Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/peZ9leIKvtzaEIB0WUANE3zMc_o.roa
File: peZ9leIKvtzaEIB0WUANE3zMc_o.roa (raw, json)
Hash identifier: ihPt5ZcWXXJa1kFjUJyi/XxvoXO5SF+IotGDhTxVKIQ=
Subject key identifier: A5:E6:7D:95:E2:0A:BE:DC:DA:10:80:74:59:40:0D:13:7C:CC:73:FA
Certificate issuer: /CN=568fe35cc962633a2757af10a0e6e8ab6d01f4c9
Certificate serial: 0194244552C4DAACED671F9DB71F95E586C2
Authority key identifier: 56:8F:E3:5C:C9:62:63:3A:27:57:AF:10:A0:E6:E8:AB:6D:01:F4:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vo_jXMliYzonV68QoOboq20B9Mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/peZ9leIKvtzaEIB0WUANE3zMc_o.roa
Signing time: Wed 01 Jan 2025 23:48:30 +0000
ROA not before: Wed 01 Jan 2025 23:48:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31654
IP address blocks: 82.150.71.0/24 maxlen: 24
84.44.29.0/24 maxlen: 24
84.44.30.0/24 maxlen: 24
84.44.42.0/24 maxlen: 24
84.44.65.0/24 maxlen: 24
84.44.66.0/24 maxlen: 24
84.44.67.0/24 maxlen: 24
84.44.68.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/Vo_jXMliYzonV68QoOboq20B9Mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/Vo_jXMliYzonV68QoOboq20B9Mk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Vo_jXMliYzonV68QoOboq20B9Mk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 06:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:52:c4:da:ac:ed:67:1f:9d:b7:1f:95:e5:86:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=568fe35cc962633a2757af10a0e6e8ab6d01f4c9
Validity
Not Before: Jan 1 23:48:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a5e67d95e20abedcda10807459400d137ccc73fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:49:fe:a5:65:ee:53:b4:c2:61:69:99:83:e5:
9c:24:13:b9:30:de:12:66:2c:26:ca:73:ee:3a:fb:
60:b1:3f:2b:da:03:88:f1:54:d3:01:0c:cf:a1:c3:
d3:18:ca:9f:17:69:2d:e2:d6:b5:29:e6:01:54:1b:
77:da:4d:d8:b2:a0:bc:9d:c6:11:e0:63:fc:7b:34:
d0:63:af:76:e1:6a:8a:cc:ee:1e:de:41:31:0b:af:
1d:29:04:5b:c3:5b:a2:c7:5c:b2:6e:36:1c:47:95:
5b:3d:90:0e:dc:c7:74:79:fe:d4:4f:b1:77:6b:a2:
cc:5f:d3:fe:64:09:76:8d:5e:ab:10:4d:75:d8:c3:
73:6c:6e:c9:40:0d:d6:7e:45:39:58:cd:d9:37:e9:
ef:66:55:40:eb:b8:e4:60:a6:29:8a:19:25:d6:12:
af:2a:39:67:f4:9e:cb:4c:cc:49:43:e8:e8:0b:c2:
c3:61:fa:c7:96:61:f3:c8:cf:61:fd:ee:e6:80:f2:
a5:0a:85:dc:2c:28:c1:ff:ac:82:77:67:30:0f:e5:
50:2a:5e:1d:9a:0c:e0:9f:3a:f7:ba:d9:64:31:01:
79:bd:08:93:58:2b:45:c1:91:88:ef:bc:7e:05:4b:
a4:28:8f:59:a1:97:ac:9e:f9:35:f3:8d:0c:b7:a6:
2d:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:E6:7D:95:E2:0A:BE:DC:DA:10:80:74:59:40:0D:13:7C:CC:73:FA
X509v3 Authority Key Identifier:
keyid:56:8F:E3:5C:C9:62:63:3A:27:57:AF:10:A0:E6:E8:AB:6D:01:F4:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vo_jXMliYzonV68QoOboq20B9Mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/peZ9leIKvtzaEIB0WUANE3zMc_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/Vo_jXMliYzonV68QoOboq20B9Mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.150.71.0/24
