Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/sSUdZotuy4S4l9Q97FUkm6YHu1I.roa
File: sSUdZotuy4S4l9Q97FUkm6YHu1I.roa (raw, json)
Hash identifier: N9mN14LIOsmlRFzMWQaWvllKH9jT/1Q6bPMTPFvQFf0=
Subject key identifier: B1:25:1D:66:8B:6E:CB:84:B8:97:D4:3D:EC:55:24:9B:A6:07:BB:52
Certificate issuer: /CN=a9807f6d50d97d971dcf2e2e5064e9b907adb3ec
Certificate serial: 019424459F85345DDBE16722044C6ED37713
Authority key identifier: A9:80:7F:6D:50:D9:7D:97:1D:CF:2E:2E:50:64:E9:B9:07:AD:B3:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/sSUdZotuy4S4l9Q97FUkm6YHu1I.roa
Signing time: Wed 01 Jan 2025 23:48:49 +0000
ROA not before: Wed 01 Jan 2025 23:48:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12708
IP address blocks: 84.43.0.0/17 maxlen: 24
87.242.128.0/17 maxlen: 24
185.175.48.0/22 maxlen: 24
212.67.96.0/19 maxlen: 24
213.78.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/qYB_bVDZfZcdzy4uUGTpuQets-w.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/qYB_bVDZfZcdzy4uUGTpuQets-w.mft
rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 03:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:9f:85:34:5d:db:e1:67:22:04:4c:6e:d3:77:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9807f6d50d97d971dcf2e2e5064e9b907adb3ec
Validity
Not Before: Jan 1 23:48:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b1251d668b6ecb84b897d43dec55249ba607bb52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:1d:84:34:87:b1:a9:59:a3:34:e9:18:2b:86:
b8:9d:89:d1:0e:61:c0:ac:22:be:57:fb:ff:5b:b0:
03:42:db:91:39:fc:f7:12:f2:6e:96:ab:f7:0e:b5:
c8:02:dd:d9:55:b2:a9:93:2e:d2:37:17:09:51:74:
bf:b7:10:e0:5c:74:f6:10:ad:bd:8b:5f:82:95:55:
c2:b2:47:0a:0d:2a:7c:42:ee:7d:3e:63:15:37:74:
ab:66:78:d6:3a:21:16:be:22:79:11:43:32:06:e2:
c7:d6:ca:60:81:8e:ad:36:ea:cb:fa:14:58:14:c4:
a6:b6:e6:3b:a3:82:88:4b:75:cd:1b:5a:29:f3:66:
e3:e4:d8:c8:3e:de:a4:58:7f:3b:00:db:65:ad:b7:
81:f8:34:4e:1a:16:ac:10:97:96:e7:b5:17:4d:19:
81:d9:3d:81:c2:28:2a:8d:a2:65:60:83:07:a7:a0:
0b:03:87:65:15:97:0e:a1:d8:3f:2f:d4:76:e0:f2:
2f:5d:13:02:7c:b0:f3:ac:98:5e:2a:69:2b:ce:b2:
e5:ae:67:ae:db:56:1a:da:e1:38:5e:06:67:95:b3:
22:08:27:f0:3c:a6:b2:0c:62:dc:6f:82:15:b5:61:
de:41:6a:57:73:7c:91:fa:8a:82:82:af:32:16:66:
7b:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:25:1D:66:8B:6E:CB:84:B8:97:D4:3D:EC:55:24:9B:A6:07:BB:52
X509v3 Authority Key Identifier:
keyid:A9:80:7F:6D:50:D9:7D:97:1D:CF:2E:2E:50:64:E9:B9:07:AD:B3:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/sSUdZotuy4S4l9Q97FUkm6YHu1I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/qYB_bVDZfZcdzy4uUGTpuQets-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.43.0.0/17
