Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/fc481a-ab01-4f82-9e6e-eb02f3d3f40c/1/L587eFkH5wYc14IkuF8E7of-x9o.roa
File: L587eFkH5wYc14IkuF8E7of-x9o.roa (raw, json)
Hash identifier: qZjZeJL5jZ5Dikm84ADOgn1QShjJOm5n3wbg8yoD9PY=
Subject key identifier: 2F:9F:3B:78:59:07:E7:06:1C:D7:82:24:B8:5F:04:EE:87:FE:C7:DA
Certificate issuer: /CN=4d16240897b01305681c9425fe523f58fab27415
Certificate serial: 019423D6A5D59F0A8524B04F362DE835A47E
Authority key identifier: 4D:16:24:08:97:B0:13:05:68:1C:94:25:FE:52:3F:58:FA:B2:74:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TRYkCJewEwVoHJQl_lI_WPqydBU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/fc481a-ab01-4f82-9e6e-eb02f3d3f40c/1/L587eFkH5wYc14IkuF8E7of-x9o.roa
Signing time: Wed 01 Jan 2025 21:47:37 +0000
ROA not before: Wed 01 Jan 2025 21:47:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20963
IP address blocks: 46.227.112.0/21 maxlen: 21
80.77.128.0/20 maxlen: 20
81.25.176.0/20 maxlen: 20
185.88.228.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/fc481a-ab01-4f82-9e6e-eb02f3d3f40c/1/TRYkCJewEwVoHJQl_lI_WPqydBU.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/fc481a-ab01-4f82-9e6e-eb02f3d3f40c/1/TRYkCJewEwVoHJQl_lI_WPqydBU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TRYkCJewEwVoHJQl_lI_WPqydBU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:a5:d5:9f:0a:85:24:b0:4f:36:2d:e8:35:a4:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d16240897b01305681c9425fe523f58fab27415
Validity
Not Before: Jan 1 21:47:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2f9f3b785907e7061cd78224b85f04ee87fec7da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:3b:07:fb:c7:52:54:67:56:5f:6b:5a:38:73:
59:95:19:62:d4:e9:d9:f5:6b:87:12:6c:50:b6:4d:
b0:26:79:9f:10:ef:fd:21:f7:70:25:17:94:b1:b1:
5f:d8:41:e0:49:02:7f:d3:f4:f2:d2:d3:78:77:33:
90:d4:2c:8e:9a:6e:1d:b2:e3:d3:70:d4:25:c6:a3:
a6:b1:0c:cd:fc:fe:04:f4:b0:68:6b:35:3d:6d:90:
0f:9b:d2:a9:95:7d:b9:48:1f:19:a1:f8:41:b9:e3:
95:d4:fe:de:3e:e0:40:a4:5f:36:b5:66:cf:3a:06:
d0:45:64:5b:9b:18:7d:19:a3:04:43:39:26:cc:05:
3e:d7:88:26:7e:55:04:e2:29:20:bf:0c:53:3f:4f:
95:7b:06:55:36:3c:76:40:73:d5:ce:2a:66:3d:56:
18:81:10:17:e0:66:59:cc:fa:b1:22:d6:bc:3e:11:
95:b0:e7:82:9b:41:5a:0c:e3:cb:19:84:e6:59:36:
fa:9a:84:83:7c:fa:e1:ad:2c:a9:67:d4:d0:41:d1:
7c:58:8a:ee:2e:3f:64:3f:50:a4:78:2b:42:f0:3d:
51:20:0f:a9:5f:90:89:3e:22:d3:19:fe:03:78:23:
51:7e:42:07:de:d5:eb:85:e6:6e:e5:61:94:54:16:
af:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:9F:3B:78:59:07:E7:06:1C:D7:82:24:B8:5F:04:EE:87:FE:C7:DA
X509v3 Authority Key Identifier:
keyid:4D:16:24:08:97:B0:13:05:68:1C:94:25:FE:52:3F:58:FA:B2:74:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TRYkCJewEwVoHJQl_lI_WPqydBU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/fc481a-ab01-4f82-9e6e-eb02f3d3f40c/1/L587eFkH5wYc14IkuF8E7of-x9o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/fc481a-ab01-4f82-9e6e-eb02f3d3f40c/1/TRYkCJewEwVoHJQl_lI_WPqydBU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.112.0/21
