Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/fZwCbKBP2S02FXtQiu_FmfxzeEg.roa
File: fZwCbKBP2S02FXtQiu_FmfxzeEg.roa (raw, json)
Hash identifier: Hq7zsvCyIoR3X6WYRvbJ8IyzxKfFAFcz49SX5FQo6DU=
Subject key identifier: 7D:9C:02:6C:A0:4F:D9:2D:36:15:7B:50:8A:EF:C5:99:FC:73:78:48
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0195F6D0BF743964A6EC25C1DA84B7D6D151
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/fZwCbKBP2S02FXtQiu_FmfxzeEg.roa
Signing time: Wed 02 Apr 2025 14:03:50 +0000
ROA not before: Wed 02 Apr 2025 14:03:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42794
IP address blocks: 31.13.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 13 May 2025 19:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f6:d0:bf:74:39:64:a6:ec:25:c1:da:84:b7:d6:d1:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 2 14:03:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7d9c026ca04fd92d36157b508aefc599fc737848
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:d6:ec:0d:57:eb:11:ab:e9:6b:20:d3:98:eb:
8c:e1:e8:9b:a9:47:37:cb:ee:95:46:fa:64:4c:06:
6b:8b:07:6f:ed:b0:93:6c:4d:41:f1:4a:0a:eb:41:
51:e3:16:a2:6f:d9:17:16:1f:77:c8:a6:f2:d4:da:
0b:13:e8:d4:08:ea:c4:e0:46:fc:62:ec:07:ab:c3:
e2:dd:f4:d6:6e:8f:4f:0e:79:b7:ec:4e:58:42:44:
6f:71:01:c5:0a:dd:14:0b:0f:cf:e3:0a:77:b1:44:
b1:2a:be:8d:4e:eb:68:84:ca:e1:3d:fa:4b:2e:07:
ed:5c:12:1f:7a:a0:b0:e9:cf:a1:77:9f:35:d1:16:
8b:24:5c:a2:a3:08:9f:18:c5:9c:85:29:84:5d:19:
35:ca:1f:4e:9f:dd:f4:75:79:17:7f:fa:6b:7a:36:
7d:98:b3:89:f1:9c:ba:3b:bf:48:c7:b6:40:80:59:
46:64:2f:7b:d8:1b:da:38:1b:a6:ef:8a:bc:0c:3e:
11:45:55:51:8e:9e:4f:f8:32:6c:8f:56:bc:c9:af:
9c:2e:ce:26:54:38:2f:1c:cb:e4:96:20:6e:d2:80:
74:bc:da:10:55:69:4a:fa:c0:18:fd:d6:06:8c:a6:
1f:b5:fa:c3:dc:20:45:ac:04:71:2e:d5:6b:e1:9e:
b7:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:9C:02:6C:A0:4F:D9:2D:36:15:7B:50:8A:EF:C5:99:FC:73:78:48
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/fZwCbKBP2S02FXtQiu_FmfxzeEg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.198.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:0b:fa:76:96:aa:42:06:52:13:03:6b:ad:b2:a0:58:c8:c4:
c3:43:74:65:e2:d8:65:f6:b1:4b:64:82:c3:9c:78:ee:bf:60:
04:ac:99:27:1f:1f:84:08:46:c9:77:b3:b9:13:e2:ba:21:68:
aa:2f:8a:f6:fa:40:2b:c3:ae:21:24:6c:33:c8:cf:97:aa:b2:
7f:2b:77:72:64:0e:07:a5:ff:00:9b:b6:b6:14:19:23:c0:4f:
21:b5:81:ab:45:f2:a4:f6:aa:ed:fc:d4:a7:45:91:38:1a:ff:
f6:bf:45:89:49:6a:5c:af:04:6d:f6:5b:5c:4e:af:12:e5:07:
30:a5:a4:34:3e:95:f5:66:37:b7:97:49:d7:2a:f6:37:11:9c:
a4:8c:62:06:66:a1:3f:6b:97:66:fc:92:36:d4:bf:17:33:55:
55:07:b1:b4:5d:92:9d:3b:06:9e:a3:81:ff:19:6a:0d:30:33:
fc:06:0c:8a:b1:6a:be:f7:20:09:b3:a8:e0:db:13:91:77:d6:
02:27:b8:c7:5f:80:26:1e:2e:d2:32:76:e9:bf:21:a5:6e:94:
59:b3:04:53:a9:e6:42:3d:d2:64:0f:d6:e5:79:50:ea:5c:3a:
4b:50:0f:a1:b2:3f:ca:7b:d8:9e:41:3a:6e:a8:23:38:b9:7d:
75:f5:87:67
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZX20L90OWSm7CXB2oS31tFRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwNDAyMTQwMzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDljMDI2Y2EwNGZkOTJkMzYxNTdiNTA4YWVmYzU5OWZjNzM3ODQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsNbsDVfrEavpayDTmOuM4eibqUc3
y+6VRvpkTAZriwdv7bCTbE1B8UoK60FR4xaib9kXFh93yKby1NoLE+jUCOrE4Eb8
YuwHq8Pi3fTWbo9PDnm37E5YQkRvcQHFCt0UCw/P4wp3sUSxKr6NTutohMrhPfpL
LgftXBIfeqCw6c+hd5810RaLJFyiowifGMWchSmEXRk1yh9On930dXkXf/prejZ9
mLOJ8Zy6O79Ix7ZAgFlGZC972BvaOBum74q8DD4RRVVRjp5P+DJsj1a8ya+cLs4m
VDgvHMvkliBu0oB0vNoQVWlK+sAY/dYGjKYftfrD3CBFrARxLtVr4Z63NwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH2cAmygT9ktNhV7UIrvxZn8c3hIMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvZlp3Q2JLQlAyUzAyRlh0UWl1X0ZtZnh6ZUVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHw3GMA0G
CSqGSIb3DQEBCwUAA4IBAQBcC/p2lqpCBlITA2utsqBYyMTDQ3Rl4thl9rFLZILD
nHjuv2AErJknHx+ECEbJd7O5E+K6IWiqL4r2+kArw64hJGwzyM+XqrJ/K3dyZA4H
pf8Am7a2FBkjwE8htYGrRfKk9qrt/NSnRZE4Gv/2v0WJSWpcrwRt9ltcTq8S5Qcw
paQ0PpX1Zje3l0nXKvY3EZykjGIGZqE/a5dm/JI21L8XM1VVB7G0XZKdOwaeo4H/
GWoNMDP8BgyKsWq+9yAJs6jg2xORd9YCJ7jHX4AmHi7SMnbpvyGlbpRZswRTqeZC
PdJkD9bleVDqXDpLUA+hsj/Ke9ieQTpuqCM4uX119Ydn
-----END CERTIFICATE-----
Generated at Tue May 13 05:05:34 2025 by rpki-client