Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/CHjfPMIo9udM2B6VSsVbeur15wM.roa
File: CHjfPMIo9udM2B6VSsVbeur15wM.roa (raw, json)
Hash identifier: EqhGvvJRArvaTgTbuS9TZs8sNNeqauMTVK8b4SLQrGY=
Subject key identifier: 08:78:DF:3C:C2:28:F6:E7:4C:D8:1E:95:4A:C5:5B:7A:EA:F5:E7:03
Certificate issuer: /CN=e3be07cb1fd4f1e3c922303b670a881b82e61491
Certificate serial: 019423D77B3C72218AA33905174244019885
Authority key identifier: E3:BE:07:CB:1F:D4:F1:E3:C9:22:30:3B:67:0A:88:1B:82:E6:14:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/CHjfPMIo9udM2B6VSsVbeur15wM.roa
Signing time: Wed 01 Jan 2025 21:48:31 +0000
ROA not before: Wed 01 Jan 2025 21:48:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24620
IP address blocks: 78.154.128.0/20 maxlen: 24
84.237.212.0/24 maxlen: 24
213.175.84.0/23 maxlen: 24
213.175.88.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/474Hyx_U8ePJIjA7ZwqIG4LmFJE.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/474Hyx_U8ePJIjA7ZwqIG4LmFJE.mft
rsync://rpki.ripe.net/repository/DEFAULT/474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 15 Apr 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:7b:3c:72:21:8a:a3:39:05:17:42:44:01:98:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3be07cb1fd4f1e3c922303b670a881b82e61491
Validity
Not Before: Jan 1 21:48:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0878df3cc228f6e74cd81e954ac55b7aeaf5e703
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:ab:39:8c:a0:36:fa:20:84:cd:6e:b1:2b:f5:
10:f4:8e:be:42:f3:e2:44:28:68:8f:09:62:ec:d2:
3a:db:f3:43:b3:ef:c6:f0:ef:ad:f9:30:e9:21:49:
38:f2:32:fe:4a:54:e7:99:e9:da:ff:4c:06:e6:2d:
50:c8:3e:77:4f:09:f7:2e:f2:54:19:f0:dd:b6:f1:
c4:79:4b:08:a5:e7:45:5d:20:9c:e5:6e:1d:2d:07:
5b:00:a6:31:a1:79:c0:c2:ba:33:eb:9b:cb:08:c7:
16:72:a6:3b:59:56:fe:b6:9d:a8:f9:35:f6:b0:45:
44:a0:f9:07:fd:db:35:5d:da:f0:68:f3:53:cf:f6:
14:65:e9:8f:a4:0c:12:95:9a:24:54:27:52:b6:90:
3a:a8:e0:9d:f3:df:88:de:a5:f0:7c:71:da:65:36:
92:ef:39:97:af:d8:d0:55:a9:f0:19:b5:e2:a0:25:
0b:7c:be:31:9a:6f:3d:9d:ea:fe:89:a7:bb:31:a8:
85:3d:54:f9:b7:a8:ca:84:f4:80:ca:8b:53:ca:0a:
71:21:d4:5a:be:93:1b:9a:bf:48:30:91:13:5d:09:
97:16:aa:d0:d5:d4:7d:f9:63:e1:42:82:55:9c:17:
b0:c7:3e:56:0a:51:96:08:b6:55:45:00:e4:29:ce:
f2:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:78:DF:3C:C2:28:F6:E7:4C:D8:1E:95:4A:C5:5B:7A:EA:F5:E7:03
X509v3 Authority Key Identifier:
keyid:E3:BE:07:CB:1F:D4:F1:E3:C9:22:30:3B:67:0A:88:1B:82:E6:14:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/CHjfPMIo9udM2B6VSsVbeur15wM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/474Hyx_U8ePJIjA7ZwqIG4LmFJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.154.128.0/20
