Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/774f37-0e57-49e6-8865-a64ba4b8fa19/1/fI8A3CovPrmNEuNSOd5whasfei4.roa
File: fI8A3CovPrmNEuNSOd5whasfei4.roa (raw, json)
Hash identifier: vdsVJdsI5nRx6IGPnIMOMSeTTdkDkOzyswcHJNq1lig=
Subject key identifier: 7C:8F:00:DC:2A:2F:3E:B9:8D:12:E3:52:39:DE:70:85:AB:1F:7A:2E
Certificate issuer: /CN=819b97b20ccb4f696518e47c437259a8913e72ae
Certificate serial: 0196CA465A43F69845A1DE417DD5C6CCBD53
Authority key identifier: 81:9B:97:B2:0C:CB:4F:69:65:18:E4:7C:43:72:59:A8:91:3E:72:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gZuXsgzLT2llGOR8Q3JZqJE-cq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/774f37-0e57-49e6-8865-a64ba4b8fa19/1/fI8A3CovPrmNEuNSOd5whasfei4.roa
Signing time: Tue 13 May 2025 15:32:10 +0000
ROA not before: Tue 13 May 2025 15:32:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15894
IP address blocks: 194.41.0.0/24 maxlen: 24
217.28.96.0/21 maxlen: 21
217.28.104.0/22 maxlen: 22
217.28.108.0/22 maxlen: 22
2001:67c:39c::/48 maxlen: 48
2a02:ba8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/774f37-0e57-49e6-8865-a64ba4b8fa19/1/gZuXsgzLT2llGOR8Q3JZqJE-cq4.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/774f37-0e57-49e6-8865-a64ba4b8fa19/1/gZuXsgzLT2llGOR8Q3JZqJE-cq4.mft
rsync://rpki.ripe.net/repository/DEFAULT/gZuXsgzLT2llGOR8Q3JZqJE-cq4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 20:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ca:46:5a:43:f6:98:45:a1:de:41:7d:d5:c6:cc:bd:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=819b97b20ccb4f696518e47c437259a8913e72ae
Validity
Not Before: May 13 15:32:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7c8f00dc2a2f3eb98d12e35239de7085ab1f7a2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:33:38:e7:c3:5b:1d:4a:59:c9:e5:91:f2:3e:
b1:b1:08:81:72:11:83:68:b9:79:e1:8e:1f:fa:0b:
94:72:7a:85:d5:cb:db:c3:8d:d8:fe:5b:9d:c1:df:
83:33:67:ec:03:63:79:2d:c5:07:96:ba:9c:2e:74:
f2:bd:96:d0:5f:51:6a:2b:64:d0:7e:89:74:21:6a:
a2:8b:df:94:d7:61:d5:41:5e:bb:55:1f:e4:45:64:
de:38:10:3f:09:c2:7a:42:76:c3:fb:10:9b:2b:c4:
f9:f9:8f:03:19:68:29:31:84:f7:af:91:0b:77:40:
55:71:d1:e4:94:5b:0f:da:cf:74:06:06:e1:1a:aa:
c5:40:bb:11:70:6e:7d:1d:d9:d4:f4:4b:ae:1b:d5:
6f:eb:ba:24:76:f2:48:aa:d9:41:cf:bc:16:38:60:
9a:e3:09:fc:78:c9:1e:3c:8f:5b:da:76:d4:c6:03:
13:4c:a9:0e:90:32:ab:71:90:e3:cd:8d:c2:e3:fb:
d4:7a:7f:54:b3:5c:0d:f7:ac:0f:9c:b1:46:15:ca:
58:35:ea:4f:b9:09:4f:df:42:c8:91:6b:34:17:54:
d4:0c:8a:80:4f:36:f4:bf:49:01:b1:62:75:c7:4f:
75:1b:fb:c5:09:92:48:ce:a5:db:df:44:b1:e0:d5:
e9:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:8F:00:DC:2A:2F:3E:B9:8D:12:E3:52:39:DE:70:85:AB:1F:7A:2E
X509v3 Authority Key Identifier:
