Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/ca46fc-3847-4f1d-9ce4-52b9e6a16350/1/4fkynkxl95431dIe-ABsA7v5RCg.roa
File: 4fkynkxl95431dIe-ABsA7v5RCg.roa (raw, json)
Hash identifier: EGfFvZoQzCGUyDaxbnd+O3QTAMwiWmSgrk3gdk+vKlc=
Subject key identifier: E1:F9:32:9E:4C:65:F7:9E:37:D5:D2:1E:F8:00:6C:03:BB:F9:44:28
Certificate issuer: /CN=6cb0dec13df205a66ec5227925b8f56bdb09f499
Certificate serial: 019445093581D555E365F56B9C80E644CE02
Authority key identifier: 6C:B0:DE:C1:3D:F2:05:A6:6E:C5:22:79:25:B8:F5:6B:DB:09:F4:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bLDewT3yBaZuxSJ5Jbj1a9sJ9Jk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/ca46fc-3847-4f1d-9ce4-52b9e6a16350/1/4fkynkxl95431dIe-ABsA7v5RCg.roa
Signing time: Wed 08 Jan 2025 08:30:18 +0000
ROA not before: Wed 08 Jan 2025 08:30:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19905
IP address blocks: 188.72.12.0/24 maxlen: 24
188.72.17.0/24 maxlen: 24
188.72.30.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/ca46fc-3847-4f1d-9ce4-52b9e6a16350/1/bLDewT3yBaZuxSJ5Jbj1a9sJ9Jk.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/ca46fc-3847-4f1d-9ce4-52b9e6a16350/1/bLDewT3yBaZuxSJ5Jbj1a9sJ9Jk.mft
rsync://rpki.ripe.net/repository/DEFAULT/bLDewT3yBaZuxSJ5Jbj1a9sJ9Jk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 05:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:45:09:35:81:d5:55:e3:65:f5:6b:9c:80:e6:44:ce:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cb0dec13df205a66ec5227925b8f56bdb09f499
Validity
Not Before: Jan 8 08:30:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e1f9329e4c65f79e37d5d21ef8006c03bbf94428
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:d5:13:31:e1:f1:ad:80:30:f1:56:c9:b6:7c:
17:1c:a5:05:2a:74:91:6d:0a:b5:7b:c1:19:38:45:
5b:7b:d6:4f:27:c7:84:19:08:80:2e:3d:e1:fa:cd:
c1:e3:f7:d1:fd:09:f6:b4:87:fb:49:19:26:10:ed:
97:6d:0d:f1:2e:4c:cb:cb:2f:81:4b:57:04:42:ec:
02:b6:73:0d:e9:2e:cd:77:03:6a:a4:68:03:19:c4:
63:8f:f5:20:07:6f:1a:33:b6:5c:d2:18:77:a3:ef:
41:be:6c:0f:b0:26:04:4f:0f:e9:94:b9:e3:5f:da:
d5:10:aa:7f:05:b7:b2:4c:fc:79:b7:d0:cc:07:3a:
79:f4:c7:ef:47:8a:87:21:1f:0a:98:56:7f:85:7b:
47:fb:6f:52:85:39:5e:93:8c:1d:b8:bd:2a:fc:5f:
c1:b5:1c:74:02:c4:be:91:da:63:68:49:48:9b:5b:
7f:1f:fe:95:0f:54:82:1c:53:8c:b6:84:8f:da:03:
3e:e0:21:6d:8e:7b:0b:ce:6f:68:13:ee:50:69:8a:
3b:c3:94:13:e9:a3:2b:cb:c9:c1:fb:ac:a3:fc:1a:
84:72:3e:96:b0:26:e4:4c:61:c6:13:7f:4a:93:97:
86:36:f8:62:2b:63:96:c6:ad:29:e4:5a:96:bd:46:
8e:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:F9:32:9E:4C:65:F7:9E:37:D5:D2:1E:F8:00:6C:03:BB:F9:44:28
X509v3 Authority Key Identifier:
keyid:6C:B0:DE:C1:3D:F2:05:A6:6E:C5:22:79:25:B8:F5:6B:DB:09:F4:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bLDewT3yBaZuxSJ5Jbj1a9sJ9Jk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ca46fc-3847-4f1d-9ce4-52b9e6a16350/1/4fkynkxl95431dIe-ABsA7v5RCg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ca46fc-3847-4f1d-9ce4-52b9e6a16350/1/bLDewT3yBaZuxSJ5Jbj1a9sJ9Jk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.72.12.0/24
188.72.17.0/24
188.72.30.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:5a:b9:f3:52:bb:44:d1:e6:46:00:02:e0:87:63:be:02:d3:
e6:db:41:13:39:26:c8:da:28:03:bd:d1:f6:7d:74:06:91:e1:
45:79:ab:e8:f7:6b:73:cf:45:ca:6f:c9:08:04:f1:ba:0b:3c:
2d:b7:08:2c:bd:5c:a5:73:ec:49:df:74:da:aa:e0:4a:0f:9b:
52:a2:1a:53:bf:0f:be:a2:5f:4b:20:59:f6:ef:0d:72:55:50:
b3:13:f7:1b:fd:05:11:d6:c4:a4:37:e0:f7:12:24:f6:3d:5a:
5b:36:81:80:0d:c5:fa:55:4d:1f:81:86:38:ff:ab:76:a4:38:
ee:ea:f4:f0:42:8b:6c:8c:d9:21:3e:0c:36:ac:ff:99:51:a1:
a5:f2:e5:c7:c4:d7:0f:a7:48:97:c0:0e:0e:45:b7:60:91:23:
6f:7b:29:20:da:86:52:74:11:ea:38:9d:f8:08:aa:44:77:1d:
13:2c:c2:f3:30:44:87:29:00:27:54:89:e0:46:5f:76:2e:4d:
c8:89:e2:83:2d:78:1d:57:1e:3e:bf:47:05:4a:c8:c4:2d:7d:
9e:17:cf:e8:50:c5:20:30:80:57:e2:2b:9a:2f:2c:fc:c3:72:
6d:a9:39:0d:a6:c9:50:42:a7:24:8e:c3:9b:28:b8:6e:8f:61:
04:e0:72:6a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZRFCTWB1VXjZfVrnIDmRM4CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjYjBkZWMxM2RmMjA1YTY2ZWM1MjI3OTI1YjhmNTZiZGIw
OWY0OTkwHhcNMjUwMTA4MDgzMDE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWY5MzI5ZTRjNjVmNzllMzdkNWQyMWVmODAwNmMwM2JiZjk0NDI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2dUTMeHxrYAw8VbJtnwXHKUFKnSR
bQq1e8EZOEVbe9ZPJ8eEGQiALj3h+s3B4/fR/Qn2tIf7SRkmEO2XbQ3xLkzLyy+B
S1cEQuwCtnMN6S7NdwNqpGgDGcRjj/UgB28aM7Zc0hh3o+9BvmwPsCYETw/plLnj
X9rVEKp/BbeyTPx5t9DMBzp59MfvR4qHIR8KmFZ/hXtH+29ShTlek4wduL0q/F/B
tRx0AsS+kdpjaElIm1t/H/6VD1SCHFOMtoSP2gM+4CFtjnsLzm9oE+5QaYo7w5QT
6aMry8nB+6yj/BqEcj6WsCbkTGHGE39Kk5eGNvhiK2OWxq0p5FqWvUaOjwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOH5Mp5MZfeeN9XSHvgAbAO7+UQoMB8GA1UdIwQY
MBaAFGyw3sE98gWmbsUieSW49WvbCfSZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkxEZXdUM3lCYVp1eFNKNUpiajFhOXNKOUprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9jYTQ2ZmMtMzg0Ny00ZjFkLTljZTQt
NTJiOWU2YTE2MzUwLzEvNGZreW5reGw5NTQzMWRJZS1BQnNBN3Y1UkNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9jYTQ2ZmMtMzg0Ny00ZjFkLTljZTQtNTJiOWU2YTE2MzUw
LzEvYkxEZXdUM3lCYVp1eFNKNUpiajFhOXNKOUprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAvEgMAwQA
vEgRAwQAvEgeMA0GCSqGSIb3DQEBCwUAA4IBAQA9WrnzUrtE0eZGAALgh2O+AtPm
20ETOSbI2igDvdH2fXQGkeFFeavo92tzz0XKb8kIBPG6CzwttwgsvVylc+xJ33Ta
quBKD5tSohpTvw++ol9LIFn27w1yVVCzE/cb/QUR1sSkN+D3EiT2PVpbNoGADcX6
VU0fgYY4/6t2pDju6vTwQotsjNkhPgw2rP+ZUaGl8uXHxNcPp0iXwA4ORbdgkSNv
eykg2oZSdBHqOJ34CKpEdx0TLMLzMESHKQAnVIngRl92Lk3IieKDLXgdVx4+v0cF
SsjELX2eF8/oUMUgMIBX4iuaLyz8w3JtqTkNpslQQqckjsObKLhuj2EE4HJq
-----END CERTIFICATE-----
Generated at Sat Apr 12 16:24:36 2025 by rpki-client