Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/2f78cf-3260-433b-9e91-e43a52b604ca/1/a4Rgp8ho7PzxQQPKwdBZtuvECRY.roa
File: a4Rgp8ho7PzxQQPKwdBZtuvECRY.roa (raw, json)
Hash identifier: RsAUUp6bEgrlBTHA6hUkPwZnwkAi94Oxg46FrwXwg0g=
Subject key identifier: 6B:84:60:A7:C8:68:EC:FC:F1:41:03:CA:C1:D0:59:B6:EB:C4:09:16
Certificate issuer: /CN=2453da50e879bba7d7cff4f07d2caa5e9c01087d
Certificate serial: 01941FFA2DED69324771F4B72E7EBCF18F9D
Authority key identifier: 24:53:DA:50:E8:79:BB:A7:D7:CF:F4:F0:7D:2C:AA:5E:9C:01:08:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JFPaUOh5u6fXz_TwfSyqXpwBCH0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/2f78cf-3260-433b-9e91-e43a52b604ca/1/a4Rgp8ho7PzxQQPKwdBZtuvECRY.roa
Signing time: Wed 01 Jan 2025 03:47:56 +0000
ROA not before: Wed 01 Jan 2025 03:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207291
IP address blocks: 2.57.236.0/24 maxlen: 24
141.136.40.0/24 maxlen: 24
195.191.140.0/24 maxlen: 24
195.191.176.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/2f78cf-3260-433b-9e91-e43a52b604ca/1/JFPaUOh5u6fXz_TwfSyqXpwBCH0.crl
rsync://rpki.ripe.net/repository/DEFAULT/18/2f78cf-3260-433b-9e91-e43a52b604ca/1/JFPaUOh5u6fXz_TwfSyqXpwBCH0.mft
rsync://rpki.ripe.net/repository/DEFAULT/JFPaUOh5u6fXz_TwfSyqXpwBCH0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 02:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:2d:ed:69:32:47:71:f4:b7:2e:7e:bc:f1:8f:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2453da50e879bba7d7cff4f07d2caa5e9c01087d
Validity
Not Before: Jan 1 03:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6b8460a7c868ecfcf14103cac1d059b6ebc40916
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:10:79:7b:66:f5:ec:7d:48:c1:9b:71:a3:8e:
c8:6d:96:c0:bf:f7:00:c6:fa:77:8c:1e:bd:7d:19:
59:ce:8b:c0:33:d0:e7:69:a5:80:c4:71:75:39:20:
3c:9b:a9:e5:db:d4:67:74:3d:79:b0:28:57:de:5f:
fc:2b:44:54:45:f3:55:98:14:1f:96:1b:3e:87:64:
68:7e:65:9a:20:2b:9f:e1:e0:3a:0c:d7:15:68:31:
ce:25:27:38:59:d0:84:6b:15:cd:64:9c:26:64:9b:
c6:38:dc:2e:4a:d9:c6:86:8e:f2:2f:8c:f2:c4:0f:
c4:f3:c7:75:18:79:d7:7f:d4:09:8c:7e:a6:f7:45:
95:5e:28:8f:7a:d0:67:47:49:64:58:b2:4b:5f:f1:
6e:21:e3:9b:35:11:1b:ce:9b:d1:1a:87:52:b9:1b:
2e:e0:3d:51:a0:9f:97:7a:92:cc:da:44:d4:11:a2:
c4:b4:5c:3b:45:00:71:0a:8c:24:08:79:74:5e:97:
a4:40:02:61:b7:b2:5a:6b:ab:e0:e6:dd:64:70:30:
b3:c6:5b:3f:e0:1e:30:70:31:36:c4:46:a0:4f:5b:
00:98:5f:d7:74:d0:a5:b5:c4:2c:ab:78:1b:c2:c1:
65:55:87:0e:39:cd:f9:14:9a:3b:02:8b:10:75:d9:
f6:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:84:60:A7:C8:68:EC:FC:F1:41:03:CA:C1:D0:59:B6:EB:C4:09:16
X509v3 Authority Key Identifier:
