Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/8eda9a-d13c-4430-8cf4-57ec12e8641e/1/1-Rh4xR4UjkOh8VqSY4pK4d1pRds.roa
File: 1-Rh4xR4UjkOh8VqSY4pK4d1pRds.roa (raw, json)
Hash identifier: x3ETC4RsRxr7b/UEU+/7lhOsihrtUte3yh6z17TAj9w=
Subject key identifier: F9:18:78:C5:1E:14:8E:43:A1:F1:5A:92:63:8A:4A:E1:DD:69:45:DB
Certificate issuer: /CN=a499903dab85f6a59772b3edfd4bf0e491af57c4
Certificate serial: 0194258FBCB688D59F64AAC1A6C8124DD77B
Authority key identifier: A4:99:90:3D:AB:85:F6:A5:97:72:B3:ED:FD:4B:F0:E4:91:AF:57:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pJmQPauF9qWXcrPt_Uvw5JGvV8Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/8eda9a-d13c-4430-8cf4-57ec12e8641e/1/1-Rh4xR4UjkOh8VqSY4pK4d1pRds.roa
Signing time: Thu 02 Jan 2025 05:49:24 +0000
ROA not before: Thu 02 Jan 2025 05:49:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 680
IP address blocks: 141.39.0.0/16 maxlen: 16
188.1.0.0/16 maxlen: 16
188.1.101.0/24 maxlen: 24
192.76.176.0/24 maxlen: 24
192.108.67.0/24 maxlen: 24
192.108.69.0/24 maxlen: 24
192.108.70.0/24 maxlen: 24
192.108.71.0/24 maxlen: 24
192.129.26.0/23 maxlen: 23
192.129.28.0/23 maxlen: 23
192.129.31.0/24 maxlen: 24
193.174.0.0/15 maxlen: 15
194.94.0.0/15 maxlen: 15
195.37.0.0/16 maxlen: 16
212.201.0.0/16 maxlen: 16
2001:638::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/8eda9a-d13c-4430-8cf4-57ec12e8641e/1/pJmQPauF9qWXcrPt_Uvw5JGvV8Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/8eda9a-d13c-4430-8cf4-57ec12e8641e/1/pJmQPauF9qWXcrPt_Uvw5JGvV8Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/pJmQPauF9qWXcrPt_Uvw5JGvV8Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 05:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:bc:b6:88:d5:9f:64:aa:c1:a6:c8:12:4d:d7:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a499903dab85f6a59772b3edfd4bf0e491af57c4
Validity
Not Before: Jan 2 05:49:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f91878c51e148e43a1f15a92638a4ae1dd6945db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:0a:fe:57:5e:cc:13:9e:20:02:4f:07:77:f3:
eb:e3:d8:72:c6:2a:72:4d:62:f0:52:68:eb:23:82:
74:61:6c:90:b3:35:8d:0e:ea:ca:7c:63:37:80:d8:
d6:23:c2:33:bc:d5:47:5b:e4:b9:aa:96:e8:f3:3d:
50:6d:06:cb:c5:ab:af:01:3e:5f:0c:8d:b9:6c:ca:
86:48:67:b8:e8:1b:b4:8f:ee:af:e3:5f:15:8b:4a:
e5:db:a7:0e:ae:2b:b3:29:8d:05:81:30:71:1b:69:
81:70:09:5f:9c:81:a0:8a:3a:b5:e8:44:8b:eb:63:
4d:16:7e:4d:83:d4:f3:b8:32:7e:4d:d9:39:78:ea:
90:9c:49:19:17:9f:76:1a:06:8a:19:66:3f:e7:5c:
a1:57:c8:76:ae:39:f9:26:37:65:27:c3:30:11:01:
ff:88:52:0d:6c:e9:87:50:e5:a1:53:7b:11:b1:36:
49:9f:4a:2e:7a:ab:f3:3f:84:59:63:76:6c:26:cb:
c5:1f:18:b6:38:6b:6e:7d:d9:ac:f2:f4:2b:db:e0:
0a:66:82:12:1a:5d:a8:46:98:ec:bf:68:2c:80:46:
e4:1a:7e:b9:5e:ab:0d:30:22:31:e9:df:55:41:a6:
48:90:d8:5c:a3:98:75:f0:94:3b:f6:e6:d6:fe:81:
ed:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:18:78:C5:1E:14:8E:43:A1:F1:5A:92:63:8A:4A:E1:DD:69:45:DB
X509v3 Authority Key Identifier:
