Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/db912f-bf6d-4f24-96ae-cc7b28990b81/1/eFaXAXJtU1k2p2wxUd4r6QNwVqc.roa
File: eFaXAXJtU1k2p2wxUd4r6QNwVqc.roa (raw, json)
Hash identifier: RkwbFEsvbm5cD3j9VERr9RV6cFSAdbYRW8TdBaZFLJI=
Subject key identifier: 78:56:97:01:72:6D:53:59:36:A7:6C:31:51:DE:2B:E9:03:70:56:A7
Certificate issuer: /CN=fc195bd682a8e9a124d5853dc5e908aae7339bae
Certificate serial: 0194228DAC4263E63503B251126DA6EFC1E2
Authority key identifier: FC:19:5B:D6:82:A8:E9:A1:24:D5:85:3D:C5:E9:08:AA:E7:33:9B:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_Blb1oKo6aEk1YU9xekIquczm64.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/db912f-bf6d-4f24-96ae-cc7b28990b81/1/eFaXAXJtU1k2p2wxUd4r6QNwVqc.roa
Signing time: Wed 01 Jan 2025 15:48:17 +0000
ROA not before: Wed 01 Jan 2025 15:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 2.57.28.0/22 maxlen: 22
139.28.226.0/24 maxlen: 24
193.168.220.0/22 maxlen: 22
194.93.32.0/24 maxlen: 24
194.93.33.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/db912f-bf6d-4f24-96ae-cc7b28990b81/1/_Blb1oKo6aEk1YU9xekIquczm64.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/db912f-bf6d-4f24-96ae-cc7b28990b81/1/_Blb1oKo6aEk1YU9xekIquczm64.mft
rsync://rpki.ripe.net/repository/DEFAULT/_Blb1oKo6aEk1YU9xekIquczm64.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 16:11:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:ac:42:63:e6:35:03:b2:51:12:6d:a6:ef:c1:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc195bd682a8e9a124d5853dc5e908aae7339bae
Validity
Not Before: Jan 1 15:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=78569701726d535936a76c3151de2be9037056a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:ed:e7:c5:0b:62:24:cf:c5:ce:a4:cd:f4:14:
ec:4b:55:c4:cb:97:47:4b:29:e1:fe:45:e3:ee:99:
28:fb:9c:eb:20:1f:7f:df:5d:a3:27:66:57:f9:a4:
25:f3:4b:1f:a6:ff:a3:f8:85:c3:8f:0c:f2:67:e2:
78:30:ec:05:a3:41:14:fd:c0:13:28:32:de:f2:87:
82:78:af:47:5b:41:9b:66:68:9b:85:61:e2:31:4b:
ed:d2:47:3a:66:4b:c9:6d:d7:86:00:f3:bb:d6:1a:
35:a3:ee:a1:84:9c:18:3c:97:98:95:5e:81:91:d7:
00:23:f8:91:b4:a6:63:fa:ae:83:51:7f:40:b3:9f:
1c:a5:8a:99:f1:b2:c0:18:4a:38:be:94:b2:60:97:
d1:ff:50:4f:1c:a3:0e:cb:88:8e:d0:c5:bf:24:75:
51:f0:8d:d8:62:2c:50:7c:65:ed:ba:23:7c:b6:36:
68:78:61:d7:62:f8:24:1e:83:b8:2f:4b:28:8e:77:
68:95:b4:43:9a:e9:45:7d:52:cc:bd:7e:28:b2:0b:
19:57:4b:3b:8b:22:9a:aa:d9:ed:fe:4f:e3:b5:8f:
15:4a:d5:98:4d:c5:cf:3c:27:b2:87:03:f6:31:a1:
2b:94:12:fd:5a:45:d4:58:47:ae:80:8c:e3:28:f4:
94:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:56:97:01:72:6D:53:59:36:A7:6C:31:51:DE:2B:E9:03:70:56:A7
X509v3 Authority Key Identifier:
