Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/85a208-1ab6-46f7-b1a5-a26d25bc7654/1/e4h7xssIbvZ0s7Vw9JjG46tDvZ0.roa
File: e4h7xssIbvZ0s7Vw9JjG46tDvZ0.roa (raw, json)
Hash identifier: isku2v3Qa+kI0md0IS8QEjqPkTCho6QFnoe7uAw4O+0=
Subject key identifier: 7B:88:7B:C6:CB:08:6E:F6:74:B3:B5:70:F4:98:C6:E3:AB:43:BD:9D
Certificate issuer: /CN=09c50efe13aadf5423b04f0ddca8b3288395823e
Certificate serial: 0194221F2D73E1A068F3DF8ACF0B63777D36
Authority key identifier: 09:C5:0E:FE:13:AA:DF:54:23:B0:4F:0D:DC:A8:B3:28:83:95:82:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CcUO_hOq31QjsE8N3KizKIOVgj4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/85a208-1ab6-46f7-b1a5-a26d25bc7654/1/e4h7xssIbvZ0s7Vw9JjG46tDvZ0.roa
Signing time: Wed 01 Jan 2025 13:47:35 +0000
ROA not before: Wed 01 Jan 2025 13:47:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49865
IP address blocks: 194.24.0.0/21 maxlen: 21
194.24.1.0/24 maxlen: 24
194.24.4.0/22 maxlen: 22
2a0a:5080::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/85a208-1ab6-46f7-b1a5-a26d25bc7654/1/CcUO_hOq31QjsE8N3KizKIOVgj4.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/85a208-1ab6-46f7-b1a5-a26d25bc7654/1/CcUO_hOq31QjsE8N3KizKIOVgj4.mft
rsync://rpki.ripe.net/repository/DEFAULT/CcUO_hOq31QjsE8N3KizKIOVgj4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 07:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:2d:73:e1:a0:68:f3:df:8a:cf:0b:63:77:7d:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09c50efe13aadf5423b04f0ddca8b3288395823e
Validity
Not Before: Jan 1 13:47:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7b887bc6cb086ef674b3b570f498c6e3ab43bd9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:da:16:31:1e:e7:21:40:f3:e0:c3:2d:e1:4c:
04:33:63:96:53:ca:64:03:12:5a:8f:48:dc:3d:b2:
aa:31:f1:9c:95:9f:c6:df:4c:5d:99:9f:af:47:de:
e2:6f:bc:9d:dd:3d:81:3f:c4:c9:33:64:d0:92:27:
1f:e5:b8:77:be:f6:0d:6c:76:c7:c6:76:a5:35:a1:
72:c2:60:5e:c2:24:38:28:ad:76:97:0a:ee:85:40:
46:95:9a:02:a3:f6:9f:0e:40:df:44:bd:51:44:b9:
2f:3a:3f:34:10:67:51:af:c5:e5:57:6e:ab:1d:70:
ef:b7:c4:1b:25:5d:8a:bb:66:05:d0:6e:5e:e3:4b:
b6:32:2b:ca:94:6a:f9:8b:eb:50:d6:f8:6a:c3:1f:
a1:26:74:9d:30:7e:ac:88:9f:95:68:d2:06:17:3d:
f2:83:99:2f:cc:8b:47:f1:b6:ba:47:eb:c1:fa:8f:
43:40:b1:e0:a4:64:39:9c:80:ff:da:df:f6:5b:b1:
10:c6:01:c8:d8:7c:27:b2:ce:02:12:34:b0:a7:7e:
9e:56:eb:d6:32:6f:8f:e8:2a:5d:d5:46:3a:89:a3:
5f:d8:cb:d8:3c:1e:f5:ce:96:86:b7:e5:03:cd:98:
0f:9b:44:99:f5:58:06:3a:46:83:eb:c7:1e:23:a4:
72:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:88:7B:C6:CB:08:6E:F6:74:B3:B5:70:F4:98:C6:E3:AB:43:BD:9D
X509v3 Authority Key Identifier:
keyid:09:C5:0E:FE:13:AA:DF:54:23:B0:4F:0D:DC:A8:B3:28:83:95:82:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CcUO_hOq31QjsE8N3KizKIOVgj4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/85a208-1ab6-46f7-b1a5-a26d25bc7654/1/e4h7xssIbvZ0s7Vw9JjG46tDvZ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/85a208-1ab6-46f7-b1a5-a26d25bc7654/1/CcUO_hOq31QjsE8N3KizKIOVgj4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.24.0.0/21
IPv6:
2a0a:5080::/29
Signature Algorithm: sha256WithRSAEncryption
54:2c:75:8f:a3:93:2a:bb:cd:cc:c8:71:48:70:82:48:c2:83:
0b:7b:9d:ef:77:01:95:51:86:c4:ea:00:13:90:c2:7a:18:e8:
64:bf:2d:3e:26:38:91:fa:c7:55:ce:a8:ad:0c:75:60:8b:5f:
54:6a:05:19:40:ab:27:71:f9:b4:6d:48:c9:39:c1:f0:ee:bd:
c4:83:29:17:41:32:e2:60:fc:67:fa:b4:18:6c:98:68:c7:97:
a2:e6:93:fd:3b:5b:3e:a0:66:8c:21:8a:a2:60:35:5c:d0:c4:
ab:51:bf:aa:7a:b9:a3:37:42:ab:89:52:34:32:72:44:dc:86:
51:35:f6:04:a1:d0:28:a9:f4:f5:3e:b0:ee:08:ec:76:3f:70:
c6:ea:90:5e:8e:65:4d:38:b3:ce:72:c9:a7:1c:1e:72:2b:31:
d1:78:7f:3f:7a:5f:58:62:16:4c:a5:cd:bc:cb:c1:aa:48:42:
bd:92:69:4f:83:12:80:21:c2:17:71:ba:9a:cc:73:ac:b4:82:
b1:11:97:1c:83:49:d3:1c:fc:12:d3:7c:41:65:e5:41:62:02:
ff:75:68:01:d3:55:65:51:38:3f:19:6b:93:f0:79:d8:97:e8:
46:9a:dc:32:dd:79:d7:e4:3d:99:cc:60:82:7d:90:9d:1a:61:
ad:6f:0e:b6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQiHy1z4aBo89+Kzwtjd302MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5YzUwZWZlMTNhYWRmNTQyM2IwNGYwZGRjYThiMzI4ODM5
NTgyM2UwHhcNMjUwMTAxMTM0NzM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Yjg4N2JjNmNiMDg2ZWY2NzRiM2I1NzBmNDk4YzZlM2FiNDNiZDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxtoWMR7nIUDz4MMt4UwEM2OWU8pk
AxJaj0jcPbKqMfGclZ/G30xdmZ+vR97ib7yd3T2BP8TJM2TQkicf5bh3vvYNbHbH
xnalNaFywmBewiQ4KK12lwruhUBGlZoCo/afDkDfRL1RRLkvOj80EGdRr8XlV26r
HXDvt8QbJV2Ku2YF0G5e40u2MivKlGr5i+tQ1vhqwx+hJnSdMH6siJ+VaNIGFz3y
g5kvzItH8ba6R+vB+o9DQLHgpGQ5nID/2t/2W7EQxgHI2Hwnss4CEjSwp36eVuvW
Mm+P6Cpd1UY6iaNf2MvYPB71zpaGt+UDzZgPm0SZ9VgGOkaD68ceI6RyeQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHuIe8bLCG72dLO1cPSYxuOrQ72dMB8GA1UdIwQY
MBaAFAnFDv4Tqt9UI7BPDdyosyiDlYI+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2NVT19oT3EzMVFqc0U4TjNLaXpLSU9WZ2o0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS84NWEyMDgtMWFiNi00NmY3LWIxYTUt
YTI2ZDI1YmM3NjU0LzEvZTRoN3hzc0lidlowczdWdzlKakc0NnREdlowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS84NWEyMDgtMWFiNi00NmY3LWIxYTUtYTI2ZDI1YmM3NjU0
LzEvQ2NVT19oT3EzMVFqc0U4TjNLaXpLSU9WZ2o0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDwhgAMA0E
AgACMAcDBQMqClCAMA0GCSqGSIb3DQEBCwUAA4IBAQBULHWPo5Mqu83MyHFIcIJI
woMLe53vdwGVUYbE6gATkMJ6GOhkvy0+JjiR+sdVzqitDHVgi19UagUZQKsncfm0
bUjJOcHw7r3EgykXQTLiYPxn+rQYbJhox5ei5pP9O1s+oGaMIYqiYDVc0MSrUb+q
ermjN0KriVI0MnJE3IZRNfYEodAoqfT1PrDuCOx2P3DG6pBejmVNOLPOcsmnHB5y
KzHReH8/el9YYhZMpc28y8GqSEK9kmlPgxKAIcIXcbqazHOstIKxEZccg0nTHPwS
03xBZeVBYgL/dWgB01VlUTg/GWuT8HnYl+hGmtwy3XnX5D2ZzGCCfZCdGmGtbw62
-----END CERTIFICATE-----
Generated at Thu Apr 17 13:36:40 2025 by rpki-client