keyid:24:53:DA:50:E8:79:BB:A7:D7:CF:F4:F0:7D:2C:AA:5E:9C:01:08:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JFPaUOh5u6fXz_TwfSyqXpwBCH0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/2f78cf-3260-433b-9e91-e43a52b604ca/1/a4Rgp8ho7PzxQQPKwdBZtuvECRY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/2f78cf-3260-433b-9e91-e43a52b604ca/1/JFPaUOh5u6fXz_TwfSyqXpwBCH0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.236.0/24
141.136.40.0/24
195.191.140.0/24
195.191.176.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:30:c4:49:6e:c8:75:fd:34:25:54:4c:89:e9:8e:7e:bc:29:
fc:bb:b6:8d:17:7c:9f:39:4a:f4:39:e9:b6:37:00:56:47:07:
12:3d:ad:76:0b:95:bc:bb:cd:d2:f7:16:bb:41:dc:e5:4c:98:
03:48:06:86:d3:1a:a4:da:01:11:31:d6:0c:a1:d5:f3:72:72:
0a:01:b3:78:32:71:db:00:99:30:03:76:ac:75:bc:1b:8f:6e:
44:7a:3c:7c:af:7a:0f:35:e8:ad:de:ae:87:df:b9:7d:94:89:
3a:21:00:46:41:e5:40:cd:a9:e5:f9:5d:57:94:80:63:78:94:
c1:1f:dd:5d:1b:fd:3f:5e:ef:a5:5f:d6:67:6c:78:62:59:e0:
31:d9:5d:1f:e5:46:6a:05:cd:83:04:b7:e4:9d:28:e2:ba:75:
1e:48:aa:3d:b5:98:01:c7:bf:88:39:ac:29:63:79:e0:4a:03:
64:f8:d8:d3:f7:5d:4b:cf:38:de:e9:00:a8:ba:11:2a:58:bf:
34:a0:fb:c8:47:2e:42:2e:05:fe:82:6b:96:2c:b1:03:eb:1f:
e8:6f:be:b6:f3:a3:fb:02:4f:30:a5:62:5d:c8:b2:3d:f4:50:
a1:3d:3d:df:41:c6:9d:32:89:ef:ea:05:08:fe:0a:c6:76:8e:
4b:6c:b5:40
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQf+i3taTJHcfS3Ln688Y+dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0NTNkYTUwZTg3OWJiYTdkN2NmZjRmMDdkMmNhYTVlOWMw
MTA4N2QwHhcNMjUwMTAxMDM0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Yjg0NjBhN2M4NjhlY2ZjZjE0MTAzY2FjMWQwNTliNmViYzQwOTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmhB5e2b17H1IwZtxo47IbZbAv/cA
xvp3jB69fRlZzovAM9DnaaWAxHF1OSA8m6nl29RndD15sChX3l/8K0RURfNVmBQf
lhs+h2RofmWaICuf4eA6DNcVaDHOJSc4WdCEaxXNZJwmZJvGONwuStnGho7yL4zy
xA/E88d1GHnXf9QJjH6m90WVXiiPetBnR0lkWLJLX/FuIeObNREbzpvRGodSuRsu
4D1RoJ+XepLM2kTUEaLEtFw7RQBxCowkCHl0XpekQAJht7Jaa6vg5t1kcDCzxls/
4B4wcDE2xEagT1sAmF/XdNCltcQsq3gbwsFlVYcOOc35FJo7AosQddn29wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGuEYKfIaOz88UEDysHQWbbrxAkWMB8GA1UdIwQY
MBaAFCRT2lDoebun18/08H0sql6cAQh9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkZQYVVPaDV1NmZYel9Ud2ZTeXFYcHdCQ0gwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC8yZjc4Y2YtMzI2MC00MzNiLTllOTEt
ZTQzYTUyYjYwNGNhLzEvYTRSZ3A4aG83UHp4UVFQS3dkQlp0dXZFQ1JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC8yZjc4Y2YtMzI2MC00MzNiLTllOTEtZTQzYTUyYjYwNGNh
LzEvSkZQYVVPaDV1NmZYel9Ud2ZTeXFYcHdCQ0gwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAAjnsAwQA
jYgoAwQAw7+MAwQAw7+wMA0GCSqGSIb3DQEBCwUAA4IBAQAeMMRJbsh1/TQlVEyJ
6Y5+vCn8u7aNF3yfOUr0Oem2NwBWRwcSPa12C5W8u83S9xa7QdzlTJgDSAaG0xqk
2gERMdYModXzcnIKAbN4MnHbAJkwA3asdbwbj25Eejx8r3oPNeit3q6H37l9lIk6
IQBGQeVAzanl+V1XlIBjeJTBH91dG/0/Xu+lX9ZnbHhiWeAx2V0f5UZqBc2DBLfk
nSjiunUeSKo9tZgBx7+IOawpY3ngSgNk+NjT911Lzzje6QCouhEqWL80oPvIRy5C
LgX+gmuWLLED6x/ob76286P7Ak8wpWJdyLI99FChPT3fQcadMonv6gUI/grGdo5L
bLVA
-----END CERTIFICATE-----
Generated at Wed Apr 16 09:06:58 2025 by rpki-client