Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/0e7b29-6297-42ca-8f33-5dfccd61a9b1/1/09p6kbowRqEqmGsIE-X77ssBdvE.roa
File: 09p6kbowRqEqmGsIE-X77ssBdvE.roa (raw, json)
Hash identifier: aNbCunzaHj8fcPNQtO0tqEMAuZSFNh6caJLvvgjcZUM=
Subject key identifier: D3:DA:7A:91:BA:30:46:A1:2A:98:6B:08:13:E5:FB:EE:CB:01:76:F1
Certificate issuer: /CN=54b48731e29f27d687576d6863adbda080709bfe
Certificate serial: 0196208F6B43DA060218918F6ACD26B6EB22
Authority key identifier: 54:B4:87:31:E2:9F:27:D6:87:57:6D:68:63:AD:BD:A0:80:70:9B:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VLSHMeKfJ9aHV21oY629oIBwm_4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/0e7b29-6297-42ca-8f33-5dfccd61a9b1/1/09p6kbowRqEqmGsIE-X77ssBdvE.roa
Signing time: Thu 10 Apr 2025 16:36:32 +0000
ROA not before: Thu 10 Apr 2025 16:36:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42330
IP address blocks: 78.41.136.0/24 maxlen: 24
2a13:3840:1000::/39 maxlen: 39
2a13:3840:2000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/0e7b29-6297-42ca-8f33-5dfccd61a9b1/1/VLSHMeKfJ9aHV21oY629oIBwm_4.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/0e7b29-6297-42ca-8f33-5dfccd61a9b1/1/VLSHMeKfJ9aHV21oY629oIBwm_4.mft
rsync://rpki.ripe.net/repository/DEFAULT/VLSHMeKfJ9aHV21oY629oIBwm_4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 14:46:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:20:8f:6b:43:da:06:02:18:91:8f:6a:cd:26:b6:eb:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54b48731e29f27d687576d6863adbda080709bfe
Validity
Not Before: Apr 10 16:36:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d3da7a91ba3046a12a986b0813e5fbeecb0176f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:f7:32:74:ca:11:06:e4:9f:1b:af:e2:cf:2a:
37:2d:75:a6:c4:7e:1f:87:35:d1:a1:23:ec:dd:ba:
c8:44:47:06:d4:50:f9:e1:f9:3c:f9:30:70:b5:13:
79:60:cd:f2:8d:7b:67:71:4e:a6:1b:ab:0b:18:7e:
f7:a2:b6:74:59:9a:58:c3:74:ae:c6:93:c0:a8:16:
b3:ef:ee:be:2b:77:f1:20:fb:bb:0c:86:23:b6:00:
91:50:8e:62:92:07:58:bf:71:09:7c:17:75:be:48:
27:47:a1:d5:81:b0:d3:17:de:36:37:31:d7:7f:91:
ac:73:1c:ff:91:7b:6f:6c:ae:b5:2d:e5:06:ed:5e:
21:79:a5:92:13:0e:3a:8e:55:4e:dd:5e:fe:5e:81:
7a:97:9b:26:72:a6:a6:32:7b:81:fc:99:2d:84:b4:
d6:04:12:91:56:ef:f9:01:69:d1:81:4a:10:b2:0f:
09:05:53:a2:e4:16:74:8c:44:2b:bc:16:70:d0:ce:
04:ac:ce:a8:dc:97:1d:28:c7:f9:6a:6c:94:96:04:
29:77:f4:9e:65:b1:33:4c:f5:cc:d3:06:0e:80:c5:
2a:98:be:18:61:b5:e7:1f:cf:f9:50:26:65:4a:26:
88:1c:d6:d6:31:e5:2f:f4:5e:2c:30:29:89:cc:a0:
f0:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:DA:7A:91:BA:30:46:A1:2A:98:6B:08:13:E5:FB:EE:CB:01:76:F1
X509v3 Authority Key Identifier:
keyid:54:B4:87:31:E2:9F:27:D6:87:57:6D:68:63:AD:BD:A0:80:70:9B:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VLSHMeKfJ9aHV21oY629oIBwm_4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/0e7b29-6297-42ca-8f33-5dfccd61a9b1/1/09p6kbowRqEqmGsIE-X77ssBdvE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/0e7b29-6297-42ca-8f33-5dfccd61a9b1/1/VLSHMeKfJ9aHV21oY629oIBwm_4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.41.136.0/24