84.237.212.0/24
213.175.84.0/23
213.175.88.0/21
Signature Algorithm: sha256WithRSAEncryption
13:5d:6a:78:f4:5b:8f:80:d4:1b:bc:45:92:55:67:85:a2:0d:
62:6c:a4:42:72:06:e5:ec:4d:22:34:4b:97:5d:25:a8:1d:00:
70:a1:65:d2:2a:2d:9f:43:03:4b:b7:f1:05:8d:52:5b:db:54:
21:91:25:bb:14:2f:9c:cc:6e:25:77:40:4d:9e:6d:63:4d:1c:
de:f8:f9:ba:78:0e:37:ec:21:41:b3:bf:f7:c9:fa:18:3b:39:
ab:f2:72:cb:85:c5:6e:27:0f:90:b0:32:a3:55:fa:e8:f3:0d:
40:7c:51:d7:f9:aa:3c:2a:8b:e1:0f:8a:3a:e4:81:ae:60:e5:
81:ac:13:04:fc:6c:6c:76:dd:ca:48:b4:5c:10:ff:78:93:50:
38:ee:f6:1c:82:c8:18:69:08:a2:38:22:e6:16:6d:7a:22:97:
84:16:d5:35:78:69:3e:e8:79:c5:3f:2c:cd:97:02:f6:8c:7a:
b7:a1:3a:90:a7:03:ba:8e:2c:20:45:15:50:b6:e5:ca:2d:52:
1c:28:48:f0:11:65:e9:35:0c:4c:4c:ba:a3:a7:46:19:e3:15:
7c:02:4c:e1:20:27:bc:4c:c5:dc:0b:f6:3a:b0:5e:60:b4:1b:
8f:c6:26:b4:82:97:71:78:98:d8:37:2d:e3:c4:84:8f:39:d2:
69:e0:29:e4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQj13s8ciGKozkFF0JEAZiFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzYmUwN2NiMWZkNGYxZTNjOTIyMzAzYjY3MGE4ODFiODJl
NjE0OTEwHhcNMjUwMTAxMjE0ODMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODc4ZGYzY2MyMjhmNmU3NGNkODFlOTU0YWM1NWI3YWVhZjVlNzAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApas5jKA2+iCEzW6xK/UQ9I6+QvPi
RChojwli7NI62/NDs+/G8O+t+TDpIUk48jL+SlTnmena/0wG5i1QyD53Twn3LvJU
GfDdtvHEeUsIpedFXSCc5W4dLQdbAKYxoXnAwroz65vLCMcWcqY7WVb+tp2o+TX2
sEVEoPkH/ds1XdrwaPNTz/YUZemPpAwSlZokVCdStpA6qOCd89+I3qXwfHHaZTaS
7zmXr9jQVanwGbXioCULfL4xmm89ner+iae7MaiFPVT5t6jKhPSAyotTygpxIdRa
vpMbmr9IMJETXQmXFqrQ1dR9+WPhQoJVnBewxz5WClGWCLZVRQDkKc7y4QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAh43zzCKPbnTNgelUrFW3rq9ecDMB8GA1UdIwQY
MBaAFOO+B8sf1PHjySIwO2cKiBuC5hSRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDc0SHl4X1U4ZVBKSWpBN1p3cUlHNExtRkpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS84ZjVmYWUtZGE5MC00MzE0LWJmZmMt
ZDRlZTFkMzg5ZTBkLzEvQ0hqZlBNSW85dWRNMkI2VlNzVmJldXIxNXdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS84ZjVmYWUtZGE5MC00MzE0LWJmZmMtZDRlZTFkMzg5ZTBk
LzEvNDc0SHl4X1U4ZVBKSWpBN1p3cUlHNExtRkpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQETpqAAwQA
VO3UAwQB1a9UAwQD1a9YMA0GCSqGSIb3DQEBCwUAA4IBAQATXWp49FuPgNQbvEWS
VWeFog1ibKRCcgbl7E0iNEuXXSWoHQBwoWXSKi2fQwNLt/EFjVJb21QhkSW7FC+c
zG4ld0BNnm1jTRze+Pm6eA437CFBs7/3yfoYOzmr8nLLhcVuJw+QsDKjVfro8w1A
fFHX+ao8KovhD4o65IGuYOWBrBME/Gxsdt3KSLRcEP94k1A47vYcgsgYaQiiOCLm
Fm16IpeEFtU1eGk+6HnFPyzNlwL2jHq3oTqQpwO6jiwgRRVQtuXKLVIcKEjwEWXp
NQxMTLqjp0YZ4xV8AkzhICe8TMXcC/Y6sF5gtBuPxia0gpdxeJjYNy3jxISPOdJp
4Cnk
-----END CERTIFICATE-----
Generated at Tue Apr 15 03:18:34 2025 by rpki-client