Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/eeb813-f24c-4175-828b-9d58ce221843/1/xOrZrnnNO1wW9p4s49S_LuX8hPc.roa
File: xOrZrnnNO1wW9p4s49S_LuX8hPc.roa (raw, json)
Hash identifier: hZIiC9kkNV8eJaOx5V1jcu1tdvVz3yuRCZDhua0CV0o=
Subject key identifier: C4:EA:D9:AE:79:CD:3B:5C:16:F6:9E:2C:E3:D4:BF:2E:E5:FC:84:F7
Certificate issuer: /CN=44566c1a283d553ef3f656f57223984dda7c355f
Certificate serial: 01942369A27B98C41EE4D13E5799497CD547
Authority key identifier: 44:56:6C:1A:28:3D:55:3E:F3:F6:56:F5:72:23:98:4D:DA:7C:35:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFZsGig9VT7z9lb1ciOYTdp8NV8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/eeb813-f24c-4175-828b-9d58ce221843/1/xOrZrnnNO1wW9p4s49S_LuX8hPc.roa
Signing time: Wed 01 Jan 2025 19:48:32 +0000
ROA not before: Wed 01 Jan 2025 19:48:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29399
IP address blocks: 170.84.252.0/23 maxlen: 27
178.250.88.0/21 maxlen: 27
185.49.128.0/22 maxlen: 27
185.212.216.0/22 maxlen: 27
195.137.222.0/23 maxlen: 27
195.149.85.0/24 maxlen: 27
2a03:5d00::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/eeb813-f24c-4175-828b-9d58ce221843/1/RFZsGig9VT7z9lb1ciOYTdp8NV8.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/eeb813-f24c-4175-828b-9d58ce221843/1/RFZsGig9VT7z9lb1ciOYTdp8NV8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RFZsGig9VT7z9lb1ciOYTdp8NV8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 20 Apr 2025 07:26:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:a2:7b:98:c4:1e:e4:d1:3e:57:99:49:7c:d5:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44566c1a283d553ef3f656f57223984dda7c355f
Validity
Not Before: Jan 1 19:48:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c4ead9ae79cd3b5c16f69e2ce3d4bf2ee5fc84f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:f0:57:45:9d:40:d9:da:c3:4c:06:4a:6e:50:
75:aa:2f:87:ee:bf:a5:1f:49:89:b7:9f:55:45:c1:
34:41:60:51:a1:f1:cd:c6:e0:49:90:8f:29:60:f9:
0b:12:ee:c0:00:80:c1:72:d3:43:45:1c:c1:f4:e5:
7b:63:50:1e:dc:86:d8:86:a5:f5:d5:79:4b:67:ee:
10:ac:b3:48:7e:c9:ed:e9:9e:4a:a4:c5:38:e7:fb:
f4:06:8c:bd:77:0e:6f:88:7e:95:7f:92:98:0c:2e:
23:a2:f9:ec:44:b6:90:d2:4f:f4:c8:44:16:11:ac:
91:39:00:18:79:e1:c4:e4:e6:d5:ab:bf:c1:41:fa:
5e:3a:9b:f9:71:0e:8e:22:fc:b5:c4:36:92:e8:bd:
06:ed:e4:41:38:e4:e7:e7:81:21:e2:d2:03:9e:77:
71:65:fa:76:4b:1a:5c:4f:3b:21:cb:a4:2c:5b:21:
b5:5a:b2:ef:52:ad:f5:ec:92:9a:d7:3b:e5:10:ab:
5b:5d:4b:bf:e6:1e:b7:3d:13:82:3e:a7:58:b3:ce:
87:11:9b:17:87:9a:23:53:1b:be:62:3f:54:69:67:
29:96:2f:2b:36:da:2c:fd:49:f6:b2:e9:0b:5f:ff:
12:dd:f5:51:e1:94:89:be:69:7f:a5:78:1c:06:32:
db:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:EA:D9:AE:79:CD:3B:5C:16:F6:9E:2C:E3:D4:BF:2E:E5:FC:84:F7
X509v3 Authority Key Identifier:
