Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/ARYdkedt9hArm1X7hp83_Cg5tpQ.roa
File: ARYdkedt9hArm1X7hp83_Cg5tpQ.roa (raw, json)
Hash identifier: JuBJSBaOkvov17EXCYN32IfgGgf0k5Tgl6lj874nn5w=
Subject key identifier: 01:16:1D:91:E7:6D:F6:10:2B:9B:55:FB:86:9F:37:FC:28:39:B6:94
Certificate issuer: /CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Certificate serial: 0196A500BCA7F12638288A54ED31B6D5437C
Authority key identifier: D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/ARYdkedt9hArm1X7hp83_Cg5tpQ.roa
Signing time: Tue 06 May 2025 09:50:10 +0000
ROA not before: Tue 06 May 2025 09:50:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 207.244.197.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.mft
rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 14 May 2025 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a5:00:bc:a7:f1:26:38:28:8a:54:ed:31:b6:d5:43:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Validity
Not Before: May 6 09:50:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=01161d91e76df6102b9b55fb869f37fc2839b694
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:91:e9:ba:07:fc:31:63:5e:cf:de:b6:7c:72:
92:82:b2:5f:87:1e:c3:be:84:64:cc:41:86:1b:f1:
e4:9a:41:df:9c:65:30:54:90:e1:1d:1d:cc:6e:26:
ef:1a:55:bb:78:65:2a:52:1f:44:d0:e1:a5:95:49:
76:14:68:8b:ee:90:64:00:66:d7:96:e2:f0:00:12:
41:4b:91:98:7c:1d:3a:d3:2e:3b:6c:d8:63:14:65:
0a:50:35:77:47:bf:6b:5c:5a:12:db:3a:4f:be:22:
65:88:c7:dc:30:b4:e5:c7:f0:f0:35:74:0c:fa:c4:
22:e3:1c:cb:c8:50:67:b6:f2:04:a7:14:71:4b:d1:
b1:16:d1:1e:28:84:17:88:35:91:69:f7:95:46:66:
59:c2:5d:02:ff:b5:b5:96:38:8d:c8:bf:e2:94:ea:
7f:ab:cd:ce:23:dd:22:9a:bf:da:4c:01:9b:aa:c2:
10:9b:9f:93:1d:c5:34:41:d8:37:35:fa:17:f9:82:
20:b0:97:b6:7f:f4:0e:4d:44:03:d1:36:a7:9f:92:
de:f9:f2:5e:56:f2:cc:31:7d:a2:8e:79:bd:2d:c0:
e0:a7:e0:57:5b:72:77:3b:fb:9d:22:49:3c:f8:ff:
85:2a:b1:ed:49:ac:4e:0f:9e:d2:a0:fd:1f:06:20:
d6:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:16:1D:91:E7:6D:F6:10:2B:9B:55:FB:86:9F:37:FC:28:39:B6:94
X509v3 Authority Key Identifier:
keyid:D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/ARYdkedt9hArm1X7hp83_Cg5tpQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
207.244.197.0/24
Signature Algorithm: sha256WithRSAEncryption
78:60:72:b9:32:2d:76:7f:11:78:16:a2:db:d1:2f:18:e5:cb:
1a:4b:c5:3a:ca:59:3a:83:92:c2:49:ee:10:9f:66:22:b5:a7:
7b:65:e3:28:b0:21:28:34:af:eb:f6:78:03:a0:db:ae:70:0e:
e4:5f:53:11:c3:41:68:ef:30:b5:1a:c1:c6:d1:58:99:b6:28:
91:cd:6d:ae:b9:cb:39:ca:c9:55:dd:32:81:a9:01:74:3c:bf:
d4:fc:ab:c0:e1:73:91:6a:73:c3:65:25:0f:f2:92:c1:93:b7:
1c:98:5b:cc:80:d8:46:42:b1:e4:41:6d:9f:d0:2f:3a:c3:8e:
20:f8:cf:f0:4c:8f:a7:04:86:b2:84:c9:9d:39:99:e2:47:e0:
f7:4c:9d:75:51:00:b6:45:d3:25:c6:a0:b3:e2:e5:9c:d9:0b:
cc:ff:fd:c1:4f:00:77:d2:41:02:87:53:6a:2a:9b:54:b2:a0:
86:f7:64:39:41:f6:de:56:04:8b:37:c4:81:fc:03:98:7f:f0:
ec:93:08:95:c1:6a:c9:1f:b6:4b:72:81:a9:0d:7d:38:26:84:
41:a4:73:7d:0c:80:22:5c:0a:29:10:48:e5:03:9b:0a:77:37:
62:ca:06:31:fc:a2:b6:e3:48:39:aa:36:4d:5f:da:2e:93:15:
70:a4:0d:b6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZalALyn8SY4KIpU7TG21UN8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwOGRhOWNmMDBkNGQ1OGI4NTRmZmM2MjAxMGYyMzViMDZk
ZjM1NGEwHhcNMjUwNTA2MDk1MDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTE2MWQ5MWU3NmRmNjEwMmI5YjU1ZmI4NjlmMzdmYzI4MzliNjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwpHpugf8MWNez962fHKSgrJfhx7D
voRkzEGGG/HkmkHfnGUwVJDhHR3MbibvGlW7eGUqUh9E0OGllUl2FGiL7pBkAGbX
luLwABJBS5GYfB060y47bNhjFGUKUDV3R79rXFoS2zpPviJliMfcMLTlx/DwNXQM
+sQi4xzLyFBntvIEpxRxS9GxFtEeKIQXiDWRafeVRmZZwl0C/7W1ljiNyL/ilOp/
q83OI90imr/aTAGbqsIQm5+THcU0Qdg3NfoX+YIgsJe2f/QOTUQD0Tann5Le+fJe
VvLMMX2ijnm9LcDgp+BXW3J3O/udIkk8+P+FKrHtSaxOD57SoP0fBiDWgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAEWHZHnbfYQK5tV+4afN/woObaUMB8GA1UdIwQY
MBaAFNCNqc8A1NWLhU/8YgEPI1sG3zVKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYt
MjBlMTk3ODBjYjJlLzEvQVJZZGtlZHQ5aEFybTFYN2hwODNfQ2c1dHBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYtMjBlMTk3ODBjYjJl
LzEvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAz/TFMA0G
CSqGSIb3DQEBCwUAA4IBAQB4YHK5Mi12fxF4FqLb0S8Y5csaS8U6ylk6g5LCSe4Q
n2Yitad7ZeMosCEoNK/r9ngDoNuucA7kX1MRw0Fo7zC1GsHG0ViZtiiRzW2uucs5
yslV3TKBqQF0PL/U/KvA4XORanPDZSUP8pLBk7ccmFvMgNhGQrHkQW2f0C86w44g
+M/wTI+nBIayhMmdOZniR+D3TJ11UQC2RdMlxqCz4uWc2QvM//3BTwB30kECh1Nq
KptUsqCG92Q5QfbeVgSLN8SB/AOYf/DskwiVwWrJH7ZLcoGpDX04JoRBpHN9DIAi
XAopEEjlA5sKdzdiygYx/KK240g5qjZNX9oukxVwpA22
-----END CERTIFICATE-----
Generated at Tue May 13 16:11:18 2025 by rpki-client