Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/01484c-5f28-42f5-b9ea-0787a503ca69/1/m3cUBYWpFoNJDd2-oxdIXkG8VVc.roa
File: m3cUBYWpFoNJDd2-oxdIXkG8VVc.roa (raw, json)
Hash identifier: mpHup3F6Ugyx18V1b4d2pdWmlp5tb6/q3Al4PmenfT8=
Subject key identifier: 9B:77:14:05:85:A9:16:83:49:0D:DD:BE:A3:17:48:5E:41:BC:55:57
Certificate issuer: /CN=b02aa961b477d5423d85b7d43f3efa26326d7090
Certificate serial: 01942826542927AA8ABC1EBBD3C6FF0A6AE5
Authority key identifier: B0:2A:A9:61:B4:77:D5:42:3D:85:B7:D4:3F:3E:FA:26:32:6D:70:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sCqpYbR31UI9hbfUPz76JjJtcJA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/01484c-5f28-42f5-b9ea-0787a503ca69/1/m3cUBYWpFoNJDd2-oxdIXkG8VVc.roa
Signing time: Thu 02 Jan 2025 17:53:08 +0000
ROA not before: Thu 02 Jan 2025 17:53:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15373
IP address blocks: 212.87.224.0/21 maxlen: 21
212.87.232.0/23 maxlen: 23
212.87.234.0/23 maxlen: 23
212.87.236.0/23 maxlen: 23
212.87.238.0/23 maxlen: 23
212.87.253.0/24 maxlen: 24
2a01:698::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/01484c-5f28-42f5-b9ea-0787a503ca69/1/sCqpYbR31UI9hbfUPz76JjJtcJA.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/01484c-5f28-42f5-b9ea-0787a503ca69/1/sCqpYbR31UI9hbfUPz76JjJtcJA.mft
rsync://rpki.ripe.net/repository/DEFAULT/sCqpYbR31UI9hbfUPz76JjJtcJA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:54:29:27:aa:8a:bc:1e:bb:d3:c6:ff:0a:6a:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b02aa961b477d5423d85b7d43f3efa26326d7090
Validity
Not Before: Jan 2 17:53:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9b77140585a91683490dddbea317485e41bc5557
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:de:85:26:a3:98:4b:29:86:36:20:a7:e2:11:
b1:86:6a:70:9b:90:03:ba:56:81:5c:5a:7c:8c:02:
a0:74:d2:b9:14:5f:57:ee:bf:52:12:7e:15:31:98:
50:40:09:ac:3b:88:e4:69:88:25:89:ba:7d:a6:80:
04:1c:c8:df:58:91:39:21:34:b5:ff:e5:2f:ca:8f:
74:48:6d:ea:60:0f:50:83:fe:ff:ac:c5:29:ae:12:
8b:43:8b:f7:55:29:b6:8a:b1:a7:b0:71:e4:23:2a:
c5:8b:65:52:f0:bb:11:6c:1e:7d:3f:ab:f2:b3:54:
59:f3:65:7d:d8:46:7e:68:b1:db:a1:3b:a9:3a:84:
cd:7e:04:f1:48:3a:53:0f:80:a7:9e:98:4e:16:4c:
b9:f4:0e:7c:98:50:70:83:9a:fb:b3:09:52:92:7f:
e5:96:56:4e:0f:24:de:40:c9:28:4e:7c:0e:6e:73:
d7:b8:cb:5f:c3:e1:71:45:98:44:04:9d:a5:f2:ba:
42:92:62:f1:4e:28:5d:0f:34:50:58:77:fc:6e:9e:
c9:d2:0a:7f:58:61:ff:63:77:1a:04:a0:f3:d2:94:
cc:2f:aa:c5:a1:7e:65:d3:79:87:e6:2a:f4:49:86:
3b:c6:fc:cd:2f:b5:99:be:8d:c6:ee:5f:f5:4d:0b:
1e:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:77:14:05:85:A9:16:83:49:0D:DD:BE:A3:17:48:5E:41:BC:55:57
X509v3 Authority Key Identifier:
keyid:B0:2A:A9:61:B4:77:D5:42:3D:85:B7:D4:3F:3E:FA:26:32:6D:70:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sCqpYbR31UI9hbfUPz76JjJtcJA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/01484c-5f28-42f5-b9ea-0787a503ca69/1/m3cUBYWpFoNJDd2-oxdIXkG8VVc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/01484c-5f28-42f5-b9ea-0787a503ca69/1/sCqpYbR31UI9hbfUPz76JjJtcJA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.87.224.0/20
212.87.253.0/24
IPv6:
2a01:698::/32
Signature Algorithm: sha256WithRSAEncryption
24:ec:ff:ad:be:86:86:f0:65:4f:d2:d7:0d:ea:61:57:e4:50:
34:2e:02:2a:ba:9b:a7:96:d4:cb:94:ea:88:f2:84:a2:ce:42:
d4:4a:8c:2a:07:de:00:07:7a:e8:03:d8:ae:28:e9:60:f6:3c:
ff:1c:74:69:a6:8c:54:03:0d:22:ef:c9:74:26:0a:da:f9:69:
58:ae:ab:d5:36:51:1d:dc:1f:e5:9e:e5:69:36:35:5d:7d:6d:
50:66:75:ff:44:67:16:5f:7e:40:28:80:08:bc:c5:44:d1:e5:
2b:d0:d3:c7:7d:39:03:f9:f7:c1:6f:7f:69:77:f2:50:16:2d:
2c:59:06:99:26:a5:cf:28:b3:fc:2b:62:7c:66:7d:29:01:d0:
9c:7e:ba:07:5d:a0:6c:3f:c7:2f:a5:49:ed:b7:75:da:4c:ee:
74:9e:b3:11:61:b1:45:dc:89:12:b4:e7:e6:6e:e5:db:ec:d1:
ad:20:a2:20:e3:36:57:5b:0e:76:46:f9:15:57:fc:f9:dc:88:
ef:c1:3a:68:53:a0:cd:d2:b9:aa:f8:3b:fb:e4:67:c3:20:00:
ec:f2:9a:b6:f4:72:3a:22:44:18:d6:9e:29:a2:6b:56:99:66:
b5:2e:d4:01:a3:e0:b0:c3:b9:f0:3c:ce:da:42:ec:a3:13:17:
85:ea:58:33
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQoJlQpJ6qKvB6708b/CmrlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwMmFhOTYxYjQ3N2Q1NDIzZDg1YjdkNDNmM2VmYTI2MzI2
ZDcwOTAwHhcNMjUwMTAyMTc1MzA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Yjc3MTQwNTg1YTkxNjgzNDkwZGRkYmVhMzE3NDg1ZTQxYmM1NTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoN6FJqOYSymGNiCn4hGxhmpwm5AD
ulaBXFp8jAKgdNK5FF9X7r9SEn4VMZhQQAmsO4jkaYglibp9poAEHMjfWJE5ITS1
/+Uvyo90SG3qYA9Qg/7/rMUprhKLQ4v3VSm2irGnsHHkIyrFi2VS8LsRbB59P6vy
s1RZ82V92EZ+aLHboTupOoTNfgTxSDpTD4CnnphOFky59A58mFBwg5r7swlSkn/l
llZODyTeQMkoTnwObnPXuMtfw+FxRZhEBJ2l8rpCkmLxTihdDzRQWHf8bp7J0gp/
WGH/Y3caBKDz0pTML6rFoX5l03mH5ir0SYY7xvzNL7WZvo3G7l/1TQseqQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJt3FAWFqRaDSQ3dvqMXSF5BvFVXMB8GA1UdIwQY
MBaAFLAqqWG0d9VCPYW31D8++iYybXCQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0NxcFliUjMxVUk5aGJmVVB6NzZKakp0Y0pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8wMTQ4NGMtNWYyOC00MmY1LWI5ZWEt
MDc4N2E1MDNjYTY5LzEvbTNjVUJZV3BGb05KRGQyLW94ZElYa0c4VlZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8wMTQ4NGMtNWYyOC00MmY1LWI5ZWEtMDc4N2E1MDNjYTY5
LzEvc0NxcFliUjMxVUk5aGJmVVB6NzZKakp0Y0pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQE1FfgAwQA
1Ff9MA0EAgACMAcDBQAqAQaYMA0GCSqGSIb3DQEBCwUAA4IBAQAk7P+tvoaG8GVP
0tcN6mFX5FA0LgIqupunltTLlOqI8oSizkLUSowqB94AB3roA9iuKOlg9jz/HHRp
poxUAw0i78l0Jgra+WlYrqvVNlEd3B/lnuVpNjVdfW1QZnX/RGcWX35AKIAIvMVE
0eUr0NPHfTkD+ffBb39pd/JQFi0sWQaZJqXPKLP8K2J8Zn0pAdCcfroHXaBsP8cv
pUntt3XaTO50nrMRYbFF3IkStOfmbuXb7NGtIKIg4zZXWw52RvkVV/z53IjvwTpo
U6DN0rmq+Dv75GfDIADs8pq29HI6IkQY1p4pomtWmWa1LtQBo+Cww7nwPM7aQuyj
ExeF6lgz
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:48:56 2025 by rpki-client