Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/cd472c-4256-40ff-98e2-d98384397929/1/x_9Ds4w921G-S6uMB3BqKl4lwk4.roa
File: x_9Ds4w921G-S6uMB3BqKl4lwk4.roa (raw, json)
Hash identifier: 4uIRZVtStLzfbHbkUvgOoPNPKk9YaTAL+flcnzSJknE=
Subject key identifier: C7:FF:43:B3:8C:3D:DB:51:BE:4B:AB:8C:07:70:6A:2A:5E:25:C2:4E
Certificate issuer: /CN=f815e02bda7a9071487837d31558b5e0221d3cf9
Certificate serial: 0194258F495FF8E0355EE540D7F333E0A02E
Authority key identifier: F8:15:E0:2B:DA:7A:90:71:48:78:37:D3:15:58:B5:E0:22:1D:3C:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-BXgK9p6kHFIeDfTFVi14CIdPPk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/cd472c-4256-40ff-98e2-d98384397929/1/x_9Ds4w921G-S6uMB3BqKl4lwk4.roa
Signing time: Thu 02 Jan 2025 05:48:54 +0000
ROA not before: Thu 02 Jan 2025 05:48:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31246
IP address blocks: 194.164.239.0/24 maxlen: 24
195.200.23.0/24 maxlen: 24
2a14:2040::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/cd472c-4256-40ff-98e2-d98384397929/1/1-BXgK9p6kHFIeDfTFVi14CIdPPk.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/cd472c-4256-40ff-98e2-d98384397929/1/1-BXgK9p6kHFIeDfTFVi14CIdPPk.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-BXgK9p6kHFIeDfTFVi14CIdPPk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 13 Mar 2025 23:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:49:5f:f8:e0:35:5e:e5:40:d7:f3:33:e0:a0:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f815e02bda7a9071487837d31558b5e0221d3cf9
Validity
Not Before: Jan 2 05:48:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c7ff43b38c3ddb51be4bab8c07706a2a5e25c24e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:74:4a:20:4e:0d:93:f7:80:8c:b3:bd:b6:f1:
c8:e2:6a:3e:3f:43:df:7c:7f:7d:3c:5e:e7:0b:7e:
81:69:1c:27:0e:94:ec:f1:1a:b9:8d:d1:a9:50:b2:
5c:ba:95:de:20:ee:a6:e8:39:71:37:93:f1:33:8b:
08:95:ff:da:be:91:3d:e6:6b:8c:59:49:24:d7:47:
83:4a:c1:87:19:02:f1:89:b2:1a:6b:21:22:5c:96:
ee:d7:f4:cb:52:74:da:25:83:85:e1:6b:fc:0c:01:
85:6d:e0:2e:ab:e4:5e:7c:ec:11:dd:0f:51:50:82:
f2:14:2c:e7:72:2b:71:24:28:6b:d3:11:e5:a8:5e:
98:16:3e:41:03:f8:a8:7c:62:2c:0f:19:f5:9d:5a:
f3:63:02:6b:19:97:2d:b0:6d:70:f1:49:25:c0:1c:
61:88:45:5d:5c:13:35:b0:9c:74:89:bb:43:84:f4:
8d:54:f4:9e:03:00:b4:e6:dc:77:d1:b3:dd:f1:0a:
a4:e5:0f:97:56:c2:93:fc:e1:db:2e:bb:6b:92:1e:
06:0e:ba:22:34:a1:fa:f4:6c:18:32:32:20:64:3d:
0f:03:8d:ba:01:13:c5:9c:46:53:32:96:be:03:95:
c7:72:70:77:1d:2b:d1:2a:c1:49:b2:8f:6f:1d:bf:
36:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:FF:43:B3:8C:3D:DB:51:BE:4B:AB:8C:07:70:6A:2A:5E:25:C2:4E
X509v3 Authority Key Identifier:
keyid:F8:15:E0:2B:DA:7A:90:71:48:78:37:D3:15:58:B5:E0:22:1D:3C:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-BXgK9p6kHFIeDfTFVi14CIdPPk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/cd472c-4256-40ff-98e2-d98384397929/1/x_9Ds4w921G-S6uMB3BqKl4lwk4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/cd472c-4256-40ff-98e2-d98384397929/1/1-BXgK9p6kHFIeDfTFVi14CIdPPk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.164.239.0/24
