Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/30BxK6_jpie3YrLCVwh_L1trwzk.roa
File: 30BxK6_jpie3YrLCVwh_L1trwzk.roa (raw, json)
Hash identifier: X9FbkEMlA2QphV+O7rBHZ0meCsmOLXe9r7nPMvJuQcE=
Subject key identifier: DF:40:71:2B:AF:E3:A6:27:B7:62:B2:C2:57:08:7F:2F:5B:6B:C3:39
Certificate issuer: /CN=b72588c00eef715809eb5fdd6d6717cc28c0dfac
Certificate serial: 019428279D2A77B7CC004D0D90BCD6372B54
Authority key identifier: B7:25:88:C0:0E:EF:71:58:09:EB:5F:DD:6D:67:17:CC:28:C0:DF:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tyWIwA7vcVgJ61_dbWcXzCjA36w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/30BxK6_jpie3YrLCVwh_L1trwzk.roa
Signing time: Thu 02 Jan 2025 17:54:32 +0000
ROA not before: Thu 02 Jan 2025 17:54:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42775
IP address blocks: 178.236.136.0/23 maxlen: 23
185.39.192.0/22 maxlen: 22
2a02:1710:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/tyWIwA7vcVgJ61_dbWcXzCjA36w.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/tyWIwA7vcVgJ61_dbWcXzCjA36w.mft
rsync://rpki.ripe.net/repository/DEFAULT/tyWIwA7vcVgJ61_dbWcXzCjA36w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 11:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:9d:2a:77:b7:cc:00:4d:0d:90:bc:d6:37:2b:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72588c00eef715809eb5fdd6d6717cc28c0dfac
Validity
Not Before: Jan 2 17:54:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=df40712bafe3a627b762b2c257087f2f5b6bc339
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:80:cc:44:5a:fb:24:6e:5b:e0:f8:a4:8b:86:
ae:1b:6c:ac:78:54:2f:a9:ac:7a:2e:46:d5:cb:36:
2e:00:da:86:1b:97:f7:26:ae:78:7f:3b:3f:17:28:
80:95:b2:ea:ac:af:7a:71:8c:d4:a4:a0:77:01:fb:
94:de:c5:ab:4c:ee:0b:71:d2:04:16:e8:58:71:84:
1e:bb:a7:3e:27:bf:e4:04:5f:d2:47:8a:0d:45:40:
4a:19:55:45:49:e9:ae:ef:13:ec:d0:e4:07:ef:25:
e5:ce:37:46:ae:9e:03:75:74:41:00:47:73:c7:cd:
65:cd:c7:a0:cb:cd:28:85:da:07:0a:43:cd:bc:7b:
7e:dd:fe:7c:67:7a:79:1d:ff:d2:2e:60:db:95:16:
c9:47:d1:a9:67:76:e4:ff:5a:01:78:ad:35:65:9d:
64:b9:8a:54:22:e6:fd:ee:bd:87:d3:23:77:ac:7b:
41:d1:a0:df:18:aa:ff:e6:35:df:b1:a3:40:e5:d1:
19:27:50:0c:73:b2:01:57:2f:1e:20:a6:c4:58:10:
44:54:e1:29:10:7d:eb:f4:52:a6:7f:77:a1:0c:f9:
a0:57:a6:39:8b:a8:0f:12:22:8f:5e:94:42:7e:d5:
d9:89:ef:75:e1:3e:e2:b6:96:3b:4b:bc:2f:fe:b2:
a2:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:40:71:2B:AF:E3:A6:27:B7:62:B2:C2:57:08:7F:2F:5B:6B:C3:39
X509v3 Authority Key Identifier:
keyid:B7:25:88:C0:0E:EF:71:58:09:EB:5F:DD:6D:67:17:CC:28:C0:DF:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tyWIwA7vcVgJ61_dbWcXzCjA36w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/30BxK6_jpie3YrLCVwh_L1trwzk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/tyWIwA7vcVgJ61_dbWcXzCjA36w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.236.136.0/23
