Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/f9jdflLlaVD6_acxgHS70CnshyM.roa
File: f9jdflLlaVD6_acxgHS70CnshyM.roa (raw, json)
Hash identifier: RJfa5YMDYmtHPa3CN5WjZPEc1c2cOANk1rL9b57/9cE=
Subject key identifier: 7F:D8:DD:7E:52:E5:69:50:FA:FD:A7:31:80:74:BB:D0:29:EC:87:23
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 01942445173B6B0B673BF7E364C075B9CC1E
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/f9jdflLlaVD6_acxgHS70CnshyM.roa
Signing time: Wed 01 Jan 2025 23:48:15 +0000
ROA not before: Wed 01 Jan 2025 23:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43350
IP address blocks: 31.222.239.0/24 maxlen: 24
45.67.120.0/22 maxlen: 22
45.148.152.0/22 maxlen: 22
217.114.41.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.mft
rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 08:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:17:3b:6b:0b:67:3b:f7:e3:64:c0:75:b9:cc:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Jan 1 23:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7fd8dd7e52e56950fafda7318074bbd029ec8723
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:9f:9d:70:74:e1:71:7e:1d:6e:af:e5:bb:a7:
6c:b4:b2:ff:10:11:22:da:e7:8a:96:1e:d5:0b:3d:
5a:d9:ed:59:e4:cc:64:27:b0:1f:50:59:c3:db:59:
0c:ac:cf:1a:4a:77:8c:c1:79:74:eb:ae:ba:f8:30:
7a:b4:40:3a:be:7e:57:12:a9:2f:6b:a8:81:a6:26:
db:d4:82:76:dd:b0:be:e6:c6:d1:3e:f5:29:3b:30:
45:f0:bc:87:cb:ea:55:fe:e8:07:0d:98:1f:f7:fe:
e9:d3:5c:4b:8b:ee:a1:16:b0:c9:12:a2:71:ad:67:
ac:20:2a:63:26:3f:e5:ab:01:3d:0e:e9:65:fd:fa:
e0:b3:81:2e:0e:28:23:8d:86:be:99:04:b5:e1:32:
88:3a:22:ab:48:49:48:6a:1f:89:42:52:08:e0:f8:
5d:e2:b3:ee:af:93:f4:ca:33:ed:30:24:e8:96:66:
19:a7:80:33:26:9b:af:f5:f0:29:a2:69:9f:f2:f2:
35:f0:12:8f:e0:d0:11:ed:45:6e:54:78:4e:41:5a:
7c:8a:7b:ea:7c:4f:fc:8e:41:26:57:31:22:92:1a:
bb:4b:61:e9:6e:d9:0a:9d:ef:86:3a:7b:f5:38:30:
b0:35:37:02:37:89:c1:ca:07:02:ff:8b:3a:35:0c:
cf:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:D8:DD:7E:52:E5:69:50:FA:FD:A7:31:80:74:BB:D0:29:EC:87:23
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/f9jdflLlaVD6_acxgHS70CnshyM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.222.239.0/24
45.67.120.0/22
45.148.152.0/22
217.114.41.0/24
Signature Algorithm: sha256WithRSAEncryption
06:71:24:9d:38:cb:c4:f1:31:35:6d:d8:fa:d9:31:b9:54:b4:
5b:07:71:47:32:7e:bf:55:d0:08:ee:ee:8f:e7:f0:8d:46:0a:
55:96:86:19:96:eb:f2:64:ad:b6:71:4f:f9:b9:44:03:05:3c:
8d:95:b8:95:89:81:3a:eb:03:4a:0a:92:12:4a:f3:cb:b8:d0:
ef:31:d5:b6:31:f1:fc:c2:0f:3c:6c:80:76:29:90:bc:99:c1:
2e:85:0d:c7:40:21:7e:c5:04:d3:1c:34:39:18:13:9f:1f:22:
0c:ad:f7:7c:72:bf:60:08:fa:c1:cf:fe:39:42:99:06:12:97:
4d:e8:79:69:ab:7f:d1:e7:40:d7:d8:fe:f0:1d:39:14:a3:fe:
db:46:d1:7e:f4:aa:9a:e8:31:31:e9:4b:72:27:eb:74:8a:19:
e8:5f:04:a6:42:22:fd:80:1e:a0:c3:0c:2a:10:b6:e8:20:9e:
13:28:48:1d:8b:67:99:4e:df:78:8e:f7:a1:bf:67:15:24:30:
c6:36:ca:84:04:ae:93:d0:4e:df:00:c0:60:76:60:66:c5:b7:
a9:0f:4f:fc:02:a8:33:96:86:9d:44:82:3b:a7:9c:50:a4:c0:
5c:a5:89:aa:07:27:e3:cc:76:29:34:c4:82:4c:01:02:c5:3e:
c5:f8:67:47
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQkRRc7awtnO/fjZMB1ucweMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjUwMTAxMjM0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmQ4ZGQ3ZTUyZTU2OTUwZmFmZGE3MzE4MDc0YmJkMDI5ZWM4NzIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyp+dcHThcX4dbq/lu6dstLL/EBEi
2ueKlh7VCz1a2e1Z5MxkJ7AfUFnD21kMrM8aSneMwXl06666+DB6tEA6vn5XEqkv
a6iBpibb1IJ23bC+5sbRPvUpOzBF8LyHy+pV/ugHDZgf9/7p01xLi+6hFrDJEqJx
rWesICpjJj/lqwE9Dull/frgs4EuDigjjYa+mQS14TKIOiKrSElIah+JQlII4Phd
4rPur5P0yjPtMCTolmYZp4AzJpuv9fApommf8vI18BKP4NAR7UVuVHhOQVp8invq
fE/8jkEmVzEikhq7S2HpbtkKne+GOnv1ODCwNTcCN4nBygcC/4s6NQzPtwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFH/Y3X5S5WlQ+v2nMYB0u9Ap7IcjMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvZjlqZGZsTGxhVkQ2X2FjeGdIUzcwQ25zaHlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAH97vAwQC
LUN4AwQCLZSYAwQA2XIpMA0GCSqGSIb3DQEBCwUAA4IBAQAGcSSdOMvE8TE1bdj6
2TG5VLRbB3FHMn6/VdAI7u6P5/CNRgpVloYZluvyZK22cU/5uUQDBTyNlbiViYE6
6wNKCpISSvPLuNDvMdW2MfH8wg88bIB2KZC8mcEuhQ3HQCF+xQTTHDQ5GBOfHyIM
rfd8cr9gCPrBz/45QpkGEpdN6Hlpq3/R50DX2P7wHTkUo/7bRtF+9Kqa6DEx6Uty
J+t0ihnoXwSmQiL9gB6gwwwqELboIJ4TKEgdi2eZTt94jvehv2cVJDDGNsqEBK6T
0E7fAMBgdmBmxbepD0/8AqgzloadRII7p5xQpMBcpYmqByfjzHYpNMSCTAECxT7F
+GdH
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:18:24 2025 by rpki-client