Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/THoss3qX9ggNaIx9MssWt8dF9cs.roa
File: THoss3qX9ggNaIx9MssWt8dF9cs.roa (raw, json)
Hash identifier: lddYscsC9WWXqXk/CKT6eni3Y6p0rpSS4tBt83PgI6s=
Subject key identifier: 4C:7A:2C:B3:7A:97:F6:08:0D:68:8C:7D:32:CB:16:B7:C7:45:F5:CB
Certificate issuer: /CN=ed77e6b925b3b7a7abb92885d55d733dc5fa62d2
Certificate serial: 0194266B1DEAED5F0FC746A26DCD80A8B31B
Authority key identifier: ED:77:E6:B9:25:B3:B7:A7:AB:B9:28:85:D5:5D:73:3D:C5:FA:62:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7XfmuSWzt6eruSiF1V1zPcX6YtI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/THoss3qX9ggNaIx9MssWt8dF9cs.roa
Signing time: Thu 02 Jan 2025 09:49:01 +0000
ROA not before: Thu 02 Jan 2025 09:49:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202314
IP address blocks: 139.28.206.0/24 maxlen: 24
2a06:1e86::/32 maxlen: 48
2a0d:1a41:cafe::/48 maxlen: 48
2a0d:1a45:666::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/7XfmuSWzt6eruSiF1V1zPcX6YtI.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/7XfmuSWzt6eruSiF1V1zPcX6YtI.mft
rsync://rpki.ripe.net/repository/DEFAULT/7XfmuSWzt6eruSiF1V1zPcX6YtI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 15:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:1d:ea:ed:5f:0f:c7:46:a2:6d:cd:80:a8:b3:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed77e6b925b3b7a7abb92885d55d733dc5fa62d2
Validity
Not Before: Jan 2 09:49:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4c7a2cb37a97f6080d688c7d32cb16b7c745f5cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a5:ab:b1:d5:10:8c:fd:9a:e1:0e:fc:8a:b7:
34:2f:41:2d:18:6b:96:f2:3f:c5:1e:f4:8b:e7:45:
f4:ba:47:64:a0:a2:c6:da:0d:91:f5:79:ee:74:c7:
a1:5d:bb:33:b2:45:76:10:8f:da:2c:75:85:78:9f:
3a:36:c9:90:e0:01:a6:ff:bc:40:bd:0c:df:f4:9d:
12:3f:b9:d5:9f:bc:6c:02:13:a2:0a:e2:28:fa:d9:
fa:a7:73:8e:f2:df:07:fa:c2:32:7c:d3:df:f1:3b:
78:5c:e5:a6:bb:ca:77:10:6c:4c:d7:da:3e:06:50:
e9:66:0b:de:d6:a0:02:18:fc:87:e4:61:87:78:70:
83:fc:ef:54:91:20:d3:49:0c:29:52:7c:50:7e:ee:
d3:d7:e3:20:0e:ad:8d:fa:ec:a9:22:28:8a:6b:83:
5f:58:69:05:90:72:e4:95:25:3e:6c:11:d8:d0:1e:
3a:0b:2e:b9:b9:10:ab:5d:69:1e:2e:2b:ae:07:61:
62:13:71:a1:dc:88:fb:de:8f:f5:31:69:66:88:dd:
66:92:c7:b2:7b:b2:6b:77:0e:07:59:a7:46:28:a5:
47:49:3a:f8:30:28:56:2c:a5:9f:74:81:b3:2a:32:
aa:64:4d:d8:fe:25:bd:7d:9d:72:9b:28:ca:ef:68:
b5:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:7A:2C:B3:7A:97:F6:08:0D:68:8C:7D:32:CB:16:B7:C7:45:F5:CB
X509v3 Authority Key Identifier:
keyid:ED:77:E6:B9:25:B3:B7:A7:AB:B9:28:85:D5:5D:73:3D:C5:FA:62:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7XfmuSWzt6eruSiF1V1zPcX6YtI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/THoss3qX9ggNaIx9MssWt8dF9cs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/7XfmuSWzt6eruSiF1V1zPcX6YtI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.206.0/24
