Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/4b128d-ed47-41c1-aaf0-dfe6c5eb1f7c/1/dC8gOmayB-chyoQvohvN-0T41MI.roa
File: dC8gOmayB-chyoQvohvN-0T41MI.roa (raw, json)
Hash identifier: CEU2++abo0F1b85LSOtJ8mERuDAvIcX+n86rAzfnRdQ=
Subject key identifier: 74:2F:20:3A:66:B2:07:E7:21:CA:84:2F:A2:1B:CD:FB:44:F8:D4:C2
Certificate issuer: /CN=61658d5efa2a0a3c36c9239374258a98f7fda388
Certificate serial: 0194258EF2FD8619BA7C945F618E44CC2FC8
Authority key identifier: 61:65:8D:5E:FA:2A:0A:3C:36:C9:23:93:74:25:8A:98:F7:FD:A3:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YWWNXvoqCjw2ySOTdCWKmPf9o4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/4b128d-ed47-41c1-aaf0-dfe6c5eb1f7c/1/dC8gOmayB-chyoQvohvN-0T41MI.roa
Signing time: Thu 02 Jan 2025 05:48:32 +0000
ROA not before: Thu 02 Jan 2025 05:48:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8771
IP address blocks: 78.30.128.0/18 maxlen: 18
109.121.64.0/19 maxlen: 19
109.121.96.0/20 maxlen: 20
194.247.192.0/19 maxlen: 19
213.198.192.0/18 maxlen: 18
213.240.0.0/19 maxlen: 19
213.240.36.0/22 maxlen: 22
213.240.40.0/21 maxlen: 21
213.240.40.0/23 maxlen: 23
213.240.48.0/20 maxlen: 20
2a00:1108::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/4b128d-ed47-41c1-aaf0-dfe6c5eb1f7c/1/YWWNXvoqCjw2ySOTdCWKmPf9o4g.crl
rsync://rpki.ripe.net/repository/DEFAULT/05/4b128d-ed47-41c1-aaf0-dfe6c5eb1f7c/1/YWWNXvoqCjw2ySOTdCWKmPf9o4g.mft
rsync://rpki.ripe.net/repository/DEFAULT/YWWNXvoqCjw2ySOTdCWKmPf9o4g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:f2:fd:86:19:ba:7c:94:5f:61:8e:44:cc:2f:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61658d5efa2a0a3c36c9239374258a98f7fda388
Validity
Not Before: Jan 2 05:48:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=742f203a66b207e721ca842fa21bcdfb44f8d4c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:d3:ee:12:1d:2a:62:df:6c:e8:1f:31:6d:ee:
0c:26:b2:6f:6e:00:d9:59:52:42:3b:ea:3c:df:07:
b8:4a:09:48:64:5b:19:db:fb:55:39:90:64:d5:19:
a3:1a:8b:7e:e9:3a:0a:96:7e:f8:58:84:38:b4:d7:
08:51:48:1d:93:d6:2e:b1:63:08:41:7a:cf:b0:4c:
a5:c4:f3:6d:e2:97:d7:78:1a:31:a9:4e:dc:c4:5a:
0f:b6:2d:a1:40:45:7a:ec:d1:ce:f1:a4:58:e3:5d:
39:bd:cc:c4:1f:2c:90:52:65:33:28:37:40:69:bc:
93:07:bf:02:3d:c9:bf:de:7a:46:c6:33:c3:da:a4:
b0:53:8c:73:ec:56:6e:44:ef:54:ab:c8:0f:7b:39:
b5:dc:b6:34:2b:be:ad:4d:7a:d1:53:cf:fb:ed:cd:
03:dc:31:c1:68:0f:e6:17:5c:cf:24:a0:1e:53:b4:
88:1d:a3:ed:1d:df:03:42:eb:fb:bd:34:08:dd:df:
50:f7:80:4e:74:75:da:bb:2e:df:14:76:85:ea:f0:
2d:1c:70:3a:be:12:c5:63:5f:e5:be:14:0a:47:db:
36:d7:5b:c1:eb:60:e9:1a:2c:d0:fd:71:6b:3b:8c:
69:5c:81:48:09:74:b8:00:47:71:3f:b8:a4:d5:e9:
89:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:2F:20:3A:66:B2:07:E7:21:CA:84:2F:A2:1B:CD:FB:44:F8:D4:C2
X509v3 Authority Key Identifier:
keyid:61:65:8D:5E:FA:2A:0A:3C:36:C9:23:93:74:25:8A:98:F7:FD:A3:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YWWNXvoqCjw2ySOTdCWKmPf9o4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/4b128d-ed47-41c1-aaf0-dfe6c5eb1f7c/1/dC8gOmayB-chyoQvohvN-0T41MI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/4b128d-ed47-41c1-aaf0-dfe6c5eb1f7c/1/YWWNXvoqCjw2ySOTdCWKmPf9o4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.30.128.0/18
