Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/KrFC8vftolRYYVGlWxQEDucfneg.roa
File: KrFC8vftolRYYVGlWxQEDucfneg.roa (raw, json)
Hash identifier: WbXRjMLjuUXZYVIN7TrN7bIgxSN4E7sTfe9bhtA4Hjw=
Subject key identifier: 2A:B1:42:F2:F7:ED:A2:54:58:61:51:A5:5B:14:04:0E:E7:1F:9D:E8
Certificate issuer: /CN=1027a8a61299b80a3e71d1a981427ec00b849d17
Certificate serial: 019423D748BD1630A95C653AC887D8898E2D
Authority key identifier: 10:27:A8:A6:12:99:B8:0A:3E:71:D1:A9:81:42:7E:C0:0B:84:9D:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ECeophKZuAo-cdGpgUJ-wAuEnRc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/KrFC8vftolRYYVGlWxQEDucfneg.roa
Signing time: Wed 01 Jan 2025 21:48:18 +0000
ROA not before: Wed 01 Jan 2025 21:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47543
IP address blocks: 95.142.100.0/24 maxlen: 24
95.142.101.0/24 maxlen: 24
178.237.35.0/24 maxlen: 24
178.237.36.0/24 maxlen: 24
178.237.37.0/24 maxlen: 24
178.237.38.0/24 maxlen: 24
2a00:1188:12::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/ECeophKZuAo-cdGpgUJ-wAuEnRc.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/ECeophKZuAo-cdGpgUJ-wAuEnRc.mft
rsync://rpki.ripe.net/repository/DEFAULT/ECeophKZuAo-cdGpgUJ-wAuEnRc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 02:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:48:bd:16:30:a9:5c:65:3a:c8:87:d8:89:8e:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1027a8a61299b80a3e71d1a981427ec00b849d17
Validity
Not Before: Jan 1 21:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2ab142f2f7eda254586151a55b14040ee71f9de8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:1d:2a:5e:63:93:b0:d4:ca:76:f9:8b:ec:85:
db:1a:3f:f2:25:8d:93:f0:eb:cf:87:01:b4:ff:87:
b9:fe:84:cc:3d:5d:3c:6d:86:c5:b3:23:77:5a:3b:
72:78:1d:60:4d:19:53:8f:58:e5:71:33:d0:73:7f:
bb:de:3b:9a:b1:fa:31:3b:9b:5d:5e:10:a7:37:ca:
d5:c9:19:97:2c:9a:57:1a:6d:05:19:e6:26:a3:c9:
46:63:5d:01:b8:6f:e8:37:85:3f:0f:da:94:8f:cb:
41:38:73:a7:ba:f3:64:f3:f1:74:e7:5c:6d:39:d4:
1d:56:2b:ac:13:87:57:32:ab:94:ac:87:38:df:a8:
bc:15:d8:ec:77:71:98:6f:2d:53:f3:59:eb:16:94:
a1:8d:f2:1e:fd:54:dc:13:13:4c:c2:32:48:31:0a:
e5:34:19:3b:5d:60:59:72:d2:6d:62:d7:fd:ea:b0:
68:19:ad:da:59:73:a7:a6:26:58:aa:55:62:4a:e5:
ce:5a:d7:c9:d2:7c:c3:d4:67:64:44:63:bb:d3:d8:
7d:b1:01:32:e0:8d:47:54:d9:08:79:4f:13:62:f3:
e7:4f:b8:39:67:a5:b8:e3:13:9c:f7:db:c5:b4:d0:
22:89:e4:b8:a8:5c:f7:f3:11:2f:04:6c:ad:69:5f:
36:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:B1:42:F2:F7:ED:A2:54:58:61:51:A5:5B:14:04:0E:E7:1F:9D:E8
X509v3 Authority Key Identifier:
keyid:10:27:A8:A6:12:99:B8:0A:3E:71:D1:A9:81:42:7E:C0:0B:84:9D:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ECeophKZuAo-cdGpgUJ-wAuEnRc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/KrFC8vftolRYYVGlWxQEDucfneg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/ECeophKZuAo-cdGpgUJ-wAuEnRc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.142.100.0/23
