Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/EqvJ7znghs9RHDW0PyHlazG165s.roa
File: EqvJ7znghs9RHDW0PyHlazG165s.roa (raw, json)
Hash identifier: Jg9RQl0tB2+f/sgwkNuxN1g2oHizK5dZZ/6mKmAJi8E=
Subject key identifier: 12:AB:C9:EF:39:E0:86:CF:51:1C:35:B4:3F:21:E5:6B:31:B5:EB:9B
Certificate issuer: /CN=568fe35cc962633a2757af10a0e6e8ab6d01f4c9
Certificate serial: 0194244558EA8C4CF75F3CFB3278852C0D60
Authority key identifier: 56:8F:E3:5C:C9:62:63:3A:27:57:AF:10:A0:E6:E8:AB:6D:01:F4:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vo_jXMliYzonV68QoOboq20B9Mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/EqvJ7znghs9RHDW0PyHlazG165s.roa
Signing time: Wed 01 Jan 2025 23:48:32 +0000
ROA not before: Wed 01 Jan 2025 23:48:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48678
IP address blocks: 212.98.224.0/24 maxlen: 24
212.115.30.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/Vo_jXMliYzonV68QoOboq20B9Mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/Vo_jXMliYzonV68QoOboq20B9Mk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Vo_jXMliYzonV68QoOboq20B9Mk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 03:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:58:ea:8c:4c:f7:5f:3c:fb:32:78:85:2c:0d:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=568fe35cc962633a2757af10a0e6e8ab6d01f4c9
Validity
Not Before: Jan 1 23:48:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=12abc9ef39e086cf511c35b43f21e56b31b5eb9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:78:35:03:5d:b6:1e:b0:a1:e3:a9:e0:92:87:
f7:53:0a:9b:32:f6:03:5a:e2:4d:fe:b0:6d:13:ea:
42:94:0a:ba:9b:1e:2a:b9:66:82:53:ad:f0:fc:b8:
9b:22:3e:c4:e9:6f:98:88:7a:77:ab:97:0b:ad:fe:
af:f1:5c:7e:82:0d:fd:3e:04:ad:62:3b:18:92:2c:
60:7d:02:28:9a:46:1b:6d:53:85:70:6c:91:22:22:
19:69:1e:2f:26:87:d8:1e:36:a5:e1:7e:55:72:5e:
29:26:91:63:09:35:09:23:3e:46:28:7b:ea:63:f7:
78:30:9f:d7:19:46:e0:dc:e4:c9:2f:c6:21:1e:86:
03:0c:a4:7e:2a:0e:3b:c5:f7:45:b0:a5:93:ce:64:
61:05:c4:2a:75:58:76:c1:e4:89:ff:67:d0:0e:f6:
92:94:30:c4:97:a3:ee:5b:fa:3c:90:0c:6a:44:66:
2b:66:61:70:cc:be:9e:56:ed:5a:7b:26:d7:3e:54:
f9:9e:72:73:65:17:c1:7c:47:be:12:9a:7a:eb:70:
ea:5d:c6:14:3f:6a:e3:57:0a:5a:dd:08:5b:f7:9c:
2f:5a:b0:96:9d:4c:05:2f:f5:b5:15:c3:b3:a3:b4:
02:17:1b:16:b9:4b:c2:be:12:5f:21:b8:ff:95:cf:
82:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:AB:C9:EF:39:E0:86:CF:51:1C:35:B4:3F:21:E5:6B:31:B5:EB:9B
X509v3 Authority Key Identifier:
keyid:56:8F:E3:5C:C9:62:63:3A:27:57:AF:10:A0:E6:E8:AB:6D:01:F4:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vo_jXMliYzonV68QoOboq20B9Mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/EqvJ7znghs9RHDW0PyHlazG165s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/Vo_jXMliYzonV68QoOboq20B9Mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.98.224.0/24