87.242.128.0/17
185.175.48.0/22
212.67.96.0/19
213.78.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a9:bf:63:ff:23:93:ef:1d:db:6c:8e:88:a4:13:1d:5f:fc:3a:
3a:f2:9a:fa:7a:42:7b:36:79:32:0e:61:84:35:30:f9:8e:e3:
5e:d4:0d:d1:2b:e6:e9:f3:88:79:45:0e:c2:d2:ff:e7:16:76:
2a:0f:20:ae:83:b5:50:53:07:20:fe:b1:f0:39:04:bf:26:ca:
b9:69:55:fb:9e:24:f8:b4:9f:cf:d1:65:a1:3e:0e:09:ac:fe:
cf:63:6d:b0:45:6b:e0:20:fa:66:f2:62:0f:97:19:f2:02:73:
dc:75:12:c8:e6:4c:62:51:6d:a2:43:ad:d9:e6:e5:ab:29:93:
75:62:20:0a:69:30:cf:31:1c:02:b9:06:8b:65:58:a0:c1:11:
93:06:a5:82:db:fb:24:38:80:58:c0:e0:0f:e4:05:e1:cc:62:
8f:48:54:f1:68:08:48:03:33:3d:8f:b7:00:ee:88:99:9a:09:
6a:60:9c:dc:1d:90:86:11:0d:57:83:9e:19:c1:d2:fb:6e:6b:
78:37:ee:32:7d:8a:32:8d:3f:fe:91:e0:22:d9:4c:c3:86:e4:
cb:84:17:70:ff:00:4c:e0:f0:61:6b:3c:1c:4d:b5:52:41:de:
3e:c5:32:46:df:7c:93:53:14:3c:d6:86:5c:42:f2:d0:b9:b3:
d2:07:94:aa
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQkRZ+FNF3b4WciBExu03cTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5ODA3ZjZkNTBkOTdkOTcxZGNmMmUyZTUwNjRlOWI5MDdh
ZGIzZWMwHhcNMjUwMTAxMjM0ODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTI1MWQ2NjhiNmVjYjg0Yjg5N2Q0M2RlYzU1MjQ5YmE2MDdiYjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsh2ENIexqVmjNOkYK4a4nYnRDmHA
rCK+V/v/W7ADQtuROfz3EvJulqv3DrXIAt3ZVbKpky7SNxcJUXS/txDgXHT2EK29
i1+ClVXCskcKDSp8Qu59PmMVN3SrZnjWOiEWviJ5EUMyBuLH1spggY6tNurL+hRY
FMSmtuY7o4KIS3XNG1op82bj5NjIPt6kWH87ANtlrbeB+DROGhasEJeW57UXTRmB
2T2BwigqjaJlYIMHp6ALA4dlFZcOodg/L9R24PIvXRMCfLDzrJheKmkrzrLlrmeu
21Ya2uE4XgZnlbMiCCfwPKayDGLcb4IVtWHeQWpXc3yR+oqCgq8yFmZ7DwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFLElHWaLbsuEuJfUPexVJJumB7tSMB8GA1UdIwQY
MBaAFKmAf21Q2X2XHc8uLlBk6bkHrbPsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVlCX2JWRFpmWmNkenk0dVVHVHB1UWV0cy13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9jYTlkYmUtMDA5NS00MGYzLWI5MzIt
MGQ4ZjdkZDhjY2U2LzEvc1NVZFpvdHV5NFM0bDlROTdGVWttNllIdTFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9jYTlkYmUtMDA5NS00MGYzLWI5MzItMGQ4ZjdkZDhjY2U2
LzEvcVlCX2JWRFpmWmNkenk0dVVHVHB1UWV0cy13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAATAdAwQHVCsAAwQH
V/KAAwQCua8wAwQF1ENgAwMA1U4wDQYJKoZIhvcNAQELBQADggEBAKm/Y/8jk+8d
22yOiKQTHV/8Ojrymvp6Qns2eTIOYYQ1MPmO417UDdEr5unziHlFDsLS/+cWdioP
IK6DtVBTByD+sfA5BL8myrlpVfueJPi0n8/RZaE+Dgms/s9jbbBFa+Ag+mbyYg+X
GfICc9x1EsjmTGJRbaJDrdnm5aspk3ViIAppMM8xHAK5BotlWKDBEZMGpYLb+yQ4
gFjA4A/kBeHMYo9IVPFoCEgDMz2PtwDuiJmaCWpgnNwdkIYRDVeDnhnB0vtua3g3
7jJ9ijKNP/6R4CLZTMOG5MuEF3D/AEzg8GFrPBxNtVJB3j7FMkbffJNTFDzWhlxC
8tC5s9IHlKo=
-----END CERTIFICATE-----
Generated at Sun Apr 13 10:12:30 2025 by rpki-client