keyid:FC:19:5B:D6:82:A8:E9:A1:24:D5:85:3D:C5:E9:08:AA:E7:33:9B:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_Blb1oKo6aEk1YU9xekIquczm64.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/db912f-bf6d-4f24-96ae-cc7b28990b81/1/eFaXAXJtU1k2p2wxUd4r6QNwVqc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/db912f-bf6d-4f24-96ae-cc7b28990b81/1/_Blb1oKo6aEk1YU9xekIquczm64.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.28.0/22
139.28.226.0/24
193.168.220.0/22
194.93.32.0/23
Signature Algorithm: sha256WithRSAEncryption
0e:a8:2a:41:ab:88:2b:2f:85:64:ca:8c:3b:0a:09:48:e0:3d:
5f:7c:25:54:e9:3f:d6:5f:42:f8:d9:e0:76:b5:d3:4d:09:84:
d6:ed:1d:f0:a0:7b:4c:14:06:c3:12:ec:31:9f:ac:41:47:fd:
f3:1f:ff:8a:85:3f:8f:4c:9d:db:71:5b:ab:56:f9:0b:91:d1:
77:f5:a1:9a:41:d0:77:32:3f:a5:20:b2:16:26:73:4f:9a:b1:
37:e0:d5:48:df:f1:1d:cc:ec:db:cc:eb:a3:b5:72:45:e1:c5:
f4:10:3d:3b:87:53:b5:e3:7d:6f:b7:cd:c9:32:44:d4:8f:c4:
d0:c7:de:c1:f0:c6:5c:0d:c2:95:fc:cb:32:be:bb:17:ee:b1:
58:86:96:31:2c:fa:5e:20:b6:aa:0e:2b:ff:f4:34:06:66:95:
55:88:02:84:0f:a3:83:03:c6:79:5e:46:ea:d6:04:c4:3e:62:
2c:52:5d:95:bb:ce:a6:d5:51:b2:60:b3:ee:3a:e1:3a:da:55:
3e:15:37:14:e6:34:3c:80:d8:30:6e:f9:8f:2c:41:33:41:f1:
dd:71:7e:e0:58:f4:95:ed:eb:35:53:95:1a:28:c3:e2:02:dd:
12:c1:85:aa:b3:dc:63:8f:53:8c:ec:dd:47:71:dc:7d:28:63:
eb:2d:c7:2a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQijaxCY+Y1A7JREm2m78HiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjMTk1YmQ2ODJhOGU5YTEyNGQ1ODUzZGM1ZTkwOGFhZTcz
MzliYWUwHhcNMjUwMTAxMTU0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODU2OTcwMTcyNmQ1MzU5MzZhNzZjMzE1MWRlMmJlOTAzNzA1NmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzu3nxQtiJM/FzqTN9BTsS1XEy5dH
Synh/kXj7pko+5zrIB9/312jJ2ZX+aQl80sfpv+j+IXDjwzyZ+J4MOwFo0EU/cAT
KDLe8oeCeK9HW0GbZmibhWHiMUvt0kc6ZkvJbdeGAPO71ho1o+6hhJwYPJeYlV6B
kdcAI/iRtKZj+q6DUX9As58cpYqZ8bLAGEo4vpSyYJfR/1BPHKMOy4iO0MW/JHVR
8I3YYixQfGXtuiN8tjZoeGHXYvgkHoO4L0sojndolbRDmulFfVLMvX4osgsZV0s7
iyKaqtnt/k/jtY8VStWYTcXPPCeyhwP2MaErlBL9WkXUWEeugIzjKPSUAwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHhWlwFybVNZNqdsMVHeK+kDcFanMB8GA1UdIwQY
MBaAFPwZW9aCqOmhJNWFPcXpCKrnM5uuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0JsYjFvS282YUVrMVlVOXhla0lxdWN6bTY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9kYjkxMmYtYmY2ZC00ZjI0LTk2YWUt
Y2M3YjI4OTkwYjgxLzEvZUZhWEFYSnRVMWsycDJ3eFVkNHI2UU53VnFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9kYjkxMmYtYmY2ZC00ZjI0LTk2YWUtY2M3YjI4OTkwYjgx
LzEvX0JsYjFvS282YUVrMVlVOXhla0lxdWN6bTY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCAjkcAwQA
ixziAwQCwajcAwQBwl0gMA0GCSqGSIb3DQEBCwUAA4IBAQAOqCpBq4grL4Vkyow7
CglI4D1ffCVU6T/WX0L42eB2tdNNCYTW7R3woHtMFAbDEuwxn6xBR/3zH/+KhT+P
TJ3bcVurVvkLkdF39aGaQdB3Mj+lILIWJnNPmrE34NVI3/EdzOzbzOujtXJF4cX0
ED07h1O1431vt83JMkTUj8TQx97B8MZcDcKV/MsyvrsX7rFYhpYxLPpeILaqDiv/
9DQGZpVViAKED6ODA8Z5Xkbq1gTEPmIsUl2Vu86m1VGyYLPuOuE62lU+FTcU5jQ8
gNgwbvmPLEEzQfHdcX7gWPSV7es1U5UaKMPiAt0SwYWqs9xjj1OM7N1Hcdx9KGPr
Lccq
-----END CERTIFICATE-----
Generated at Thu Apr 10 02:36:05 2025 by rpki-client