Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/riibS-9jCOUuRel1tsYcRpIOKLU.roa
File: riibS-9jCOUuRel1tsYcRpIOKLU.roa (raw, json)
Hash identifier: EeskdcNck3dqR0K/qsMzHAoOdtdVX+0gjJ2l/1tSnr4=
Subject key identifier: AE:28:9B:4B:EF:63:08:E5:2E:45:E9:75:B6:C6:1C:46:92:0E:28:B5
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 01961F4B5174E47739C23F38C468CFDD7EFB
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/riibS-9jCOUuRel1tsYcRpIOKLU.roa
Signing time: Thu 10 Apr 2025 10:42:31 +0000
ROA not before: Thu 10 Apr 2025 10:42:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 174
IP address blocks: 5.102.116.0/22 maxlen: 24
37.34.88.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 04:01:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:1f:4b:51:74:e4:77:39:c2:3f:38:c4:68:cf:dd:7e:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Apr 10 10:42:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ae289b4bef6308e52e45e975b6c61c46920e28b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:fa:d1:47:c0:e0:34:95:07:d9:77:86:40:4c:
4f:1c:8a:1e:49:0d:d6:a4:e5:94:7b:9a:22:6f:e9:
f7:f2:2d:22:43:57:bd:49:45:20:a1:c7:e7:6e:0c:
d4:8d:76:c5:a3:4b:81:d2:b9:76:fb:fe:88:14:70:
da:b3:a9:f2:07:fd:7b:43:b3:a5:3c:e2:82:de:b9:
d8:c4:29:cb:33:be:06:1d:4d:cc:22:1e:a9:b2:d1:
c9:12:39:ce:38:e0:3c:ed:a7:94:cf:c8:17:2c:79:
4c:83:32:7c:54:e9:be:64:d0:67:89:12:1f:52:38:
13:d8:0c:08:42:cb:8f:1a:ab:99:7f:5a:3f:42:e9:
57:78:72:ac:2b:02:5d:54:85:6d:be:cf:c2:19:90:
b2:bc:9e:36:30:8e:88:29:e1:09:e5:75:7e:00:cd:
0a:76:bc:8e:1d:d9:42:9d:6d:70:05:16:63:f6:5f:
c4:4b:1c:58:b2:ac:24:7a:be:3e:75:ac:85:f0:f9:
36:ac:50:07:8f:00:f2:06:69:a5:5b:e8:47:a4:90:
3f:77:25:1c:2d:94:20:b9:39:c4:10:38:fa:49:9a:
a6:3e:d1:55:4a:db:c0:f8:10:0f:e8:e8:dd:22:e4:
ac:67:2a:6d:94:a2:9b:fb:5c:c8:53:da:e5:c7:0c:
8b:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:28:9B:4B:EF:63:08:E5:2E:45:E9:75:B6:C6:1C:46:92:0E:28:B5
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/riibS-9jCOUuRel1tsYcRpIOKLU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.116.0/22
37.34.88.0/21
Signature Algorithm: sha256WithRSAEncryption
64:83:d0:9e:c7:a0:a0:8a:50:f8:aa:63:d5:79:e8:17:db:77:
b0:70:bc:f0:40:65:25:0b:54:04:26:2b:07:14:7f:63:cd:3a:
f3:71:f1:4f:cc:65:9a:60:8d:c8:99:2b:39:43:e2:64:b1:dc:
6e:c5:db:6f:92:0d:ba:d7:d7:0c:f9:55:5c:a2:d5:b4:04:c4:
cc:eb:61:37:80:ac:96:e3:a6:e6:a4:c6:53:b5:67:76:a8:5d:
f9:45:4e:8e:f5:16:48:c4:95:4f:8d:38:d5:2a:9a:76:07:76:
8c:04:70:c0:a5:f9:89:98:9b:4c:81:3d:a0:aa:ba:f7:9a:cb:
79:16:87:61:ef:28:8e:5a:11:e6:79:83:a7:6a:c0:ef:ae:32:
7c:8a:6e:28:a6:50:7d:47:cd:13:29:31:0a:de:1e:2a:8a:17:
25:18:8b:42:7b:30:bb:83:e0:05:26:93:e2:88:5d:c1:69:71:
19:8e:40:1c:cc:a9:30:24:0b:29:f6:43:bd:e4:05:3c:c7:ba:
40:26:57:7c:96:e5:fd:be:74:25:73:99:31:69:a5:d5:0f:31:
ed:4a:b1:2c:c5:3e:1c:89:09:82:cd:9c:e2:ae:04:d5:1c:ff:
80:96:d4:13:1c:ab:b8:a5:b7:32:e8:a2:ff:d4:b7:e1:7b:ff:
fb:80:ce:e1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZYfS1F05Hc5wj84xGjP3X77MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjUwNDEwMTA0MjMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTI4OWI0YmVmNjMwOGU1MmU0NWU5NzViNmM2MWM0NjkyMGUyOGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxvrRR8DgNJUH2XeGQExPHIoeSQ3W
pOWUe5oib+n38i0iQ1e9SUUgocfnbgzUjXbFo0uB0rl2+/6IFHDas6nyB/17Q7Ol
POKC3rnYxCnLM74GHU3MIh6pstHJEjnOOOA87aeUz8gXLHlMgzJ8VOm+ZNBniRIf
UjgT2AwIQsuPGquZf1o/QulXeHKsKwJdVIVtvs/CGZCyvJ42MI6IKeEJ5XV+AM0K
dryOHdlCnW1wBRZj9l/ESxxYsqwker4+dayF8Pk2rFAHjwDyBmmlW+hHpJA/dyUc
LZQguTnEEDj6SZqmPtFVStvA+BAP6OjdIuSsZyptlKKb+1zIU9rlxwyL/QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK4om0vvYwjlLkXpdbbGHEaSDii1MB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvcmlpYlMtOWpDT1V1UmVsMXRzWWNScElPS0xVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCBWZ0AwQD
JSJYMA0GCSqGSIb3DQEBCwUAA4IBAQBkg9Cex6CgilD4qmPVeegX23ewcLzwQGUl
C1QEJisHFH9jzTrzcfFPzGWaYI3ImSs5Q+Jksdxuxdtvkg2619cM+VVcotW0BMTM
62E3gKyW46bmpMZTtWd2qF35RU6O9RZIxJVPjTjVKpp2B3aMBHDApfmJmJtMgT2g
qrr3mst5Fodh7yiOWhHmeYOnasDvrjJ8im4oplB9R80TKTEK3h4qihclGItCezC7
g+AFJpPiiF3BaXEZjkAczKkwJAsp9kO95AU8x7pAJld8luX9vnQlc5kxaaXVDzHt
SrEsxT4ciQmCzZzirgTVHP+AltQTHKu4pbcy6KL/1Lfhe//7gM7h
-----END CERTIFICATE-----
Generated at Sat Apr 26 13:23:50 2025 by rpki-client