Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/ocjyC2jwDA6Rk88oFGWfNBa6O7c.roa
File: ocjyC2jwDA6Rk88oFGWfNBa6O7c.roa (raw, json)
Hash identifier: up4NQEqOBhPBKs8ybW1tNgCMgHUS+uI7TPV3nH5jRFI=
Subject key identifier: A1:C8:F2:0B:68:F0:0C:0E:91:93:CF:28:14:65:9F:34:16:BA:3B:B7
Certificate issuer: /CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Certificate serial: 019420687583ABA622189295866FA07F3D81
Authority key identifier: E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/ocjyC2jwDA6Rk88oFGWfNBa6O7c.roa
Signing time: Wed 01 Jan 2025 05:48:24 +0000
ROA not before: Wed 01 Jan 2025 05:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200923
IP address blocks: 95.140.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.mft
rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:75:83:ab:a6:22:18:92:95:86:6f:a0:7f:3d:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Validity
Not Before: Jan 1 05:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a1c8f20b68f00c0e9193cf2814659f3416ba3bb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:0c:b5:f9:3e:35:b2:2e:43:41:c2:93:3b:a9:
42:89:c6:16:84:ad:bf:11:d1:8e:f8:3b:86:82:17:
a3:7b:1f:b9:67:8e:ca:09:61:dc:94:50:d8:f0:ea:
69:2e:5e:ed:3f:89:94:c3:57:f2:47:ed:1a:ec:5a:
c6:64:50:fd:32:e8:2c:a3:82:a8:c3:e4:3d:f1:3d:
88:94:43:72:84:58:f5:b5:d8:73:a9:5a:63:8e:9e:
d7:c6:4d:d5:2c:e3:3e:21:b8:88:d1:dd:1b:09:4c:
64:56:18:6e:5e:e9:b7:5b:da:f1:10:60:cc:4e:13:
66:1a:bf:3d:48:32:00:90:11:40:16:ef:4d:76:a2:
17:15:82:fb:1d:ac:5e:47:6e:d5:5b:80:b6:56:a4:
9d:21:99:c0:7e:82:5c:30:17:2a:db:24:69:46:e2:
e1:51:bc:c3:00:41:2c:00:17:a0:a4:a6:90:ac:de:
d8:c3:8e:ce:90:49:12:a0:db:31:3d:01:86:46:60:
b2:1a:7f:af:74:85:13:0b:ba:d6:4f:01:e4:36:79:
1c:25:a0:3f:51:89:a5:3b:cd:3c:24:f6:cb:72:d1:
94:24:14:13:c9:e6:ab:ec:47:b3:54:67:3a:73:3d:
1d:e1:76:1e:da:32:38:d7:7f:b0:77:80:d7:7e:79:
cd:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:C8:F2:0B:68:F0:0C:0E:91:93:CF:28:14:65:9F:34:16:BA:3B:B7
X509v3 Authority Key Identifier:
keyid:E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/ocjyC2jwDA6Rk88oFGWfNBa6O7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.140.123.0/24
Signature Algorithm: sha256WithRSAEncryption
68:67:d5:5f:1e:a8:74:66:58:96:00:8f:f8:05:01:e3:d4:ef:
bc:5a:d1:cc:a8:59:32:32:93:9a:de:e6:da:c1:78:67:4b:3c:
bc:98:0b:7f:ba:b4:58:90:50:1b:58:bf:a6:77:bd:99:b1:d9:
bd:b1:ad:e6:07:60:4e:4b:8f:23:86:f4:73:cc:95:71:af:7f:
db:fc:d9:00:a2:87:16:60:ba:f7:46:63:cc:44:db:d4:84:2a:
02:84:43:56:15:b1:0e:de:e7:ab:d6:a9:f4:94:97:f8:fa:aa:
f7:e2:0c:be:cb:66:d9:a9:ef:8d:aa:43:7b:1a:f7:9f:3b:25:
55:4a:e4:76:68:26:24:d2:15:41:b0:5c:e2:62:69:5d:2c:1d:
47:ea:87:ed:e6:00:55:f5:df:7c:38:80:34:61:7a:04:e5:c6:
db:42:b8:b3:b0:52:2a:28:1c:38:2c:29:6a:d3:e4:cd:63:bd:
c5:9c:2f:17:ea:c4:13:f3:2a:bb:ea:c5:ce:38:30:1b:a8:8e:
4f:34:21:26:84:ec:1e:a6:df:b5:ec:e8:59:49:cb:19:88:bb:
13:ac:a0:7b:f9:a4:99:c5:05:18:c3:f0:cd:f8:80:cf:12:5c:
35:62:97:38:d1:9c:fd:bf:48:88:82:b8:53:72:09:6e:98:3a:
a9:a7:ba:1e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaHWDq6YiGJKVhm+gfz2BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NzEzZWYyNTI3N2UxM2RkNzNmNDQxOTZmZGE1Y2VjMGZk
OWNlMTYwHhcNMjUwMTAxMDU0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWM4ZjIwYjY4ZjAwYzBlOTE5M2NmMjgxNDY1OWYzNDE2YmEzYmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtgy1+T41si5DQcKTO6lCicYWhK2/
EdGO+DuGghejex+5Z47KCWHclFDY8OppLl7tP4mUw1fyR+0a7FrGZFD9Mugso4Ko
w+Q98T2IlENyhFj1tdhzqVpjjp7Xxk3VLOM+IbiI0d0bCUxkVhhuXum3W9rxEGDM
ThNmGr89SDIAkBFAFu9NdqIXFYL7HaxeR27VW4C2VqSdIZnAfoJcMBcq2yRpRuLh
UbzDAEEsABegpKaQrN7Yw47OkEkSoNsxPQGGRmCyGn+vdIUTC7rWTwHkNnkcJaA/
UYmlO808JPbLctGUJBQTyear7EezVGc6cz0d4XYe2jI413+wd4DXfnnNNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKHI8gto8AwOkZPPKBRlnzQWuju3MB8GA1UdIwQY
MBaAFOlxPvJSd+E91z9EGW/aXOwP2c4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEt
MGY2NmMxODg3OTE2LzEvb2NqeUMyandEQTZSazg4b0ZHV2ZOQmE2TzdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEtMGY2NmMxODg3OTE2
LzEvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX4x7MA0G
CSqGSIb3DQEBCwUAA4IBAQBoZ9VfHqh0ZliWAI/4BQHj1O+8WtHMqFkyMpOa3uba
wXhnSzy8mAt/urRYkFAbWL+md72Zsdm9sa3mB2BOS48jhvRzzJVxr3/b/NkAoocW
YLr3RmPMRNvUhCoChENWFbEO3uer1qn0lJf4+qr34gy+y2bZqe+NqkN7GvefOyVV
SuR2aCYk0hVBsFziYmldLB1H6oft5gBV9d98OIA0YXoE5cbbQrizsFIqKBw4LClq
0+TNY73FnC8X6sQT8yq76sXOODAbqI5PNCEmhOwept+17OhZScsZiLsTrKB7+aSZ
xQUYw/DN+IDPElw1Ypc40Zz9v0iIgrhTcglumDqpp7oe
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:43:12 2025 by rpki-client