IPv6:
2a06:1e86::/32
2a0d:1a41:cafe::/48
2a0d:1a45:666::/48
Signature Algorithm: sha256WithRSAEncryption
5c:38:bc:3e:cb:29:8a:57:f4:2a:f7:e7:54:27:e0:67:7b:7f:
e3:ac:4b:08:c8:53:a0:22:a7:d0:f8:65:6e:5d:a6:29:11:fd:
a9:84:af:f0:2b:1b:2e:64:48:32:04:aa:a0:b8:c0:0e:7b:f3:
d6:82:1a:e4:3c:f3:ff:2d:37:af:3b:23:53:bb:8d:e7:c7:99:
7a:ab:57:9c:da:f8:fa:fa:ee:d2:f8:d3:65:5f:21:6c:0a:ac:
62:29:d8:fc:32:ab:77:df:1e:76:6b:10:90:9d:9f:d0:25:8d:
f5:ca:c8:f4:42:94:c3:78:95:b4:03:dc:a6:41:87:e6:1b:4e:
4d:82:fe:2f:67:2e:af:16:26:3a:2a:66:30:9a:8d:08:7c:a2:
f4:ba:b1:b1:32:01:13:ff:4f:20:6a:8e:da:7d:30:52:d7:d0:
9e:b3:92:8f:55:85:6a:ce:03:09:30:e9:c8:08:3c:44:4a:65:
ca:8c:06:55:67:48:be:7e:cb:1b:2b:f4:71:33:35:d7:11:3c:
7c:ad:46:c4:98:c2:58:75:90:89:a6:1c:94:99:fe:a1:ed:f9:
e2:a5:bd:c9:e5:b3:37:22:1e:aa:58:22:ac:88:8c:06:e6:dd:
c7:c1:91:3e:c5:25:8c:14:5c:9b:79:35:49:aa:b4:97:79:de:
7b:e9:31:fb
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQmax3q7V8Px0aibc2AqLMbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkNzdlNmI5MjViM2I3YTdhYmI5Mjg4NWQ1NWQ3MzNkYzVm
YTYyZDIwHhcNMjUwMTAyMDk0OTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzdhMmNiMzdhOTdmNjA4MGQ2ODhjN2QzMmNiMTZiN2M3NDVmNWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqWrsdUQjP2a4Q78irc0L0EtGGuW
8j/FHvSL50X0ukdkoKLG2g2R9XnudMehXbszskV2EI/aLHWFeJ86NsmQ4AGm/7xA
vQzf9J0SP7nVn7xsAhOiCuIo+tn6p3OO8t8H+sIyfNPf8Tt4XOWmu8p3EGxM19o+
BlDpZgve1qACGPyH5GGHeHCD/O9UkSDTSQwpUnxQfu7T1+MgDq2N+uypIiiKa4Nf
WGkFkHLklSU+bBHY0B46Cy65uRCrXWkeLiuuB2FiE3Gh3Ij73o/1MWlmiN1mksey
e7Jrdw4HWadGKKVHSTr4MChWLKWfdIGzKjKqZE3Y/iW9fZ1ymyjK72i1yQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFEx6LLN6l/YIDWiMfTLLFrfHRfXLMB8GA1UdIwQY
MBaAFO135rkls7enq7kohdVdcz3F+mLSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1hmbXVTV3p0NmVydVNpRjFWMXpQY1g2WXRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9kODM3NzctNWJhOC00ZjFlLTg1MWMt
OTI4MTlkZThhMDM2LzEvVEhvc3MzcVg5Z2dOYUl4OU1zc1d0OGRGOWNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9kODM3NzctNWJhOC00ZjFlLTg1MWMtOTI4MTlkZThhMDM2
LzEvN1hmbXVTV3p0NmVydVNpRjFWMXpQY1g2WXRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAMBAIAATAGAwQAixzOMB8E
AgACMBkDBQAqBh6GAwcAKg0aQcr+AwcAKg0aRQZmMA0GCSqGSIb3DQEBCwUAA4IB
AQBcOLw+yymKV/Qq9+dUJ+Bne3/jrEsIyFOgIqfQ+GVuXaYpEf2phK/wKxsuZEgy
BKqguMAOe/PWghrkPPP/LTevOyNTu43nx5l6q1ec2vj6+u7S+NNlXyFsCqxiKdj8
Mqt33x52axCQnZ/QJY31ysj0QpTDeJW0A9ymQYfmG05Ngv4vZy6vFiY6KmYwmo0I
fKL0urGxMgET/08gao7afTBS19Ces5KPVYVqzgMJMOnICDxESmXKjAZVZ0i+fssb
K/RxMzXXETx8rUbEmMJYdZCJphyUmf6h7fnipb3J5bM3Ih6qWCKsiIwG5t3HwZE+
xSWMFFybeTVJqrSXed576TH7
-----END CERTIFICATE-----
Generated at Sat Apr 5 00:35:44 2025 by rpki-client