Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/Sf-fnn87zqI6IDyZOCzOmqlh3ZM.roa
File: Sf-fnn87zqI6IDyZOCzOmqlh3ZM.roa (raw, json)
Hash identifier: ys8hXeVOTWclda1oWzQD6jxmP+pwlIxNYEQ2N3HNoIA=
Subject key identifier: 49:FF:9F:9E:7F:3B:CE:A2:3A:20:3C:99:38:2C:CE:9A:A9:61:DD:93
Certificate issuer: /CN=ed30a131718560a34ab3493884e858ec431f6ad1
Certificate serial: 019421B246E5AB84449C53F0561B60E3A70A
Authority key identifier: ED:30:A1:31:71:85:60:A3:4A:B3:49:38:84:E8:58:EC:43:1F:6A:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7TChMXGFYKNKs0k4hOhY7EMfatE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/Sf-fnn87zqI6IDyZOCzOmqlh3ZM.roa
Signing time: Wed 01 Jan 2025 11:48:39 +0000
ROA not before: Wed 01 Jan 2025 11:48:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47285
IP address blocks: 185.105.236.0/24 maxlen: 24
185.105.238.0/24 maxlen: 24
194.36.175.0/24 maxlen: 24
2a10:ab00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/7TChMXGFYKNKs0k4hOhY7EMfatE.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/7TChMXGFYKNKs0k4hOhY7EMfatE.mft
rsync://rpki.ripe.net/repository/DEFAULT/7TChMXGFYKNKs0k4hOhY7EMfatE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 11 Apr 2025 01:01:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:46:e5:ab:84:44:9c:53:f0:56:1b:60:e3:a7:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed30a131718560a34ab3493884e858ec431f6ad1
Validity
Not Before: Jan 1 11:48:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=49ff9f9e7f3bcea23a203c99382cce9aa961dd93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:15:4c:e6:6e:cb:97:b1:05:6a:51:77:60:92:
1b:09:d2:58:22:6e:ae:24:0e:45:75:47:91:57:d5:
ac:ef:b1:33:44:c7:37:7f:d3:a5:d8:c0:db:0a:05:
07:b5:93:5b:75:09:85:ab:ab:0f:11:1d:b9:4e:9f:
9e:6e:94:a3:af:6d:46:85:70:8e:72:bb:11:86:84:
4b:9d:3d:74:a0:a3:b2:cc:84:af:5a:e2:8d:6a:a2:
7f:0a:a9:1b:91:1c:18:65:67:de:7b:34:a9:73:32:
64:8c:b9:5d:33:bf:55:6c:8a:ce:0d:73:5e:fe:3b:
e8:49:a6:8c:53:5d:7c:54:85:ff:c7:61:d3:2d:73:
d5:ab:bd:0e:ff:24:69:fb:d9:70:02:78:92:12:1b:
d8:6f:39:53:ce:2a:ab:b8:ca:31:be:9f:c3:b2:87:
30:da:dc:64:f4:30:c0:67:c6:80:33:1d:86:25:d2:
23:67:6f:be:cc:1e:9e:da:8c:8d:7b:74:55:47:7a:
f5:14:98:d5:66:0d:6e:9a:16:f9:56:c1:99:b5:74:
03:a0:ec:1e:fa:75:ae:85:98:07:58:62:42:14:4b:
85:22:8d:5b:d1:c6:94:b8:97:01:cc:5c:d2:1d:45:
f1:cb:94:a1:83:25:ad:e5:80:0e:f1:63:7a:61:23:
91:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:FF:9F:9E:7F:3B:CE:A2:3A:20:3C:99:38:2C:CE:9A:A9:61:DD:93
X509v3 Authority Key Identifier:
keyid:ED:30:A1:31:71:85:60:A3:4A:B3:49:38:84:E8:58:EC:43:1F:6A:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7TChMXGFYKNKs0k4hOhY7EMfatE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/Sf-fnn87zqI6IDyZOCzOmqlh3ZM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/7TChMXGFYKNKs0k4hOhY7EMfatE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.105.236.0/24