keyid:A4:99:90:3D:AB:85:F6:A5:97:72:B3:ED:FD:4B:F0:E4:91:AF:57:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pJmQPauF9qWXcrPt_Uvw5JGvV8Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/8eda9a-d13c-4430-8cf4-57ec12e8641e/1/1-Rh4xR4UjkOh8VqSY4pK4d1pRds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/8eda9a-d13c-4430-8cf4-57ec12e8641e/1/pJmQPauF9qWXcrPt_Uvw5JGvV8Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.39.0.0/16
188.1.0.0/16
192.76.176.0/24
192.108.67.0/24
192.108.69.0-192.108.71.255
192.129.26.0-192.129.29.255
192.129.31.0/24
193.174.0.0/15
194.94.0.0/15
195.37.0.0/16
212.201.0.0/16
IPv6:
2001:638::/32
Signature Algorithm: sha256WithRSAEncryption
17:f2:72:16:14:13:da:a5:61:2b:18:1e:17:4a:f9:4d:fd:2e:
69:84:9f:a3:de:4e:1e:3f:bf:86:1e:12:b1:3a:69:64:f5:5f:
7b:81:27:ad:ab:66:dc:b6:4f:69:bf:4f:be:19:8b:a7:cb:65:
ac:b3:59:64:90:66:d3:9c:0c:44:36:13:7e:29:0c:c5:29:09:
a9:72:7c:69:8c:54:d2:b2:4d:4e:6f:03:39:88:0d:3e:09:a2:
0d:4e:83:b4:23:7e:22:ae:a3:28:64:37:48:a4:ee:c5:3f:bf:
be:15:e5:a6:f1:b6:26:64:af:ac:ff:ab:10:2c:29:d8:a8:e5:
b4:36:74:16:e7:6d:49:5d:27:5b:16:97:32:de:7f:43:45:1f:
6a:b8:83:43:35:a6:5a:94:d9:91:75:93:0b:9a:e0:1f:f4:bd:
12:59:8f:ef:ed:16:b4:6f:47:25:96:4d:07:2a:8e:d9:0b:aa:
10:55:39:70:1e:32:f9:a7:92:db:23:74:8f:fa:f0:e5:b8:23:
e5:ea:ff:05:08:c8:0a:a3:d3:e1:94:0e:8f:c2:b9:f3:70:5a:
ac:f4:90:75:27:e2:77:3c:68:e3:d4:09:da:69:1f:75:5d:05:
ea:c5:84:cc:5b:9b:62:c1:e9:36:8a:2d:bd:49:fe:9d:1a:3e:
8a:25:7f:06
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAZQlj7y2iNWfZKrBpsgSTdd7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0OTk5MDNkYWI4NWY2YTU5NzcyYjNlZGZkNGJmMGU0OTFh
ZjU3YzQwHhcNMjUwMTAyMDU0OTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTE4NzhjNTFlMTQ4ZTQzYTFmMTVhOTI2MzhhNGFlMWRkNjk0NWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAowr+V17ME54gAk8Hd/Pr49hyxipy
TWLwUmjrI4J0YWyQszWNDurKfGM3gNjWI8IzvNVHW+S5qpbo8z1QbQbLxauvAT5f
DI25bMqGSGe46Bu0j+6v418Vi0rl26cOriuzKY0FgTBxG2mBcAlfnIGgijq16ESL
62NNFn5Ng9TzuDJ+Tdk5eOqQnEkZF592GgaKGWY/51yhV8h2rjn5JjdlJ8MwEQH/
iFINbOmHUOWhU3sRsTZJn0oueqvzP4RZY3ZsJsvFHxi2OGtufdms8vQr2+AKZoIS
Gl2oRpjsv2gsgEbkGn65XqsNMCIx6d9VQaZIkNhco5h18JQ79ubW/oHtvwIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFPkYeMUeFI5DofFakmOKSuHdaUXbMB8GA1UdIwQY
MBaAFKSZkD2rhfall3Kz7f1L8OSRr1fEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEptUVBhdUY5cVdYY3JQdF9Vdnc1Skd2VjhRLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC84ZWRhOWEtZDEzYy00NDMwLThjZjQt
NTdlYzEyZTg2NDFlLzEvMS1SaDR4UjRVamtPaDhWcVNZNHBLNGQxcFJkcy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMmQvOGVkYTlhLWQxM2MtNDQzMC04Y2Y0LTU3ZWMxMmU4NjQx
ZS8xL3BKbVFQYXVGOXFXWGNyUHRfVXZ3NUpHdlY4US5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjB0BggrBgEFBQcBBwEB/wRlMGMwUgQCAAEwTAMDAI0nAwMA
vAEDBADATLADBADAbEMwDAMEAMBsRQMEA8BsQDAMAwQBwIEaAwQBwIEcAwQAwIEf
AwMBwa4DAwHCXgMDAMMlAwMA1MkwDQQCAAIwBwMFACABBjgwDQYJKoZIhvcNAQEL
BQADggEBABfychYUE9qlYSsYHhdK+U39LmmEn6PeTh4/v4YeErE6aWT1X3uBJ62r
Zty2T2m/T74Zi6fLZayzWWSQZtOcDEQ2E34pDMUpCalyfGmMVNKyTU5vAzmIDT4J
og1Og7QjfiKuoyhkN0ik7sU/v74V5abxtiZkr6z/qxAsKdio5bQ2dBbnbUldJ1sW
lzLef0NFH2q4g0M1plqU2ZF1kwua4B/0vRJZj+/tFrRvRyWWTQcqjtkLqhBVOXAe
MvmnktsjdI/68OW4I+Xq/wUIyAqj0+GUDo/CufNwWqz0kHUn4nc8aOPUCdppH3Vd
BerFhMxbm2LB6TaKLb1J/p0aPoolfwY=
-----END CERTIFICATE-----
Generated at Sat Apr 12 12:42:07 2025 by rpki-client