Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/b81e6e-2fef-464c-8935-0779029ae222/1/V-vZgRS8mAjoRUqoJ2bRVighD-g.roa
File: V-vZgRS8mAjoRUqoJ2bRVighD-g.roa (raw, json)
Hash identifier: UA46xIFUmg6Yei6BvPPyRg4XYtnlQ4qpnfSfvDj9Jd0=
Subject key identifier: 57:EB:D9:81:14:BC:98:08:E8:45:4A:A8:27:66:D1:56:28:21:0F:E8
Certificate issuer: /CN=6eb86b7bb00a442e08cb3b85a63e7b4848742e76
Certificate serial: 019424B3E4E2EBE32D2785E445E3B1FA5A8A
Authority key identifier: 6E:B8:6B:7B:B0:0A:44:2E:08:CB:3B:85:A6:3E:7B:48:48:74:2E:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/brhre7AKRC4IyzuFpj57SEh0LnY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/b81e6e-2fef-464c-8935-0779029ae222/1/V-vZgRS8mAjoRUqoJ2bRVighD-g.roa
Signing time: Thu 02 Jan 2025 01:49:16 +0000
ROA not before: Thu 02 Jan 2025 01:49:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51654
IP address blocks: 91.220.26.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/b81e6e-2fef-464c-8935-0779029ae222/1/brhre7AKRC4IyzuFpj57SEh0LnY.crl
rsync://rpki.ripe.net/repository/DEFAULT/e7/b81e6e-2fef-464c-8935-0779029ae222/1/brhre7AKRC4IyzuFpj57SEh0LnY.mft
rsync://rpki.ripe.net/repository/DEFAULT/brhre7AKRC4IyzuFpj57SEh0LnY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 01 May 2025 13:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:e4:e2:eb:e3:2d:27:85:e4:45:e3:b1:fa:5a:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6eb86b7bb00a442e08cb3b85a63e7b4848742e76
Validity
Not Before: Jan 2 01:49:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=57ebd98114bc9808e8454aa82766d15628210fe8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:61:72:9c:74:0c:ba:d2:5b:bf:ed:8d:81:41:
56:60:43:11:7c:65:f6:d0:31:40:41:46:17:00:04:
ce:9c:28:43:5c:03:2a:f1:c1:c9:4c:ac:0e:ad:8e:
41:d0:2f:95:a8:4b:02:27:3f:09:39:5f:5b:73:95:
cc:d9:a3:4c:d7:64:27:92:5b:72:80:45:d7:23:1a:
2a:2d:c6:65:f6:91:88:dd:fe:b7:93:86:85:93:fa:
77:91:ba:f5:6d:06:3c:f4:2e:91:be:c9:e6:67:23:
5f:85:b1:bb:ee:39:15:eb:8e:dd:44:8d:06:9c:57:
9b:7a:73:67:f1:07:f4:f5:bc:92:06:87:4d:67:3d:
09:02:7f:da:00:3b:00:fb:49:eb:b8:2e:65:51:01:
8d:76:1f:5b:d7:44:b9:3b:88:ea:a9:3b:80:08:01:
d7:45:06:03:8a:09:58:1a:36:79:12:0a:08:b3:5e:
5a:34:dc:8d:03:3d:91:76:c0:e7:69:dd:49:57:1c:
d5:9b:b8:d6:f2:4e:17:80:5f:e7:c8:53:02:b6:a8:
90:32:b6:5c:91:5e:fb:d5:cf:06:a3:43:9e:85:6d:
4b:e9:64:b1:2d:cf:f3:13:dd:aa:21:33:a7:1a:4b:
4d:35:f3:f6:95:25:bb:7d:1a:d0:69:d6:f8:2a:b8:
88:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:EB:D9:81:14:BC:98:08:E8:45:4A:A8:27:66:D1:56:28:21:0F:E8
X509v3 Authority Key Identifier:
keyid:6E:B8:6B:7B:B0:0A:44:2E:08:CB:3B:85:A6:3E:7B:48:48:74:2E:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/brhre7AKRC4IyzuFpj57SEh0LnY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/b81e6e-2fef-464c-8935-0779029ae222/1/V-vZgRS8mAjoRUqoJ2bRVighD-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/b81e6e-2fef-464c-8935-0779029ae222/1/brhre7AKRC4IyzuFpj57SEh0LnY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.26.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:be:53:b8:38:ba:71:47:b7:8a:b6:f2:72:76:a4:70:f6:e5:
4f:c9:b2:2e:aa:20:dc:4b:d7:64:50:e6:32:eb:46:a0:2f:22:
8f:6d:4c:4a:05:54:44:32:92:ed:94:c0:98:63:57:61:55:17:
99:27:e4:1d:81:5e:68:4e:91:0b:27:af:7c:53:f5:cd:d1:8c:
81:23:65:80:a8:02:a1:fb:6d:45:a8:a3:7a:c4:18:62:38:8c:
7f:3c:df:1e:4c:1b:7c:e4:42:23:da:78:c3:32:12:c9:93:8a:
16:fa:25:f8:fa:99:b4:74:fc:a4:1c:8d:e8:2b:12:1d:d6:41:
6c:54:ed:c8:29:53:6e:74:fa:38:94:53:d1:fa:af:90:b9:5f:
64:42:4d:e8:29:f7:55:a9:d8:c8:03:54:c1:27:2f:82:96:b7:
42:17:70:18:31:cc:20:da:bd:95:c0:d3:e6:07:a6:bd:b5:02:
31:cc:32:95:6b:bb:34:b1:e9:08:5d:35:3f:fa:97:ab:71:62:
1f:05:e2:14:b1:55:4f:25:20:4b:92:24:a7:d5:98:65:62:b7:
30:be:cc:5e:a8:40:50:d5:99:bf:bd:3a:96:ef:f5:b4:e4:0e:
d8:5a:61:c8:e1:9d:dd:3a:f8:ef:73:66:ab:6b:66:07:ec:05:
84:07:8c:2f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQks+Ti6+MtJ4XkReOx+lqKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlYjg2YjdiYjAwYTQ0MmUwOGNiM2I4NWE2M2U3YjQ4NDg3
NDJlNzYwHhcNMjUwMTAyMDE0OTE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1N2ViZDk4MTE0YmM5ODA4ZTg0NTRhYTgyNzY2ZDE1NjI4MjEwZmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4WFynHQMutJbv+2NgUFWYEMRfGX2
0DFAQUYXAATOnChDXAMq8cHJTKwOrY5B0C+VqEsCJz8JOV9bc5XM2aNM12Qnklty
gEXXIxoqLcZl9pGI3f63k4aFk/p3kbr1bQY89C6RvsnmZyNfhbG77jkV647dRI0G
nFebenNn8Qf09bySBodNZz0JAn/aADsA+0nruC5lUQGNdh9b10S5O4jqqTuACAHX
RQYDiglYGjZ5EgoIs15aNNyNAz2RdsDnad1JVxzVm7jW8k4XgF/nyFMCtqiQMrZc
kV771c8Go0OehW1L6WSxLc/zE92qITOnGktNNfP2lSW7fRrQadb4KriICwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFfr2YEUvJgI6EVKqCdm0VYoIQ/oMB8GA1UdIwQY
MBaAFG64a3uwCkQuCMs7haY+e0hIdC52MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnJocmU3QUtSQzRJeXp1RnBqNTdTRWgwTG5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9iODFlNmUtMmZlZi00NjRjLTg5MzUt
MDc3OTAyOWFlMjIyLzEvVi12WmdSUzhtQWpvUlVxb0oyYlJWaWdoRC1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9iODFlNmUtMmZlZi00NjRjLTg5MzUtMDc3OTAyOWFlMjIy
LzEvYnJocmU3QUtSQzRJeXp1RnBqNTdTRWgwTG5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9waMA0G
CSqGSIb3DQEBCwUAA4IBAQAevlO4OLpxR7eKtvJydqRw9uVPybIuqiDcS9dkUOYy
60agLyKPbUxKBVREMpLtlMCYY1dhVReZJ+QdgV5oTpELJ698U/XN0YyBI2WAqAKh
+21FqKN6xBhiOIx/PN8eTBt85EIj2njDMhLJk4oW+iX4+pm0dPykHI3oKxId1kFs
VO3IKVNudPo4lFPR+q+QuV9kQk3oKfdVqdjIA1TBJy+ClrdCF3AYMcwg2r2VwNPm
B6a9tQIxzDKVa7s0sekIXTU/+percWIfBeIUsVVPJSBLkiSn1ZhlYrcwvsxeqEBQ
1Zm/vTqW7/W05A7YWmHI4Z3dOvjvc2ara2YH7AWEB4wv
-----END CERTIFICATE-----
Generated at Wed Apr 30 19:01:55 2025 by rpki-client