keyid:44:56:6C:1A:28:3D:55:3E:F3:F6:56:F5:72:23:98:4D:DA:7C:35:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFZsGig9VT7z9lb1ciOYTdp8NV8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/eeb813-f24c-4175-828b-9d58ce221843/1/xOrZrnnNO1wW9p4s49S_LuX8hPc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/eeb813-f24c-4175-828b-9d58ce221843/1/RFZsGig9VT7z9lb1ciOYTdp8NV8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
170.84.252.0/23
178.250.88.0/21
185.49.128.0/22
185.212.216.0/22
195.137.222.0/23
195.149.85.0/24
IPv6:
2a03:5d00::/29
Signature Algorithm: sha256WithRSAEncryption
40:e1:49:d2:5f:ad:d0:eb:b9:86:d4:b0:4b:81:22:e4:b3:ed:
35:48:6f:f6:06:20:fb:86:b9:4d:4b:95:19:da:44:f7:9f:2c:
67:dd:32:28:a4:99:d3:ed:5e:52:6d:24:42:b1:b7:fd:7e:44:
49:56:9d:7b:2c:4a:88:a6:f4:37:1f:9f:2a:21:92:68:0f:43:
fb:33:46:e3:a3:0d:02:0d:19:3b:b2:98:79:f5:f4:31:14:1a:
b8:57:bb:9c:3c:f0:85:d1:c0:2c:5d:a0:36:a9:66:e6:69:a5:
3f:d2:24:d1:f0:0f:8b:9d:e9:ef:b2:ac:92:95:42:67:2a:9a:
77:32:be:4f:84:63:30:11:0d:a6:fd:dc:55:1f:f6:bb:0a:2f:
24:d4:2a:a4:6b:05:8b:f2:13:c0:25:a2:5f:93:9d:61:5d:e5:
44:74:0f:d4:12:66:b0:57:7b:1f:c6:02:61:8b:ce:14:fd:1b:
d9:d4:ec:30:90:4a:d8:4e:1a:69:a3:b5:66:ab:81:fa:95:f1:
aa:25:f3:aa:a0:1b:ec:bc:cf:dc:68:c5:0e:b9:55:18:7c:15:
cc:9f:fd:58:1f:f6:e4:7d:f9:42:a5:aa:9a:7b:56:43:92:5a:
98:45:b4:60:39:2a:0c:06:ff:ac:0a:2f:27:6a:3a:c9:60:e8:
fb:12:ff:68
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZQjaaJ7mMQe5NE+V5lJfNVHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTY2YzFhMjgzZDU1M2VmM2Y2NTZmNTcyMjM5ODRkZGE3
YzM1NWYwHhcNMjUwMTAxMTk0ODMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGVhZDlhZTc5Y2QzYjVjMTZmNjllMmNlM2Q0YmYyZWU1ZmM4NGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApvBXRZ1A2drDTAZKblB1qi+H7r+l
H0mJt59VRcE0QWBRofHNxuBJkI8pYPkLEu7AAIDBctNDRRzB9OV7Y1Ae3IbYhqX1
1XlLZ+4QrLNIfsnt6Z5KpMU45/v0Boy9dw5viH6Vf5KYDC4jovnsRLaQ0k/0yEQW
EayROQAYeeHE5ObVq7/BQfpeOpv5cQ6OIvy1xDaS6L0G7eRBOOTn54Eh4tIDnndx
Zfp2SxpcTzshy6QsWyG1WrLvUq317JKa1zvlEKtbXUu/5h63PROCPqdYs86HEZsX
h5ojUxu+Yj9UaWcpli8rNtos/Un2sukLX/8S3fVR4ZSJvml/pXgcBjLbHwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFMTq2a55zTtcFvaeLOPUvy7l/IT3MB8GA1UdIwQY
MBaAFERWbBooPVU+8/ZW9XIjmE3afDVfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZac0dpZzlWVDd6OWxiMWNpT1lUZHA4TlY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9lZWI4MTMtZjI0Yy00MTc1LTgyOGIt
OWQ1OGNlMjIxODQzLzEveE9yWnJubk5PMXdXOXA0czQ5U19MdVg4aFBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9lZWI4MTMtZjI0Yy00MTc1LTgyOGItOWQ1OGNlMjIxODQz
LzEvUkZac0dpZzlWVDd6OWxiMWNpT1lUZHA4TlY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQBqlT8AwQD
svpYAwQCuTGAAwQCudTYAwQBw4neAwQAw5VVMA0EAgACMAcDBQMqA10AMA0GCSqG
SIb3DQEBCwUAA4IBAQBA4UnSX63Q67mG1LBLgSLks+01SG/2BiD7hrlNS5UZ2kT3
nyxn3TIopJnT7V5SbSRCsbf9fkRJVp17LEqIpvQ3H58qIZJoD0P7M0bjow0CDRk7
sph59fQxFBq4V7ucPPCF0cAsXaA2qWbmaaU/0iTR8A+LnenvsqySlUJnKpp3Mr5P
hGMwEQ2m/dxVH/a7Ci8k1CqkawWL8hPAJaJfk51hXeVEdA/UEmawV3sfxgJhi84U
/RvZ1OwwkErYThppo7Vmq4H6lfGqJfOqoBvsvM/caMUOuVUYfBXMn/1YH/bkfflC
paqae1ZDklqYRbRgOSoMBv+sCi8najrJYOj7Ev9o
-----END CERTIFICATE-----
Generated at Sat Apr 19 14:37:36 2025 by rpki-client