80.77.128.0/20
81.25.176.0/20
185.88.228.0/22
Signature Algorithm: sha256WithRSAEncryption
55:9b:3c:d7:e6:26:3f:37:56:33:b2:4a:aa:67:28:ca:59:bd:
cf:0c:99:5e:55:82:77:81:e7:da:cd:86:e3:64:b6:35:4d:65:
fd:88:c4:ab:f7:e4:92:d5:d7:23:27:2f:dd:4e:c9:a4:96:1b:
8d:54:b1:64:68:3b:b2:84:66:d2:09:e3:86:29:5c:98:77:ef:
d4:1f:8b:f5:be:86:a0:b3:da:69:e1:9b:9b:c2:17:40:74:ad:
24:3d:2a:15:be:9a:8a:0f:e1:97:0e:05:c4:da:4a:c8:77:d3:
d8:d4:a1:ad:e6:1f:b5:38:45:d1:0f:6a:f7:3a:42:0d:8c:31:
71:ac:3e:74:d2:47:60:1a:2e:2c:62:1a:f9:47:4c:c9:ec:b9:
84:b7:b7:a6:14:bd:0d:5a:34:ab:97:35:39:81:9e:53:ef:d4:
eb:d5:01:5c:0d:2c:0b:19:be:84:f2:81:0d:95:23:a3:a6:06:
3b:de:0c:fe:ca:31:4b:c1:17:4e:b3:63:97:c5:68:eb:51:b3:
b1:58:88:37:22:1f:bc:65:a1:6b:ec:1f:ac:51:c4:c0:01:99:
63:ef:3c:2b:ac:31:d6:53:88:3c:51:bd:a9:14:78:c5:c9:8a:
8d:a5:21:57:f8:8c:a6:0c:4c:38:31:76:ca:fd:6c:37:30:ab:
5c:f5:79:44
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQj1qXVnwqFJLBPNi3oNaR+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMTYyNDA4OTdiMDEzMDU2ODFjOTQyNWZlNTIzZjU4ZmFi
Mjc0MTUwHhcNMjUwMTAxMjE0NzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjlmM2I3ODU5MDdlNzA2MWNkNzgyMjRiODVmMDRlZTg3ZmVjN2RhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwDsH+8dSVGdWX2taOHNZlRli1OnZ
9WuHEmxQtk2wJnmfEO/9IfdwJReUsbFf2EHgSQJ/0/Ty0tN4dzOQ1CyOmm4dsuPT
cNQlxqOmsQzN/P4E9LBoazU9bZAPm9KplX25SB8ZofhBueOV1P7ePuBApF82tWbP
OgbQRWRbmxh9GaMEQzkmzAU+14gmflUE4ikgvwxTP0+VewZVNjx2QHPVzipmPVYY
gRAX4GZZzPqxIta8PhGVsOeCm0FaDOPLGYTmWTb6moSDfPrhrSypZ9TQQdF8WIru
Lj9kP1CkeCtC8D1RIA+pX5CJPiLTGf4DeCNRfkIH3tXrheZu5WGUVBavFQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFC+fO3hZB+cGHNeCJLhfBO6H/sfaMB8GA1UdIwQY
MBaAFE0WJAiXsBMFaByUJf5SP1j6snQVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFJZa0NKZXdFd1ZvSEpRbF9sSV9XUHF5ZEJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9mYzQ4MWEtYWIwMS00ZjgyLTllNmUt
ZWIwMmYzZDNmNDBjLzEvTDU4N2VGa0g1d1ljMTRJa3VGOEU3b2YteDlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9mYzQ4MWEtYWIwMS00ZjgyLTllNmUtZWIwMmYzZDNmNDBj
LzEvVFJZa0NKZXdFd1ZvSEpRbF9sSV9XUHF5ZEJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDLuNwAwQE
UE2AAwQEURmwAwQCuVjkMA0GCSqGSIb3DQEBCwUAA4IBAQBVmzzX5iY/N1Yzskqq
ZyjKWb3PDJleVYJ3gefazYbjZLY1TWX9iMSr9+SS1dcjJy/dTsmklhuNVLFkaDuy
hGbSCeOGKVyYd+/UH4v1voags9pp4ZubwhdAdK0kPSoVvpqKD+GXDgXE2krId9PY
1KGt5h+1OEXRD2r3OkINjDFxrD500kdgGi4sYhr5R0zJ7LmEt7emFL0NWjSrlzU5
gZ5T79Tr1QFcDSwLGb6E8oENlSOjpgY73gz+yjFLwRdOs2OXxWjrUbOxWIg3Ih+8
ZaFr7B+sUcTAAZlj7zwrrDHWU4g8Ub2pFHjFyYqNpSFX+IymDEw4MXbK/Ww3MKtc
9XlE
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:08:27 2025 by rpki-client