212.115.30.0/24
Signature Algorithm: sha256WithRSAEncryption
c6:33:ff:87:3f:27:14:7b:73:da:d9:33:6b:48:57:cd:f1:26:
42:c9:da:f6:da:5a:cc:42:f7:c5:13:a5:73:c6:06:7f:25:55:
e2:f6:2e:be:f8:cb:7f:92:d4:4e:a8:0e:12:81:ca:a4:3c:d2:
e3:7b:af:c9:fd:57:a4:eb:81:33:da:da:09:2d:57:45:5e:5b:
8b:f8:f9:c2:a1:98:6e:a6:4c:f1:8b:5b:de:99:8e:4a:a3:a9:
78:87:d7:41:7c:7e:70:14:0b:45:2a:04:27:85:2b:1f:3f:f2:
89:dc:59:62:7a:5d:3c:99:e5:7e:cf:80:16:29:c3:b9:33:0b:
dc:67:05:55:23:91:ff:cb:1e:d9:45:e0:ba:dd:5a:11:a0:1e:
1c:16:a9:5d:69:88:64:eb:13:cf:a5:64:40:f6:7d:bf:f5:da:
82:1c:30:f1:19:97:c8:ad:bf:75:08:02:e3:b7:e5:72:66:67:
14:4e:88:fe:90:47:b4:5e:36:43:b0:43:d8:83:ec:7f:7e:dc:
1e:10:2f:8e:f8:ce:a0:16:e5:41:90:36:21:9a:fe:78:d7:18:
ca:87:c2:3b:25:86:ae:b8:1b:48:2a:62:56:0a:01:b3:fc:c1:
30:f6:4a:2f:f9:de:6b:65:e1:49:13:99:fd:13:55:5f:49:e7:
65:89:38:82
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQkRVjqjEz3Xzz7MniFLA1gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2OGZlMzVjYzk2MjYzM2EyNzU3YWYxMGEwZTZlOGFiNmQw
MWY0YzkwHhcNMjUwMTAxMjM0ODMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMmFiYzllZjM5ZTA4NmNmNTExYzM1YjQzZjIxZTU2YjMxYjVlYjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs3g1A122HrCh46ngkof3UwqbMvYD
WuJN/rBtE+pClAq6mx4quWaCU63w/LibIj7E6W+YiHp3q5cLrf6v8Vx+gg39PgSt
YjsYkixgfQIomkYbbVOFcGyRIiIZaR4vJofYHjal4X5Vcl4pJpFjCTUJIz5GKHvq
Y/d4MJ/XGUbg3OTJL8YhHoYDDKR+Kg47xfdFsKWTzmRhBcQqdVh2weSJ/2fQDvaS
lDDEl6PuW/o8kAxqRGYrZmFwzL6eVu1aeybXPlT5nnJzZRfBfEe+Epp663DqXcYU
P2rjVwpa3Qhb95wvWrCWnUwFL/W1FcOzo7QCFxsWuUvCvhJfIbj/lc+CpwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBKrye854IbPURw1tD8h5WsxteubMB8GA1UdIwQY
MBaAFFaP41zJYmM6J1evEKDm6KttAfTJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVm9falhNbGlZem9uVjY4UW9PYm9xMjBCOU1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC8zN2ViZTYtOGJmZS00YzFmLWExODMt
ODNkNjQ4Zjc5NzQ2LzEvRXF2Sjd6bmdoczlSSERXMFB5SGxhekcxNjVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC8zN2ViZTYtOGJmZS00YzFmLWExODMtODNkNjQ4Zjc5NzQ2
LzEvVm9falhNbGlZem9uVjY4UW9PYm9xMjBCOU1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA1GLgAwQA
1HMeMA0GCSqGSIb3DQEBCwUAA4IBAQDGM/+HPycUe3Pa2TNrSFfN8SZCydr22lrM
QvfFE6VzxgZ/JVXi9i6++Mt/ktROqA4SgcqkPNLje6/J/Vek64Ez2toJLVdFXluL
+PnCoZhupkzxi1vemY5Ko6l4h9dBfH5wFAtFKgQnhSsfP/KJ3Fliel08meV+z4AW
KcO5MwvcZwVVI5H/yx7ZReC63VoRoB4cFqldaYhk6xPPpWRA9n2/9dqCHDDxGZfI
rb91CALjt+VyZmcUToj+kEe0XjZDsEPYg+x/ftweEC+O+M6gFuVBkDYhmv541xjK
h8I7JYauuBtIKmJWCgGz/MEw9kov+d5rZeFJE5n9E1VfSedliTiC
-----END CERTIFICATE-----
Generated at Mon Apr 7 12:06:28 2025 by rpki-client