109.121.64.0-109.121.111.255
194.247.192.0/19
213.198.192.0/18
213.240.0.0/19
213.240.36.0-213.240.63.255
IPv6:
2a00:1108::/32
Signature Algorithm: sha256WithRSAEncryption
ae:30:7e:5a:33:26:74:37:fe:7c:86:0c:a7:22:1c:61:e3:99:
e5:7c:49:a9:cc:ed:fd:5c:7c:2c:44:f0:b8:28:50:f6:73:c7:
ca:2e:7a:05:6d:92:e7:a8:f7:b6:5d:a9:69:f0:e8:09:c2:35:
e0:16:ec:f4:aa:dc:6e:27:dd:32:26:fe:5b:75:e7:13:b2:db:
01:e5:e9:48:f0:00:e3:b4:4d:9b:f9:df:02:8f:b5:54:91:18:
0d:59:8c:b0:b7:18:c3:41:c5:66:06:34:57:de:b7:4b:fd:c8:
00:3c:4a:f4:dd:02:7c:9f:bf:62:b7:66:54:89:b2:09:80:25:
2e:f8:39:f2:97:3c:dc:05:2f:dc:be:9b:6d:11:80:74:f7:c7:
fa:b9:70:93:a8:25:27:2f:bf:28:26:17:ed:d5:8c:0d:4d:c8:
37:0e:a7:c0:9b:2f:aa:0a:19:f2:17:25:c9:91:ae:c7:91:75:
9e:6e:42:29:da:ab:ab:7b:d1:3f:31:a4:2c:b3:14:6b:5c:24:
ba:ac:cb:af:4d:0d:f3:b8:db:c2:a8:7e:9a:e1:84:3d:b8:51:
b1:d3:92:e8:ea:1a:6f:d9:5c:36:3e:e6:92:15:6f:0a:53:2b:
ea:70:ef:a3:6c:de:5f:f9:5b:16:2f:90:9b:53:50:b0:00:fb:
82:c6:c0:f2
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgISAZQljvL9hhm6fJRfYY5EzC/IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxNjU4ZDVlZmEyYTBhM2MzNmM5MjM5Mzc0MjU4YTk4Zjdm
ZGEzODgwHhcNMjUwMTAyMDU0ODMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDJmMjAzYTY2YjIwN2U3MjFjYTg0MmZhMjFiY2RmYjQ0ZjhkNGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5dPuEh0qYt9s6B8xbe4MJrJvbgDZ
WVJCO+o83we4SglIZFsZ2/tVOZBk1RmjGot+6ToKln74WIQ4tNcIUUgdk9YusWMI
QXrPsEylxPNt4pfXeBoxqU7cxFoPti2hQEV67NHO8aRY4105vczEHyyQUmUzKDdA
abyTB78CPcm/3npGxjPD2qSwU4xz7FZuRO9Uq8gPezm13LY0K76tTXrRU8/77c0D
3DHBaA/mF1zPJKAeU7SIHaPtHd8DQuv7vTQI3d9Q94BOdHXauy7fFHaF6vAtHHA6
vhLFY1/lvhQKR9s211vB62DpGizQ/XFrO4xpXIFICXS4AEdxP7ik1emJWwIDAQAB
o4ICRjCCAkIwHQYDVR0OBBYEFHQvIDpmsgfnIcqEL6IbzftE+NTCMB8GA1UdIwQY
MBaAFGFljV76Kgo8Nskjk3Qlipj3/aOIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVdXTlh2b3FDancyeVNPVGRDV0ttUGY5bzRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS80YjEyOGQtZWQ0Ny00MWMxLWFhZjAt
ZGZlNmM1ZWIxZjdjLzEvZEM4Z09tYXlCLWNoeW9Rdm9odk4tMFQ0MU1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS80YjEyOGQtZWQ0Ny00MWMxLWFhZjAtZGZlNmM1ZWIxZjdj
LzEvWVdXTlh2b3FDancyeVNPVGRDV0ttUGY5bzRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFwGCCsGAQUFBwEHAQH/BE0wSzA6BAIAATA0AwQGTh6AMAwD
BAZteUADBARteWADBAXC98ADBAbVxsADBAXV8AAwDAMEAtXwJAMEBtXwADANBAIA
AjAHAwUAKgARCDANBgkqhkiG9w0BAQsFAAOCAQEArjB+WjMmdDf+fIYMpyIcYeOZ
5XxJqczt/Vx8LETwuChQ9nPHyi56BW2S56j3tl2pafDoCcI14Bbs9KrcbifdMib+
W3XnE7LbAeXpSPAA47RNm/nfAo+1VJEYDVmMsLcYw0HFZgY0V963S/3IADxK9N0C
fJ+/YrdmVImyCYAlLvg58pc83AUv3L6bbRGAdPfH+rlwk6glJy+/KCYX7dWMDU3I
Nw6nwJsvqgoZ8hclyZGux5F1nm5CKdqrq3vRPzGkLLMUa1wkuqzLr00N87jbwqh+
muGEPbhRsdOS6Ooab9lcNj7mkhVvClMr6nDvo2zeX/lbFi+Qm1NQsAD7gsbA8g==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:43:08 2025 by rpki-client