Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/60f623-ed79-4030-8980-8901b052b86b/1/eIp7-TA74OpVMqMjgyn5rozHch0.roa
File: eIp7-TA74OpVMqMjgyn5rozHch0.roa (raw, json)
Hash identifier: Vk4popoaDrWGjozep9hzWTbs+ZYNrWhKKEtSBoEkXJI=
Subject key identifier: 78:8A:7B:F9:30:3B:E0:EA:55:32:A3:23:83:29:F9:AE:8C:C7:72:1D
Certificate issuer: /CN=1a1d2154b9324efb39ca38ba1931ba5dfb59e8fd
Certificate serial: 019423D7E0EC8AA4E7DBA6D80C8276FA1D6A
Authority key identifier: 1A:1D:21:54:B9:32:4E:FB:39:CA:38:BA:19:31:BA:5D:FB:59:E8:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gh0hVLkyTvs5yji6GTG6XftZ6P0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/60f623-ed79-4030-8980-8901b052b86b/1/eIp7-TA74OpVMqMjgyn5rozHch0.roa
Signing time: Wed 01 Jan 2025 21:48:57 +0000
ROA not before: Wed 01 Jan 2025 21:48:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14061
IP address blocks: 141.0.169.0/24 maxlen: 24
141.0.170.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/60f623-ed79-4030-8980-8901b052b86b/1/Gh0hVLkyTvs5yji6GTG6XftZ6P0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ed/60f623-ed79-4030-8980-8901b052b86b/1/Gh0hVLkyTvs5yji6GTG6XftZ6P0.mft
rsync://rpki.ripe.net/repository/DEFAULT/Gh0hVLkyTvs5yji6GTG6XftZ6P0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 13:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:e0:ec:8a:a4:e7:db:a6:d8:0c:82:76:fa:1d:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a1d2154b9324efb39ca38ba1931ba5dfb59e8fd
Validity
Not Before: Jan 1 21:48:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=788a7bf9303be0ea5532a3238329f9ae8cc7721d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:be:22:ff:88:a3:84:34:22:a1:30:0e:85:57:
f6:59:dc:6f:75:b2:d6:33:c0:ce:9b:69:2c:7c:3b:
d4:d1:7d:37:0a:60:62:82:c5:27:fe:7b:bd:62:04:
8d:90:3f:dd:21:0f:ea:56:e4:64:e4:76:06:33:09:
ad:77:53:83:2f:16:1a:10:33:da:03:66:81:78:22:
b9:85:77:b8:7b:20:f4:e9:75:2a:8f:d1:bf:81:42:
f9:a5:f1:af:ae:b5:92:97:1b:55:73:3b:df:14:83:
f0:2e:28:65:c7:66:2d:64:5c:02:75:bb:01:de:b1:
25:e1:c3:f0:a0:08:60:92:27:0c:74:ff:d5:d6:6f:
a7:9c:9b:78:7d:58:d1:08:c1:60:2e:e9:6c:96:c4:
86:a4:aa:94:6b:c1:e1:2d:54:0b:43:63:95:53:7f:
56:bc:81:2e:46:56:1f:9d:f1:aa:7d:d1:8f:b3:2e:
02:a8:c9:e4:a3:24:fe:1b:c0:2c:81:c7:10:84:9f:
e8:dc:65:e0:56:41:28:4c:2a:6d:19:cd:9c:59:8b:
70:cd:fa:db:c1:43:2a:b7:e1:78:b8:56:89:1d:16:
bc:f3:e8:47:c7:d0:23:11:89:04:ca:16:8b:6e:ef:
00:9d:f2:11:b5:d2:2b:55:8a:e0:32:b3:05:90:2a:
52:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:8A:7B:F9:30:3B:E0:EA:55:32:A3:23:83:29:F9:AE:8C:C7:72:1D
X509v3 Authority Key Identifier:
keyid:1A:1D:21:54:B9:32:4E:FB:39:CA:38:BA:19:31:BA:5D:FB:59:E8:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gh0hVLkyTvs5yji6GTG6XftZ6P0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/60f623-ed79-4030-8980-8901b052b86b/1/eIp7-TA74OpVMqMjgyn5rozHch0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/60f623-ed79-4030-8980-8901b052b86b/1/Gh0hVLkyTvs5yji6GTG6XftZ6P0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.0.169.0-141.0.170.255
Signature Algorithm: sha256WithRSAEncryption
3c:f1:f4:2e:89:a4:34:d1:60:6a:c9:65:52:3e:d4:05:fa:df:
c8:0f:58:c8:58:e2:df:30:09:03:b4:cb:cc:d6:65:de:74:98:
2c:01:cd:e3:ee:ee:af:bc:ef:36:aa:51:32:c9:69:30:f6:60:
85:bc:be:7b:33:7e:6c:68:7e:01:01:39:1b:e7:60:f0:17:12:
1d:27:32:f2:38:ee:e8:bf:93:06:79:b2:fb:54:76:b4:a1:15:
7e:73:51:67:24:50:64:24:77:43:ea:0c:61:b1:dd:93:fb:d7:
5b:76:6b:ed:7f:28:f1:37:44:90:93:ed:f9:26:99:0f:29:7a:
a0:cb:c8:46:fc:20:f4:a7:5c:34:34:ed:31:c4:f2:17:f4:e4:
bc:30:98:54:d6:b9:15:4f:f1:e0:47:cc:68:1f:13:b9:ab:4a:
45:fe:97:08:01:77:37:97:de:c3:0a:5b:fc:3c:01:d8:72:69:
cb:63:5d:b2:5d:69:6c:c8:4c:6b:2f:14:a7:66:71:7e:b4:fb:
d2:b4:5a:45:ce:c4:09:55:49:43:b1:d3:24:18:3c:25:a2:2f:
c1:ef:3f:e6:f6:fd:3f:77:59:f0:05:62:fe:03:a8:f5:87:03:
86:21:21:bc:7a:42:00:bc:ca:be:d9:d6:ad:f0:5e:ff:a0:22:
1a:d9:c4:a9
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQj1+DsiqTn26bYDIJ2+h1qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhMWQyMTU0YjkzMjRlZmIzOWNhMzhiYTE5MzFiYTVkZmI1
OWU4ZmQwHhcNMjUwMTAxMjE0ODU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODhhN2JmOTMwM2JlMGVhNTUzMmEzMjM4MzI5ZjlhZThjYzc3MjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx74i/4ijhDQioTAOhVf2WdxvdbLW
M8DOm2ksfDvU0X03CmBigsUn/nu9YgSNkD/dIQ/qVuRk5HYGMwmtd1ODLxYaEDPa
A2aBeCK5hXe4eyD06XUqj9G/gUL5pfGvrrWSlxtVczvfFIPwLihlx2YtZFwCdbsB
3rEl4cPwoAhgkicMdP/V1m+nnJt4fVjRCMFgLulslsSGpKqUa8HhLVQLQ2OVU39W
vIEuRlYfnfGqfdGPsy4CqMnkoyT+G8AsgccQhJ/o3GXgVkEoTCptGc2cWYtwzfrb
wUMqt+F4uFaJHRa88+hHx9AjEYkEyhaLbu8AnfIRtdIrVYrgMrMFkCpSiQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFHiKe/kwO+DqVTKjI4Mp+a6Mx3IdMB8GA1UdIwQY
MBaAFBodIVS5Mk77Oco4uhkxul37Wej9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2gwaFZMa3lUdnM1eWppNkdURzZYZnRaNlAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC82MGY2MjMtZWQ3OS00MDMwLTg5ODAt
ODkwMWIwNTJiODZiLzEvZUlwNy1UQTc0T3BWTXFNamd5bjVyb3pIY2gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC82MGY2MjMtZWQ3OS00MDMwLTg5ODAtODkwMWIwNTJiODZi
LzEvR2gwaFZMa3lUdnM1eWppNkdURzZYZnRaNlAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACNAKkD
BACNAKowDQYJKoZIhvcNAQELBQADggEBADzx9C6JpDTRYGrJZVI+1AX638gPWMhY
4t8wCQO0y8zWZd50mCwBzePu7q+87zaqUTLJaTD2YIW8vnszfmxofgEBORvnYPAX
Eh0nMvI47ui/kwZ5svtUdrShFX5zUWckUGQkd0PqDGGx3ZP711t2a+1/KPE3RJCT
7fkmmQ8peqDLyEb8IPSnXDQ07THE8hf05LwwmFTWuRVP8eBHzGgfE7mrSkX+lwgB
dzeX3sMKW/w8AdhyactjXbJdaWzITGsvFKdmcX60+9K0WkXOxAlVSUOx0yQYPCWi
L8HvP+b2/T93WfAFYv4DqPWHA4YhIbx6QgC8yr7Z1q3wXv+gIhrZxKk=
-----END CERTIFICATE-----
Generated at Sat Apr 5 21:55:31 2025 by rpki-client