Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/9df809-a8e8-4e12-a25a-c60472e9f717/1/8sEeUpZ4L2z7RPtSPsfM7zrXG4M.roa
File: 8sEeUpZ4L2z7RPtSPsfM7zrXG4M.roa (raw, json)
Hash identifier: mpcNRDaaoRvH9rywJlovNltKEUBpKG8cjm1Uf7rVmic=
Subject key identifier: F2:C1:1E:52:96:78:2F:6C:FB:44:FB:52:3E:C7:CC:EF:3A:D7:1B:83
Certificate issuer: /CN=94bc3cdac46408c0c8a3581788b510d0f04e9d1f
Certificate serial: 019420685A54DAD45CFE1D3086E59BD8D209
Authority key identifier: 94:BC:3C:DA:C4:64:08:C0:C8:A3:58:17:88:B5:10:D0:F0:4E:9D:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lLw82sRkCMDIo1gXiLUQ0PBOnR8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/9df809-a8e8-4e12-a25a-c60472e9f717/1/8sEeUpZ4L2z7RPtSPsfM7zrXG4M.roa
Signing time: Wed 01 Jan 2025 05:48:17 +0000
ROA not before: Wed 01 Jan 2025 05:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 38987
IP address blocks: 37.72.120.0/21 maxlen: 21
62.133.128.0/19 maxlen: 19
185.13.184.0/22 maxlen: 22
2a02:22e0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/9df809-a8e8-4e12-a25a-c60472e9f717/1/lLw82sRkCMDIo1gXiLUQ0PBOnR8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/9df809-a8e8-4e12-a25a-c60472e9f717/1/lLw82sRkCMDIo1gXiLUQ0PBOnR8.mft
rsync://rpki.ripe.net/repository/DEFAULT/lLw82sRkCMDIo1gXiLUQ0PBOnR8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 22:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:5a:54:da:d4:5c:fe:1d:30:86:e5:9b:d8:d2:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94bc3cdac46408c0c8a3581788b510d0f04e9d1f
Validity
Not Before: Jan 1 05:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f2c11e5296782f6cfb44fb523ec7ccef3ad71b83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:c1:31:cf:d9:dc:cb:2e:59:5d:f1:d8:17:5f:
3d:f3:e0:a8:5c:84:07:91:1c:9f:ae:51:c8:64:9d:
77:54:44:43:e3:2b:dd:e0:4a:40:e9:61:a8:8f:f7:
71:14:2c:97:d6:ca:f2:1a:11:29:21:e8:9e:69:4a:
c2:9b:bf:d4:60:93:b2:0a:c6:8d:e8:04:e0:92:c7:
6a:ca:1c:74:2e:e0:59:63:cb:8e:d5:40:74:8f:71:
9a:89:c1:36:23:11:5c:e1:a4:a3:fb:90:ee:63:4f:
2f:55:da:a9:e2:52:26:55:73:02:3a:31:90:49:99:
13:8c:79:90:0f:31:c6:a3:d8:c8:8b:de:5a:6e:3d:
71:2b:2e:c5:f6:8c:0e:37:12:47:35:87:b7:a5:14:
5c:bd:bd:19:56:16:1e:ca:50:d2:0a:fc:e6:d5:2c:
94:24:b6:20:d1:91:6a:99:c8:27:ec:1a:4e:6a:09:
8a:2e:0c:e2:dc:01:08:36:f8:96:cc:db:88:46:7e:
4c:42:c8:58:d8:1e:1c:75:1a:c4:a1:b8:b3:c0:94:
8d:2e:56:c7:37:cc:54:d9:95:61:2a:95:0a:c8:e5:
7c:c4:9e:f7:84:25:96:bb:49:32:f9:29:a2:05:a8:
3b:d1:fc:20:f4:70:c6:3b:e7:28:67:db:18:77:e1:
6d:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:C1:1E:52:96:78:2F:6C:FB:44:FB:52:3E:C7:CC:EF:3A:D7:1B:83
X509v3 Authority Key Identifier:
keyid:94:BC:3C:DA:C4:64:08:C0:C8:A3:58:17:88:B5:10:D0:F0:4E:9D:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lLw82sRkCMDIo1gXiLUQ0PBOnR8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/9df809-a8e8-4e12-a25a-c60472e9f717/1/8sEeUpZ4L2z7RPtSPsfM7zrXG4M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/9df809-a8e8-4e12-a25a-c60472e9f717/1/lLw82sRkCMDIo1gXiLUQ0PBOnR8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.72.120.0/21
62.133.128.0/19
185.13.184.0/22
IPv6:
2a02:22e0::/32
Signature Algorithm: sha256WithRSAEncryption
61:be:fe:15:9e:e3:60:76:83:d8:8a:d3:ee:bc:4f:c7:29:99:
6d:d7:ee:c7:a9:c7:b2:59:04:27:99:d3:11:b4:62:99:58:2d:
a7:0f:75:84:5d:c7:aa:17:04:13:3e:7e:61:22:78:ee:3a:43:
6f:fb:7f:21:f5:99:ef:25:7c:3a:76:df:ab:c6:41:24:4e:39:
4d:02:3d:24:0d:eb:12:bb:6d:ab:f4:99:77:a5:cd:ce:6b:db:
07:21:69:22:64:92:42:16:c8:a9:3e:73:43:7c:fd:86:9a:90:
97:6a:43:73:76:27:c9:ff:9f:bf:1d:dd:95:f4:32:d2:9b:e5:
f3:22:6f:bc:91:99:ec:c2:d0:e1:34:48:f1:81:78:b8:ef:3d:
a4:7c:72:bc:67:19:e3:be:c4:f5:ec:84:cb:da:91:bb:3f:eb:
0c:61:91:1f:56:a6:60:23:cd:31:7c:9d:4e:87:54:a1:85:5f:
a8:2a:c8:d1:73:48:e7:a7:7e:16:6c:7b:52:63:83:bb:58:b1:
dc:46:3b:2f:6c:08:3a:d7:44:6f:89:59:b0:05:6e:92:29:ee:
0b:14:9b:49:6c:58:55:df:ce:41:be:f4:73:a2:6b:30:38:6e:
4b:66:7d:5a:64:c0:38:40:8e:6d:fa:29:03:35:54:95:58:32:
ed:14:1a:54
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQgaFpU2tRc/h0whuWb2NIJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0YmMzY2RhYzQ2NDA4YzBjOGEzNTgxNzg4YjUxMGQwZjA0
ZTlkMWYwHhcNMjUwMTAxMDU0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmMxMWU1Mjk2NzgyZjZjZmI0NGZiNTIzZWM3Y2NlZjNhZDcxYjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8Exz9ncyy5ZXfHYF1898+CoXIQH
kRyfrlHIZJ13VERD4yvd4EpA6WGoj/dxFCyX1sryGhEpIeieaUrCm7/UYJOyCsaN
6ATgksdqyhx0LuBZY8uO1UB0j3GaicE2IxFc4aSj+5DuY08vVdqp4lImVXMCOjGQ
SZkTjHmQDzHGo9jIi95abj1xKy7F9owONxJHNYe3pRRcvb0ZVhYeylDSCvzm1SyU
JLYg0ZFqmcgn7BpOagmKLgzi3AEINviWzNuIRn5MQshY2B4cdRrEobizwJSNLlbH
N8xU2ZVhKpUKyOV8xJ73hCWWu0ky+SmiBag70fwg9HDGO+coZ9sYd+FtgwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFPLBHlKWeC9s+0T7Uj7HzO861xuDMB8GA1UdIwQY
MBaAFJS8PNrEZAjAyKNYF4i1ENDwTp0fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEx3ODJzUmtDTURJbzFnWGlMVVEwUEJPblI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS85ZGY4MDktYThlOC00ZTEyLWEyNWEt
YzYwNDcyZTlmNzE3LzEvOHNFZVVwWjRMMno3UlB0U1BzZk03enJYRzRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS85ZGY4MDktYThlOC00ZTEyLWEyNWEtYzYwNDcyZTlmNzE3
LzEvbEx3ODJzUmtDTURJbzFnWGlMVVEwUEJPblI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDJUh4AwQF
PoWAAwQCuQ24MA0EAgACMAcDBQAqAiLgMA0GCSqGSIb3DQEBCwUAA4IBAQBhvv4V
nuNgdoPYitPuvE/HKZlt1+7HqceyWQQnmdMRtGKZWC2nD3WEXceqFwQTPn5hInju
OkNv+38h9ZnvJXw6dt+rxkEkTjlNAj0kDesSu22r9Jl3pc3Oa9sHIWkiZJJCFsip
PnNDfP2GmpCXakNzdifJ/5+/Hd2V9DLSm+XzIm+8kZnswtDhNEjxgXi47z2kfHK8
ZxnjvsT17ITL2pG7P+sMYZEfVqZgI80xfJ1Oh1ShhV+oKsjRc0jnp34WbHtSY4O7
WLHcRjsvbAg610RviVmwBW6SKe4LFJtJbFhV385BvvRzomswOG5LZn1aZMA4QI5t
+ikDNVSVWDLtFBpU
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:43:47 2025 by rpki-client