Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/I1EoUAseUd3MHO-sI_txqICBiwc.roa
File: I1EoUAseUd3MHO-sI_txqICBiwc.roa (raw, json)
Hash identifier: khM+HdjIw9WozXCqEk/wtCOtMrpNfxWXErjSXn8BT5M=
Subject key identifier: 23:51:28:50:0B:1E:51:DD:CC:1C:EF:AC:23:FB:71:A8:80:81:8B:07
Certificate issuer: /CN=458d12f095053c35876b88b47685d6435421fcf2
Certificate serial: 01942747373CD224B1E74B21C22A33815CC3
Authority key identifier: 45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/I1EoUAseUd3MHO-sI_txqICBiwc.roa
Signing time: Thu 02 Jan 2025 13:49:26 +0000
ROA not before: Thu 02 Jan 2025 13:49:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200220
IP address blocks: 78.138.9.0/24 maxlen: 24
79.132.135.0/24 maxlen: 24
185.178.231.0/24 maxlen: 24
2a0b:7140:9::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.mft
rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:37:3c:d2:24:b1:e7:4b:21:c2:2a:33:81:5c:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=458d12f095053c35876b88b47685d6435421fcf2
Validity
Not Before: Jan 2 13:49:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=235128500b1e51ddcc1cefac23fb71a880818b07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:d8:53:c2:bb:14:20:d1:c9:c9:32:aa:a9:c1:
f5:7e:d2:dd:2d:0d:74:05:d8:fc:eb:dd:12:e4:5d:
3e:59:15:16:e0:aa:9d:f3:70:3c:06:8b:e2:b1:0d:
80:a2:e1:9a:07:dc:02:6a:4b:16:3b:61:31:eb:9b:
69:cb:47:19:5b:55:57:39:4b:7d:dd:6b:b7:ee:1b:
b6:c2:12:33:91:0f:13:2c:f5:63:12:07:c6:3c:5a:
43:45:3f:2c:0f:4f:a4:a4:d7:8e:38:c3:d8:c7:f8:
dc:75:49:24:1d:35:49:6e:05:9c:7a:4e:c5:c8:0a:
8e:95:a9:15:2f:93:26:37:65:6b:98:66:e5:e6:9f:
6c:29:0e:6f:33:d2:18:62:aa:9a:88:1f:5b:45:92:
2d:fe:4a:56:9b:20:45:e6:5b:85:4d:3f:83:e4:4f:
50:b9:0d:0d:06:f2:f2:9b:ad:9e:38:3b:f1:e1:21:
82:e5:c4:e9:ef:60:be:1b:40:82:72:ed:4e:2d:ea:
12:b4:34:41:80:a5:f3:3c:cb:0d:61:38:10:a4:24:
8c:18:8e:c1:bf:13:9f:14:1e:8f:bb:bc:90:ce:d5:
5b:de:db:d7:69:fa:78:71:8e:b1:07:88:6b:45:81:
d7:82:27:c3:f2:d2:11:28:41:77:06:f0:41:42:ab:
26:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:51:28:50:0B:1E:51:DD:CC:1C:EF:AC:23:FB:71:A8:80:81:8B:07
X509v3 Authority Key Identifier:
keyid:45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/I1EoUAseUd3MHO-sI_txqICBiwc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.138.9.0/24
79.132.135.0/24
185.178.231.0/24
IPv6:
2a0b:7140:9::/48
Signature Algorithm: sha256WithRSAEncryption
