Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/7176f6-371d-45b9-b276-877cf21c8f7b/1/M7R2UHHJlETHSR8o10ZhPmjnSrQ.roa
File: M7R2UHHJlETHSR8o10ZhPmjnSrQ.roa (raw, json)
Hash identifier: 48LCEV6BiMysqNLuoMNmOC2etuBDhXK4TMcdmnpSDVw=
Subject key identifier: 33:B4:76:50:71:C9:94:44:C7:49:1F:28:D7:46:61:3E:68:E7:4A:B4
Certificate issuer: /CN=d351a8c5703dd1408959aa35592558ff51a243e9
Certificate serial: 01948F9008D9F554C791F70980D235DE9A15
Authority key identifier: D3:51:A8:C5:70:3D:D1:40:89:59:AA:35:59:25:58:FF:51:A2:43:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/01GoxXA90UCJWao1WSVY_1GiQ-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/7176f6-371d-45b9-b276-877cf21c8f7b/1/M7R2UHHJlETHSR8o10ZhPmjnSrQ.roa
Signing time: Wed 22 Jan 2025 19:49:28 +0000
ROA not before: Wed 22 Jan 2025 19:49:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47603
IP address blocks: 78.41.61.0/24 maxlen: 27
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/31/7176f6-371d-45b9-b276-877cf21c8f7b/1/01GoxXA90UCJWao1WSVY_1GiQ-k.crl
rsync://rpki.ripe.net/repository/DEFAULT/31/7176f6-371d-45b9-b276-877cf21c8f7b/1/01GoxXA90UCJWao1WSVY_1GiQ-k.mft
rsync://rpki.ripe.net/repository/DEFAULT/01GoxXA90UCJWao1WSVY_1GiQ-k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:8f:90:08:d9:f5:54:c7:91:f7:09:80:d2:35:de:9a:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d351a8c5703dd1408959aa35592558ff51a243e9
Validity
Not Before: Jan 22 19:49:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=33b4765071c99444c7491f28d746613e68e74ab4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:c3:12:75:0e:c4:00:3e:20:0f:2d:a8:04:27:
5b:c0:72:b8:e4:92:fa:10:1b:9f:9b:e7:5e:c2:50:
62:ff:83:91:61:de:50:e5:ba:16:b1:5a:2b:84:23:
05:c2:ad:ff:27:42:28:88:06:99:b6:42:65:4d:37:
f7:e9:71:95:42:8a:8b:4c:47:3a:78:a6:a1:74:25:
98:c7:ce:e5:43:db:4b:95:01:a2:f3:94:2b:ba:72:
12:29:39:74:25:74:ab:30:fb:1a:c9:f5:fe:62:a7:
65:37:5d:f5:1d:a4:1a:11:80:bb:41:c6:3b:96:b6:
ff:14:bc:78:07:84:10:c7:0b:d2:16:ba:bf:2d:db:
11:5a:d1:54:82:f7:dc:b8:5e:7d:c5:87:b5:8f:67:
d8:84:2f:d4:f9:b1:d0:53:38:c5:5c:f5:31:3e:7a:
68:b2:b1:1d:12:66:c7:77:c2:46:16:75:5f:59:33:
ae:49:2c:70:26:42:6e:f7:df:39:6b:3d:03:96:aa:
6e:d5:df:5a:65:5d:31:d1:6c:40:b2:a4:b5:0a:53:
d5:fc:b1:d5:7d:9a:9d:1b:03:96:5c:36:f9:80:ca:
04:08:3d:76:05:ec:31:8d:9c:80:ec:31:a3:9a:87:
f8:ce:4e:6a:f6:5d:ed:60:28:c4:e4:eb:6c:33:ce:
3c:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:B4:76:50:71:C9:94:44:C7:49:1F:28:D7:46:61:3E:68:E7:4A:B4
X509v3 Authority Key Identifier:
keyid:D3:51:A8:C5:70:3D:D1:40:89:59:AA:35:59:25:58:FF:51:A2:43:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/01GoxXA90UCJWao1WSVY_1GiQ-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/7176f6-371d-45b9-b276-877cf21c8f7b/1/M7R2UHHJlETHSR8o10ZhPmjnSrQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/7176f6-371d-45b9-b276-877cf21c8f7b/1/01GoxXA90UCJWao1WSVY_1GiQ-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.41.61.0/24
