Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/bc0a25-933a-4f5a-a5f3-9dcfd2ef3023/1/j06EmkksF4YrV0BvXtZ5BQd7X_0.roa
File: j06EmkksF4YrV0BvXtZ5BQd7X_0.roa (raw, json)
Hash identifier: W1w1cQpGhDndwAuyI1OFa9FFiGMVh7oMpQVYkrYTonk=
Subject key identifier: 8F:4E:84:9A:49:2C:17:86:2B:57:40:6F:5E:D6:79:05:07:7B:5F:FD
Certificate issuer: /CN=dd5f2e7cc2c687f58c0d1f6132bb2dcfdf38cb64
Certificate serial: 019427480AEA1719C3C2F441D587EF7342C9
Authority key identifier: DD:5F:2E:7C:C2:C6:87:F5:8C:0D:1F:61:32:BB:2D:CF:DF:38:CB:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3V8ufMLGh_WMDR9hMrstz984y2Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/bc0a25-933a-4f5a-a5f3-9dcfd2ef3023/1/j06EmkksF4YrV0BvXtZ5BQd7X_0.roa
Signing time: Thu 02 Jan 2025 13:50:20 +0000
ROA not before: Thu 02 Jan 2025 13:50:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43824
IP address blocks: 109.75.64.0/24 maxlen: 24
109.75.65.0/24 maxlen: 24
109.75.66.0/24 maxlen: 24
109.75.67.0/24 maxlen: 24
109.75.68.0/24 maxlen: 24
109.75.69.0/24 maxlen: 24
109.75.70.0/24 maxlen: 24
109.75.71.0/24 maxlen: 24
109.75.72.0/24 maxlen: 24
109.75.73.0/24 maxlen: 24
109.75.74.0/24 maxlen: 24
109.75.75.0/24 maxlen: 24
109.75.76.0/24 maxlen: 24
109.75.77.0/24 maxlen: 24
109.75.79.0/24 maxlen: 24
185.204.48.0/24 maxlen: 24
185.204.49.0/24 maxlen: 24
185.204.50.0/24 maxlen: 24
185.204.51.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/bc0a25-933a-4f5a-a5f3-9dcfd2ef3023/1/3V8ufMLGh_WMDR9hMrstz984y2Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/1b/bc0a25-933a-4f5a-a5f3-9dcfd2ef3023/1/3V8ufMLGh_WMDR9hMrstz984y2Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/3V8ufMLGh_WMDR9hMrstz984y2Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 10:07:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:0a:ea:17:19:c3:c2:f4:41:d5:87:ef:73:42:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd5f2e7cc2c687f58c0d1f6132bb2dcfdf38cb64
Validity
Not Before: Jan 2 13:50:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8f4e849a492c17862b57406f5ed67905077b5ffd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:e9:27:b8:c8:07:7a:e1:c1:80:6d:03:33:82:
17:06:e0:a1:a3:ff:4b:7a:42:e4:b2:0e:4d:aa:e7:
92:e1:e8:d3:24:dd:a2:21:45:2c:dd:1e:8c:73:ac:
93:d8:49:d6:9b:a3:43:be:3a:42:af:66:52:f1:7e:
5c:87:19:8a:3d:4a:da:7d:38:35:97:ed:fa:e2:c0:
bf:1d:40:10:da:8c:26:91:92:f4:a9:bf:05:97:51:
f6:f2:db:57:ba:1b:b3:14:2a:b6:c1:69:31:3e:d1:
63:4c:86:1c:55:55:41:a0:f4:53:51:28:e7:88:63:
97:71:86:bd:90:b5:79:f5:f1:28:aa:72:6b:03:8f:
a3:73:7d:7b:0d:b9:dd:9f:37:6c:75:86:41:8d:28:
c5:01:f0:21:2c:ae:94:0d:2d:c3:de:fd:55:62:d7:
53:61:ca:3b:ba:3b:d6:44:48:d4:1c:65:b4:2f:be:
c0:de:6b:2c:00:af:e8:43:b1:d5:98:89:bd:7d:8b:
d5:ae:b0:54:77:6e:cb:62:97:ba:e8:3e:03:d0:85:
c2:96:2b:c1:0e:4b:e9:8a:47:e6:2e:d2:0c:9e:16:
bf:b1:f1:00:03:9b:8e:dd:82:51:e2:bd:f9:e8:dc:
5a:94:91:51:05:f9:54:c1:cb:52:7d:fa:00:6f:50:
85:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:4E:84:9A:49:2C:17:86:2B:57:40:6F:5E:D6:79:05:07:7B:5F:FD
X509v3 Authority Key Identifier:
keyid:DD:5F:2E:7C:C2:C6:87:F5:8C:0D:1F:61:32:BB:2D:CF:DF:38:CB:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3V8ufMLGh_WMDR9hMrstz984y2Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/bc0a25-933a-4f5a-a5f3-9dcfd2ef3023/1/j06EmkksF4YrV0BvXtZ5BQd7X_0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/bc0a25-933a-4f5a-a5f3-9dcfd2ef3023/1/3V8ufMLGh_WMDR9hMrstz984y2Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.75.64.0-109.75.77.255
109.75.79.0/24
185.204.48.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:7c:f8:40:02:87:b4:0e:93:af:e2:c1:a3:b1:2f:47:c5:8d:
a5:a7:84:e2:ae:fd:7b:9b:b5:88:07:a4:43:43:7b:da:ee:16:
da:e5:f3:23:c6:fa:62:c8:b1:d1:61:af:f2:48:01:2b:63:e3:
f4:d3:c3:82:53:f1:6f:a0:9e:1a:b5:91:aa:b1:a2:e8:6f:d1:
36:37:80:13:0b:e8:7d:19:c1:50:ec:df:5f:cd:dd:4e:58:3f:
64:70:d9:a6:82:05:a8:b9:73:9a:a2:6c:5e:bd:bd:c9:90:6a:
95:d5:68:eb:90:8a:48:7a:28:a8:48:8a:20:95:34:f7:a0:b9:
cb:1d:af:94:b6:c1:54:47:ba:4b:37:aa:90:b9:ca:f4:22:ec:
48:a7:aa:02:2b:1e:f2:0c:d6:94:2f:c1:88:64:98:32:66:9e:
cf:ea:8f:13:8b:13:82:81:8f:94:0e:57:63:86:99:84:e5:99:
f1:e3:15:7d:52:7b:f9:8d:73:a6:9c:93:54:b2:7c:ef:3e:22:
1f:41:0f:cb:db:03:c0:b2:63:ad:00:cf:e5:d5:99:41:7e:37:
38:29:4f:6f:84:4f:d1:27:75:8a:8f:2a:3f:33:7f:7c:13:22:
b9:4b:76:d3:d9:1c:77:4c:6d:6b:42:53:78:c0:fa:fc:a0:74:
34:35:e8:eb
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQnSArqFxnDwvRB1Yfvc0LJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNWYyZTdjYzJjNjg3ZjU4YzBkMWY2MTMyYmIyZGNmZGYz
OGNiNjQwHhcNMjUwMTAyMTM1MDIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjRlODQ5YTQ5MmMxNzg2MmI1NzQwNmY1ZWQ2NzkwNTA3N2I1ZmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8uknuMgHeuHBgG0DM4IXBuCho/9L
ekLksg5NqueS4ejTJN2iIUUs3R6Mc6yT2EnWm6NDvjpCr2ZS8X5chxmKPUrafTg1
l+364sC/HUAQ2owmkZL0qb8Fl1H28ttXuhuzFCq2wWkxPtFjTIYcVVVBoPRTUSjn
iGOXcYa9kLV59fEoqnJrA4+jc317DbndnzdsdYZBjSjFAfAhLK6UDS3D3v1VYtdT
Yco7ujvWREjUHGW0L77A3mssAK/oQ7HVmIm9fYvVrrBUd27LYpe66D4D0IXClivB
DkvpikfmLtIMnha/sfEAA5uO3YJR4r356NxalJFRBflUwctSffoAb1CFgQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFI9OhJpJLBeGK1dAb17WeQUHe1/9MB8GA1UdIwQY
MBaAFN1fLnzCxof1jA0fYTK7Lc/fOMtkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1Y4dWZNTEdoX1dNRFI5aE1yc3R6OTg0eTJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi9iYzBhMjUtOTMzYS00ZjVhLWE1ZjMt
OWRjZmQyZWYzMDIzLzEvajA2RW1ra3NGNFlyVjBCdlh0WjVCUWQ3WF8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi9iYzBhMjUtOTMzYS00ZjVhLWE1ZjMtOWRjZmQyZWYzMDIz
LzEvM1Y4dWZNTEdoX1dNRFI5aE1yc3R6OTg0eTJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAZtS0AD
BAFtS0wDBABtS08DBAK5zDAwDQYJKoZIhvcNAQELBQADggEBAB58+EACh7QOk6/i
waOxL0fFjaWnhOKu/XubtYgHpENDe9ruFtrl8yPG+mLIsdFhr/JIAStj4/TTw4JT
8W+gnhq1kaqxouhv0TY3gBML6H0ZwVDs31/N3U5YP2Rw2aaCBai5c5qibF69vcmQ
apXVaOuQikh6KKhIiiCVNPegucsdr5S2wVRHuks3qpC5yvQi7EinqgIrHvIM1pQv
wYhkmDJmns/qjxOLE4KBj5QOV2OGmYTlmfHjFX1Se/mNc6ack1SyfO8+Ih9BD8vb
A8CyY60Az+XVmUF+NzgpT2+ET9EndYqPKj8zf3wTIrlLdtPZHHdMbWtCU3jA+vyg
dDQ16Os=
-----END CERTIFICATE-----
Generated at Sun Apr 6 21:04:48 2025 by rpki-client