195.200.23.0/24
IPv6:
2a14:2040::/29
Signature Algorithm: sha256WithRSAEncryption
2f:fe:2e:a9:10:0a:8a:a2:ad:c9:3e:83:53:a4:da:7c:1c:cb:
6a:7c:c0:2b:52:ff:6b:dd:e0:45:a7:b9:05:3a:34:f6:2d:35:
4c:46:ba:fb:29:74:64:df:ba:8c:bd:7d:d3:5b:1f:1e:4c:7a:
cd:0d:fc:fd:94:a8:b2:02:30:26:27:92:38:88:8a:a7:1c:e7:
4a:e7:c5:a8:28:7e:72:02:2a:cc:9b:ba:6b:5e:5e:8a:46:3d:
90:c3:89:34:e0:82:23:0f:1e:53:09:59:1f:39:6c:f8:d4:ce:
c1:e7:97:c7:02:e6:fe:45:89:24:77:12:aa:bb:d8:1d:81:df:
f7:e5:b7:ab:e1:0c:f1:5b:2b:42:4f:41:14:2e:3b:90:54:1d:
2b:59:21:a1:e5:21:e3:f3:2d:84:de:8e:85:b1:6e:9f:fb:0f:
eb:7c:85:45:2b:6c:ab:bd:9e:06:2d:f4:5c:b3:75:2c:07:95:
bc:13:8b:cd:f0:2f:5a:26:3d:01:8e:dd:a1:69:0a:2d:6e:2c:
cc:de:04:05:61:56:59:70:c6:fa:d4:08:e3:0e:a0:7a:87:7c:
e3:39:77:d1:64:1a:73:57:0b:3f:ce:1d:39:4e:07:d6:ad:ca:
69:57:d8:02:27:45:46:fd:0e:02:3e:bc:25:8e:53:0d:10:1d:
3f:17:ed:35
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQlj0lf+OA1XuVA1/Mz4KAuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4MTVlMDJiZGE3YTkwNzE0ODc4MzdkMzE1NThiNWUwMjIx
ZDNjZjkwHhcNMjUwMTAyMDU0ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2ZmNDNiMzhjM2RkYjUxYmU0YmFiOGMwNzcwNmEyYTVlMjVjMjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApnRKIE4Nk/eAjLO9tvHI4mo+P0Pf
fH99PF7nC36BaRwnDpTs8Rq5jdGpULJcupXeIO6m6DlxN5PxM4sIlf/avpE95muM
WUkk10eDSsGHGQLxibIaayEiXJbu1/TLUnTaJYOF4Wv8DAGFbeAuq+RefOwR3Q9R
UILyFCzncitxJChr0xHlqF6YFj5BA/iofGIsDxn1nVrzYwJrGZctsG1w8UklwBxh
iEVdXBM1sJx0ibtDhPSNVPSeAwC05tx30bPd8Qqk5Q+XVsKT/OHbLrtrkh4GDroi
NKH69GwYMjIgZD0PA426ARPFnEZTMpa+A5XHcnB3HSvRKsFJso9vHb82IQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFMf/Q7OMPdtRvkurjAdwaipeJcJOMB8GA1UdIwQY
MBaAFPgV4CvaepBxSHg30xVYteAiHTz5MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1CWGdLOXA2a0hGSWVEZlRGVmkxNENJZFBQay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjgvY2Q0NzJjLTQyNTYtNDBmZi05OGUy
LWQ5ODM4NDM5NzkyOS8xL3hfOURzNHc5MjFHLVM2dU1CM0JxS2w0bHdrNC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjgvY2Q0NzJjLTQyNTYtNDBmZi05OGUyLWQ5ODM4NDM5Nzky
OS8xLzEtQlhnSzlwNmtIRkllRGZURlZpMTRDSWRQUGsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNAYIKwYBBQUHAQcBAf8EJTAjMBIEAgABMAwDBADCpO8D
BADDyBcwDQQCAAIwBwMFAyoUIEAwDQYJKoZIhvcNAQELBQADggEBAC/+LqkQCoqi
rck+g1Ok2nwcy2p8wCtS/2vd4EWnuQU6NPYtNUxGuvspdGTfuoy9fdNbHx5Mes0N
/P2UqLICMCYnkjiIiqcc50rnxagofnICKsybumteXopGPZDDiTTggiMPHlMJWR85
bPjUzsHnl8cC5v5FiSR3Eqq72B2B3/flt6vhDPFbK0JPQRQuO5BUHStZIaHlIePz
LYTejoWxbp/7D+t8hUUrbKu9ngYt9FyzdSwHlbwTi83wL1omPQGO3aFpCi1uLMze
BAVhVllwxvrUCOMOoHqHfOM5d9FkGnNXCz/OHTlOB9atymlX2AInRUb9DgI+vCWO
Uw0QHT8X7TU=
-----END CERTIFICATE-----
Generated at Thu Mar 13 06:49:22 2025 by rpki-client