Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/d334ad-5240-4daa-a050-9f5bf736720e/1/7nwFZllPHib0qlQvTuec2CA4CFE.roa
File: 7nwFZllPHib0qlQvTuec2CA4CFE.roa (raw, json)
Hash identifier: 6iCLCKodfg6yz/qGnLZGO0jH9QdQIo9q7VMD+L1L/38=
Subject key identifier: EE:7C:05:66:59:4F:1E:26:F4:AA:54:2F:4E:E7:9C:D8:20:38:08:51
Certificate issuer: /CN=7bab6c11d41162db0306858f83e5e65121132a6b
Certificate serial: 019420D63B729BDAE0901C7F504CAEF3F43D
Authority key identifier: 7B:AB:6C:11:D4:11:62:DB:03:06:85:8F:83:E5:E6:51:21:13:2A:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e6tsEdQRYtsDBoWPg-XmUSETKms.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/d334ad-5240-4daa-a050-9f5bf736720e/1/7nwFZllPHib0qlQvTuec2CA4CFE.roa
Signing time: Wed 01 Jan 2025 07:48:18 +0000
ROA not before: Wed 01 Jan 2025 07:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 185.1.180.0/24 maxlen: 24
2001:7f8:fd::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/d334ad-5240-4daa-a050-9f5bf736720e/1/e6tsEdQRYtsDBoWPg-XmUSETKms.crl
rsync://rpki.ripe.net/repository/DEFAULT/39/d334ad-5240-4daa-a050-9f5bf736720e/1/e6tsEdQRYtsDBoWPg-XmUSETKms.mft
rsync://rpki.ripe.net/repository/DEFAULT/e6tsEdQRYtsDBoWPg-XmUSETKms.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 19:01:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:3b:72:9b:da:e0:90:1c:7f:50:4c:ae:f3:f4:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7bab6c11d41162db0306858f83e5e65121132a6b
Validity
Not Before: Jan 1 07:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ee7c0566594f1e26f4aa542f4ee79cd820380851
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:7e:a4:45:70:41:ca:3d:98:46:a5:00:8f:d1:
5c:e8:fc:f7:66:f8:1b:96:2e:8b:40:b9:be:7d:b6:
f9:be:6a:55:2f:df:e4:8a:9c:37:c3:de:5b:95:9a:
e4:76:6c:a1:ac:67:2c:9b:e2:3f:7e:77:40:c2:6c:
40:0e:a8:2e:0c:7a:87:2e:d8:e7:28:dd:93:78:bd:
de:9a:f9:25:0f:7a:87:15:d7:85:70:0b:2b:af:2a:
fc:18:eb:6a:14:b5:d3:73:7c:86:99:cc:f1:8d:29:
1d:a1:84:b2:16:7e:39:9c:11:94:06:3e:ca:73:bc:
53:a8:36:a9:3c:4e:6c:c4:59:fd:09:0b:b2:a4:8f:
ba:55:dd:cb:2d:b7:2c:20:55:a2:18:5f:81:07:19:
45:22:95:c8:6c:a8:6c:d3:fa:91:20:94:02:ea:f6:
70:cb:8e:1b:56:12:b6:6d:11:24:bc:d8:78:23:6c:
fd:70:36:8b:16:89:e1:2d:5a:7c:db:3a:5a:3a:62:
3e:96:50:25:14:11:b4:63:5f:37:9a:f4:e6:1e:95:
7a:4f:b9:da:f4:89:e6:4d:a2:66:97:b7:b0:c4:15:
67:b3:67:6d:64:6c:e5:a7:58:48:75:49:2e:51:75:
8b:93:6a:ed:af:b3:35:4e:13:1e:85:31:5b:fb:6b:
8d:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:7C:05:66:59:4F:1E:26:F4:AA:54:2F:4E:E7:9C:D8:20:38:08:51
X509v3 Authority Key Identifier:
keyid:7B:AB:6C:11:D4:11:62:DB:03:06:85:8F:83:E5:E6:51:21:13:2A:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6tsEdQRYtsDBoWPg-XmUSETKms.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/d334ad-5240-4daa-a050-9f5bf736720e/1/7nwFZllPHib0qlQvTuec2CA4CFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/d334ad-5240-4daa-a050-9f5bf736720e/1/e6tsEdQRYtsDBoWPg-XmUSETKms.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.180.0/24
