Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/09af2b-64f7-4c1d-abd4-d07464b9b378/1/4DlDfpniYRoqx5RnbBQ2QyX4S0s.roa
File: 4DlDfpniYRoqx5RnbBQ2QyX4S0s.roa (raw, json)
Hash identifier: 6W2AtaQBI78k64Wvc+o0EJDF11ZLR+JxMn3tTY6KLb4=
Subject key identifier: E0:39:43:7E:99:E2:61:1A:2A:C7:94:67:6C:14:36:43:25:F8:4B:4B
Certificate issuer: /CN=fc13f7fa237f89d011233bac7328c2219ba7d62c
Certificate serial: 0194228E32B3C19CDA7F477387C2F00D05DC
Authority key identifier: FC:13:F7:FA:23:7F:89:D0:11:23:3B:AC:73:28:C2:21:9B:A7:D6:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_BP3-iN_idARIzuscyjCIZun1iw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/09af2b-64f7-4c1d-abd4-d07464b9b378/1/4DlDfpniYRoqx5RnbBQ2QyX4S0s.roa
Signing time: Wed 01 Jan 2025 15:48:51 +0000
ROA not before: Wed 01 Jan 2025 15:48:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8469
IP address blocks: 5.61.80.0/21 maxlen: 24
62.40.0.0/19 maxlen: 24
80.87.160.0/20 maxlen: 24
185.32.32.0/22 maxlen: 24
195.82.64.0/19 maxlen: 24
195.82.80.0/24 maxlen: 24
195.94.64.0/19 maxlen: 24
195.135.128.0/18 maxlen: 24
195.227.0.0/16 maxlen: 24
212.237.160.0/21 maxlen: 24
2001:1440::/32 maxlen: 32
2a00:5f40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/09af2b-64f7-4c1d-abd4-d07464b9b378/1/_BP3-iN_idARIzuscyjCIZun1iw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/09af2b-64f7-4c1d-abd4-d07464b9b378/1/_BP3-iN_idARIzuscyjCIZun1iw.mft
rsync://rpki.ripe.net/repository/DEFAULT/_BP3-iN_idARIzuscyjCIZun1iw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:32:b3:c1:9c:da:7f:47:73:87:c2:f0:0d:05:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc13f7fa237f89d011233bac7328c2219ba7d62c
Validity
Not Before: Jan 1 15:48:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e039437e99e2611a2ac794676c14364325f84b4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:d0:ba:10:0e:ec:ff:4d:65:72:96:df:e4:ff:
1b:ad:eb:d2:b5:3b:91:a3:01:f3:65:79:f7:cf:cb:
d7:01:2e:0e:b5:6c:b5:60:08:4d:77:32:3d:97:66:
fb:f5:e9:e2:20:73:ed:f0:6a:34:12:a6:62:a8:47:
e2:5e:20:f0:36:63:42:52:85:af:06:73:a1:4e:d8:
24:c6:b4:4f:80:97:f8:5a:83:f8:ee:04:79:1a:8f:
9a:63:28:0a:ac:c4:d1:1c:d6:7f:27:17:8e:3b:43:
a5:48:e6:2d:62:b7:25:04:c7:1d:38:0a:23:99:fa:
65:cb:8d:6f:32:80:02:3f:d1:76:8d:ca:17:9b:31:
17:83:bc:59:6e:a1:88:fc:a6:02:f8:3d:6c:51:ff:
e2:7c:bf:b2:ce:8c:97:06:b1:bd:1f:db:fd:7e:5e:
e9:a3:19:06:68:47:bb:38:5e:74:b6:3e:5d:fc:7c:
60:47:c4:43:50:e1:0b:d0:f6:6b:cd:09:8a:f9:36:
11:7a:5e:05:55:dd:c1:19:ae:97:99:95:1b:8c:91:
d6:bc:91:96:56:c9:05:17:a4:0e:f8:24:86:9d:8e:
32:41:ed:c2:27:1e:4f:b0:04:c4:02:2d:c0:5c:ba:
6b:85:54:40:53:55:e4:a7:e5:61:32:4f:e5:a2:7e:
3b:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:39:43:7E:99:E2:61:1A:2A:C7:94:67:6C:14:36:43:25:F8:4B:4B
X509v3 Authority Key Identifier:
keyid:FC:13:F7:FA:23:7F:89:D0:11:23:3B:AC:73:28:C2:21:9B:A7:D6:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_BP3-iN_idARIzuscyjCIZun1iw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/09af2b-64f7-4c1d-abd4-d07464b9b378/1/4DlDfpniYRoqx5RnbBQ2QyX4S0s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/09af2b-64f7-4c1d-abd4-d07464b9b378/1/_BP3-iN_idARIzuscyjCIZun1iw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.80.0/21
