Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/P9EPkDjvQBdOayq2_Kcm1hB9_-M.roa
File: P9EPkDjvQBdOayq2_Kcm1hB9_-M.roa (raw, json)
Hash identifier: rVYvY/WALkZAcSz/g/z3YIUdb85W0EzVnn8wFkWa2nA=
Subject key identifier: 3F:D1:0F:90:38:EF:40:17:4E:6B:2A:B6:FC:A7:26:D6:10:7D:FF:E3
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 019562B58CA2D6C8FAA4FD8292071DDF0B7A
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/P9EPkDjvQBdOayq2_Kcm1hB9_-M.roa
Signing time: Tue 04 Mar 2025 19:50:19 +0000
ROA not before: Tue 04 Mar 2025 19:50:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 84.247.59.0/24 maxlen: 24
89.42.215.0/24 maxlen: 24
188.241.192.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Mar 2025 02:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:62:b5:8c:a2:d6:c8:fa:a4:fd:82:92:07:1d:df:0b:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Mar 4 19:50:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3fd10f9038ef40174e6b2ab6fca726d6107dffe3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:a6:d3:50:e1:56:c1:d4:03:d0:6c:c4:68:1d:
21:fd:50:1a:74:46:22:c1:70:f2:16:c7:30:0f:40:
88:a5:08:83:00:1e:9f:54:77:40:5c:df:d1:95:64:
dd:ad:1a:2e:b3:86:51:c9:6c:2f:d2:40:d2:d1:6f:
bd:19:52:a8:18:22:5e:00:af:2c:e8:a3:f9:39:2c:
5f:1b:f0:dc:b0:2c:76:77:3d:ca:e7:64:2f:79:16:
13:05:81:e9:ae:ef:d2:c2:1f:66:a5:64:4a:db:09:
0a:ac:3d:43:6a:d9:de:02:ad:4d:6b:a6:03:2c:f3:
ea:fe:a8:9a:d9:d0:ec:48:02:1d:a8:e0:0e:b4:ed:
24:a0:21:8d:e5:e9:4e:f5:dd:d1:3f:17:9e:9a:c5:
10:4d:24:fa:41:c2:e8:2b:66:a9:4a:d3:ab:a1:e9:
c0:1a:b9:53:2f:5b:c6:ed:66:99:92:7a:61:5c:cf:
f2:7c:6a:89:57:88:17:49:4e:5c:99:f4:fd:0d:f5:
18:f3:11:3c:50:d8:3b:19:82:94:11:92:59:14:f7:
2c:df:3e:14:55:da:1e:5e:2a:3f:93:09:79:23:16:
e5:b3:27:48:15:d5:41:c3:ad:6b:f9:9c:1a:b8:a5:
b0:c0:59:13:5c:fd:89:30:6b:aa:eb:1a:3e:7a:c4:
fd:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:D1:0F:90:38:EF:40:17:4E:6B:2A:B6:FC:A7:26:D6:10:7D:FF:E3
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/P9EPkDjvQBdOayq2_Kcm1hB9_-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.247.59.0/24
89.42.215.0/24
188.241.192.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:2d:83:a3:cc:5c:d6:c5:8a:11:f0:ab:30:01:03:42:56:88:
47:53:16:c4:bc:d1:71:96:6a:90:6a:9f:a7:24:a7:32:24:35:
fa:0f:cb:6c:75:f0:11:82:53:92:72:8a:34:87:4b:45:02:a4:
a0:d8:83:41:be:42:34:aa:0f:58:fa:89:24:5c:a7:50:01:e3:
b5:12:d1:9a:ce:79:03:e3:f1:1d:2e:cf:ac:7e:7a:e4:99:14:
bd:18:32:56:41:63:8b:83:8e:c2:d8:1f:76:24:23:03:67:73:
7c:41:d8:8b:7d:4a:24:1e:10:bf:1a:33:8f:56:f9:38:ec:ec:
17:15:86:a3:ce:b7:08:b2:57:09:30:b3:fe:12:f0:7b:0b:83:
1c:d6:79:71:a1:1b:cd:1d:4f:93:be:51:30:f9:a3:d7:66:6e:
5b:e7:51:07:e3:69:1a:6f:43:88:04:e9:7d:5e:ae:ad:ca:16:
43:c0:3c:65:42:f9:22:69:f2:08:39:1b:fb:c7:7b:15:3f:66:
72:d4:e9:eb:a5:e4:96:8d:63:3d:fa:94:0b:cb:ed:0b:04:38:
fd:22:a3:ec:06:99:2f:75:0b:43:19:89:9c:0f:4c:1f:3c:df:
fd:95:20:e6:3d:08:bd:14:c8:3b:8a:ba:e2:46:18:1f:c8:49:
46:3d:e9:85
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZVitYyi1sj6pP2Ckgcd3wt6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjUwMzA0MTk1MDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmQxMGY5MDM4ZWY0MDE3NGU2YjJhYjZmY2E3MjZkNjEwN2RmZmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1qbTUOFWwdQD0GzEaB0h/VAadEYi
wXDyFscwD0CIpQiDAB6fVHdAXN/RlWTdrRous4ZRyWwv0kDS0W+9GVKoGCJeAK8s
6KP5OSxfG/DcsCx2dz3K52QveRYTBYHpru/Swh9mpWRK2wkKrD1DatneAq1Na6YD
LPPq/qia2dDsSAIdqOAOtO0koCGN5elO9d3RPxeemsUQTST6QcLoK2apStOroenA
GrlTL1vG7WaZknphXM/yfGqJV4gXSU5cmfT9DfUY8xE8UNg7GYKUEZJZFPcs3z4U
VdoeXio/kwl5IxblsydIFdVBw61r+ZwauKWwwFkTXP2JMGuq6xo+esT9lwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFD/RD5A470AXTmsqtvynJtYQff/jMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvUDlFUGtEanZRQmRPYXlxMl9LY20xaEI5Xy1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVPc7AwQA
WSrXAwQAvPHAMA0GCSqGSIb3DQEBCwUAA4IBAQAOLYOjzFzWxYoR8KswAQNCVohH
UxbEvNFxlmqQap+nJKcyJDX6D8tsdfARglOScoo0h0tFAqSg2INBvkI0qg9Y+okk
XKdQAeO1EtGaznkD4/EdLs+sfnrkmRS9GDJWQWOLg47C2B92JCMDZ3N8QdiLfUok
HhC/GjOPVvk47OwXFYajzrcIslcJMLP+EvB7C4Mc1nlxoRvNHU+TvlEw+aPXZm5b
51EH42kab0OIBOl9Xq6tyhZDwDxlQvkiafIIORv7x3sVP2Zy1OnrpeSWjWM9+pQL
y+0LBDj9IqPsBpkvdQtDGYmcD0wfPN/9lSDmPQi9FMg7irriRhgfyElGPemF
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:41:13 2025 by rpki-client