Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/461685-073e-41af-9bb6-cf6c305212eb/1/AtRByS0zJPDiOgR2GmP-us653x0.roa
File: AtRByS0zJPDiOgR2GmP-us653x0.roa (raw, json)
Hash identifier: FxQtASMxynUngBeMPqWpgsQ0Eb/Ckc7wV64mAxHzC3U=
Subject key identifier: 02:D4:41:C9:2D:33:24:F0:E2:3A:04:76:1A:63:FE:BA:CE:B9:DF:1D
Certificate issuer: /CN=b14aba8b60749393478e83c360e6cbd75d156f89
Certificate serial: 019649C59FD477CBECC6B80DF1638321B869
Authority key identifier: B1:4A:BA:8B:60:74:93:93:47:8E:83:C3:60:E6:CB:D7:5D:15:6F:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sUq6i2B0k5NHjoPDYObL110Vb4k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/461685-073e-41af-9bb6-cf6c305212eb/1/AtRByS0zJPDiOgR2GmP-us653x0.roa
Signing time: Fri 18 Apr 2025 16:40:10 +0000
ROA not before: Fri 18 Apr 2025 16:40:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15924
IP address blocks: 93.186.112.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/461685-073e-41af-9bb6-cf6c305212eb/1/sUq6i2B0k5NHjoPDYObL110Vb4k.crl
rsync://rpki.ripe.net/repository/DEFAULT/3b/461685-073e-41af-9bb6-cf6c305212eb/1/sUq6i2B0k5NHjoPDYObL110Vb4k.mft
rsync://rpki.ripe.net/repository/DEFAULT/sUq6i2B0k5NHjoPDYObL110Vb4k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:49:c5:9f:d4:77:cb:ec:c6:b8:0d:f1:63:83:21:b8:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b14aba8b60749393478e83c360e6cbd75d156f89
Validity
Not Before: Apr 18 16:40:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=02d441c92d3324f0e23a04761a63febaceb9df1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:5a:7f:6b:62:81:35:27:e5:f9:c2:a8:1d:bf:
f6:fc:9d:80:67:a0:e4:3e:5c:0c:f7:6b:24:7b:b9:
ef:4e:e8:e6:82:87:2e:c2:8e:fc:76:26:c7:28:3c:
12:ea:92:d9:0b:6e:a3:14:1f:49:b9:b2:2c:ba:39:
46:3d:fa:5f:b3:ea:d7:44:1b:2e:16:4a:07:85:39:
98:c5:4e:05:f0:77:6e:f7:b1:5d:38:80:d6:63:2a:
f3:0f:be:7c:9a:56:3b:69:95:62:fa:46:6e:c3:21:
5a:15:18:98:16:76:2e:17:fd:21:28:cd:7c:c8:32:
60:a7:42:c5:3c:08:ce:33:dd:ce:d8:40:6a:b1:33:
7c:9d:09:c4:f0:37:d7:f6:f3:dd:a5:8c:58:87:18:
95:bf:92:6f:9a:a5:40:0a:2a:00:02:c2:d5:97:79:
14:c4:cf:4e:16:72:f0:59:d7:51:cc:7c:b6:84:97:
3a:81:8c:07:e6:20:af:49:46:7b:69:a2:da:11:da:
87:e4:7f:ea:55:a5:a8:27:81:d5:d3:79:db:be:59:
a7:37:a6:50:e6:36:20:85:e5:7f:a8:13:b3:fd:6c:
da:4d:f5:5c:c1:a8:27:77:9e:0f:1e:86:35:5f:23:
75:f8:ce:00:e3:98:0f:88:ee:20:5b:b8:08:45:71:
c9:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:D4:41:C9:2D:33:24:F0:E2:3A:04:76:1A:63:FE:BA:CE:B9:DF:1D
X509v3 Authority Key Identifier:
keyid:B1:4A:BA:8B:60:74:93:93:47:8E:83:C3:60:E6:CB:D7:5D:15:6F:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sUq6i2B0k5NHjoPDYObL110Vb4k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/461685-073e-41af-9bb6-cf6c305212eb/1/AtRByS0zJPDiOgR2GmP-us653x0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/461685-073e-41af-9bb6-cf6c305212eb/1/sUq6i2B0k5NHjoPDYObL110Vb4k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.186.112.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:ef:b6:66:b7:18:ab:6f:3d:40:04:15:74:74:7a:52:3f:1b:
49:c0:b3:3e:01:63:aa:7e:ac:d0:90:9f:e4:8d:54:0e:c7:97:
f1:f1:e0:39:ec:cb:d4:6a:a5:33:d2:49:90:b8:a8:f4:92:ad:
8f:c7:ac:8e:17:40:a7:6e:d1:e1:54:32:3f:fd:69:0b:5a:cc:
76:b9:cd:a9:c4:2d:fa:46:b2:c5:e0:cd:f1:a4:f4:1f:90:9f:
d1:31:5c:59:94:98:7f:69:79:7d:7d:ae:1b:d8:d1:e5:d5:f2:
db:4a:af:ff:4e:f5:aa:74:8b:75:d1:0e:27:41:74:61:cd:2f:
07:16:42:38:71:05:69:ec:03:6b:b5:4f:59:b1:72:e1:9f:e5:
f1:90:ba:42:18:bd:40:e4:cd:8d:cd:fb:47:4a:56:f6:a6:13:
07:8e:57:13:c9:ec:7b:ab:c1:5f:2f:e4:8c:05:28:75:5e:17:
ed:fd:27:69:65:f2:a5:1e:11:b2:11:9e:a8:1b:4f:57:d2:49:
78:43:7b:3d:97:b1:ff:86:a4:3b:03:1f:7e:c9:f9:d3:35:36:
0f:1a:46:e7:9c:0c:aa:1c:5e:4d:31:ee:7a:86:17:86:06:af:
79:38:00:b1:ea:aa:22:66:19:8f:06:9c:1f:52:c2:60:bc:b2:
f9:b7:c3:1f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZZJxZ/Ud8vsxrgN8WODIbhpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNGFiYThiNjA3NDkzOTM0NzhlODNjMzYwZTZjYmQ3NWQx
NTZmODkwHhcNMjUwNDE4MTY0MDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmQ0NDFjOTJkMzMyNGYwZTIzYTA0NzYxYTYzZmViYWNlYjlkZjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAulp/a2KBNSfl+cKoHb/2/J2AZ6Dk
PlwM92ske7nvTujmgocuwo78dibHKDwS6pLZC26jFB9JubIsujlGPfpfs+rXRBsu
FkoHhTmYxU4F8Hdu97FdOIDWYyrzD758mlY7aZVi+kZuwyFaFRiYFnYuF/0hKM18
yDJgp0LFPAjOM93O2EBqsTN8nQnE8DfX9vPdpYxYhxiVv5JvmqVACioAAsLVl3kU
xM9OFnLwWddRzHy2hJc6gYwH5iCvSUZ7aaLaEdqH5H/qVaWoJ4HV03nbvlmnN6ZQ
5jYgheV/qBOz/WzaTfVcwagnd54PHoY1XyN1+M4A45gPiO4gW7gIRXHJKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFALUQcktMyTw4joEdhpj/rrOud8dMB8GA1UdIwQY
MBaAFLFKuotgdJOTR46Dw2Dmy9ddFW+JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1VxNmkyQjBrNU5Iam9QRFlPYkwxMTBWYjRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi80NjE2ODUtMDczZS00MWFmLTliYjYt
Y2Y2YzMwNTIxMmViLzEvQXRSQnlTMHpKUERpT2dSMkdtUC11czY1M3gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi80NjE2ODUtMDczZS00MWFmLTliYjYtY2Y2YzMwNTIxMmVi
LzEvc1VxNmkyQjBrNU5Iam9QRFlPYkwxMTBWYjRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXbpwMA0G
CSqGSIb3DQEBCwUAA4IBAQBP77Zmtxirbz1ABBV0dHpSPxtJwLM+AWOqfqzQkJ/k
jVQOx5fx8eA57MvUaqUz0kmQuKj0kq2Px6yOF0CnbtHhVDI//WkLWsx2uc2pxC36
RrLF4M3xpPQfkJ/RMVxZlJh/aXl9fa4b2NHl1fLbSq//TvWqdIt10Q4nQXRhzS8H
FkI4cQVp7ANrtU9ZsXLhn+XxkLpCGL1A5M2NzftHSlb2phMHjlcTyex7q8FfL+SM
BSh1Xhft/SdpZfKlHhGyEZ6oG09X0kl4Q3s9l7H/hqQ7Ax9+yfnTNTYPGkbnnAyq
HF5NMe56hheGBq95OACx6qoiZhmPBpwfUsJgvLL5t8Mf
-----END CERTIFICATE-----
Generated at Mon Apr 28 05:10:52 2025 by rpki-client