arupei6Akp/XvQI/
gnJFXRCM5ZthIxhYU3te1Danu9dkmNPkuK81KQv3WrcB8bX9kJRWglC6D7KR1Bwv
O93cdv6wLG3p/4rOpRCcUFed6lThkWPj+NlFKCfzHhuTNzyizzXDBWlgws/KGIfV
dg29OZybgPsnS/PV9RxaoBI2ol+Jsl0+Cj28TzowcwlJOmQc3hSdH9eqEewTbcPL
ySBGhD2uNXCnsOWd
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:51:17 2025 by rpki-client