Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/a733bc-68f8-499f-850f-8e924ffbe584/1/Ee1jCF-1mClSEqfFjmxX85gyL_Y.roa
File: Ee1jCF-1mClSEqfFjmxX85gyL_Y.roa (raw, json)
Hash identifier: YHDEDxsAZ2bBTaAOCwBWd3d+f6kyqV9CwZkNGiqG6mw=
Subject key identifier: 11:ED:63:08:5F:B5:98:29:52:12:A7:C5:8E:6C:57:F3:98:32:2F:F6
Certificate issuer: /CN=c09fc8a067fa6d2476bdce24afffad17131d9e86
Certificate serial: 0194228D8A7D851E82C02378D925ED85F3D2
Authority key identifier: C0:9F:C8:A0:67:FA:6D:24:76:BD:CE:24:AF:FF:AD:17:13:1D:9E:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wJ_IoGf6bSR2vc4kr_-tFxMdnoY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/a733bc-68f8-499f-850f-8e924ffbe584/1/Ee1jCF-1mClSEqfFjmxX85gyL_Y.roa
Signing time: Wed 01 Jan 2025 15:48:08 +0000
ROA not before: Wed 01 Jan 2025 15:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211607
IP address blocks: 195.230.103.0/24 maxlen: 24
216.25.124.0/24 maxlen: 24
216.25.125.0/24 maxlen: 24
2001:678:e70::/48 maxlen: 48
2a10:b640:3000::/36 maxlen: 48
2a10:b641::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/a733bc-68f8-499f-850f-8e924ffbe584/1/wJ_IoGf6bSR2vc4kr_-tFxMdnoY.crl
rsync://rpki.ripe.net/repository/DEFAULT/56/a733bc-68f8-499f-850f-8e924ffbe584/1/wJ_IoGf6bSR2vc4kr_-tFxMdnoY.mft
rsync://rpki.ripe.net/repository/DEFAULT/wJ_IoGf6bSR2vc4kr_-tFxMdnoY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 09:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:8a:7d:85:1e:82:c0:23:78:d9:25:ed:85:f3:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c09fc8a067fa6d2476bdce24afffad17131d9e86
Validity
Not Before: Jan 1 15:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=11ed63085fb598295212a7c58e6c57f398322ff6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:3f:07:d6:de:8d:25:54:53:7a:0a:4a:00:69:
c8:a5:a4:74:51:57:a9:8d:21:f8:8c:a3:bc:ca:27:
2e:95:7e:2b:37:62:6c:ea:d2:d8:90:2a:05:d0:3b:
79:4a:6f:14:a6:86:0b:23:d0:e6:21:d3:c4:8c:f6:
dd:c4:18:9b:af:0b:64:91:19:90:cf:c7:20:4a:7e:
0c:71:84:16:6c:88:c4:3c:c6:b4:e4:8b:a5:50:34:
29:03:51:db:e6:ac:2d:ac:b1:e0:58:fa:74:fb:37:
b5:0a:ba:a7:5e:47:93:bb:5e:18:9f:35:a6:c9:e3:
a0:78:55:4e:fc:b8:a5:47:55:02:7a:9c:b2:da:57:
cd:02:0a:05:5e:91:96:27:8d:39:5f:6a:bf:57:db:
f2:e8:7f:f7:00:65:59:a9:a4:32:03:b0:df:70:29:
60:25:0a:75:bf:e1:d3:68:d8:c9:05:06:95:ca:b4:
53:13:dc:5e:a3:92:7f:cb:7c:c6:f5:56:7e:da:f2:
1d:68:72:64:93:f4:51:b9:dd:d8:f8:9e:c5:2d:ed:
e1:f7:8b:94:a9:54:64:f1:e3:f8:0b:a4:38:e3:bb:
59:e3:14:86:83:2a:29:80:88:0f:9f:b9:34:a4:ac:
ce:5f:30:6e:fd:c0:54:33:e1:2b:12:59:dc:5d:80:
64:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:ED:63:08:5F:B5:98:29:52:12:A7:C5:8E:6C:57:F3:98:32:2F:F6
X509v3 Authority Key Identifier:
keyid:C0:9F:C8:A0:67:FA:6D:24:76:BD:CE:24:AF:FF:AD:17:13:1D:9E:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wJ_IoGf6bSR2vc4kr_-tFxMdnoY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/a733bc-68f8-499f-850f-8e924ffbe584/1/Ee1jCF-1mClSEqfFjmxX85gyL_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/a733bc-68f8-499f-850f-8e924ffbe584/1/wJ_IoGf6bSR2vc4kr_-tFxMdnoY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.230.103.0/24
216.25.124.0/23
IPv6:
2001:678:e70::/48
2a10:b640:3000::/36
2a10:b641::/36
Signature Algorithm: sha256WithRSAEncryption
4c:2f:2e:18:5b:1f:16:15:fe:80:91:32:5f:db:fe:25:0c:09:
48:5a:61:98:ad:53:c3:89:37:f3:16:a1:d4:d2:e4:72:8a:2f:
3f:56:bb:c5:17:17:f0:83:2c:c0:bb:ca:cf:c5:e7:23:b8:d6:
0b:a4:6a:a0:91:87:5b:d0:d2:31:f6:5d:0f:e9:2e:89:9f:cc:
41:e2:db:8a:83:21:1c:3e:0d:aa:dd:ee:0f:a3:24:1f:57:f0:
77:47:b3:e0:c5:8f:e6:a2:95:9b:46:2c:ed:cf:66:c2:cd:62:
35:25:bd:d4:e6:6a:b7:1c:9e:80:42:77:49:42:6d:a4:55:af:
5b:56:52:dc:a9:4c:e1:a0:36:87:81:fe:00:73:4e:f1:8a:21:
ae:15:3b:e0:75:5b:e5:88:4d:fa:9c:7e:66:24:f4:48:03:7a:
33:a1:ec:16:c8:0a:b1:7d:ce:6c:7f:71:a6:e0:c9:bd:06:ec:
ba:af:08:59:fd:3c:4a:06:b8:ca:22:23:62:92:1b:9f:8f:ae:
f1:97:db:57:3f:69:cd:b6:ad:91:16:ef:0a:18:62:5d:0d:d1:
05:72:11:93:9b:9d:71:f2:ef:9c:0d:f6:ca:16:f5:b4:e6:27:
86:a9:c9:40:de:de:47:f9:53:cd:a6:f7:20:ca:22:94:2a:16:
ea:00:63:a3
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQijYp9hR6CwCN42SXthfPSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwOWZjOGEwNjdmYTZkMjQ3NmJkY2UyNGFmZmZhZDE3MTMx
ZDllODYwHhcNMjUwMTAxMTU0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWVkNjMwODVmYjU5ODI5NTIxMmE3YzU4ZTZjNTdmMzk4MzIyZmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuD8H1t6NJVRTegpKAGnIpaR0UVep
jSH4jKO8yiculX4rN2Js6tLYkCoF0Dt5Sm8UpoYLI9DmIdPEjPbdxBibrwtkkRmQ
z8cgSn4McYQWbIjEPMa05IulUDQpA1Hb5qwtrLHgWPp0+ze1CrqnXkeTu14YnzWm
yeOgeFVO/LilR1UCepyy2lfNAgoFXpGWJ405X2q/V9vy6H/3AGVZqaQyA7DfcClg
JQp1v+HTaNjJBQaVyrRTE9xeo5J/y3zG9VZ+2vIdaHJkk/RRud3Y+J7FLe3h94uU
qVRk8eP4C6Q447tZ4xSGgyopgIgPn7k0pKzOXzBu/cBUM+ErElncXYBkMwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFBHtYwhftZgpUhKnxY5sV/OYMi/2MB8GA1UdIwQY
MBaAFMCfyKBn+m0kdr3OJK//rRcTHZ6GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0pfSW9HZjZiU1IydmM0a3JfLXRGeE1kbm9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9hNzMzYmMtNjhmOC00OTlmLTg1MGYt
OGU5MjRmZmJlNTg0LzEvRWUxakNGLTFtQ2xTRXFmRmpteFg4NWd5TF9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9hNzMzYmMtNjhmOC00OTlmLTg1MGYtOGU5MjRmZmJlNTg0
LzEvd0pfSW9HZjZiU1IydmM0a3JfLXRGeE1kbm9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTASBAIAATAMAwQAw+ZnAwQB
2Bl8MB8EAgACMBkDBwAgAQZ4DnADBgQqELZAMAMGBCoQtkEAMA0GCSqGSIb3DQEB
CwUAA4IBAQBMLy4YWx8WFf6AkTJf2/4lDAlIWmGYrVPDiTfzFqHU0uRyii8/VrvF
FxfwgyzAu8rPxecjuNYLpGqgkYdb0NIx9l0P6S6Jn8xB4tuKgyEcPg2q3e4PoyQf
V/B3R7PgxY/mopWbRiztz2bCzWI1Jb3U5mq3HJ6AQndJQm2kVa9bVlLcqUzhoDaH
gf4Ac07xiiGuFTvgdVvliE36nH5mJPRIA3ozoewWyAqxfc5sf3Gm4Mm9Buy6rwhZ
/TxKBrjKIiNikhufj67xl9tXP2nNtq2RFu8KGGJdDdEFchGTm51x8u+cDfbKFvW0
5ieGqclA3t5H+VPNpvcgyiKUKhbqAGOj
-----END CERTIFICATE-----
Generated at Tue Apr 8 19:12:59 2025 by rpki-client