Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/2fcbb2-c3c0-4b1e-8ad5-7f5f78346d6f/1/fIN0CuyWjIdLGQA-5hoaOxgsCEU.roa
File: fIN0CuyWjIdLGQA-5hoaOxgsCEU.roa (raw, json)
Hash identifier: NyCjKtY4yfk/Nsn/Ck5PkA1Ia9CEltJSbyJgOPEbXmk=
Subject key identifier: 7C:83:74:0A:EC:96:8C:87:4B:19:00:3E:E6:1A:1A:3B:18:2C:08:45
Certificate issuer: /CN=b1ffee7dbf7f4566ea9e30546b2c2a2e7336f2f4
Certificate serial: 01942748011FFA06F6BB05F3CE4495669124
Authority key identifier: B1:FF:EE:7D:BF:7F:45:66:EA:9E:30:54:6B:2C:2A:2E:73:36:F2:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sf_ufb9_RWbqnjBUaywqLnM28vQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/2fcbb2-c3c0-4b1e-8ad5-7f5f78346d6f/1/fIN0CuyWjIdLGQA-5hoaOxgsCEU.roa
Signing time: Thu 02 Jan 2025 13:50:17 +0000
ROA not before: Thu 02 Jan 2025 13:50:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61157
IP address blocks: 95.174.80.0/21 maxlen: 21
2a04:2f80::/29 maxlen: 29
2a04:2f80::/42 maxlen: 42
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/2fcbb2-c3c0-4b1e-8ad5-7f5f78346d6f/1/sf_ufb9_RWbqnjBUaywqLnM28vQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/04/2fcbb2-c3c0-4b1e-8ad5-7f5f78346d6f/1/sf_ufb9_RWbqnjBUaywqLnM28vQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/sf_ufb9_RWbqnjBUaywqLnM28vQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:01:1f:fa:06:f6:bb:05:f3:ce:44:95:66:91:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1ffee7dbf7f4566ea9e30546b2c2a2e7336f2f4
Validity
Not Before: Jan 2 13:50:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7c83740aec968c874b19003ee61a1a3b182c0845
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:d8:27:3b:0a:cd:e1:c2:bb:0e:ab:ba:21:dd:
02:22:6b:fc:6e:06:0d:8f:e7:93:2e:d3:95:46:4d:
d9:06:02:3b:ac:4e:c1:5d:0a:c8:8d:f0:8f:b6:73:
2f:f0:95:52:6a:0e:cb:b7:36:cf:ec:eb:31:53:9a:
98:ef:33:92:ff:e8:c8:c9:ab:9c:8d:9b:d8:ea:04:
0f:f2:b8:55:15:8c:77:e6:b0:e4:20:2e:32:43:31:
25:07:5d:57:eb:96:9b:4e:ec:69:e6:8c:7d:2e:f9:
be:c9:e1:e3:17:11:5e:f8:59:50:0f:2d:89:68:e3:
3e:81:a9:7c:7c:d4:7a:73:41:43:a0:6b:a2:fa:94:
3e:61:de:e8:aa:b7:94:f5:a0:a9:44:9b:af:c4:73:
53:5e:3d:1e:32:63:e5:f3:ec:00:7e:14:7f:d0:1d:
ba:1a:00:03:0f:08:84:e5:1e:e5:45:68:6b:ab:fa:
2f:16:82:2f:da:52:9b:3d:39:20:06:15:a6:2d:57:
97:97:11:e3:da:44:1e:80:c3:07:bb:4d:e7:bd:eb:
62:90:56:53:3b:5d:6a:4c:04:88:0d:47:1b:01:0e:
6d:8c:d6:26:72:36:39:6c:39:2a:7d:ad:76:bf:e1:
c0:43:54:53:3c:3d:4a:e8:78:e3:2b:8a:cc:63:08:
c2:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:83:74:0A:EC:96:8C:87:4B:19:00:3E:E6:1A:1A:3B:18:2C:08:45
X509v3 Authority Key Identifier:
keyid:B1:FF:EE:7D:BF:7F:45:66:EA:9E:30:54:6B:2C:2A:2E:73:36:F2:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sf_ufb9_RWbqnjBUaywqLnM28vQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/2fcbb2-c3c0-4b1e-8ad5-7f5f78346d6f/1/fIN0CuyWjIdLGQA-5hoaOxgsCEU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/2fcbb2-c3c0-4b1e-8ad5-7f5f78346d6f/1/sf_ufb9_RWbqnjBUaywqLnM28vQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.174.80.0/21
IPv6:
2a04:2f80::/29
Signature Algorithm: sha256WithRSAEncryption
34:c4:ac:63:ac:aa:eb:b0:09:a5:34:d1:24:1a:fa:73:27:b8:
b9:b9:e6:0c:49:56:04:de:d5:f7:7d:fa:c1:97:5b:e4:c4:48:
0c:ab:f2:47:ae:d5:a4:05:2a:8f:7a:25:9e:25:6e:9c:2e:68:
a2:7c:dc:97:5a:bd:d2:6e:68:88:00:2f:ab:19:ea:ae:92:e9:
96:39:cc:55:69:2a:c4:af:8b:4f:61:93:62:99:f2:fc:6e:09:
06:7f:61:65:dc:e4:e1:32:40:60:bd:ad:4b:ad:7c:6a:2b:4d:
01:04:cd:4a:59:0a:5f:e3:05:43:20:1b:44:26:7d:60:27:58:
7e:85:9f:74:8b:60:02:57:20:8c:e1:54:58:25:14:16:cb:79:
a4:6f:2a:dd:df:99:2d:78:5d:59:a7:f7:fd:75:e4:03:56:b7:
45:25:16:81:c7:57:b6:a0:94:2e:89:75:6f:55:e6:89:6f:0d:
61:b5:9c:e5:8d:22:df:19:b8:34:73:7c:55:c3:a7:46:fc:15:
56:f6:4f:b8:77:10:dc:7d:1d:9c:e1:34:34:e0:24:a5:6f:de:
5c:26:4c:ad:d5:c9:e6:4f:e4:0e:a8:f9:d2:bb:3a:ba:02:8e:
db:58:cb:fd:e0:7b:85:fc:e5:ba:2b:3b:b7:1e:87:4f:6d:4b:
a6:f0:58:fb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQnSAEf+gb2uwXzzkSVZpEkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxZmZlZTdkYmY3ZjQ1NjZlYTllMzA1NDZiMmMyYTJlNzMz
NmYyZjQwHhcNMjUwMTAyMTM1MDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzgzNzQwYWVjOTY4Yzg3NGIxOTAwM2VlNjFhMWEzYjE4MmMwODQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAydgnOwrN4cK7Dqu6Id0CImv8bgYN
j+eTLtOVRk3ZBgI7rE7BXQrIjfCPtnMv8JVSag7LtzbP7OsxU5qY7zOS/+jIyauc
jZvY6gQP8rhVFYx35rDkIC4yQzElB11X65abTuxp5ox9Lvm+yeHjFxFe+FlQDy2J
aOM+gal8fNR6c0FDoGui+pQ+Yd7oqreU9aCpRJuvxHNTXj0eMmPl8+wAfhR/0B26
GgADDwiE5R7lRWhrq/ovFoIv2lKbPTkgBhWmLVeXlxHj2kQegMMHu03nvetikFZT
O11qTASIDUcbAQ5tjNYmcjY5bDkqfa12v+HAQ1RTPD1K6HjjK4rMYwjCiwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHyDdArsloyHSxkAPuYaGjsYLAhFMB8GA1UdIwQY
MBaAFLH/7n2/f0Vm6p4wVGssKi5zNvL0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2ZfdWZiOV9SV2JxbmpCVWF5d3FMbk0yOHZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8yZmNiYjItYzNjMC00YjFlLThhZDUt
N2Y1Zjc4MzQ2ZDZmLzEvZklOMEN1eVdqSWRMR1FBLTVob2FPeGdzQ0VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8yZmNiYjItYzNjMC00YjFlLThhZDUtN2Y1Zjc4MzQ2ZDZm
LzEvc2ZfdWZiOV9SV2JxbmpCVWF5d3FMbk0yOHZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDX65QMA0E
AgACMAcDBQMqBC+AMA0GCSqGSIb3DQEBCwUAA4IBAQA0xKxjrKrrsAmlNNEkGvpz
J7i5ueYMSVYE3tX3ffrBl1vkxEgMq/JHrtWkBSqPeiWeJW6cLmiifNyXWr3SbmiI
AC+rGequkumWOcxVaSrEr4tPYZNimfL8bgkGf2Fl3OThMkBgva1LrXxqK00BBM1K
WQpf4wVDIBtEJn1gJ1h+hZ90i2ACVyCM4VRYJRQWy3mkbyrd35kteF1Zp/f9deQD
VrdFJRaBx1e2oJQuiXVvVeaJbw1htZzljSLfGbg0c3xVw6dG/BVW9k+4dxDcfR2c
4TQ04CSlb95cJkyt1cnmT+QOqPnSuzq6Ao7bWMv94HuF/OW6Kzu3HodPbUum8Fj7
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:18:52 2025 by rpki-client