Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/rLfwNiKQgm52xK5B1Eks5N-8Tig.roa
File: rLfwNiKQgm52xK5B1Eks5N-8Tig.roa (raw, json)
Hash identifier: 2+iXsJ3Py4RyTLcsBU8kXZbRrDY44LRGdyLqsYMyokQ=
Subject key identifier: AC:B7:F0:36:22:90:82:6E:76:C4:AE:41:D4:49:2C:E4:DF:BC:4E:28
Certificate issuer: /CN=a2088e06d553cff293d277f4d76c3a710bd8b2f7
Certificate serial: 0196907A85AE2BF4984D4E1BF29AFE3CE363
Authority key identifier: A2:08:8E:06:D5:53:CF:F2:93:D2:77:F4:D7:6C:3A:71:0B:D8:B2:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ogiOBtVTz_KT0nf012w6cQvYsvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/rLfwNiKQgm52xK5B1Eks5N-8Tig.roa
Signing time: Fri 02 May 2025 10:11:10 +0000
ROA not before: Fri 02 May 2025 10:11:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 18811
IP address blocks: 89.34.64.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/ogiOBtVTz_KT0nf012w6cQvYsvc.crl
rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/ogiOBtVTz_KT0nf012w6cQvYsvc.mft
rsync://rpki.ripe.net/repository/DEFAULT/ogiOBtVTz_KT0nf012w6cQvYsvc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 13 May 2025 20:47:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:90:7a:85:ae:2b:f4:98:4d:4e:1b:f2:9a:fe:3c:e3:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2088e06d553cff293d277f4d76c3a710bd8b2f7
Validity
Not Before: May 2 10:11:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=acb7f0362290826e76c4ae41d4492ce4dfbc4e28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:07:12:b4:af:51:81:11:71:87:b0:07:9d:ca:
57:78:22:91:10:ca:38:cc:83:92:87:cc:8e:87:7d:
4d:4e:6e:fe:a2:c3:c0:94:99:cb:3b:d0:c9:c8:93:
14:1a:49:96:ae:f4:b5:d2:cc:bd:2a:5b:7c:95:5e:
9e:32:02:d4:31:4e:fd:70:ea:bc:e1:fc:04:b5:17:
5b:fe:c7:03:7f:d3:e8:d5:c7:26:91:93:0a:2b:4e:
33:36:43:f1:b9:1c:18:66:1f:af:71:ea:2e:85:58:
a3:82:4e:ad:a3:d0:45:e7:57:35:82:7f:f8:2c:e8:
4b:94:27:93:49:b1:aa:dc:d8:57:d1:14:28:aa:7a:
9b:9a:7b:b2:6d:f4:8c:e7:07:72:dc:fc:56:8c:a5:
51:59:b0:3f:44:bc:5e:02:06:3c:8a:93:77:d2:8b:
d1:a1:6a:fc:f0:ee:d7:79:84:3c:64:e0:4d:c6:38:
56:6b:64:33:4e:10:79:eb:d3:ba:40:5d:5c:3c:f4:
16:32:9d:59:cd:d3:76:5a:45:41:99:09:fc:09:a8:
5e:03:11:e6:ca:36:93:55:f1:ea:be:71:55:b9:e8:
36:f9:51:60:69:c7:59:cb:10:96:3d:39:02:79:bc:
5b:f3:45:67:80:aa:c5:39:f3:27:f4:72:c1:72:a8:
96:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:B7:F0:36:22:90:82:6E:76:C4:AE:41:D4:49:2C:E4:DF:BC:4E:28
X509v3 Authority Key Identifier:
keyid:A2:08:8E:06:D5:53:CF:F2:93:D2:77:F4:D7:6C:3A:71:0B:D8:B2:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ogiOBtVTz_KT0nf012w6cQvYsvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/rLfwNiKQgm52xK5B1Eks5N-8Tig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/ogiOBtVTz_KT0nf012w6cQvYsvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.64.0/22
