Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/fDEuib_mZ3qZfkE1az0EDj_NR3E.roa
File: fDEuib_mZ3qZfkE1az0EDj_NR3E.roa (raw, json)
Hash identifier: 73YMuFd+/YUrXpnrlnZ9kLlZaPNZZkHXycwBv8GSkpg=
Subject key identifier: 7C:31:2E:89:BF:E6:67:7A:99:7E:41:35:6B:3D:04:0E:3F:CD:47:71
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 019427472E7A006DC50D0AC662F632449F8C
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/fDEuib_mZ3qZfkE1az0EDj_NR3E.roa
Signing time: Thu 02 Jan 2025 13:49:23 +0000
ROA not before: Thu 02 Jan 2025 13:49:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207582
IP address blocks: 185.86.7.0/24 maxlen: 24
185.86.15.0/24 maxlen: 24
185.87.120.0/24 maxlen: 24
185.185.234.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.mft
rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 17:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:2e:7a:00:6d:c5:0d:0a:c6:62:f6:32:44:9f:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Jan 2 13:49:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7c312e89bfe6677a997e41356b3d040e3fcd4771
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:ea:cb:23:a1:92:25:24:4e:88:6b:d1:e5:b8:
e4:54:24:fd:1d:4a:6e:d4:1d:73:60:70:2d:0e:74:
2e:82:c0:d6:01:6e:6d:9b:a4:9d:93:fb:67:0a:bc:
c6:88:50:78:9f:d0:bc:88:8e:2a:65:2a:69:5d:5b:
3c:f4:70:60:a5:64:6a:5d:e6:7e:55:30:dc:97:1e:
3f:e5:ad:1c:25:e9:ba:88:a4:e2:de:59:2f:b0:92:
46:2d:23:39:3d:be:89:f7:81:d5:92:cc:2e:93:9d:
8a:f6:71:90:07:f6:ca:2a:dc:da:e4:db:c7:c2:39:
97:bf:66:cf:c0:97:d1:33:90:d8:fc:d3:81:40:a4:
6a:71:8f:68:c4:cf:02:07:c5:6d:84:ec:b6:fa:a6:
cf:f3:c3:4b:78:9d:01:c5:1f:d1:2e:42:6f:39:37:
0f:de:da:c5:aa:2e:08:48:2c:41:a5:23:b0:c7:37:
2a:29:a2:b5:b7:7c:2c:90:84:9c:0f:94:d4:35:12:
b1:00:9d:28:67:86:9b:04:76:8f:34:36:bc:8c:47:
7c:22:ed:78:bf:db:83:61:cf:da:e1:80:81:4a:36:
a3:28:e8:63:56:d1:97:2d:80:36:3a:7b:10:72:d6:
60:96:9c:ad:64:a3:ce:18:d5:9c:ab:66:55:6b:94:
5f:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:31:2E:89:BF:E6:67:7A:99:7E:41:35:6B:3D:04:0E:3F:CD:47:71
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/fDEuib_mZ3qZfkE1az0EDj_NR3E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.86.7.0/24
185.86.15.0/24
185.87.120.0/24
185.185.234.0/24
Signature Algorithm: sha256WithRSAEncryption
51:62:15:e5:0c:9e:66:71:18:94:d1:46:74:a4:7b:1c:a9:45:
ea:ce:64:39:9b:ba:60:fc:01:e5:98:60:9c:6a:db:4a:14:9d:
c0:3b:81:a4:2d:12:44:63:d6:53:76:d8:02:0f:f8:6c:ab:80:
24:57:25:0c:fd:51:27:2d:68:7b:61:8c:31:dd:ba:54:6a:3e:
3c:ac:f3:6b:51:f6:54:1d:3d:ad:b7:86:1f:96:2d:6e:cc:44:
83:82:44:b2:e5:9a:e1:28:17:eb:d7:10:51:95:e6:70:cb:a9:
fa:6d:f7:12:5f:a2:4b:9f:03:92:d1:9f:65:5f:a4:f3:1c:4e:
dc:16:90:14:34:1c:07:e6:05:25:d1:4b:7a:bc:7e:83:9e:53:
4a:80:45:9d:64:0e:f7:07:b0:d7:3e:6f:d2:ea:92:fe:cf:ae:
ba:1c:91:2b:cc:a0:d9:bc:f9:dd:85:07:20:2b:c1:17:a7:c9:
31:ab:38:39:75:bc:7c:38:9c:df:7a:12:22:cf:a5:cf:86:bf:
c7:cc:97:9c:02:0c:f5:63:80:b2:2d:56:a6:09:fa:2d:7c:a9:
76:fb:f8:3f:44:4f:9b:d5:48:aa:35:e8:d6:a0:f6:e6:6c:e8:
03:9a:0b:bd:df:11:88:64:bd:45:6f:65:b6:2f:57:8d:5a:bc:
ae:c4:5a:3d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQnRy56AG3FDQrGYvYyRJ+MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjUwMTAyMTM0OTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzMxMmU4OWJmZTY2NzdhOTk3ZTQxMzU2YjNkMDQwZTNmY2Q0NzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5urLI6GSJSROiGvR5bjkVCT9HUpu
1B1zYHAtDnQugsDWAW5tm6Sdk/tnCrzGiFB4n9C8iI4qZSppXVs89HBgpWRqXeZ+
VTDclx4/5a0cJem6iKTi3lkvsJJGLSM5Pb6J94HVkswuk52K9nGQB/bKKtza5NvH
wjmXv2bPwJfRM5DY/NOBQKRqcY9oxM8CB8VthOy2+qbP88NLeJ0BxR/RLkJvOTcP
3trFqi4ISCxBpSOwxzcqKaK1t3wskIScD5TUNRKxAJ0oZ4abBHaPNDa8jEd8Iu14
v9uDYc/a4YCBSjajKOhjVtGXLYA2OnsQctZglpytZKPOGNWcq2ZVa5RfNQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHwxLom/5md6mX5BNWs9BA4/zUdxMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvZkRFdWliX21aM3FaZmtFMWF6MEVEal9OUjNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAuVYHAwQA
uVYPAwQAuVd4AwQAubnqMA0GCSqGSIb3DQEBCwUAA4IBAQBRYhXlDJ5mcRiU0UZ0
pHscqUXqzmQ5m7pg/AHlmGCcattKFJ3AO4GkLRJEY9ZTdtgCD/hsq4AkVyUM/VEn
LWh7YYwx3bpUaj48rPNrUfZUHT2tt4Yfli1uzESDgkSy5ZrhKBfr1xBRleZwy6n6
bfcSX6JLnwOS0Z9lX6TzHE7cFpAUNBwH5gUl0Ut6vH6DnlNKgEWdZA73B7DXPm/S
6pL+z666HJErzKDZvPndhQcgK8EXp8kxqzg5dbx8OJzfehIiz6XPhr/HzJecAgz1
Y4CyLVamCfotfKl2+/g/RE+b1UiqNejWoPbmbOgDmgu93xGIZL1Fb2W2L1eNWryu
xFo9
-----END CERTIFICATE-----
Generated at Thu Apr 10 02:59:43 2025 by rpki-client