Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/9355ef-e0bf-4c63-99a7-7852206213e0/1/DSv-iSXA3wX9nDodPQXtYNJDYLQ.roa
File: DSv-iSXA3wX9nDodPQXtYNJDYLQ.roa (raw, json)
Hash identifier: rLpTuxbTjwB1kMP3m7oQHgnYLtGjlIXTCssqGQyXU8s=
Subject key identifier: 0D:2B:FE:89:25:C0:DF:05:FD:9C:3A:1D:3D:05:ED:60:D2:43:60:B4
Certificate issuer: /CN=8fbc7f1707b6d0b22bcd8180f4fbb1b63efc99f9
Certificate serial: 019427B5C99ABB29F6926940DC16A19AFB31
Authority key identifier: 8F:BC:7F:17:07:B6:D0:B2:2B:CD:81:80:F4:FB:B1:B6:3E:FC:99:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j7x_Fwe20LIrzYGA9Puxtj78mfk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/9355ef-e0bf-4c63-99a7-7852206213e0/1/DSv-iSXA3wX9nDodPQXtYNJDYLQ.roa
Signing time: Thu 02 Jan 2025 15:50:12 +0000
ROA not before: Thu 02 Jan 2025 15:50:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42000
IP address blocks: 185.99.68.0/22 maxlen: 22
2a00:1790::/29 maxlen: 29
2a00:1790:613::/48 maxlen: 48
2a00:1791::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/9355ef-e0bf-4c63-99a7-7852206213e0/1/j7x_Fwe20LIrzYGA9Puxtj78mfk.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/9355ef-e0bf-4c63-99a7-7852206213e0/1/j7x_Fwe20LIrzYGA9Puxtj78mfk.mft
rsync://rpki.ripe.net/repository/DEFAULT/j7x_Fwe20LIrzYGA9Puxtj78mfk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:c9:9a:bb:29:f6:92:69:40:dc:16:a1:9a:fb:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8fbc7f1707b6d0b22bcd8180f4fbb1b63efc99f9
Validity
Not Before: Jan 2 15:50:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0d2bfe8925c0df05fd9c3a1d3d05ed60d24360b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:25:4f:0d:2a:5e:83:4d:81:90:6f:7f:44:c9:
e6:7c:39:49:f0:04:4d:21:04:ae:d6:67:2a:12:87:
42:5a:23:64:3a:be:5c:69:a1:ab:59:f7:6c:66:42:
4d:c9:8e:52:9b:5f:ea:98:2e:85:ce:9e:1b:1d:1d:
42:97:9c:ea:bc:08:2a:dd:81:91:49:86:f2:42:3f:
9b:df:3b:78:ac:31:ac:4a:db:4a:62:da:af:5e:8b:
b7:ba:d2:ca:43:9b:09:63:26:79:f3:42:73:70:10:
af:6b:6d:9e:d5:0a:49:37:ad:f0:3e:8e:85:34:e5:
e1:5e:1b:1c:0f:52:d6:57:55:dd:c8:ff:ef:2b:85:
1b:a4:9c:1f:a3:0b:37:09:f1:23:69:78:23:0b:0a:
dd:6e:31:8a:d8:84:2f:44:ef:b2:f5:f0:a3:75:e4:
7a:3a:93:df:18:ff:3b:69:e8:3e:59:cf:a1:ad:35:
08:a7:2b:1f:2e:18:a9:59:b1:0b:02:51:ff:b3:2c:
b3:c8:fe:0f:0f:f6:c4:b1:8e:3a:27:7c:1d:f5:1f:
1b:40:83:51:c7:26:6a:09:a5:c3:15:91:1b:8f:dd:
f3:16:9a:c9:49:ac:fa:e1:4a:a7:01:17:49:4e:a4:
d5:a9:dd:1c:66:71:8c:2c:0f:03:e2:e6:b4:7e:8b:
18:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:2B:FE:89:25:C0:DF:05:FD:9C:3A:1D:3D:05:ED:60:D2:43:60:B4
X509v3 Authority Key Identifier:
keyid:8F:BC:7F:17:07:B6:D0:B2:2B:CD:81:80:F4:FB:B1:B6:3E:FC:99:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j7x_Fwe20LIrzYGA9Puxtj78mfk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/9355ef-e0bf-4c63-99a7-7852206213e0/1/DSv-iSXA3wX9nDodPQXtYNJDYLQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/9355ef-e0bf-4c63-99a7-7852206213e0/1/j7x_Fwe20LIrzYGA9Puxtj78mfk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.99.68.0/22
IPv6:
2a00:1790::/29
Signature Algorithm: sha256WithRSAEncryption
34:cd:92:9b:0d:e6:5d:e6:1d:d0:ef:9f:bd:83:a2:7d:3d:df:
8b:c3:27:d4:d2:9e:90:fd:87:2b:f5:dc:bb:65:f6:19:99:41:
b6:d4:a3:6d:7d:b4:85:f4:ab:83:00:bd:0e:e3:7a:50:0d:7c:
41:73:b7:d2:d4:76:ef:91:06:c7:a9:09:00:87:06:b8:32:fc:
88:6c:8b:50:38:0d:d3:76:5c:28:ae:f4:04:e7:31:20:81:39:
03:3f:74:ea:15:93:d1:d1:a5:fe:bc:c8:0d:ca:a4:20:af:eb:
79:38:45:04:86:c2:86:b7:4b:dd:f5:4d:f6:d2:b9:aa:f3:41:
f1:8c:cb:bd:57:ef:ee:7f:a3:1e:04:8b:48:c2:67:25:27:23:
2c:13:66:1f:0f:08:33:46:a0:b1:3e:8b:c2:9f:06:cb:d1:e7:
18:67:0f:ea:6a:4a:e1:b7:c9:7a:e7:c5:11:7f:61:27:5d:31:
fd:93:ea:fa:fa:f0:c4:13:bf:ff:df:be:2f:93:a9:3e:42:8b:
da:0e:88:ae:83:c5:df:14:95:99:a6:a4:8c:8b:11:35:fc:7d:
1f:ea:ba:9f:6b:f1:8b:c2:1a:46:8c:ac:91:4d:7e:1a:9b:bd:
da:a8:fa:8c:84:3b:19:09:f3:eb:cb:86:16:2a:93:63:f2:c5:
6e:1f:c2:be
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQntcmauyn2kmlA3BahmvsxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmYmM3ZjE3MDdiNmQwYjIyYmNkODE4MGY0ZmJiMWI2M2Vm
Yzk5ZjkwHhcNMjUwMTAyMTU1MDEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDJiZmU4OTI1YzBkZjA1ZmQ5YzNhMWQzZDA1ZWQ2MGQyNDM2MGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsiVPDSpeg02BkG9/RMnmfDlJ8ARN
IQSu1mcqEodCWiNkOr5caaGrWfdsZkJNyY5Sm1/qmC6Fzp4bHR1Cl5zqvAgq3YGR
SYbyQj+b3zt4rDGsSttKYtqvXou3utLKQ5sJYyZ580JzcBCva22e1QpJN63wPo6F
NOXhXhscD1LWV1XdyP/vK4UbpJwfows3CfEjaXgjCwrdbjGK2IQvRO+y9fCjdeR6
OpPfGP87aeg+Wc+hrTUIpysfLhipWbELAlH/syyzyP4PD/bEsY46J3wd9R8bQINR
xyZqCaXDFZEbj93zFprJSaz64UqnARdJTqTVqd0cZnGMLA8D4ua0fosYCQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFA0r/oklwN8F/Zw6HT0F7WDSQ2C0MB8GA1UdIwQY
MBaAFI+8fxcHttCyK82BgPT7sbY+/Jn5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajd4X0Z3ZTIwTElyellHQTlQdXh0ajc4bWZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS85MzU1ZWYtZTBiZi00YzYzLTk5YTct
Nzg1MjIwNjIxM2UwLzEvRFN2LWlTWEEzd1g5bkRvZFBRWHRZTkpEWUxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS85MzU1ZWYtZTBiZi00YzYzLTk5YTctNzg1MjIwNjIxM2Uw
LzEvajd4X0Z3ZTIwTElyellHQTlQdXh0ajc4bWZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWNEMA0E
AgACMAcDBQMqABeQMA0GCSqGSIb3DQEBCwUAA4IBAQA0zZKbDeZd5h3Q75+9g6J9
Pd+LwyfU0p6Q/Ycr9dy7ZfYZmUG21KNtfbSF9KuDAL0O43pQDXxBc7fS1HbvkQbH
qQkAhwa4MvyIbItQOA3TdlworvQE5zEggTkDP3TqFZPR0aX+vMgNyqQgr+t5OEUE
hsKGt0vd9U320rmq80HxjMu9V+/uf6MeBItIwmclJyMsE2YfDwgzRqCxPovCnwbL
0ecYZw/qakrht8l658URf2EnXTH9k+r6+vDEE7//374vk6k+QovaDoiug8XfFJWZ
pqSMixE1/H0f6rqfa/GLwhpGjKyRTX4am73aqPqMhDsZCfPry4YWKpNj8sVuH8K+
-----END CERTIFICATE-----
Generated at Thu Mar 13 07:07:39 2025 by rpki-client