Signature Algorithm: sha256WithRSAEncryption
34:be:c2:a9:c8:73:25:cc:f5:ba:e7:8a:36:4d:32:0f:d6:71:
14:f3:27:8a:f4:a0:c3:d6:30:ee:71:88:32:7e:ed:d1:16:69:
c2:0e:00:d2:b1:aa:a0:29:7e:a1:3d:1d:ec:a9:46:5a:16:7f:
61:1e:67:0e:7a:a2:15:16:5b:cf:5c:84:4d:e0:6e:fb:52:26:
45:f5:f7:2b:2e:49:99:8e:ba:5c:14:04:40:02:0d:39:54:81:
7f:9a:16:91:a1:0d:7c:a2:c9:b5:88:5e:13:82:11:ae:fd:07:
cd:c2:54:29:8a:1b:ab:17:a0:4a:87:eb:17:4f:f9:bc:a5:52:
09:dc:5a:06:4b:ca:ed:a5:c1:2d:52:2b:06:a1:7f:39:c3:06:
85:cd:9d:e1:22:57:fe:6b:24:0a:65:e1:84:b0:56:9a:4a:5f:
d0:42:30:47:16:df:8b:fd:09:d5:d5:68:0a:68:7f:a3:0d:9b:
32:27:27:60:a6:52:48:f6:46:a2:ba:ac:6d:f3:8c:29:ce:83:
f8:e8:b0:2d:4a:33:0d:8f:13:ce:d1:d5:bf:01:a1:35:3d:db:
22:12:dc:d9:33:89:ec:0d:17:c4:41:65:49:fa:de:52:f0:b2:
e6:f8:63:2a:16:ca:19:45:26:4e:4b:ff:18:30:0a:0a:1d:03:
8b:1a:37:9b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZSPkAjZ9VTHkfcJgNI13poVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNTFhOGM1NzAzZGQxNDA4OTU5YWEzNTU5MjU1OGZmNTFh
MjQzZTkwHhcNMjUwMTIyMTk0OTI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2I0NzY1MDcxYzk5NDQ0Yzc0OTFmMjhkNzQ2NjEzZTY4ZTc0YWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4cMSdQ7EAD4gDy2oBCdbwHK45JL6
EBufm+dewlBi/4ORYd5Q5boWsVorhCMFwq3/J0IoiAaZtkJlTTf36XGVQoqLTEc6
eKahdCWYx87lQ9tLlQGi85QrunISKTl0JXSrMPsayfX+YqdlN131HaQaEYC7QcY7
lrb/FLx4B4QQxwvSFrq/LdsRWtFUgvfcuF59xYe1j2fYhC/U+bHQUzjFXPUxPnpo
srEdEmbHd8JGFnVfWTOuSSxwJkJu9985az0Dlqpu1d9aZV0x0WxAsqS1ClPV/LHV
fZqdGwOWXDb5gMoECD12BewxjZyA7DGjmof4zk5q9l3tYCjE5OtsM848HQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDO0dlBxyZREx0kfKNdGYT5o50q0MB8GA1UdIwQY
MBaAFNNRqMVwPdFAiVmqNVklWP9RokPpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDFHb3hYQTkwVUNKV2FvMVdTVllfMUdpUS1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS83MTc2ZjYtMzcxZC00NWI5LWIyNzYt
ODc3Y2YyMWM4ZjdiLzEvTTdSMlVISEpsRVRIU1I4bzEwWmhQbWpuU3JRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS83MTc2ZjYtMzcxZC00NWI5LWIyNzYtODc3Y2YyMWM4Zjdi
LzEvMDFHb3hYQTkwVUNKV2FvMVdTVllfMUdpUS1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATik9MA0G
CSqGSIb3DQEBCwUAA4IBAQA0vsKpyHMlzPW654o2TTIP1nEU8yeK9KDD1jDucYgy
fu3RFmnCDgDSsaqgKX6hPR3sqUZaFn9hHmcOeqIVFlvPXIRN4G77UiZF9fcrLkmZ
jrpcFARAAg05VIF/mhaRoQ18osm1iF4TghGu/QfNwlQpihurF6BKh+sXT/m8pVIJ
3FoGS8rtpcEtUisGoX85wwaFzZ3hIlf+ayQKZeGEsFaaSl/QQjBHFt+L/QnV1WgK
aH+jDZsyJydgplJI9kaiuqxt84wpzoP46LAtSjMNjxPO0dW/AaE1PdsiEtzZM4ns
DRfEQWVJ+t5S8LLm+GMqFsoZRSZOS/8YMAoKHQOLGjeb
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:47:28 2025 by rpki-client