Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/16nS9ZVI1S_xIedGLDT0GogWFk8.roa
File: 16nS9ZVI1S_xIedGLDT0GogWFk8.roa (raw, json)
Hash identifier: 3vo/ahGqFtN4lhm2wpJoRKi5qUwgScl2x0ipjOS5FW0=
Subject key identifier: D7:A9:D2:F5:95:48:D5:2F:F1:21:E7:46:2C:34:F4:1A:88:16:16:4F
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 01967BE95146544EDEF5FDBD74D125BE2F46
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/16nS9ZVI1S_xIedGLDT0GogWFk8.roa
Signing time: Mon 28 Apr 2025 10:20:10 +0000
ROA not before: Mon 28 Apr 2025 10:20:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207905
IP address blocks: 124.198.130.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft
rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 16 May 2025 04:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:7b:e9:51:46:54:4e:de:f5:fd:bd:74:d1:25:be:2f:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Apr 28 10:20:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d7a9d2f59548d52ff121e7462c34f41a8816164f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:79:95:af:32:8a:2c:81:fc:a9:dd:a4:7e:dc:
9b:f0:36:ef:15:db:10:42:21:2c:6b:6f:f2:7d:07:
3c:04:5f:10:52:ea:9d:9c:7f:e9:ed:7c:95:d5:48:
f1:7e:09:f3:63:bc:67:80:98:a9:12:43:19:6b:8c:
12:54:e2:aa:a5:d5:80:d4:a2:08:dc:37:c0:89:ff:
7a:c8:a7:38:e9:fb:fb:2a:a3:82:72:0b:90:81:0c:
fd:6e:e1:bf:8b:30:4c:f8:9a:89:23:77:79:ee:07:
ba:4c:f4:84:12:eb:08:d2:ee:96:be:6b:81:5f:78:
08:bd:53:79:51:c9:d8:24:a4:8f:9f:6b:30:59:47:
35:9f:38:08:40:e1:85:cc:a1:ba:fe:4a:86:47:35:
77:8b:06:fe:7c:92:c7:30:57:87:2c:3e:c6:04:12:
f8:26:95:f9:19:75:75:f4:83:0a:14:85:2f:70:e0:
a1:38:88:89:29:75:84:86:ea:ac:38:38:66:b8:60:
41:34:94:bb:09:e0:91:12:17:89:41:3d:f7:a9:8e:
39:be:c7:9d:e5:e7:0a:17:db:29:5a:80:9c:ce:6a:
3f:fe:18:6b:a1:cb:4a:16:03:c7:ee:41:7c:a9:ad:
14:87:12:78:dd:ed:b8:0a:13:8c:91:48:4c:be:b6:
d9:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:A9:D2:F5:95:48:D5:2F:F1:21:E7:46:2C:34:F4:1A:88:16:16:4F
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/16nS9ZVI1S_xIedGLDT0GogWFk8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
124.198.130.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:72:82:a3:26:a1:14:93:5e:a6:57:2a:15:aa:5f:e0:1b:36:
0b:fd:4b:d2:f0:d4:e6:a8:8a:bc:21:0e:32:cc:fc:83:fa:e9:
a7:2e:a1:11:17:b4:be:48:30:11:20:78:57:b4:d7:42:f1:6d:
f6:27:7b:8f:5b:80:f9:2c:38:1c:63:9c:18:2e:87:74:8e:fc:
b7:9c:43:9b:19:72:f1:7a:af:96:47:8e:21:f6:b8:a8:d1:1c:
5f:e5:a9:19:3d:b6:52:49:11:32:1a:6b:e2:27:42:24:aa:f1:
bf:70:c0:5a:b9:0f:47:7a:53:1f:96:2d:4b:b9:48:ca:23:cf:
4b:a4:7e:2b:40:d3:8c:36:e4:33:fe:4d:4e:d3:fc:85:0c:9d:
ed:cb:d8:6a:d0:72:55:c9:66:07:e6:e7:b0:05:bf:86:05:fa:
40:5b:04:70:0f:1a:ad:ac:01:2f:9f:a6:5d:44:fd:16:a3:cf:
08:24:88:47:8f:6a:b7:96:55:64:88:b3:92:a1:d6:4c:72:b6:
94:6c:91:5f:35:8c:ac:1b:7a:b7:39:80:b0:86:99:8d:5f:32:
bd:96:e3:0e:52:31:01:52:c1:3d:86:39:8f:83:1b:10:f9:c9:
9a:a8:9d:8b:06:eb:57:2b:5e:76:90:89:69:97:19:15:78:74:
c6:2a:29:e1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZZ76VFGVE7e9f29dNElvi9GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjUwNDI4MTAyMDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2E5ZDJmNTk1NDhkNTJmZjEyMWU3NDYyYzM0ZjQxYTg4MTYxNjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjXmVrzKKLIH8qd2kftyb8DbvFdsQ
QiEsa2/yfQc8BF8QUuqdnH/p7XyV1UjxfgnzY7xngJipEkMZa4wSVOKqpdWA1KII
3DfAif96yKc46fv7KqOCcguQgQz9buG/izBM+JqJI3d57ge6TPSEEusI0u6WvmuB
X3gIvVN5UcnYJKSPn2swWUc1nzgIQOGFzKG6/kqGRzV3iwb+fJLHMFeHLD7GBBL4
JpX5GXV19IMKFIUvcOChOIiJKXWEhuqsODhmuGBBNJS7CeCREheJQT33qY45vsed
5ecKF9spWoCczmo//hhroctKFgPH7kF8qa0UhxJ43e24ChOMkUhMvrbZNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNep0vWVSNUv8SHnRiw09BqIFhZPMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvMTZuUzlaVkkxU194SWVkR0xEVDBHb2dXRms4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAfMaCMA0G
CSqGSIb3DQEBCwUAA4IBAQCNcoKjJqEUk16mVyoVql/gGzYL/UvS8NTmqIq8IQ4y
zPyD+umnLqERF7S+SDARIHhXtNdC8W32J3uPW4D5LDgcY5wYLod0jvy3nEObGXLx
eq+WR44h9rio0Rxf5akZPbZSSREyGmviJ0IkqvG/cMBauQ9HelMfli1LuUjKI89L
pH4rQNOMNuQz/k1O0/yFDJ3ty9hq0HJVyWYH5uewBb+GBfpAWwRwDxqtrAEvn6Zd
RP0Wo88IJIhHj2q3llVkiLOSodZMcraUbJFfNYysG3q3OYCwhpmNXzK9luMOUjEB
UsE9hjmPgxsQ+cmaqJ2LButXK152kIlplxkVeHTGKinh
-----END CERTIFICATE-----
Generated at Thu May 15 11:00:52 2025 by rpki-client