178.237.35.0-178.237.38.255
IPv6:
2a00:1188:12::/48
Signature Algorithm: sha256WithRSAEncryption
0a:0f:d6:75:17:18:6b:27:0e:0c:b6:a5:25:ac:51:70:c8:f8:
d0:d7:38:2d:df:ca:f7:81:ea:f9:8c:26:2f:71:24:e6:75:4b:
de:26:50:ae:95:65:d7:5c:dc:28:fc:cf:88:6f:ff:26:92:5a:
46:c3:3d:49:a1:f6:2f:5a:fc:fd:1b:68:c3:97:99:2c:5d:e7:
04:d1:3b:56:58:5e:f7:7b:3b:14:9f:12:fc:4e:35:bc:eb:fd:
72:17:6b:5e:f2:a8:29:6e:38:99:d8:a9:0b:98:dd:27:48:bc:
9a:e0:f9:1e:55:a0:af:84:d5:14:de:f2:c0:7a:31:d5:3f:bf:
86:85:09:09:77:28:cb:19:b2:a4:41:3e:be:13:1b:ad:23:4d:
5d:dc:e7:14:e4:45:bf:57:e1:16:73:a2:92:05:10:8d:a4:99:
db:f5:73:0f:bb:b5:14:d1:57:3e:ed:5e:07:c5:87:b7:b3:ca:
5f:9f:da:c6:a9:5f:48:95:6e:a0:30:41:2c:fa:ea:61:ce:80:
2b:fd:04:d4:68:b6:6a:c9:7c:0a:e6:04:1f:78:f1:bb:ce:69:
0f:47:89:ac:76:e6:c9:62:d8:8c:8e:27:06:4b:35:80:45:54:
fd:ca:af:0e:c9:64:1e:18:11:65:7c:3b:15:ee:44:f9:42:5d:
08:1d:77:da
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAZQj10i9FjCpXGU6yIfYiY4tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwMjdhOGE2MTI5OWI4MGEzZTcxZDFhOTgxNDI3ZWMwMGI4
NDlkMTcwHhcNMjUwMTAxMjE0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWIxNDJmMmY3ZWRhMjU0NTg2MTUxYTU1YjE0MDQwZWU3MWY5ZGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgB0qXmOTsNTKdvmL7IXbGj/yJY2T
8OvPhwG0/4e5/oTMPV08bYbFsyN3WjtyeB1gTRlTj1jlcTPQc3+73juasfoxO5td
XhCnN8rVyRmXLJpXGm0FGeYmo8lGY10BuG/oN4U/D9qUj8tBOHOnuvNk8/F051xt
OdQdViusE4dXMquUrIc436i8Fdjsd3GYby1T81nrFpShjfIe/VTcExNMwjJIMQrl
NBk7XWBZctJtYtf96rBoGa3aWXOnpiZYqlViSuXOWtfJ0nzD1GdkRGO709h9sQEy
4I1HVNkIeU8TYvPnT7g5Z6W44xOc99vFtNAiieS4qFz38xEvBGytaV82jQIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFCqxQvL37aJUWGFRpVsUBA7nH53oMB8GA1UdIwQY
MBaAFBAnqKYSmbgKPnHRqYFCfsALhJ0XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUNlb3BoS1p1QW8tY2RHcGdVSi13QXVFblJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9iYTlkMTMtOGNhNi00NTc3LWE1OWMt
OWRkOTk3ZWVmNGVmLzEvS3JGQzh2ZnRvbFJZWVZHbFd4UUVEdWNmbmVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9iYTlkMTMtOGNhNi00NTc3LWE1OWMtOWRkOTk3ZWVmNGVm
LzEvRUNlb3BoS1p1QW8tY2RHcGdVSi13QXVFblJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAaBAIAATAUAwQBX45kMAwD
BACy7SMDBACy7SYwDwQCAAIwCQMHACoAEYgAEjANBgkqhkiG9w0BAQsFAAOCAQEA
Cg/WdRcYaycODLalJaxRcMj40Nc4Ld/K94Hq+YwmL3Ek5nVL3iZQrpVl11zcKPzP
iG//JpJaRsM9SaH2L1r8/Rtow5eZLF3nBNE7Vlhe93s7FJ8S/E41vOv9chdrXvKo
KW44mdipC5jdJ0i8muD5HlWgr4TVFN7ywHox1T+/hoUJCXcoyxmypEE+vhMbrSNN
XdznFORFv1fhFnOikgUQjaSZ2/VzD7u1FNFXPu1eB8WHt7PKX5/axqlfSJVuoDBB
LPrqYc6AK/0E1Gi2asl8CuYEH3jxu85pD0eJrHbmyWLYjI4nBks1gEVU/cqvDslk
HhgRZXw7Fe5E+UJdCB132g==
-----END CERTIFICATE-----
Generated at Wed Apr 16 12:58:49 2025 by rpki-client