IPv6:
2a13:3840:1000::/39
2a13:3840:2000::/48
Signature Algorithm: sha256WithRSAEncryption
8e:6a:f6:30:83:25:12:6b:71:32:44:39:e1:4d:66:fe:fc:96:
6c:24:00:80:08:0a:5c:83:7c:c2:d6:b3:1c:ce:b3:e0:8b:16:
4b:28:4f:5e:ce:3d:e7:d6:10:99:cb:7d:f4:18:e9:eb:4f:5e:
fe:3b:5b:a1:c8:be:36:2c:20:96:c2:aa:6d:f1:a4:ee:de:42:
80:8a:51:00:e6:36:31:17:a0:a9:3e:e9:39:cc:54:8c:7b:77:
62:b6:4c:6e:0d:6d:b8:16:9a:cc:89:b5:c6:67:95:46:b2:1b:
02:f5:af:87:b5:31:9e:0c:48:41:a6:69:7a:45:e8:76:1e:9e:
b1:fd:75:fe:c9:b6:f4:71:c9:47:90:a5:45:91:23:87:06:97:
a0:a4:16:88:78:a4:6e:8c:3d:56:6d:ae:31:96:c8:e2:52:5a:
2d:1e:e7:78:d9:be:66:fa:86:bf:20:bb:88:f8:f7:7d:e2:09:
28:c7:bb:66:c0:14:d4:6d:a9:17:52:9c:f0:e3:7d:07:44:74:
bf:93:cf:04:ce:72:68:d2:bd:87:81:7f:12:2c:01:54:50:14:
2d:e1:52:9e:93:de:35:c0:0e:e5:98:bc:8b:ac:af:53:eb:27:
30:e9:21:65:72:08:d2:02:69:90:8f:d4:c1:e2:1e:d0:c4:08:
40:8d:fa:e3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZYgj2tD2gYCGJGPas0mtusiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0YjQ4NzMxZTI5ZjI3ZDY4NzU3NmQ2ODYzYWRiZGEwODA3
MDliZmUwHhcNMjUwNDEwMTYzNjMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2RhN2E5MWJhMzA0NmExMmE5ODZiMDgxM2U1ZmJlZWNiMDE3NmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6/cydMoRBuSfG6/izyo3LXWmxH4f
hzXRoSPs3brIREcG1FD54fk8+TBwtRN5YM3yjXtncU6mG6sLGH73orZ0WZpYw3Su
xpPAqBaz7+6+K3fxIPu7DIYjtgCRUI5ikgdYv3EJfBd1vkgnR6HVgbDTF942NzHX
f5Gscxz/kXtvbK61LeUG7V4heaWSEw46jlVO3V7+XoF6l5smcqamMnuB/JkthLTW
BBKRVu/5AWnRgUoQsg8JBVOi5BZ0jEQrvBZw0M4ErM6o3JcdKMf5amyUlgQpd/Se
ZbEzTPXM0wYOgMUqmL4YYbXnH8/5UCZlSiaIHNbWMeUv9F4sMCmJzKDwPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNPaepG6MEahKphrCBPl++7LAXbxMB8GA1UdIwQY
MBaAFFS0hzHinyfWh1dtaGOtvaCAcJv+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkxTSE1lS2ZKOWFIVjIxb1k2MjlvSUJ3bV80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8wZTdiMjktNjI5Ny00MmNhLThmMzMt
NWRmY2NkNjFhOWIxLzEvMDlwNmtib3dScUVxbUdzSUUtWDc3c3NCZHZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8wZTdiMjktNjI5Ny00MmNhLThmMzMtNWRmY2NkNjFhOWIx
LzEvVkxTSE1lS2ZKOWFIVjIxb1k2MjlvSUJ3bV80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAMBAIAATAGAwQATimIMBcE
AgACMBEDBgEqEzhAEAMHACoTOEAgADANBgkqhkiG9w0BAQsFAAOCAQEAjmr2MIMl
EmtxMkQ54U1m/vyWbCQAgAgKXIN8wtazHM6z4IsWSyhPXs4959YQmct99Bjp609e
/jtboci+NiwglsKqbfGk7t5CgIpRAOY2MRegqT7pOcxUjHt3YrZMbg1tuBaazIm1
xmeVRrIbAvWvh7UxngxIQaZpekXodh6esf11/sm29HHJR5ClRZEjhwaXoKQWiHik
bow9Vm2uMZbI4lJaLR7neNm+ZvqGvyC7iPj3feIJKMe7ZsAU1G2pF1Kc8ON9B0R0
v5PPBM5yaNK9h4F/EiwBVFAULeFSnpPeNcAO5Zi8i6yvU+snMOkhZXII0gJpkI/U
weIe0MQIQI364w==
-----END CERTIFICATE-----
Generated at Tue Apr 22 22:02:07 2025 by rpki-client