keyid:81:9B:97:B2:0C:CB:4F:69:65:18:E4:7C:43:72:59:A8:91:3E:72:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gZuXsgzLT2llGOR8Q3JZqJE-cq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/774f37-0e57-49e6-8865-a64ba4b8fa19/1/fI8A3CovPrmNEuNSOd5whasfei4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/774f37-0e57-49e6-8865-a64ba4b8fa19/1/gZuXsgzLT2llGOR8Q3JZqJE-cq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.41.0.0/24
217.28.96.0/20
IPv6:
2001:67c:39c::/48
2a02:ba8::/32
Signature Algorithm: sha256WithRSAEncryption
1c:33:3b:3c:3d:a4:e5:c8:f5:14:95:29:66:8e:f9:a1:6a:d2:
a4:8a:20:ed:a9:48:c7:36:73:15:2e:7f:03:21:cd:11:37:5e:
f2:88:65:5f:1a:88:fb:bf:54:2f:ba:02:b2:83:d7:55:82:73:
c7:d1:10:c3:fb:f1:f8:66:30:ad:91:2c:ed:85:73:4d:96:1e:
26:92:aa:1c:ac:06:ef:b1:d0:ca:4d:c5:6a:5d:88:7a:cf:c2:
05:63:03:c0:e2:89:fe:f9:61:de:f6:77:88:a6:93:41:b2:22:
ee:8f:50:5e:56:da:95:4e:fa:88:32:9a:d8:62:0b:12:2b:c4:
2d:70:d3:97:3f:aa:34:6b:e7:e4:1f:83:cb:48:32:c2:19:e5:
9e:82:54:77:c9:61:ff:7f:54:c3:e9:e8:04:76:83:56:36:9c:
a2:3d:ee:8f:5b:57:b2:e0:52:ce:30:5c:4d:3b:f2:79:d0:d0:
d2:92:82:9e:96:ba:1b:4c:f9:c5:1e:17:ec:49:d6:90:1a:ea:
aa:df:f6:88:1b:44:54:fa:12:6f:b3:db:40:ec:0d:c8:2f:ec:
3a:91:ac:2b:f6:ef:55:3d:ea:f6:fc:56:b7:ea:ae:a4:38:f1:
c1:50:a1:32:80:45:d8:cf:d6:a9:30:09:85:c1:43:61:db:f8:
23:b8:cf:77
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZbKRlpD9phFod5BfdXGzL1TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOWI5N2IyMGNjYjRmNjk2NTE4ZTQ3YzQzNzI1OWE4OTEz
ZTcyYWUwHhcNMjUwNTEzMTUzMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzhmMDBkYzJhMmYzZWI5OGQxMmUzNTIzOWRlNzA4NWFiMWY3YTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApjM458NbHUpZyeWR8j6xsQiBchGD
aLl54Y4f+guUcnqF1cvbw43Y/ludwd+DM2fsA2N5LcUHlrqcLnTyvZbQX1FqK2TQ
fol0IWqii9+U12HVQV67VR/kRWTeOBA/CcJ6QnbD+xCbK8T5+Y8DGWgpMYT3r5EL
d0BVcdHklFsP2s90BgbhGqrFQLsRcG59HdnU9EuuG9Vv67okdvJIqtlBz7wWOGCa
4wn8eMkePI9b2nbUxgMTTKkOkDKrcZDjzY3C4/vUen9Us1wN96wPnLFGFcpYNepP
uQlP30LIkWs0F1TUDIqATzb0v0kBsWJ1x091G/vFCZJIzqXb30Sx4NXpUwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFHyPANwqLz65jRLjUjnecIWrH3ouMB8GA1UdIwQY
MBaAFIGbl7IMy09pZRjkfENyWaiRPnKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1p1WHNnekxUMmxsR09SOFEzSlpxSkUtY3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy83NzRmMzctMGU1Ny00OWU2LTg4NjUt
YTY0YmE0YjhmYTE5LzEvZkk4QTNDb3ZQcm1ORXVOU09kNXdoYXNmZWk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy83NzRmMzctMGU1Ny00OWU2LTg4NjUtYTY0YmE0YjhmYTE5
LzEvZ1p1WHNnekxUMmxsR09SOFEzSlpxSkUtY3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQAwikAAwQE
2RxgMBYEAgACMBADBwAgAQZ8A5wDBQAqAguoMA0GCSqGSIb3DQEBCwUAA4IBAQAc
Mzs8PaTlyPUUlSlmjvmhatKkiiDtqUjHNnMVLn8DIc0RN17yiGVfGoj7v1QvugKy
g9dVgnPH0RDD+/H4ZjCtkSzthXNNlh4mkqocrAbvsdDKTcVqXYh6z8IFYwPA4on+
+WHe9neIppNBsiLuj1BeVtqVTvqIMprYYgsSK8QtcNOXP6o0a+fkH4PLSDLCGeWe
glR3yWH/f1TD6egEdoNWNpyiPe6PW1ey4FLOMFxNO/J50NDSkoKelrobTPnFHhfs
SdaQGuqq3/aIG0RU+hJvs9tA7A3IL+w6kawr9u9VPer2/Fa36q6kOPHBUKEygEXY
z9apMAmFwUNh2/gjuM93
-----END CERTIFICATE-----
Generated at Sun Jun 8 04:46:12 2025 by rpki-client