Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/e5195d-6698-4604-9114-68b3768f50dc/1/S1Ts1tmRBXYi-ijSPHwLnC2EFiI.roa
File: S1Ts1tmRBXYi-ijSPHwLnC2EFiI.roa (raw, json)
Hash identifier: RZYdWEyp7eB0JTzdxGKYT9kYsY0nvo8GSZ1zPOj2n8s=
Subject key identifier: 4B:54:EC:D6:D9:91:05:76:22:FA:28:D2:3C:7C:0B:9C:2D:84:16:22
Certificate issuer: /CN=4d7683d6ea539fef1b6b6dbdd74a31d05e5f0a23
Certificate serial: 0194266C0F404A2A8A50DCAF23853F1A4F36
Authority key identifier: 4D:76:83:D6:EA:53:9F:EF:1B:6B:6D:BD:D7:4A:31:D0:5E:5F:0A:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TXaD1upTn-8ba22910ox0F5fCiM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/e5195d-6698-4604-9114-68b3768f50dc/1/S1Ts1tmRBXYi-ijSPHwLnC2EFiI.roa
Signing time: Thu 02 Jan 2025 09:50:03 +0000
ROA not before: Thu 02 Jan 2025 09:50:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39605
IP address blocks: 62.182.100.0/24 maxlen: 24
78.40.120.0/21 maxlen: 24
158.58.176.0/21 maxlen: 24
185.60.92.0/22 maxlen: 24
193.84.18.0/24 maxlen: 24
2a02:4b8::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/e5195d-6698-4604-9114-68b3768f50dc/1/TXaD1upTn-8ba22910ox0F5fCiM.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/e5195d-6698-4604-9114-68b3768f50dc/1/TXaD1upTn-8ba22910ox0F5fCiM.mft
rsync://rpki.ripe.net/repository/DEFAULT/TXaD1upTn-8ba22910ox0F5fCiM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 22:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:0f:40:4a:2a:8a:50:dc:af:23:85:3f:1a:4f:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d7683d6ea539fef1b6b6dbdd74a31d05e5f0a23
Validity
Not Before: Jan 2 09:50:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4b54ecd6d991057622fa28d23c7c0b9c2d841622
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:26:c0:4b:48:ce:37:2f:d0:a3:d9:8d:2e:3b:
80:5c:f7:2b:1b:e7:01:b4:d6:26:81:5a:f8:37:9e:
9a:de:98:f5:0c:9b:6b:e3:e3:de:fc:5c:de:45:00:
b3:69:5c:36:07:c3:0c:aa:0c:da:81:d1:4b:55:1e:
88:39:6d:be:c9:32:f2:bc:4c:90:79:9d:c2:3c:bb:
b9:13:59:4b:07:2a:f0:db:d3:24:0c:f0:fc:50:18:
a6:13:dc:d4:64:99:93:71:1c:8d:a6:c6:4a:82:a8:
cd:08:91:11:cf:c8:d1:fd:8a:46:78:88:ac:d7:89:
04:f1:b4:39:d6:71:f1:64:50:63:ac:9c:ef:fd:b0:
e8:38:83:0d:ce:f2:9c:cc:24:d7:42:ff:4b:b1:27:
13:41:0e:4d:9c:2f:77:b5:f3:b8:01:d3:ed:de:fa:
15:df:0c:53:24:67:01:f4:4e:21:a0:af:85:ef:80:
a7:fd:b7:92:c4:cf:72:85:3a:2d:f0:f5:5d:52:63:
8e:1f:d6:01:49:8b:5c:13:b8:84:df:af:f4:12:89:
18:10:70:fb:61:7c:ab:0f:8e:de:23:83:b1:d1:7f:
39:f6:cc:de:12:1f:39:97:ec:8e:f5:8e:db:a3:2d:
44:42:c3:fe:65:02:2a:a1:00:c2:50:13:96:4e:4f:
f1:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:54:EC:D6:D9:91:05:76:22:FA:28:D2:3C:7C:0B:9C:2D:84:16:22
X509v3 Authority Key Identifier:
keyid:4D:76:83:D6:EA:53:9F:EF:1B:6B:6D:BD:D7:4A:31:D0:5E:5F:0A:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TXaD1upTn-8ba22910ox0F5fCiM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/e5195d-6698-4604-9114-68b3768f50dc/1/S1Ts1tmRBXYi-ijSPHwLnC2EFiI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/e5195d-6698-4604-9114-68b3768f50dc/1/TXaD1upTn-8ba22910ox0F5fCiM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.182.100.0/24
78.40.120.0/21
158.58.176.0/21
185.60.92.0/22
193.84.18.0/24
IPv6:
2a02:4b8::/29
Signature Algorithm: sha256WithRSAEncryption
45:d1:e6:4f:52:cc:8a:82:fb:7a:57:19:e3:68:33:df:c9:42:
4b:25:ae:01:f9:f9:d3:99:e1:d9:81:58:68:74:16:b1:73:57:
b7:ae:7c:36:4e:fa:43:c1:62:4b:72:11:43:c8:9e:5b:bc:0d:
14:82:8d:8f:49:20:d0:b1:ee:f5:4b:ba:e3:91:ee:b9:d3:59:
9b:39:48:00:db:1e:d2:23:06:44:88:7a:1a:45:16:cd:07:5e:
0d:32:07:cf:f1:bc:31:e6:69:2c:0f:d8:24:fd:ef:a6:08:f6:
01:fd:e0:d6:f0:48:b8:f5:62:eb:f1:d7:21:3f:9a:49:d7:a6:
9c:1f:0b:0f:72:e9:75:a8:c8:5c:0f:e8:18:d5:56:76:01:a1:
65:13:ff:56:4e:91:82:59:f5:ae:60:f7:02:97:e8:74:5d:fd:
54:cb:6b:62:a5:88:6e:52:f7:72:6b:43:86:fe:e8:ca:67:b6:
dd:21:e2:15:11:e5:06:f3:c0:39:8f:97:9a:9e:de:9a:de:35:
7a:d8:d0:fa:9d:ea:d0:19:5a:ae:db:52:e4:41:ec:64:41:d1:
3d:cf:9c:41:d8:e1:27:22:72:4c:be:33:58:22:eb:04:5d:70:
19:c7:e7:6e:d6:c7:67:35:25:97:22:bb:f7:1d:2e:de:33:6e:
d2:9f:35:e3
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQmbA9ASiqKUNyvI4U/Gk82MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkNzY4M2Q2ZWE1MzlmZWYxYjZiNmRiZGQ3NGEzMWQwNWU1
ZjBhMjMwHhcNMjUwMTAyMDk1MDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjU0ZWNkNmQ5OTEwNTc2MjJmYTI4ZDIzYzdjMGI5YzJkODQxNjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjSbAS0jONy/Qo9mNLjuAXPcrG+cB
tNYmgVr4N56a3pj1DJtr4+Pe/FzeRQCzaVw2B8MMqgzagdFLVR6IOW2+yTLyvEyQ
eZ3CPLu5E1lLByrw29MkDPD8UBimE9zUZJmTcRyNpsZKgqjNCJERz8jR/YpGeIis
14kE8bQ51nHxZFBjrJzv/bDoOIMNzvKczCTXQv9LsScTQQ5NnC93tfO4AdPt3voV
3wxTJGcB9E4hoK+F74Cn/beSxM9yhTot8PVdUmOOH9YBSYtcE7iE36/0EokYEHD7
YXyrD47eI4Ox0X859szeEh85l+yO9Y7boy1EQsP+ZQIqoQDCUBOWTk/xowIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFEtU7NbZkQV2Ivoo0jx8C5wthBYiMB8GA1UdIwQY
MBaAFE12g9bqU5/vG2ttvddKMdBeXwojMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFhhRDF1cFRuLThiYTIyOTEwb3gwRjVmQ2lNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9lNTE5NWQtNjY5OC00NjA0LTkxMTQt
NjhiMzc2OGY1MGRjLzEvUzFUczF0bVJCWFlpLWlqU1BId0xuQzJFRmlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9lNTE5NWQtNjY5OC00NjA0LTkxMTQtNjhiMzc2OGY1MGRj
LzEvVFhhRDF1cFRuLThiYTIyOTEwb3gwRjVmQ2lNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAPrZkAwQD
Tih4AwQDnjqwAwQCuTxcAwQAwVQSMA0EAgACMAcDBQMqAgS4MA0GCSqGSIb3DQEB
CwUAA4IBAQBF0eZPUsyKgvt6VxnjaDPfyUJLJa4B+fnTmeHZgVhodBaxc1e3rnw2
TvpDwWJLchFDyJ5bvA0Ugo2PSSDQse71S7rjke6501mbOUgA2x7SIwZEiHoaRRbN
B14NMgfP8bwx5mksD9gk/e+mCPYB/eDW8Ei49WLr8dchP5pJ16acHwsPcul1qMhc
D+gY1VZ2AaFlE/9WTpGCWfWuYPcCl+h0Xf1Uy2tipYhuUvdya0OG/ujKZ7bdIeIV
EeUG88A5j5eant6a3jV62ND6nerQGVqu21LkQexkQdE9z5xB2OEnInJMvjNYIusE
XXAZx+du1sdnNSWXIrv3HS7eM27SnzXj
-----END CERTIFICATE-----
Generated at Wed Apr 9 02:00:39 2025 by rpki-client