62.40.0.0/19
80.87.160.0/20
185.32.32.0/22
195.82.64.0/19
195.94.64.0/19
195.135.128.0/18
195.227.0.0/16
212.237.160.0/21
IPv6:
2001:1440::/32
2a00:5f40::/29
Signature Algorithm: sha256WithRSAEncryption
07:68:1c:79:4a:fb:26:c1:8e:84:29:59:0c:3c:ab:0b:7a:cb:
61:da:5d:98:aa:09:8d:5a:d7:cc:6a:f1:e1:b7:e1:06:fc:c4:
87:71:a4:57:9c:d2:75:9a:76:d2:e6:68:98:4e:05:28:46:63:
47:f8:0c:d2:29:f1:00:51:e0:1b:6a:f2:94:f7:ac:a8:8f:6b:
62:f6:ca:76:4d:85:5c:03:d9:6d:85:67:90:60:ef:8f:11:bf:
f3:64:a0:dd:f3:8c:ad:f3:a8:c0:8f:c8:be:21:18:53:5c:a6:
35:66:20:0d:b3:ca:bd:c0:6d:87:61:00:3a:64:2e:ef:b2:ac:
0a:29:70:1a:3a:92:f0:04:a9:4e:68:b8:4a:57:3c:05:4b:f3:
98:c0:0f:48:28:b7:c5:aa:ed:24:1c:da:1d:d0:c5:79:d4:a5:
a4:e8:64:27:c1:70:7e:9d:a9:c4:47:5a:8f:66:45:fe:80:a0:
28:9f:ab:6a:26:81:2f:f5:91:dc:57:77:65:fc:3f:09:dd:80:
4d:8c:8b:f7:b3:86:f1:b7:c8:21:82:2b:f8:86:72:e7:03:ff:
91:cb:07:c8:ed:5c:0e:e8:23:cc:69:a5:bb:94:7d:f9:01:a3:
26:b0:60:57:22:f8:49:e1:21:07:c6:91:99:ab:26:d9:bc:c7:
9f:a7:c0:1f
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAZQijjKzwZzaf0dzh8LwDQXcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjMTNmN2ZhMjM3Zjg5ZDAxMTIzM2JhYzczMjhjMjIxOWJh
N2Q2MmMwHhcNMjUwMTAxMTU0ODUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDM5NDM3ZTk5ZTI2MTFhMmFjNzk0Njc2YzE0MzY0MzI1Zjg0YjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAztC6EA7s/01lcpbf5P8brevStTuR
owHzZXn3z8vXAS4OtWy1YAhNdzI9l2b79eniIHPt8Go0EqZiqEfiXiDwNmNCUoWv
BnOhTtgkxrRPgJf4WoP47gR5Go+aYygKrMTRHNZ/JxeOO0OlSOYtYrclBMcdOAoj
mfply41vMoACP9F2jcoXmzEXg7xZbqGI/KYC+D1sUf/ifL+yzoyXBrG9H9v9fl7p
oxkGaEe7OF50tj5d/HxgR8RDUOEL0PZrzQmK+TYRel4FVd3BGa6XmZUbjJHWvJGW
VskFF6QO+CSGnY4yQe3CJx5PsATEAi3AXLprhVRAU1Xkp+VhMk/lon47rQIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFOA5Q36Z4mEaKseUZ2wUNkMl+EtLMB8GA1UdIwQY
MBaAFPwT9/ojf4nQESM7rHMowiGbp9YsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0JQMy1pTl9pZEFSSXp1c2N5akNJWnVuMWl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8wOWFmMmItNjRmNy00YzFkLWFiZDQt
ZDA3NDY0YjliMzc4LzEvNERsRGZwbmlZUm9xeDVSbmJCUTJReVg0UzBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8wOWFmMmItNjRmNy00YzFkLWFiZDQtZDA3NDY0YjliMzc4
LzEvX0JQMy1pTl9pZEFSSXp1c2N5akNJWnVuMWl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzA7BAIAATA1AwQDBT1QAwQF
PigAAwQEUFegAwQCuSAgAwQFw1JAAwQFw15AAwQGw4eAAwMAw+MDBAPU7aAwFAQC
AAIwDgMFACABFEADBQMqAF9AMA0GCSqGSIb3DQEBCwUAA4IBAQAHaBx5SvsmwY6E
KVkMPKsLesth2l2YqgmNWtfMavHht+EG/MSHcaRXnNJ1mnbS5miYTgUoRmNH+AzS
KfEAUeAbavKU96yoj2ti9sp2TYVcA9lthWeQYO+PEb/zZKDd84yt86jAj8i+IRhT
XKY1ZiANs8q9wG2HYQA6ZC7vsqwKKXAaOpLwBKlOaLhKVzwFS/OYwA9IKLfFqu0k
HNod0MV51KWk6GQnwXB+nanER1qPZkX+gKAon6tqJoEv9ZHcV3dl/D8J3YBNjIv3
s4bxt8ghgiv4hnLnA/+RywfI7VwO6CPMaaW7lH35AaMmsGBXIvhJ4SEHxpGZqybZ
vMefp8Af
-----END CERTIFICATE-----
Generated at Thu Mar 13 07:14:51 2025 by rpki-client