Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/D2VMcyIfr7yJdFbbcvoWjUO3S5s.roa
File: D2VMcyIfr7yJdFbbcvoWjUO3S5s.roa (raw, json)
Hash identifier: K6Mxc/3ipJmNEVKu8JpF4VYRsMp9O46DxAh+DI8e7Mg=
Subject key identifier: 0F:65:4C:73:22:1F:AF:BC:89:74:56:DB:72:FA:16:8D:43:B7:4B:9B
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 0196195F3658C38250DBA3AEA1758393580C
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/D2VMcyIfr7yJdFbbcvoWjUO3S5s.roa
Signing time: Wed 09 Apr 2025 07:06:32 +0000
ROA not before: Wed 09 Apr 2025 07:06:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5065
IP address blocks: 217.177.12.0/22 maxlen: 24
217.179.48.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.mft
rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 08:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:19:5f:36:58:c3:82:50:db:a3:ae:a1:75:83:93:58:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Apr 9 07:06:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0f654c73221fafbc897456db72fa168d43b74b9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:07:ca:57:91:ab:91:98:b8:ec:69:ea:ff:60:
97:7a:77:eb:ee:9e:71:00:75:e6:67:c6:59:3c:fb:
29:c9:51:a8:06:fc:4a:7a:d6:9f:27:60:41:f3:80:
28:ff:c4:b5:f8:fb:a6:ab:84:ca:87:75:54:61:8b:
4d:7a:5d:5f:09:37:eb:84:a5:a2:31:29:87:ab:1f:
ff:47:d5:f1:52:d6:56:69:1e:95:b4:72:7d:bc:23:
6e:c3:70:a9:33:39:5b:e7:b2:c4:c4:f7:e6:12:71:
11:de:16:7b:5a:cd:04:02:9b:35:26:26:5b:56:52:
b2:ba:1a:4b:5c:e8:20:11:49:2c:93:11:f9:4a:4f:
7b:cd:2b:80:cb:cc:e3:7e:aa:21:c5:74:57:92:44:
be:e3:cb:cc:22:1f:63:57:20:f7:4e:db:97:76:3a:
e5:b5:3b:30:b3:aa:99:8b:a8:77:9f:df:48:ad:a8:
f4:ab:74:9a:07:0f:e7:5c:9c:e6:07:94:6d:1a:5c:
be:b8:b0:50:b1:73:68:af:04:6d:f3:4e:ea:c6:d3:
76:26:8f:54:67:5e:5c:01:fe:57:de:1b:d5:f8:f8:
6c:f4:2e:2d:98:ed:f8:73:63:69:17:47:a9:b5:fc:
f8:84:2c:9e:69:bf:12:b4:25:aa:d8:0a:11:fc:e4:
8e:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:65:4C:73:22:1F:AF:BC:89:74:56:DB:72:FA:16:8D:43:B7:4B:9B
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/D2VMcyIfr7yJdFbbcvoWjUO3S5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.177.12.0/22
217.179.48.0/24
Signature Algorithm: sha256WithRSAEncryption
11:7d:20:aa:0a:e1:7a:cf:db:ea:d9:a1:7c:48:65:cb:79:91:
73:96:32:99:b8:6c:48:08:25:3b:a7:00:05:aa:06:19:f5:50:
c8:e3:62:b4:82:2a:b0:e7:76:f0:a1:38:c5:24:94:a0:11:30:
69:65:37:73:30:d5:16:14:cb:82:53:e2:68:58:97:9b:1d:a0:
66:fa:96:68:f3:3e:95:36:42:a6:e4:66:61:3c:c3:cc:12:f2:
3f:03:13:36:a0:04:97:75:86:72:e6:3e:11:69:65:dd:34:0a:
4e:df:1c:7b:1c:39:82:f6:3e:b2:75:88:ae:58:d9:49:d1:a9:
a9:ce:0a:a3:9f:1e:4a:af:6d:2f:9b:12:0d:0c:af:59:46:e4:
69:a0:df:69:cf:43:33:ef:99:4e:b7:a3:b2:5b:bc:58:8f:6d:
f7:c8:f2:4e:2f:fc:c7:14:7b:26:33:7f:e6:42:71:75:f0:6f:
b7:f5:9f:12:3c:32:dd:47:7c:8c:96:f3:49:f6:68:18:e5:ec:
19:c9:a1:23:d9:f5:fb:08:54:39:c1:4c:02:50:bf:30:50:5f:
a5:5f:29:13:e8:9b:e7:a5:77:4f:83:39:47:58:1f:da:3e:f6:
f2:ef:4a:bd:9e:c0:54:0b:1e:d1:a2:24:d3:3a:d5:44:0d:02:
13:e4:71:43
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZYZXzZYw4JQ26OuoXWDk1gMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjUwNDA5MDcwNjMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjY1NGM3MzIyMWZhZmJjODk3NDU2ZGI3MmZhMTY4ZDQzYjc0YjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQfKV5GrkZi47Gnq/2CXenfr7p5x
AHXmZ8ZZPPspyVGoBvxKetafJ2BB84Ao/8S1+Pumq4TKh3VUYYtNel1fCTfrhKWi
MSmHqx//R9XxUtZWaR6VtHJ9vCNuw3CpMzlb57LExPfmEnER3hZ7Ws0EAps1JiZb
VlKyuhpLXOggEUkskxH5Sk97zSuAy8zjfqohxXRXkkS+48vMIh9jVyD3TtuXdjrl
tTsws6qZi6h3n99Iraj0q3SaBw/nXJzmB5RtGly+uLBQsXNorwRt807qxtN2Jo9U
Z15cAf5X3hvV+Phs9C4tmO34c2NpF0eptfz4hCyeab8StCWq2AoR/OSOnQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFA9lTHMiH6+8iXRW23L6Fo1Dt0ubMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvRDJWTWN5SWZyN3lKZEZiYmN2b1dqVU8zUzVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQC2bEMAwQA
2bMwMA0GCSqGSIb3DQEBCwUAA4IBAQARfSCqCuF6z9vq2aF8SGXLeZFzljKZuGxI
CCU7pwAFqgYZ9VDI42K0giqw53bwoTjFJJSgETBpZTdzMNUWFMuCU+JoWJebHaBm
+pZo8z6VNkKm5GZhPMPMEvI/AxM2oASXdYZy5j4RaWXdNApO3xx7HDmC9j6ydYiu
WNlJ0ampzgqjnx5Kr20vmxINDK9ZRuRpoN9pz0Mz75lOt6OyW7xYj233yPJOL/zH
FHsmM3/mQnF18G+39Z8SPDLdR3yMlvNJ9mgY5ewZyaEj2fX7CFQ5wUwCUL8wUF+l
XykT6JvnpXdPgzlHWB/aPvby70q9nsBUCx7RoiTTOtVEDQIT5HFD
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:19:23 2025 by rpki-client