8c:c6:9d:36:af:38:bb:c5:16:a7:95:54:70:31:81:1f:b0:30:
90:2b:0a:44:25:e2:66:16:87:b0:13:68:1c:fa:f7:8c:3d:48:
06:76:85:38:ed:51:73:2a:5e:3d:b4:41:da:20:44:13:97:bc:
9a:35:2a:ca:a9:af:bb:1e:e2:48:ee:e6:12:06:da:8d:f3:9b:
df:a9:83:20:9b:21:ec:8e:31:26:11:c8:4f:ce:7a:18:5f:8d:
18:91:f6:b6:c5:66:56:8a:af:ab:12:b4:ad:e7:b4:9d:5a:3d:
f2:28:ae:f3:b6:00:43:0a:40:47:28:94:fb:1d:e8:18:cb:53:
bf:64:44:ad:83:bd:cd:2e:eb:1f:c1:5e:76:85:93:66:67:1b:
b9:2e:92:47:a5:99:f4:34:f1:0a:4b:74:91:38:e7:6e:d2:01:
7a:45:73:ac:9c:be:f0:85:70:37:d6:ec:1f:90:be:47:92:47:
29:57:7c:73:44:c0:42:19:7a:3a:1e:c1:8d:ac:5b:f5:3f:e2:
d5:5b:18:22:79:ee:8c:06:42:44:3e:23:3d:0d:17:f5:6b:b4:
31:6c:94:fd:1d:8c:ec:3a:e4:a0:da:b0:38:22:fe:b8:2f:8a:
76:45:8a:b1:ba:fd:47:c4:e9:77:4e:71:09:9b:87:ad:a4:bd:
1e:53:63:24
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZQnRzc80iSx50shwiozgVzDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1OGQxMmYwOTUwNTNjMzU4NzZiODhiNDc2ODVkNjQzNTQy
MWZjZjIwHhcNMjUwMTAyMTM0OTI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzUxMjg1MDBiMWU1MWRkY2MxY2VmYWMyM2ZiNzFhODgwODE4YjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkNhTwrsUINHJyTKqqcH1ftLdLQ10
Bdj8690S5F0+WRUW4Kqd83A8BovisQ2AouGaB9wCaksWO2Ex65tpy0cZW1VXOUt9
3Wu37hu2whIzkQ8TLPVjEgfGPFpDRT8sD0+kpNeOOMPYx/jcdUkkHTVJbgWcek7F
yAqOlakVL5MmN2VrmGbl5p9sKQ5vM9IYYqqaiB9bRZIt/kpWmyBF5luFTT+D5E9Q
uQ0NBvLym62eODvx4SGC5cTp72C+G0CCcu1OLeoStDRBgKXzPMsNYTgQpCSMGI7B
vxOfFB6Pu7yQztVb3tvXafp4cY6xB4hrRYHXgifD8tIRKEF3BvBBQqsmIwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFCNRKFALHlHdzBzvrCP7caiAgYsHMB8GA1UdIwQY
MBaAFEWNEvCVBTw1h2uItHaF1kNUIfzyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTkt
Mzk1NTk1OWVhZjgxLzEvSTFFb1VBc2VVZDNNSE8tc0lfdHhxSUNCaXdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTktMzk1NTk1OWVhZjgx
LzEvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQATooJAwQA
T4SHAwQAubLnMA8EAgACMAkDBwAqC3FAAAkwDQYJKoZIhvcNAQELBQADggEBAIzG
nTavOLvFFqeVVHAxgR+wMJArCkQl4mYWh7ATaBz694w9SAZ2hTjtUXMqXj20Qdog
RBOXvJo1Ksqpr7se4kju5hIG2o3zm9+pgyCbIeyOMSYRyE/OehhfjRiR9rbFZlaK
r6sStK3ntJ1aPfIorvO2AEMKQEcolPsd6BjLU79kRK2Dvc0u6x/BXnaFk2ZnG7ku
kkelmfQ08QpLdJE4527SAXpFc6ycvvCFcDfW7B+QvkeSRylXfHNEwEIZejoewY2s
W/U/4tVbGCJ57owGQkQ+Iz0NF/VrtDFslP0djOw65KDasDgi/rgvinZFirG6/UfE
6XdOcQmbh62kvR5TYyQ=
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:58:37 2025 by rpki-client