Signature Algorithm: sha256WithRSAEncryption
3f:88:37:8e:df:50:0a:41:b2:c1:23:ea:cf:df:59:70:4c:52:
a3:51:fa:a3:b4:ff:15:bf:cf:dc:cc:57:16:c0:b9:aa:ec:50:
08:a3:b2:b3:a7:ba:41:af:b9:bd:c1:a1:6e:b6:bd:3f:b8:54:
ed:76:7b:34:45:79:39:4c:21:11:3d:7a:44:cb:e3:0a:c1:b5:
42:f1:9b:85:3e:31:cf:14:e1:7d:3f:a6:c4:dd:a3:19:27:ab:
19:b3:19:4b:5d:bf:67:15:09:4a:c3:0a:83:7a:d0:d7:c8:aa:
0f:65:ea:9f:3b:e0:e4:b3:8b:94:4b:bc:0f:a8:c6:f4:47:64:
37:e7:14:fd:68:86:63:8b:3c:3c:e2:ee:74:1f:a6:19:db:e6:
f2:d7:ab:8b:10:ce:af:35:eb:8f:e1:f8:f2:9f:96:de:8b:d4:
48:c6:b8:9f:4a:82:7a:dc:5b:a8:0f:3f:1c:e4:54:2b:7b:4d:
25:9c:ab:34:b8:9e:22:f1:fc:99:6b:2f:8f:4c:78:28:50:42:
55:70:2c:94:c1:59:f8:d4:68:f8:60:5b:8f:cf:54:92:6f:67:
7f:13:93:bd:fb:46:3b:83:7a:b8:6e:97:23:70:1c:3b:0e:6f:
4a:c5:b0:5b:b8:3e:8e:68:38:f9:97:f3:47:cb:8f:90:ae:00:
09:1b:dd:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZaQeoWuK/SYTU4b8pr+PONjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMDg4ZTA2ZDU1M2NmZjI5M2QyNzdmNGQ3NmMzYTcxMGJk
OGIyZjcwHhcNMjUwNTAyMTAxMTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2I3ZjAzNjIyOTA4MjZlNzZjNGFlNDFkNDQ5MmNlNGRmYmM0ZTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAugcStK9RgRFxh7AHncpXeCKREMo4
zIOSh8yOh31NTm7+osPAlJnLO9DJyJMUGkmWrvS10sy9Klt8lV6eMgLUMU79cOq8
4fwEtRdb/scDf9Po1ccmkZMKK04zNkPxuRwYZh+vceouhVijgk6to9BF51c1gn/4
LOhLlCeTSbGq3NhX0RQoqnqbmnuybfSM5wdy3PxWjKVRWbA/RLxeAgY8ipN30ovR
oWr88O7XeYQ8ZOBNxjhWa2QzThB569O6QF1cPPQWMp1ZzdN2WkVBmQn8CaheAxHm
yjaTVfHqvnFVueg2+VFgacdZyxCWPTkCebxb80VngKrFOfMn9HLBcqiWBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKy38DYikIJudsSuQdRJLOTfvE4oMB8GA1UdIwQY
MBaAFKIIjgbVU8/yk9J39NdsOnEL2LL3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2dpT0J0VlR6X0tUMG5mMDEydzZjUXZZc3ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9iNDVkNzktYTRkNy00NDYwLWJmZTct
YmJlYTI5MThlMTAyLzEvckxmd05pS1FnbTUyeEs1QjFFa3M1Ti04VGlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9iNDVkNzktYTRkNy00NDYwLWJmZTctYmJlYTI5MThlMTAy
LzEvb2dpT0J0VlR6X0tUMG5mMDEydzZjUXZZc3ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWSJAMA0G
CSqGSIb3DQEBCwUAA4IBAQA/iDeO31AKQbLBI+rP31lwTFKjUfqjtP8Vv8/czFcW
wLmq7FAIo7Kzp7pBr7m9waFutr0/uFTtdns0RXk5TCERPXpEy+MKwbVC8ZuFPjHP
FOF9P6bE3aMZJ6sZsxlLXb9nFQlKwwqDetDXyKoPZeqfO+Dks4uUS7wPqMb0R2Q3
5xT9aIZjizw84u50H6YZ2+by16uLEM6vNeuP4fjyn5bei9RIxrifSoJ63FuoDz8c
5FQre00lnKs0uJ4i8fyZay+PTHgoUEJVcCyUwVn41Gj4YFuPz1SSb2d/E5O9+0Y7
g3q4bpcjcBw7Dm9KxbBbuD6OaDj5l/NHy4+QrgAJG91b
-----END CERTIFICATE-----
Generated at Tue May 13 04:39:18 2025 by rpki-client