185.39.192.0/22
IPv6:
2a02:1710:2::/48
Signature Algorithm: sha256WithRSAEncryption
81:eb:55:44:4a:26:d2:8d:86:cf:0a:73:f7:bc:70:8c:cd:d0:
12:a1:69:4a:29:11:ba:ca:2e:4c:36:03:e3:97:61:8b:8f:ee:
7d:bc:33:3a:2b:30:1f:48:f9:22:85:9a:42:cf:23:9c:a7:05:
62:93:27:78:e5:7b:f6:1b:6c:df:d6:96:4a:c3:94:b0:42:1c:
af:5a:0b:17:27:27:e0:fb:0c:65:14:ee:38:56:c9:6d:1b:f3:
4c:78:63:d8:29:bb:59:18:9c:49:04:e0:8a:74:0c:7a:e4:bc:
70:e7:a5:7f:3d:6f:e8:e1:65:9b:80:4c:4e:54:6a:94:85:dc:
c7:0a:06:5f:a8:21:82:f4:8c:6f:bb:55:87:12:e3:0d:cb:3a:
23:ca:14:c8:96:ca:d7:f8:eb:d6:21:d9:fd:5e:4a:bb:1c:3d:
71:4b:f6:78:87:cb:ed:b5:a1:2f:0c:c2:88:ca:4c:3c:8b:48:
9f:38:ef:b8:c9:7b:17:b6:21:51:36:9f:12:da:48:17:45:57:
fc:dc:85:b9:f0:80:33:ba:76:c1:e4:ac:4f:c3:57:a4:06:d7:
cd:23:94:0c:22:b0:34:a6:d9:11:b4:5c:20:ba:70:af:62:52:
2d:c1:47:ab:0a:65:5a:12:f6:5c:6f:31:52:ea:ab:3c:35:f8:
a1:7c:dd:75
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQoJ50qd7fMAE0NkLzWNytUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3MjU4OGMwMGVlZjcxNTgwOWViNWZkZDZkNjcxN2NjMjhj
MGRmYWMwHhcNMjUwMTAyMTc1NDMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjQwNzEyYmFmZTNhNjI3Yjc2MmIyYzI1NzA4N2YyZjViNmJjMzM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm4DMRFr7JG5b4Piki4auG2yseFQv
qax6LkbVyzYuANqGG5f3Jq54fzs/FyiAlbLqrK96cYzUpKB3AfuU3sWrTO4LcdIE
FuhYcYQeu6c+J7/kBF/SR4oNRUBKGVVFSemu7xPs0OQH7yXlzjdGrp4DdXRBAEdz
x81lzcegy80ohdoHCkPNvHt+3f58Z3p5Hf/SLmDblRbJR9GpZ3bk/1oBeK01ZZ1k
uYpUIub97r2H0yN3rHtB0aDfGKr/5jXfsaNA5dEZJ1AMc7IBVy8eIKbEWBBEVOEp
EH3r9FKmf3ehDPmgV6Y5i6gPEiKPXpRCftXZie914T7itpY7S7wv/rKixwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFN9AcSuv46Ynt2KywlcIfy9ba8M5MB8GA1UdIwQY
MBaAFLcliMAO73FYCetf3W1nF8wowN+sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlXSXdBN3ZjVmdKNjFfZGJXY1h6Q2pBMzZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9lYmJhYzktZmVlNy00ZjNiLThjZDUt
N2E0MTI1NGVhYWNhLzEvMzBCeEs2X2pwaWUzWXJMQ1Z3aF9MMXRyd3prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9lYmJhYzktZmVlNy00ZjNiLThjZDUtN2E0MTI1NGVhYWNh
LzEvdHlXSXdBN3ZjVmdKNjFfZGJXY1h6Q2pBMzZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBsuyIAwQC
uSfAMA8EAgACMAkDBwAqAhcQAAIwDQYJKoZIhvcNAQELBQADggEBAIHrVURKJtKN
hs8Kc/e8cIzN0BKhaUopEbrKLkw2A+OXYYuP7n28MzorMB9I+SKFmkLPI5ynBWKT
J3jle/YbbN/WlkrDlLBCHK9aCxcnJ+D7DGUU7jhWyW0b80x4Y9gpu1kYnEkE4Ip0
DHrkvHDnpX89b+jhZZuATE5UapSF3McKBl+oIYL0jG+7VYcS4w3LOiPKFMiWytf4
69Yh2f1eSrscPXFL9niHy+21oS8MwojKTDyLSJ8477jJexe2IVE2nxLaSBdFV/zc
hbnwgDO6dsHkrE/DV6QG180jlAwisDSm2RG0XCC6cK9iUi3BR6sKZVoS9lxvMVLq
qzw1+KF83XU=
-----END CERTIFICATE-----
Generated at Tue Apr 8 21:03:54 2025 by rpki-client