Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/1f5e07-32b6-4114-8b0d-d3b58f698148/1/DtvFUItZKqyAuC0qVO7xK12HQO0.roa
File: DtvFUItZKqyAuC0qVO7xK12HQO0.roa (raw, json)
Hash identifier: z+RXHMTUA/r+jPrvwbj//4T8rVTRPjeJiPQfneeOdNs=
Subject key identifier: 0E:DB:C5:50:8B:59:2A:AC:80:B8:2D:2A:54:EE:F1:2B:5D:87:40:ED
Certificate issuer: /CN=acf910f36291c3c224ddb596d956543197f163de
Certificate serial: 01942369010272B5C349A174CB6D22DEC531
Authority key identifier: AC:F9:10:F3:62:91:C3:C2:24:DD:B5:96:D9:56:54:31:97:F1:63:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rPkQ82KRw8Ik3bWW2VZUMZfxY94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/1f5e07-32b6-4114-8b0d-d3b58f698148/1/DtvFUItZKqyAuC0qVO7xK12HQO0.roa
Signing time: Wed 01 Jan 2025 19:47:51 +0000
ROA not before: Wed 01 Jan 2025 19:47:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8220
IP address blocks: 92.249.5.0/24 maxlen: 24
217.147.121.0/24 maxlen: 24
217.147.124.0/22 maxlen: 22
217.147.124.0/24 maxlen: 24
217.147.125.0/24 maxlen: 24
217.147.126.0/24 maxlen: 24
217.147.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/1f5e07-32b6-4114-8b0d-d3b58f698148/1/rPkQ82KRw8Ik3bWW2VZUMZfxY94.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/1f5e07-32b6-4114-8b0d-d3b58f698148/1/rPkQ82KRw8Ik3bWW2VZUMZfxY94.mft
rsync://rpki.ripe.net/repository/DEFAULT/rPkQ82KRw8Ik3bWW2VZUMZfxY94.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:01:02:72:b5:c3:49:a1:74:cb:6d:22:de:c5:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=acf910f36291c3c224ddb596d956543197f163de
Validity
Not Before: Jan 1 19:47:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0edbc5508b592aac80b82d2a54eef12b5d8740ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:01:00:b2:bf:c9:c5:ff:c5:3f:5f:3d:94:f2:
82:35:0c:5b:2c:5f:14:76:de:15:29:76:76:ba:1f:
28:59:b0:3a:39:52:c7:68:37:4f:77:33:77:f9:bb:
58:db:51:11:24:ee:dc:18:24:67:2d:a2:97:f7:89:
e2:fd:59:f4:03:ca:d8:98:dc:72:84:6f:f4:be:2b:
3c:88:27:28:1f:13:5b:3b:49:31:15:3b:de:d2:be:
53:b7:c1:58:74:fa:39:b4:ce:24:d8:aa:18:47:ef:
f7:55:75:76:fb:b2:1e:0f:29:fd:55:c5:7d:cf:7f:
8e:53:94:fc:a8:10:6c:ef:f5:24:43:ec:ab:69:a6:
1a:4f:af:3d:ad:b5:6c:57:97:32:eb:6b:9c:e2:92:
7f:aa:4b:cb:8b:cc:63:14:16:3b:ef:9c:3a:09:ec:
ef:99:9f:65:83:35:e4:f0:56:d1:02:37:7b:7a:39:
01:6a:9f:5c:cb:1d:8f:5a:68:d8:40:a3:e3:cd:49:
90:1c:02:a3:a4:04:30:f3:d7:bb:c5:62:ce:c3:bd:
c3:01:56:4a:f0:17:21:e9:ea:b9:df:fe:b2:22:31:
5c:76:3e:08:26:64:c7:ef:7e:59:9b:7a:7f:75:24:
40:e1:e3:8b:c3:9e:b5:be:a4:b5:7d:ac:a5:8a:33:
9c:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:DB:C5:50:8B:59:2A:AC:80:B8:2D:2A:54:EE:F1:2B:5D:87:40:ED
X509v3 Authority Key Identifier:
keyid:AC:F9:10:F3:62:91:C3:C2:24:DD:B5:96:D9:56:54:31:97:F1:63:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rPkQ82KRw8Ik3bWW2VZUMZfxY94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/1f5e07-32b6-4114-8b0d-d3b58f698148/1/DtvFUItZKqyAuC0qVO7xK12HQO0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/1f5e07-32b6-4114-8b0d-d3b58f698148/1/rPkQ82KRw8Ik3bWW2VZUMZfxY94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.249.5.0/24
217.147.121.0/24
217.147.124.0/22
Signature Algorithm: sha256WithRSAEncryption
1c:53:53:40:92:3a:e3:16:5e:4d:99:99:ab:b8:bd:05:d6:13:
68:ef:57:ce:f2:47:4d:e5:95:a9:f9:2f:75:c2:31:32:a0:90:
2e:76:5c:d0:fc:f2:aa:65:61:48:62:9c:27:45:05:a0:ed:51:
c8:3b:6c:61:67:10:ea:00:b7:5f:c5:e1:bc:47:83:37:dc:96:
17:72:e5:63:f6:a1:c0:30:c0:b7:80:01:33:e9:17:c3:b4:1c:
02:5f:67:d2:c4:56:65:8a:d3:73:99:ae:25:eb:6b:e6:30:48:
6f:d0:dc:21:8e:16:21:66:e6:36:f7:a4:e4:4b:13:c2:7a:4e:
fe:dc:28:a1:9b:9b:fd:16:96:a7:d3:9e:9c:de:e1:69:2f:e5:
e1:f8:25:0e:fe:d1:cc:bc:58:60:c0:86:35:39:b9:0d:10:7f:
a4:ce:54:71:4a:de:05:8e:68:b1:c1:2d:fe:c3:6b:ae:d6:f1:
e9:f7:85:b5:81:d6:e4:a2:5e:52:4b:9a:bb:c7:4c:e1:79:68:
af:1e:68:fe:d7:6b:61:c7:b5:20:62:dd:d8:7c:7d:f2:bb:68:
87:18:8e:dd:18:34:df:36:00:f5:5e:5d:ca:35:6f:6a:86:48:
5e:07:a5:85:96:6f:72:c5:36:24:3b:8c:9b:45:fc:d8:99:73:
95:31:53:ef
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQjaQECcrXDSaF0y20i3sUxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjZjkxMGYzNjI5MWMzYzIyNGRkYjU5NmQ5NTY1NDMxOTdm
MTYzZGUwHhcNMjUwMTAxMTk0NzUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWRiYzU1MDhiNTkyYWFjODBiODJkMmE1NGVlZjEyYjVkODc0MGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5QEAsr/Jxf/FP189lPKCNQxbLF8U
dt4VKXZ2uh8oWbA6OVLHaDdPdzN3+btY21ERJO7cGCRnLaKX94ni/Vn0A8rYmNxy
hG/0vis8iCcoHxNbO0kxFTve0r5Tt8FYdPo5tM4k2KoYR+/3VXV2+7IeDyn9VcV9
z3+OU5T8qBBs7/UkQ+yraaYaT689rbVsV5cy62uc4pJ/qkvLi8xjFBY775w6Cezv
mZ9lgzXk8FbRAjd7ejkBap9cyx2PWmjYQKPjzUmQHAKjpAQw89e7xWLOw73DAVZK
8Bch6eq53/6yIjFcdj4IJmTH735Zm3p/dSRA4eOLw561vqS1faylijOcswIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFA7bxVCLWSqsgLgtKlTu8Stdh0DtMB8GA1UdIwQY
MBaAFKz5EPNikcPCJN21ltlWVDGX8WPeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclBrUTgyS1J3OElrM2JXVzJWWlVNWmZ4WTk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8xZjVlMDctMzJiNi00MTE0LThiMGQt
ZDNiNThmNjk4MTQ4LzEvRHR2RlVJdFpLcXlBdUMwcVZPN3hLMTJIUU8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8xZjVlMDctMzJiNi00MTE0LThiMGQtZDNiNThmNjk4MTQ4
LzEvclBrUTgyS1J3OElrM2JXVzJWWlVNWmZ4WTk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAXPkFAwQA
2ZN5AwQC2ZN8MA0GCSqGSIb3DQEBCwUAA4IBAQAcU1NAkjrjFl5NmZmruL0F1hNo
71fO8kdN5ZWp+S91wjEyoJAudlzQ/PKqZWFIYpwnRQWg7VHIO2xhZxDqALdfxeG8
R4M33JYXcuVj9qHAMMC3gAEz6RfDtBwCX2fSxFZlitNzma4l62vmMEhv0NwhjhYh
ZuY296TkSxPCek7+3Cihm5v9Fpan056c3uFpL+Xh+CUO/tHMvFhgwIY1ObkNEH+k
zlRxSt4FjmixwS3+w2uu1vHp94W1gdbkol5SS5q7x0zheWivHmj+12thx7UgYt3Y
fH3yu2iHGI7dGDTfNgD1Xl3KNW9qhkheB6WFlm9yxTYkO4ybRfzYmXOVMVPv
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:40:55 2025 by rpki-client