IPv6:
2001:7f8:fd::/48
Signature Algorithm: sha256WithRSAEncryption
70:8a:46:35:6a:0b:b3:06:f2:a5:a5:52:ea:37:e6:c0:0c:ab:
f9:57:5e:0e:1e:ba:e8:cd:d9:a1:db:1e:f3:a9:1f:59:f1:6d:
b0:83:2d:1e:0a:9a:6c:d7:15:d3:a4:55:1d:05:2e:3b:99:22:
6e:ca:98:2b:72:f5:e3:92:58:ae:b1:c3:b3:e6:ae:88:c0:8d:
b5:c4:25:39:5f:2f:3d:95:8a:a8:d8:28:0f:d8:02:14:79:fa:
bf:fc:fc:11:30:c5:c9:6f:91:3a:ed:b9:82:57:56:35:3c:f8:
8e:f4:b2:cf:ca:8a:34:70:6a:a9:04:52:48:80:0b:d2:f1:da:
f8:98:1a:f2:94:87:c2:d0:03:c7:af:d0:1d:27:d0:d7:17:b8:
09:cb:3a:be:21:8a:58:58:6d:57:d4:b2:35:66:8d:2a:50:74:
d2:4c:e1:3b:6a:ff:02:7a:ce:0b:94:ed:61:4e:ee:bd:2e:46:
2e:ae:92:6f:29:4a:1c:cf:1a:45:ce:72:ae:15:4f:99:4c:6a:
27:37:68:7f:b7:41:28:e9:af:fb:3e:fe:1f:0c:36:7c:2e:29:
e1:82:2f:ea:90:19:76:bf:1f:e6:7b:e8:63:8b:88:2e:8e:ae:
54:7e:4e:98:b6:52:2c:01:d3:ca:10:66:97:f8:b5:b4:cf:85:
26:8b:5e:fa
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQg1jtym9rgkBx/UEyu8/Q9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiYWI2YzExZDQxMTYyZGIwMzA2ODU4ZjgzZTVlNjUxMjEx
MzJhNmIwHhcNMjUwMTAxMDc0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTdjMDU2NjU5NGYxZTI2ZjRhYTU0MmY0ZWU3OWNkODIwMzgwODUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsH6kRXBByj2YRqUAj9Fc6Pz3Zvgb
li6LQLm+fbb5vmpVL9/kipw3w95blZrkdmyhrGcsm+I/fndAwmxADqguDHqHLtjn
KN2TeL3emvklD3qHFdeFcAsrryr8GOtqFLXTc3yGmczxjSkdoYSyFn45nBGUBj7K
c7xTqDapPE5sxFn9CQuypI+6Vd3LLbcsIFWiGF+BBxlFIpXIbKhs0/qRIJQC6vZw
y44bVhK2bREkvNh4I2z9cDaLFonhLVp82zpaOmI+llAlFBG0Y183mvTmHpV6T7na
9InmTaJml7ewxBVns2dtZGzlp1hIdUkuUXWLk2rtr7M1ThMehTFb+2uNGQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFO58BWZZTx4m9KpUL07nnNggOAhRMB8GA1UdIwQY
MBaAFHurbBHUEWLbAwaFj4Pl5lEhEyprMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTZ0c0VkUVJZdHNEQm9XUGctWG1VU0VUS21zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS9kMzM0YWQtNTI0MC00ZGFhLWEwNTAt
OWY1YmY3MzY3MjBlLzEvN253RlpsbFBIaWIwcWxRdlR1ZWMyQ0E0Q0ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS9kMzM0YWQtNTI0MC00ZGFhLWEwNTAtOWY1YmY3MzY3MjBl
LzEvZTZ0c0VkUVJZdHNEQm9XUGctWG1VU0VUS21zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuQG0MA8E
AgACMAkDBwAgAQf4AP0wDQYJKoZIhvcNAQELBQADggEBAHCKRjVqC7MG8qWlUuo3
5sAMq/lXXg4euujN2aHbHvOpH1nxbbCDLR4KmmzXFdOkVR0FLjuZIm7KmCty9eOS
WK6xw7PmrojAjbXEJTlfLz2ViqjYKA/YAhR5+r/8/BEwxclvkTrtuYJXVjU8+I70
ss/KijRwaqkEUkiAC9Lx2viYGvKUh8LQA8ev0B0n0NcXuAnLOr4hilhYbVfUsjVm
jSpQdNJM4Ttq/wJ6zguU7WFO7r0uRi6ukm8pShzPGkXOcq4VT5lMaic3aH+3QSjp
r/s+/h8MNnwuKeGCL+qQGXa/H+Z76GOLiC6OrlR+Tpi2UiwB08oQZpf4tbTPhSaL
Xvo=
-----END CERTIFICATE-----
Generated at Sat Apr 12 03:18:05 2025 by rpki-client