Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/F9Dj4BH3DTiBJqZUn9Gq6zuqgzw.roa
File: F9Dj4BH3DTiBJqZUn9Gq6zuqgzw.roa (raw, json)
Hash identifier: PvC6qEA55o/ujVGgT7SwQI1kg6RiKLhNPwSFFwPuR5o=
Subject key identifier: 17:D0:E3:E0:11:F7:0D:38:81:26:A6:54:9F:D1:AA:EB:3B:AA:83:3C
Certificate issuer: /CN=297c508d23b38315bbf45b726d22050a46127b8c
Certificate serial: 019425FD56CE44F1CDABBC97CEAE28581425
Authority key identifier: 29:7C:50:8D:23:B3:83:15:BB:F4:5B:72:6D:22:05:0A:46:12:7B:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/F9Dj4BH3DTiBJqZUn9Gq6zuqgzw.roa
Signing time: Thu 02 Jan 2025 07:49:07 +0000
ROA not before: Thu 02 Jan 2025 07:49:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51335
IP address blocks: 185.4.44.0/22 maxlen: 24
185.4.46.0/24 maxlen: 24
194.213.124.0/23 maxlen: 23
2001:67c:10f0::/48 maxlen: 48
2a02:68c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/KXxQjSOzgxW79FtybSIFCkYSe4w.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/KXxQjSOzgxW79FtybSIFCkYSe4w.mft
rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:56:ce:44:f1:cd:ab:bc:97:ce:ae:28:58:14:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297c508d23b38315bbf45b726d22050a46127b8c
Validity
Not Before: Jan 2 07:49:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=17d0e3e011f70d388126a6549fd1aaeb3baa833c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:54:67:4e:5c:df:e6:85:86:e0:d6:d6:0b:db:
e1:00:e8:25:7a:91:ac:b0:33:42:b5:6a:15:a9:72:
a4:20:6c:4e:d1:8d:f8:63:10:eb:37:34:aa:bf:19:
f8:2f:8c:5a:7a:ef:37:ed:0b:3d:86:47:3a:b7:69:
52:18:ac:f3:14:5d:3d:b6:ad:74:65:eb:6a:83:f3:
58:ae:fc:64:de:2b:66:95:3d:8f:6c:12:fc:34:14:
83:c5:85:f2:73:71:ab:7b:d3:75:e3:e3:1a:5e:30:
e7:02:a7:e4:d7:5f:08:a1:b8:4e:4e:3a:76:a4:c3:
cf:9c:03:cb:e4:73:ab:94:7e:15:8c:c3:75:fb:cc:
e2:e5:f0:a6:1e:6f:81:36:ce:b8:ed:d8:62:55:35:
71:53:5b:e6:45:25:83:5d:b7:17:71:30:59:eb:d2:
41:4d:ef:f7:ae:67:fe:c2:76:61:fa:62:7d:7c:e9:
92:63:7d:4a:5e:88:84:80:55:3c:af:5a:34:d3:11:
f5:ae:57:7d:be:49:4f:2c:44:7f:bd:85:ad:41:ee:
1d:a8:c4:3b:f6:bc:34:15:8c:82:6b:a1:c9:63:f0:
5b:18:ae:2e:d3:b2:27:3c:23:c6:38:df:c8:af:7b:
3a:fb:db:69:63:0b:fe:0c:d3:c0:e4:a8:b9:64:6d:
e3:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:D0:E3:E0:11:F7:0D:38:81:26:A6:54:9F:D1:AA:EB:3B:AA:83:3C
X509v3 Authority Key Identifier:
keyid:29:7C:50:8D:23:B3:83:15:BB:F4:5B:72:6D:22:05:0A:46:12:7B:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/F9Dj4BH3DTiBJqZUn9Gq6zuqgzw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/KXxQjSOzgxW79FtybSIFCkYSe4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.4.44.0/22
194.213.124.0/23