84.44.29.0-84.44.30.255
84.44.42.0/24
84.44.65.0-84.44.68.255
Signature Algorithm: sha256WithRSAEncryption
5d:ed:be:09:02:63:84:27:ef:88:de:7f:8a:66:5c:8d:97:34:
9c:45:a0:6e:1b:92:9c:86:4b:e5:5f:25:29:ea:d3:4c:e3:86:
50:3a:e4:bf:bb:b0:7d:7f:e6:fd:af:23:75:b5:1f:37:6e:32:
ba:c5:bd:63:56:90:32:96:c6:07:fb:db:96:bd:77:eb:83:b3:
ec:c3:7d:4b:e2:e7:09:92:a9:2f:bc:36:0a:d8:a7:a7:66:77:
62:b6:c1:26:83:0d:3b:6a:b4:ff:5a:48:b1:23:b7:37:dd:8b:
a1:ef:aa:e4:2c:75:11:6b:a7:68:47:6c:ee:14:ec:76:96:8e:
ca:94:d2:7b:33:11:44:d3:14:38:61:ad:1b:13:8d:47:4f:3d:
3b:aa:62:16:55:36:cb:8b:c4:9a:39:3c:3b:f4:f7:24:70:ff:
46:d4:a7:c7:ec:38:a0:47:47:cb:69:d9:6f:76:ca:aa:2a:0a:
a3:98:c7:ac:fa:97:47:4b:6d:8f:d1:9b:d1:48:94:ef:19:33:
9b:a4:86:91:18:8d:8b:70:77:3b:12:8b:f5:14:e3:46:8d:48:
5b:a2:82:44:23:8b:84:19:54:58:40:41:b1:ba:81:56:1c:1a:
8f:7b:e2:f0:98:b0:e7:df:c0:23:0f:7d:8f:b1:56:e6:ac:c6:
2f:63:88:cb
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZQkRVLE2qztZx+dtx+V5YbCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2OGZlMzVjYzk2MjYzM2EyNzU3YWYxMGEwZTZlOGFiNmQw
MWY0YzkwHhcNMjUwMTAxMjM0ODMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWU2N2Q5NWUyMGFiZWRjZGExMDgwNzQ1OTQwMGQxMzdjY2M3M2ZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5En+pWXuU7TCYWmZg+WcJBO5MN4S
ZiwmynPuOvtgsT8r2gOI8VTTAQzPocPTGMqfF2kt4ta1KeYBVBt32k3YsqC8ncYR
4GP8ezTQY6924WqKzO4e3kExC68dKQRbw1uix1yybjYcR5VbPZAO3Md0ef7UT7F3
a6LMX9P+ZAl2jV6rEE112MNzbG7JQA3WfkU5WM3ZN+nvZlVA67jkYKYpihkl1hKv
Kjln9J7LTMxJQ+joC8LDYfrHlmHzyM9h/e7mgPKlCoXcLCjB/6yCd2cwD+VQKl4d
mgzgnzr3utlkMQF5vQiTWCtFwZGI77x+BUukKI9ZoZesnvk1840Mt6YtXwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFKXmfZXiCr7c2hCAdFlADRN8zHP6MB8GA1UdIwQY
MBaAFFaP41zJYmM6J1evEKDm6KttAfTJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVm9falhNbGlZem9uVjY4UW9PYm9xMjBCOU1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC8zN2ViZTYtOGJmZS00YzFmLWExODMt
ODNkNjQ4Zjc5NzQ2LzEvcGVaOWxlSUt2dHphRUlCMFdVQU5FM3pNY19vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC8zN2ViZTYtOGJmZS00YzFmLWExODMtODNkNjQ4Zjc5NzQ2
LzEvVm9falhNbGlZem9uVjY4UW9PYm9xMjBCOU1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQAUpZHMAwD
BABULB0DBABULB4DBABULCowDAMEAFQsQQMEAFQsRDANBgkqhkiG9w0BAQsFAAOC
AQEAXe2+CQJjhCfviN5/imZcjZc0nEWgbhuSnIZL5V8lKerTTOOGUDrkv7uwfX/m
/a8jdbUfN24yusW9Y1aQMpbGB/vblr1364Oz7MN9S+LnCZKpL7w2Ctinp2Z3YrbB
JoMNO2q0/1pIsSO3N92Loe+q5Cx1EWunaEds7hTsdpaOypTSezMRRNMUOGGtGxON
R089O6piFlU2y4vEmjk8O/T3JHD/RtSnx+w4oEdHy2nZb3bKqioKo5jHrPqXR0tt
j9Gb0UiU7xkzm6SGkRiNi3B3OxKL9RTjRo1IW6KCRCOLhBlUWEBBsbqBVhwaj3vi
8Jiw59/AIw99j7FW5qzGL2OIyw==
-----END CERTIFICATE-----
Generated at Thu Apr 17 14:51:59 2025 by rpki-client