Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/bb0e7b-2a81-4970-b3bd-686f0a0616cc/1/nF8H_i-63xsIqf6G91Sqghmhrmk.roa
File: nF8H_i-63xsIqf6G91Sqghmhrmk.roa (raw, json)
Hash identifier: seOXQgoakN6MLHPcruniEufkAIlfgGYPYWwRtHa0PF4=
Subject key identifier: 9C:5F:07:FE:2F:BA:DF:1B:08:A9:FE:86:F7:54:AA:82:19:A1:AE:69
Certificate issuer: /CN=38e7f47bb9b91657e5726bfcb2def8aad973e268
Certificate serial: 0194984241647120B945AA92CEC7AB107D09
Authority key identifier: 38:E7:F4:7B:B9:B9:16:57:E5:72:6B:FC:B2:DE:F8:AA:D9:73:E2:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OOf0e7m5Flflcmv8st74qtlz4mg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/bb0e7b-2a81-4970-b3bd-686f0a0616cc/1/nF8H_i-63xsIqf6G91Sqghmhrmk.roa
Signing time: Fri 24 Jan 2025 12:21:06 +0000
ROA not before: Fri 24 Jan 2025 12:21:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59796
IP address blocks: 185.71.64.0/24 maxlen: 24
185.71.66.0/24 maxlen: 24
193.84.78.0/24 maxlen: 24
193.84.85.0/24 maxlen: 24
193.84.88.0/24 maxlen: 24
193.84.90.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/bb0e7b-2a81-4970-b3bd-686f0a0616cc/1/OOf0e7m5Flflcmv8st74qtlz4mg.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/bb0e7b-2a81-4970-b3bd-686f0a0616cc/1/OOf0e7m5Flflcmv8st74qtlz4mg.mft
rsync://rpki.ripe.net/repository/DEFAULT/OOf0e7m5Flflcmv8st74qtlz4mg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 13:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:98:42:41:64:71:20:b9:45:aa:92:ce:c7:ab:10:7d:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38e7f47bb9b91657e5726bfcb2def8aad973e268
Validity
Not Before: Jan 24 12:21:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9c5f07fe2fbadf1b08a9fe86f754aa8219a1ae69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:f4:ba:4b:c7:20:59:4e:5a:27:bd:a7:76:e7:
d2:e1:6c:48:40:62:18:5b:de:f8:f1:c3:fd:62:0c:
03:e8:20:ed:63:fc:41:4e:38:20:bb:60:10:ae:fa:
11:51:ba:bf:95:bf:40:af:01:f0:54:5d:3a:c0:0d:
86:df:3a:e1:a0:1f:84:81:84:b2:c4:5a:ed:ea:74:
0a:83:78:15:3e:16:54:a9:dd:05:f9:02:f7:a3:22:
e3:8b:4d:89:f6:06:35:01:a5:99:ce:27:0b:7b:dc:
05:7d:b5:0f:53:52:3b:25:40:54:3a:24:cb:e9:f5:
79:40:ee:da:48:b3:57:7e:36:5d:5f:9b:1b:c7:05:
2f:7a:72:3a:34:e1:b0:cd:3d:57:dc:ef:91:c2:e8:
04:38:2b:ca:ee:a3:5c:06:f6:49:75:75:2d:26:6c:
30:7e:d1:6b:4c:73:df:56:b2:7f:1d:28:16:d6:13:
00:3d:3f:7f:08:a1:77:a1:d5:28:ef:6f:5d:b5:1e:
f9:b3:5e:39:5c:84:b4:94:8c:9b:03:41:c2:bf:45:
ef:04:f3:d7:62:c4:b0:0c:c7:eb:b0:49:35:48:15:
c8:4f:82:16:8d:a3:1c:52:65:8f:7e:e3:81:da:17:
fd:7c:3f:00:91:9b:99:01:22:aa:b9:c4:82:98:d5:
74:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:5F:07:FE:2F:BA:DF:1B:08:A9:FE:86:F7:54:AA:82:19:A1:AE:69
X509v3 Authority Key Identifier:
keyid:38:E7:F4:7B:B9:B9:16:57:E5:72:6B:FC:B2:DE:F8:AA:D9:73:E2:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OOf0e7m5Flflcmv8st74qtlz4mg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/bb0e7b-2a81-4970-b3bd-686f0a0616cc/1/nF8H_i-63xsIqf6G91Sqghmhrmk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/bb0e7b-2a81-4970-b3bd-686f0a0616cc/1/OOf0e7m5Flflcmv8st74qtlz4mg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.71.64.0/24
185.71.66.0/24
193.84.78.0/24
193.84.85.0/24
193.84.88.0/24
193.84.90.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:1a:8c:1d:d2:87:77:08:d8:1f:09:89:12:bc:d6:a6:20:96:
a9:4f:48:51:8b:40:c3:06:45:d4:95:f7:20:f8:58:ab:4d:1c:
4c:e7:6f:d7:6f:97:96:04:c3:eb:cb:4e:00:d5:5f:e4:a6:66:
07:1f:08:00:47:96:5d:c0:a3:20:d1:f0:3c:39:24:4b:64:88:
d4:67:73:b0:8e:ab:34:db:7e:7f:fd:ae:92:ff:66:ee:fe:0b:
52:fe:d9:45:e3:86:b8:b7:84:1d:4e:ab:b4:b3:36:2b:b3:72:
41:72:57:92:e9:49:da:10:83:6a:cc:d4:65:3c:a0:61:f3:57:
32:d4:86:1a:a9:98:04:74:0d:03:f7:4c:75:29:11:a2:c2:20:
77:4e:2c:c9:13:47:b0:ed:24:c8:b0:c7:d8:cb:53:bc:b6:3b:
5a:da:45:43:7e:48:d7:e4:7d:89:af:50:5a:a0:4c:08:7c:9d:
e7:7b:41:eb:f6:46:8d:36:65:c8:73:62:11:83:ea:ec:2c:96:
07:93:44:78:8c:99:16:14:41:09:21:5d:85:9b:30:b1:2f:ea:
a8:72:c1:74:6b:ae:de:41:0b:ee:f2:43:16:2b:55:42:fb:a1:
02:6c:4d:be:96:8f:e3:50:dd:0d:c7:41:5e:fb:20:d8:65:19:
4d:39:a3:f4
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZSYQkFkcSC5RaqSzserEH0JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4ZTdmNDdiYjliOTE2NTdlNTcyNmJmY2IyZGVmOGFhZDk3
M2UyNjgwHhcNMjUwMTI0MTIyMTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzVmMDdmZTJmYmFkZjFiMDhhOWZlODZmNzU0YWE4MjE5YTFhZTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvS6S8cgWU5aJ72ndufS4WxIQGIY
W9748cP9YgwD6CDtY/xBTjggu2AQrvoRUbq/lb9ArwHwVF06wA2G3zrhoB+EgYSy
xFrt6nQKg3gVPhZUqd0F+QL3oyLji02J9gY1AaWZzicLe9wFfbUPU1I7JUBUOiTL
6fV5QO7aSLNXfjZdX5sbxwUvenI6NOGwzT1X3O+RwugEOCvK7qNcBvZJdXUtJmww
ftFrTHPfVrJ/HSgW1hMAPT9/CKF3odUo729dtR75s145XIS0lIybA0HCv0XvBPPX
YsSwDMfrsEk1SBXIT4IWjaMcUmWPfuOB2hf9fD8AkZuZASKqucSCmNV0LwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJxfB/4vut8bCKn+hvdUqoIZoa5pMB8GA1UdIwQY
MBaAFDjn9Hu5uRZX5XJr/LLe+KrZc+JoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT09mMGU3bTVGbGZsY212OHN0NzRxdGx6NG1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9iYjBlN2ItMmE4MS00OTcwLWIzYmQt
Njg2ZjBhMDYxNmNjLzEvbkY4SF9pLTYzeHNJcWY2RzkxU3FnaG1ocm1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9iYjBlN2ItMmE4MS00OTcwLWIzYmQtNjg2ZjBhMDYxNmNj
LzEvT09mMGU3bTVGbGZsY212OHN0NzRxdGx6NG1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAuUdAAwQA
uUdCAwQAwVROAwQAwVRVAwQAwVRYAwQAwVRaMA0GCSqGSIb3DQEBCwUAA4IBAQBP
Gowd0od3CNgfCYkSvNamIJapT0hRi0DDBkXUlfcg+FirTRxM52/Xb5eWBMPry04A
1V/kpmYHHwgAR5ZdwKMg0fA8OSRLZIjUZ3Owjqs0235//a6S/2bu/gtS/tlF44a4
t4QdTqu0szYrs3JBcleS6UnaEINqzNRlPKBh81cy1IYaqZgEdA0D90x1KRGiwiB3
TizJE0ew7STIsMfYy1O8tjta2kVDfkjX5H2Jr1BaoEwIfJ3ne0Hr9kaNNmXIc2IR
g+rsLJYHk0R4jJkWFEEJIV2FmzCxL+qocsF0a67eQQvu8kMWK1VC+6ECbE2+lo/j
UN0Nx0Fe+yDYZRlNOaP0
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:06:53 2025 by rpki-client