IPv6:
2001:67c:10f0::/48
2a02:68c0::/32
Signature Algorithm: sha256WithRSAEncryption
64:84:ec:a2:78:52:3d:86:3e:1e:76:67:fc:cb:f3:25:ce:94:
20:b1:7b:28:21:cc:66:c1:9b:a5:6f:52:e7:4d:08:e5:62:5b:
00:66:91:5f:6d:89:05:fb:df:6b:e7:5d:e6:90:bc:d6:6c:9e:
66:ee:4d:f2:9d:90:92:f1:f0:82:84:66:ec:d0:18:61:d7:19:
05:74:19:97:e3:f6:70:ff:86:53:00:db:c3:48:02:7f:c5:1f:
35:42:a7:9e:88:5e:1e:d4:39:5c:3b:e7:2e:4c:24:64:6e:71:
20:5b:ed:7c:af:f2:02:03:f3:84:44:2d:d0:7b:25:fa:0e:47:
23:84:1d:e3:3f:76:ed:29:f3:8b:8b:21:e0:28:99:04:3a:8e:
41:84:11:94:82:c6:fc:7f:1a:54:76:16:6d:31:b3:21:e8:4c:
f7:e1:51:b7:55:16:f6:72:53:8b:fc:7a:97:15:53:55:e1:ef:
dd:f6:45:0d:31:c1:c0:0d:a4:1a:7d:d9:0c:6d:21:94:40:1f:
f4:39:65:e7:31:7a:10:05:1d:e7:cb:09:9b:84:d7:c1:b0:59:
d5:96:d5:b7:57:b7:de:9c:6d:cb:ae:de:73:ce:35:52:81:ea:
44:11:dd:95:c1:62:d4:2b:4d:8c:a9:2a:aa:99:8c:27:33:ee:
20:b5:7f:ab
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQl/VbORPHNq7yXzq4oWBQlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2M1MDhkMjNiMzgzMTViYmY0NWI3MjZkMjIwNTBhNDYx
MjdiOGMwHhcNMjUwMTAyMDc0OTA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2QwZTNlMDExZjcwZDM4ODEyNmE2NTQ5ZmQxYWFlYjNiYWE4MzNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1RnTlzf5oWG4NbWC9vhAOglepGs
sDNCtWoVqXKkIGxO0Y34YxDrNzSqvxn4L4xaeu837Qs9hkc6t2lSGKzzFF09tq10
Zetqg/NYrvxk3itmlT2PbBL8NBSDxYXyc3Gre9N14+MaXjDnAqfk118IobhOTjp2
pMPPnAPL5HOrlH4VjMN1+8zi5fCmHm+BNs647dhiVTVxU1vmRSWDXbcXcTBZ69JB
Te/3rmf+wnZh+mJ9fOmSY31KXoiEgFU8r1o00xH1rld9vklPLER/vYWtQe4dqMQ7
9rw0FYyCa6HJY/BbGK4u07InPCPGON/Ir3s6+9tpYwv+DNPA5Ki5ZG3j/QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFBfQ4+AR9w04gSamVJ/Rqus7qoM8MB8GA1UdIwQY
MBaAFCl8UI0js4MVu/Rbcm0iBQpGEnuMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1h4UWpTT3pneFc3OUZ0eWJTSUZDa1lTZTR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC84YWJlZWQtZjUzYi00Nzc2LWE4ZTIt
MzZlOWE3OWJkOTUwLzEvRjlEajRCSDNEVGlCSnFaVW45R3E2enVxZ3p3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC84YWJlZWQtZjUzYi00Nzc2LWE4ZTItMzZlOWE3OWJkOTUw
LzEvS1h4UWpTT3pneFc3OUZ0eWJTSUZDa1lTZTR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQCuQQsAwQB
wtV8MBYEAgACMBADBwAgAQZ8EPADBQAqAmjAMA0GCSqGSIb3DQEBCwUAA4IBAQBk
hOyieFI9hj4edmf8y/MlzpQgsXsoIcxmwZulb1LnTQjlYlsAZpFfbYkF+99r513m
kLzWbJ5m7k3ynZCS8fCChGbs0Bhh1xkFdBmX4/Zw/4ZTANvDSAJ/xR81QqeeiF4e
1DlcO+cuTCRkbnEgW+18r/ICA/OERC3QeyX6DkcjhB3jP3btKfOLiyHgKJkEOo5B
hBGUgsb8fxpUdhZtMbMh6Ez34VG3VRb2clOL/HqXFVNV4e/d9kUNMcHADaQafdkM
bSGUQB/0OWXnMXoQBR3nywmbhNfBsFnVltW3V7fenG3Lrt5zzjVSgepEEd2VwWLU
K02MqSqqmYwnM+4gtX+r
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:49:53 2025 by rpki-client