185.105.238.0/24
194.36.175.0/24
IPv6:
2a10:ab00::/29
Signature Algorithm: sha256WithRSAEncryption
29:ef:b1:98:a1:d9:dc:0d:c1:b0:ca:07:38:4f:df:1c:48:0d:
24:b4:13:42:72:ec:5d:ac:92:d0:be:c5:4d:37:e4:fa:38:2e:
ec:47:fe:c1:9c:7b:8b:84:18:05:4e:a3:7a:8d:11:bc:64:b8:
07:5f:ea:18:63:86:e4:d4:81:90:32:9f:c9:96:31:e0:db:4d:
a3:b9:28:a5:c2:55:87:3c:f6:4f:4d:c9:d1:ab:d3:a7:05:c9:
94:88:52:f8:2a:89:28:4e:db:85:d3:85:d8:41:2a:a1:ef:79:
02:83:65:80:04:49:98:ec:53:1a:b8:6f:5c:7c:08:69:31:67:
e9:f1:65:ad:b6:9a:d5:03:ce:e9:39:57:0a:bb:04:c1:c9:c7:
14:2b:5e:6d:8b:c4:2c:0b:d2:e5:ff:1c:43:b1:44:d3:3f:4c:
37:a4:d9:25:12:1b:9b:28:16:56:30:7e:3c:78:18:12:37:d4:
d7:cc:15:8a:db:0f:b4:40:1a:7f:30:31:b5:6c:c7:76:82:56:
d9:47:51:e1:cf:30:c2:b9:75:60:db:75:f9:1e:04:df:cf:d2:
80:79:bb:ea:34:06:9b:06:0a:02:34:8f:9f:bf:aa:e0:aa:39:
d9:30:a1:e4:48:0f:ee:f1:0c:5f:47:d4:b3:0a:5d:a3:f6:10:
12:ec:50:7e
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQhskblq4REnFPwVhtg46cKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkMzBhMTMxNzE4NTYwYTM0YWIzNDkzODg0ZTg1OGVjNDMx
ZjZhZDEwHhcNMjUwMTAxMTE0ODM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWZmOWY5ZTdmM2JjZWEyM2EyMDNjOTkzODJjY2U5YWE5NjFkZDkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAshVM5m7Ll7EFalF3YJIbCdJYIm6u
JA5FdUeRV9Ws77EzRMc3f9Ol2MDbCgUHtZNbdQmFq6sPER25Tp+ebpSjr21GhXCO
crsRhoRLnT10oKOyzISvWuKNaqJ/CqkbkRwYZWfeezSpczJkjLldM79VbIrODXNe
/jvoSaaMU118VIX/x2HTLXPVq70O/yRp+9lwAniSEhvYbzlTziqruMoxvp/Dsocw
2txk9DDAZ8aAMx2GJdIjZ2++zB6e2oyNe3RVR3r1FJjVZg1umhb5VsGZtXQDoOwe
+nWuhZgHWGJCFEuFIo1b0caUuJcBzFzSHUXxy5ShgyWt5YAO8WN6YSORKwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFEn/n55/O86iOiA8mTgszpqpYd2TMB8GA1UdIwQY
MBaAFO0woTFxhWCjSrNJOIToWOxDH2rRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1RDaE1YR0ZZS05LczBrNGhPaFk3RU1mYXRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi81YjA3MDItMTZlNy00NjI3LWFlMTkt
NGIzYjFiNjNiNmFiLzEvU2YtZm5uODd6cUk2SUR5Wk9Dek9tcWxoM1pNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi81YjA3MDItMTZlNy00NjI3LWFlMTktNGIzYjFiNjNiNmFi
LzEvN1RDaE1YR0ZZS05LczBrNGhPaFk3RU1mYXRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAuWnsAwQA
uWnuAwQAwiSvMA0EAgACMAcDBQMqEKsAMA0GCSqGSIb3DQEBCwUAA4IBAQAp77GY
odncDcGwygc4T98cSA0ktBNCcuxdrJLQvsVNN+T6OC7sR/7BnHuLhBgFTqN6jRG8
ZLgHX+oYY4bk1IGQMp/JljHg202juSilwlWHPPZPTcnRq9OnBcmUiFL4KokoTtuF
04XYQSqh73kCg2WABEmY7FMauG9cfAhpMWfp8WWttprVA87pOVcKuwTByccUK15t
i8QsC9Ll/xxDsUTTP0w3pNklEhubKBZWMH48eBgSN9TXzBWK2w+0QBp/MDG1bMd2
glbZR1HhzzDCuXVg23X5HgTfz9KAebvqNAabBgoCNI+fv6rgqjnZMKHkSA/u8Qxf
R9SzCl2j9hAS7FB+
-----END CERTIFICATE-----
Generated at Thu Apr 10 11:04:05 2025 by rpki-client