Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/bc1d14-15c8-48fd-9ec3-969c94de89a5/1/t_n8d9oI1aH-bEIOwJVaWHaCJBg.roa
File: t_n8d9oI1aH-bEIOwJVaWHaCJBg.roa (raw, json)
Hash identifier: zQKAJ7WWLqDL9BuKcs6iIJKFW7l+LUz0khsopSEliO8=
Subject key identifier: B7:F9:FC:77:DA:08:D5:A1:FE:6C:42:0E:C0:95:5A:58:76:82:24:18
Certificate issuer: /CN=2452ab1d2d29bac9d52eb479de64c0700fc6724f
Certificate serial: 01941FFA2BAF12DA9B016205F725A5D4B6E5
Authority key identifier: 24:52:AB:1D:2D:29:BA:C9:D5:2E:B4:79:DE:64:C0:70:0F:C6:72:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JFKrHS0pusnVLrR53mTAcA_Gck8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/bc1d14-15c8-48fd-9ec3-969c94de89a5/1/t_n8d9oI1aH-bEIOwJVaWHaCJBg.roa
Signing time: Wed 01 Jan 2025 03:47:56 +0000
ROA not before: Wed 01 Jan 2025 03:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47201
IP address blocks: 79.98.120.0/24 maxlen: 24
79.98.121.0/24 maxlen: 24
79.98.122.0/24 maxlen: 24
79.98.123.0/24 maxlen: 24
79.98.124.0/24 maxlen: 24
79.98.125.0/24 maxlen: 24
2a00:d30:120::/48 maxlen: 48
2a00:d30:121::/48 maxlen: 48
2a00:d30:122::/48 maxlen: 48
2a00:d30:123::/48 maxlen: 48
2a00:d30:124::/48 maxlen: 48
2a00:d30:125::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/bc1d14-15c8-48fd-9ec3-969c94de89a5/1/JFKrHS0pusnVLrR53mTAcA_Gck8.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/bc1d14-15c8-48fd-9ec3-969c94de89a5/1/JFKrHS0pusnVLrR53mTAcA_Gck8.mft
rsync://rpki.ripe.net/repository/DEFAULT/JFKrHS0pusnVLrR53mTAcA_Gck8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 10:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:2b:af:12:da:9b:01:62:05:f7:25:a5:d4:b6:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2452ab1d2d29bac9d52eb479de64c0700fc6724f
Validity
Not Before: Jan 1 03:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b7f9fc77da08d5a1fe6c420ec0955a5876822418
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:ee:db:d6:6a:92:67:ba:f5:5f:e5:2d:39:ab:
a0:de:d9:bd:58:a6:ae:b5:09:4a:7d:4d:e0:32:36:
53:16:00:3f:84:20:85:0d:72:96:d7:1b:23:2e:83:
28:f1:90:e4:7c:79:c2:c1:64:00:b0:0c:fe:79:50:
ad:5e:67:39:57:db:5d:7c:5e:7b:96:83:f9:c2:fc:
8c:0e:e2:9c:29:60:f8:04:9e:1a:11:52:a3:da:ae:
63:eb:3e:e2:aa:57:8e:1b:42:1d:31:3a:ed:d0:77:
15:9c:83:10:9c:70:f5:b5:95:f3:d4:c0:06:7f:c7:
c7:d5:16:18:58:4a:42:0d:22:b5:fd:41:fd:0d:78:
43:91:3a:b0:83:0d:3c:49:69:4e:33:93:e6:32:a5:
39:53:fd:c4:78:3a:78:4b:60:c6:7a:d5:05:19:c2:
d7:49:46:5b:97:4a:79:53:ee:4a:d2:48:f4:4d:16:
af:4f:d2:b7:44:5a:4b:7c:68:bd:f7:56:6f:a3:1e:
ec:8d:db:fa:53:73:e8:72:da:fe:59:5b:9a:5d:9f:
a9:3c:c3:32:b3:b0:4d:7a:c0:0e:35:51:b4:13:46:
95:55:b9:92:81:5b:b7:a0:da:79:8f:7c:cc:80:be:
2e:dc:8e:c4:3f:66:1d:ee:34:cb:d5:4f:57:84:b4:
fc:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:F9:FC:77:DA:08:D5:A1:FE:6C:42:0E:C0:95:5A:58:76:82:24:18
X509v3 Authority Key Identifier:
keyid:24:52:AB:1D:2D:29:BA:C9:D5:2E:B4:79:DE:64:C0:70:0F:C6:72:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JFKrHS0pusnVLrR53mTAcA_Gck8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/bc1d14-15c8-48fd-9ec3-969c94de89a5/1/t_n8d9oI1aH-bEIOwJVaWHaCJBg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/bc1d14-15c8-48fd-9ec3-969c94de89a5/1/JFKrHS0pusnVLrR53mTAcA_Gck8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.98.120.0-79.98.125.255
IPv6:
2a00:d30:120::-2a00:d30:125:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
0a:12:f0:7f:c6:9b:ca:cd:62:3e:46:7d:f4:13:ec:d7:43:86:
04:3e:c9:a9:83:07:5b:c1:05:ad:e6:46:18:5e:3d:5a:a2:d9:
3d:e8:d8:d7:dc:a5:d0:c0:4f:8a:57:13:9e:0d:8d:fe:e0:61:
80:6a:5f:6e:d9:7f:f4:c1:6f:c3:4e:d9:57:26:f2:63:fb:03:
d7:20:e8:d8:72:c9:8a:6e:fd:90:c2:8f:d6:4c:b8:4c:6d:6d:
37:df:cf:60:9c:ba:6e:4c:0d:cd:45:f0:e9:52:41:2f:16:a9:
c3:92:11:da:47:30:37:41:a1:ea:84:ed:8f:bf:30:48:29:6b:
96:18:d8:91:24:08:fc:f3:8a:1f:9b:cd:79:ba:8a:3b:91:d5:
9a:5c:6f:19:17:c0:27:c9:a3:52:83:ff:04:36:22:4d:04:29:
0a:49:d6:0e:6b:02:a8:61:63:c0:27:dd:dd:f5:82:ad:1c:1f:
f9:de:0f:58:7d:76:c1:5c:52:23:2f:e9:a3:dd:dc:51:a0:ca:
b7:5f:a9:a3:e0:b6:3d:50:11:4a:5f:b0:49:fc:87:45:43:33:
1c:12:f7:af:8d:6e:39:0b:99:14:61:61:46:03:c9:c8:be:79:
2a:5a:4c:dd:e5:14:26:c5:3a:ba:cf:32:c4:17:9b:0f:e5:18:
c4:89:3e:2c
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQf+iuvEtqbAWIF9yWl1LblMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0NTJhYjFkMmQyOWJhYzlkNTJlYjQ3OWRlNjRjMDcwMGZj
NjcyNGYwHhcNMjUwMTAxMDM0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2Y5ZmM3N2RhMDhkNWExZmU2YzQyMGVjMDk1NWE1ODc2ODIyNDE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3e7b1mqSZ7r1X+UtOaug3tm9WKau
tQlKfU3gMjZTFgA/hCCFDXKW1xsjLoMo8ZDkfHnCwWQAsAz+eVCtXmc5V9tdfF57
loP5wvyMDuKcKWD4BJ4aEVKj2q5j6z7iqleOG0IdMTrt0HcVnIMQnHD1tZXz1MAG
f8fH1RYYWEpCDSK1/UH9DXhDkTqwgw08SWlOM5PmMqU5U/3EeDp4S2DGetUFGcLX
SUZbl0p5U+5K0kj0TRavT9K3RFpLfGi991Zvox7sjdv6U3Poctr+WVuaXZ+pPMMy
s7BNesAONVG0E0aVVbmSgVu3oNp5j3zMgL4u3I7EP2Yd7jTL1U9XhLT8AwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFLf5/HfaCNWh/mxCDsCVWlh2giQYMB8GA1UdIwQY
MBaAFCRSqx0tKbrJ1S60ed5kwHAPxnJPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkZLckhTMHB1c25WTHJSNTNtVEFjQV9HY2s4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9iYzFkMTQtMTVjOC00OGZkLTllYzMt
OTY5Yzk0ZGU4OWE1LzEvdF9uOGQ5b0kxYUgtYkVJT3dKVmFXSGFDSkJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9iYzFkMTQtMTVjOC00OGZkLTllYzMtOTY5Yzk0ZGU4OWE1
LzEvSkZLckhTMHB1c25WTHJSNTNtVEFjQV9HY2s4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAUBAIAATAOMAwDBANPYngD
BAFPYnwwGgQCAAIwFDASAwcFKgANMAEgAwcBKgANMAEkMA0GCSqGSIb3DQEBCwUA
A4IBAQAKEvB/xpvKzWI+Rn30E+zXQ4YEPsmpgwdbwQWt5kYYXj1aotk96NjX3KXQ
wE+KVxOeDY3+4GGAal9u2X/0wW/DTtlXJvJj+wPXIOjYcsmKbv2Qwo/WTLhMbW03
389gnLpuTA3NRfDpUkEvFqnDkhHaRzA3QaHqhO2PvzBIKWuWGNiRJAj884ofm815
uoo7kdWaXG8ZF8AnyaNSg/8ENiJNBCkKSdYOawKoYWPAJ93d9YKtHB/53g9YfXbB
XFIjL+mj3dxRoMq3X6mj4LY9UBFKX7BJ/IdFQzMcEvevjW45C5kUYWFGA8nIvnkq
Wkzd5RQmxTq6zzLEF5sP5RjEiT4s
-----END CERTIFICATE-----
Generated at Tue Apr 22 20:41:29 2025 by rpki-client