Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/8eDdBsgY2IyhmucFkbHm5Vqa4dg.roa
File: 8eDdBsgY2IyhmucFkbHm5Vqa4dg.roa (raw, json)
Hash identifier: 4395eHok2K6kmkkM0vCUMdpi272lI5L2QlfvQJmQQ18=
Subject key identifier: F1:E0:DD:06:C8:18:D8:8C:A1:9A:E7:05:91:B1:E6:E5:5A:9A:E1:D8
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 01968380FC28BB94814572F449EE8EF3BF3C
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/8eDdBsgY2IyhmucFkbHm5Vqa4dg.roa
Signing time: Tue 29 Apr 2025 21:43:10 +0000
ROA not before: Tue 29 Apr 2025 21:43:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204229
IP address blocks: 91.245.188.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.mft
rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 03 May 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:83:80:fc:28:bb:94:81:45:72:f4:49:ee:8e:f3:bf:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Apr 29 21:43:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f1e0dd06c818d88ca19ae70591b1e6e55a9ae1d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:d8:30:37:cf:7a:e5:2b:58:67:a2:f8:c1:a2:
40:47:30:07:0a:9d:bd:e2:79:e8:ad:03:a7:4f:5f:
d9:b5:26:71:e6:da:24:26:e6:d6:9c:ac:3e:83:19:
e5:9c:37:64:47:1d:01:a5:39:40:02:b2:ef:2f:4b:
f7:76:e5:a9:a5:90:be:c2:4f:f5:ca:f5:44:5f:62:
b8:64:86:75:8a:ac:6c:4b:e0:89:65:2f:4e:e2:29:
4e:c7:6e:1a:0e:97:9e:f3:2d:49:f9:b1:27:24:96:
9b:42:8e:de:88:4a:12:14:7f:1e:00:c8:45:47:c7:
07:af:1e:00:6a:1d:e0:8b:69:f6:c6:75:3e:a6:0e:
e5:f9:12:2d:a4:49:53:e5:f3:f2:24:67:a7:8e:79:
24:b8:92:ba:31:c1:fd:07:9b:bf:5a:c7:84:08:13:
cf:93:14:d0:94:59:32:98:2f:3d:f5:57:ed:c5:91:
c0:e6:9f:5d:92:5b:a9:dc:38:bc:6b:aa:19:ba:31:
78:76:c7:e3:0a:74:bc:d6:06:40:49:81:02:f2:30:
9f:70:b3:be:9a:7d:38:2a:08:00:a1:ff:a0:e7:31:
03:de:00:b6:a1:88:63:e1:ea:96:c9:66:61:ff:2a:
9f:0c:3b:df:29:ba:e0:d5:9d:e3:1b:98:65:ee:4d:
3f:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:E0:DD:06:C8:18:D8:8C:A1:9A:E7:05:91:B1:E6:E5:5A:9A:E1:D8
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/8eDdBsgY2IyhmucFkbHm5Vqa4dg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.245.188.0/22
Signature Algorithm: sha256WithRSAEncryption
9d:27:2d:d2:f5:9b:30:8b:2f:89:90:9a:fb:20:a3:32:6a:9c:
e7:51:54:21:2d:34:e8:db:e8:64:11:0b:08:ef:56:c0:fb:ba:
70:b3:0b:29:a0:cf:1d:ea:30:32:65:cf:a9:15:5f:bd:f4:1e:
68:9d:29:9d:4e:23:ae:db:68:df:2e:e2:03:9c:d8:31:2c:d6:
0a:a0:2b:cf:71:2a:d0:b6:b4:43:b4:80:4e:1a:a1:87:f8:ff:
b6:46:00:0e:16:67:97:38:b7:a7:fb:59:32:3c:ef:11:24:0f:
37:ff:c0:7f:bf:4a:8f:c2:b4:fc:89:00:b0:de:b5:46:aa:ed:
1b:76:99:bd:35:1a:63:16:a9:31:9e:fb:43:ff:0f:75:e9:21:
3d:4a:8f:a8:2e:14:e3:e2:43:07:4f:10:a1:06:b0:1f:7d:9c:
92:a7:67:29:20:29:b5:6e:69:19:dd:60:d3:86:bc:d3:ac:fd:
1d:cf:f3:23:0f:26:ed:40:39:af:2f:7a:37:d8:b9:fb:ee:82:
2c:91:a1:7d:02:ca:43:8c:b7:fd:53:93:12:48:5d:9f:aa:56:
6c:98:b8:5f:8f:a6:63:23:2e:75:97:ef:f0:93:7e:fb:00:eb:
70:35:dc:84:0b:78:94:c3:97:ba:be:b5:d0:b5:48:f4:6c:f3:
60:73:83:3f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZaDgPwou5SBRXL0Se6O8788MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjUwNDI5MjE0MzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWUwZGQwNmM4MThkODhjYTE5YWU3MDU5MWIxZTZlNTVhOWFlMWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9gwN8965StYZ6L4waJARzAHCp29
4nnorQOnT1/ZtSZx5tokJubWnKw+gxnlnDdkRx0BpTlAArLvL0v3duWppZC+wk/1
yvVEX2K4ZIZ1iqxsS+CJZS9O4ilOx24aDpee8y1J+bEnJJabQo7eiEoSFH8eAMhF
R8cHrx4Aah3gi2n2xnU+pg7l+RItpElT5fPyJGenjnkkuJK6McH9B5u/WseECBPP
kxTQlFkymC899VftxZHA5p9dklup3Di8a6oZujF4dsfjCnS81gZASYEC8jCfcLO+
mn04KggAof+g5zED3gC2oYhj4eqWyWZh/yqfDDvfKbrg1Z3jG5hl7k0/WwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPHg3QbIGNiMoZrnBZGx5uVamuHYMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvOGVEZEJzZ1kySXlobXVjRmtiSG01VnFhNGRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW/W8MA0G
CSqGSIb3DQEBCwUAA4IBAQCdJy3S9Zswiy+JkJr7IKMyapznUVQhLTTo2+hkEQsI
71bA+7pwswspoM8d6jAyZc+pFV+99B5onSmdTiOu22jfLuIDnNgxLNYKoCvPcSrQ
trRDtIBOGqGH+P+2RgAOFmeXOLen+1kyPO8RJA83/8B/v0qPwrT8iQCw3rVGqu0b
dpm9NRpjFqkxnvtD/w916SE9So+oLhTj4kMHTxChBrAffZySp2cpICm1bmkZ3WDT
hrzTrP0dz/MjDybtQDmvL3o32Ln77oIskaF9AspDjLf9U5MSSF2fqlZsmLhfj6Zj
Iy51l+/wk377AOtwNdyEC3iUw5e6vrXQtUj0bPNgc4M/
-----END CERTIFICATE-----
Generated at Fri May 2 15:00:00 2025 by rpki-client