Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/6207e8-eeb5-4334-8dfe-63799c026a57/1/EPpzGnxJ9r252oa5CpCAjLjJAgw.roa
File: EPpzGnxJ9r252oa5CpCAjLjJAgw.roa (raw, json)
Hash identifier: 9S/swt0ExX/3EIBGsHjHQcT/9v/asJqd/AUXI6MuTis=
Subject key identifier: 10:FA:73:1A:7C:49:F6:BD:B9:DA:86:B9:0A:90:80:8C:B8:C9:02:0C
Certificate issuer: /CN=51476318d71bf658f9a845f54ab27bd899892437
Certificate serial: 01942369FD8AFC8C83B53A4FA095C8F6B877
Authority key identifier: 51:47:63:18:D7:1B:F6:58:F9:A8:45:F5:4A:B2:7B:D8:99:89:24:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UUdjGNcb9lj5qEX1SrJ72JmJJDc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/6207e8-eeb5-4334-8dfe-63799c026a57/1/EPpzGnxJ9r252oa5CpCAjLjJAgw.roa
Signing time: Wed 01 Jan 2025 19:48:56 +0000
ROA not before: Wed 01 Jan 2025 19:48:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197380
IP address blocks: 91.220.128.0/24 maxlen: 24
185.127.112.0/24 maxlen: 24
185.127.113.0/24 maxlen: 24
185.127.114.0/24 maxlen: 24
185.127.115.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3f/6207e8-eeb5-4334-8dfe-63799c026a57/1/UUdjGNcb9lj5qEX1SrJ72JmJJDc.crl
rsync://rpki.ripe.net/repository/DEFAULT/3f/6207e8-eeb5-4334-8dfe-63799c026a57/1/UUdjGNcb9lj5qEX1SrJ72JmJJDc.mft
rsync://rpki.ripe.net/repository/DEFAULT/UUdjGNcb9lj5qEX1SrJ72JmJJDc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:fd:8a:fc:8c:83:b5:3a:4f:a0:95:c8:f6:b8:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=51476318d71bf658f9a845f54ab27bd899892437
Validity
Not Before: Jan 1 19:48:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=10fa731a7c49f6bdb9da86b90a90808cb8c9020c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:dc:97:e4:42:3e:4c:9d:81:ad:d3:5e:3e:85:
89:d2:8a:da:c1:9d:c5:d7:7c:4a:17:cf:50:e4:52:
8c:82:1a:ce:e5:a4:39:08:b9:08:76:bc:cb:45:7b:
8a:3b:e0:9b:ed:d7:62:ce:c8:78:a0:3e:55:94:ec:
7f:8c:5f:2e:85:4a:43:64:01:93:8e:5c:49:a0:a9:
86:48:da:fc:c8:28:eb:3e:a6:0d:53:a7:cb:e1:9e:
0a:0c:18:8d:d9:57:6f:6f:56:94:62:c0:67:c0:1a:
19:c0:4c:ad:98:1c:a5:29:1e:39:1f:42:96:e9:b0:
65:66:d1:36:8c:4b:31:26:32:fe:04:42:5a:1d:e0:
e7:5f:d3:cd:93:69:42:c1:40:6f:61:2c:3d:98:24:
67:cf:b1:d3:83:01:a3:4c:52:41:d8:87:2a:c2:c5:
50:59:a3:f8:66:9f:73:bb:1a:39:0f:61:18:f2:1e:
b1:ba:e2:1c:05:75:c2:74:22:59:23:51:1c:dd:d3:
f1:3a:7a:68:e0:ae:74:2e:2f:b1:45:4a:b5:10:35:
64:e1:a7:3b:82:03:72:6f:cd:41:81:c9:24:30:5d:
31:a8:35:ca:cd:44:94:75:95:b5:0c:0d:1f:66:ad:
7f:90:ec:63:06:e8:d4:d1:a9:14:bb:29:fd:7a:24:
d2:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:FA:73:1A:7C:49:F6:BD:B9:DA:86:B9:0A:90:80:8C:B8:C9:02:0C
X509v3 Authority Key Identifier:
keyid:51:47:63:18:D7:1B:F6:58:F9:A8:45:F5:4A:B2:7B:D8:99:89:24:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UUdjGNcb9lj5qEX1SrJ72JmJJDc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/6207e8-eeb5-4334-8dfe-63799c026a57/1/EPpzGnxJ9r252oa5CpCAjLjJAgw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/6207e8-eeb5-4334-8dfe-63799c026a57/1/UUdjGNcb9lj5qEX1SrJ72JmJJDc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.128.0/24
185.127.112.0/22
Signature Algorithm: sha256WithRSAEncryption
24:13:01:aa:ea:64:8e:5d:d5:a2:20:6a:16:40:bf:e6:eb:2b:
59:ee:4e:44:81:d8:d9:9a:48:45:75:52:c7:c3:d8:15:7f:7b:
3a:22:e5:3a:aa:28:d9:20:42:5b:08:f5:4c:aa:7a:bc:b8:87:
de:84:eb:84:67:d1:76:41:27:3a:5e:ea:44:d7:7c:69:32:9e:
c1:3b:12:fe:8d:df:37:81:53:a0:a7:87:96:94:a8:e0:a5:25:
cc:0e:79:02:4e:a1:a1:90:5c:0c:be:ea:33:d9:96:06:c5:71:
46:0e:d9:95:a5:54:07:58:a7:4c:61:4e:5c:6d:e8:ad:4e:99:
a3:51:30:00:11:e5:c8:79:3b:bf:92:97:1d:7b:b7:89:75:d3:
4e:33:d0:4c:00:07:2e:8f:00:c3:22:ff:9f:4e:4e:4c:02:68:
bc:5e:06:bd:19:ff:3b:23:e3:5a:8a:06:89:07:db:96:10:c6:
e3:f5:c6:7d:92:41:5c:ee:c0:16:62:a7:6c:14:9c:59:05:89:
5c:a1:ee:6e:c0:e4:0a:0e:f9:20:45:54:a9:f7:e5:88:44:90:
6c:30:b0:77:dc:b2:4d:5d:32:12:ec:32:57:be:29:98:1b:43:
3b:59:ad:01:34:c9:25:b2:1d:67:73:e0:39:33:1e:7d:0c:8f:
f4:f7:01:52
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQjaf2K/IyDtTpPoJXI9rh3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxNDc2MzE4ZDcxYmY2NThmOWE4NDVmNTRhYjI3YmQ4OTk4
OTI0MzcwHhcNMjUwMTAxMTk0ODU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGZhNzMxYTdjNDlmNmJkYjlkYTg2YjkwYTkwODA4Y2I4YzkwMjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0NyX5EI+TJ2BrdNePoWJ0orawZ3F
13xKF89Q5FKMghrO5aQ5CLkIdrzLRXuKO+Cb7ddizsh4oD5VlOx/jF8uhUpDZAGT
jlxJoKmGSNr8yCjrPqYNU6fL4Z4KDBiN2Vdvb1aUYsBnwBoZwEytmBylKR45H0KW
6bBlZtE2jEsxJjL+BEJaHeDnX9PNk2lCwUBvYSw9mCRnz7HTgwGjTFJB2IcqwsVQ
WaP4Zp9zuxo5D2EY8h6xuuIcBXXCdCJZI1Ec3dPxOnpo4K50Li+xRUq1EDVk4ac7
ggNyb81BgckkMF0xqDXKzUSUdZW1DA0fZq1/kOxjBujU0akUuyn9eiTSnQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBD6cxp8Sfa9udqGuQqQgIy4yQIMMB8GA1UdIwQY
MBaAFFFHYxjXG/ZY+ahF9Uqye9iZiSQ3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVVkakdOY2I5bGo1cUVYMVNySjcySm1KSkRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi82MjA3ZTgtZWViNS00MzM0LThkZmUt
NjM3OTljMDI2YTU3LzEvRVBwekdueEo5cjI1Mm9hNUNwQ0FqTGpKQWd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi82MjA3ZTgtZWViNS00MzM0LThkZmUtNjM3OTljMDI2YTU3
LzEvVVVkakdOY2I5bGo1cUVYMVNySjcySm1KSkRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9yAAwQC
uX9wMA0GCSqGSIb3DQEBCwUAA4IBAQAkEwGq6mSOXdWiIGoWQL/m6ytZ7k5EgdjZ
mkhFdVLHw9gVf3s6IuU6qijZIEJbCPVMqnq8uIfehOuEZ9F2QSc6XupE13xpMp7B
OxL+jd83gVOgp4eWlKjgpSXMDnkCTqGhkFwMvuoz2ZYGxXFGDtmVpVQHWKdMYU5c
beitTpmjUTAAEeXIeTu/kpcde7eJddNOM9BMAAcujwDDIv+fTk5MAmi8Xga9Gf87
I+NaigaJB9uWEMbj9cZ9kkFc7sAWYqdsFJxZBYlcoe5uwOQKDvkgRVSp9+WIRJBs
MLB33LJNXTIS7DJXvimYG0M7Wa0BNMklsh1nc+A5Mx59DI/09wFS
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:51:12 2025 by rpki-client