Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/496885-709f-4bbb-9375-954d19549b61/1/ogdJ5zX5wTF7smlXdUUiP3O_2TY.roa
File: ogdJ5zX5wTF7smlXdUUiP3O_2TY.roa (raw, json)
Hash identifier: 0hvRawGMcRsHAlIFZoRJONgavYCSdSg9j7QPcw+vZig=
Subject key identifier: A2:07:49:E7:35:F9:C1:31:7B:B2:69:57:75:45:22:3F:73:BF:D9:36
Certificate issuer: /CN=fde8d1c6aaf4a93ff41bbfa1bd1dac6197d59575
Certificate serial: 01942068139E62A07760CE5BAB1984AA73A6
Authority key identifier: FD:E8:D1:C6:AA:F4:A9:3F:F4:1B:BF:A1:BD:1D:AC:61:97:D5:95:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_ejRxqr0qT_0G7-hvR2sYZfVlXU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/496885-709f-4bbb-9375-954d19549b61/1/ogdJ5zX5wTF7smlXdUUiP3O_2TY.roa
Signing time: Wed 01 Jan 2025 05:47:59 +0000
ROA not before: Wed 01 Jan 2025 05:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15866
IP address blocks: 94.232.192.0/21 maxlen: 21
185.45.88.0/22 maxlen: 22
217.171.240.0/20 maxlen: 20
2a00:1920::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/496885-709f-4bbb-9375-954d19549b61/1/_ejRxqr0qT_0G7-hvR2sYZfVlXU.crl
rsync://rpki.ripe.net/repository/DEFAULT/48/496885-709f-4bbb-9375-954d19549b61/1/_ejRxqr0qT_0G7-hvR2sYZfVlXU.mft
rsync://rpki.ripe.net/repository/DEFAULT/_ejRxqr0qT_0G7-hvR2sYZfVlXU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 14:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:13:9e:62:a0:77:60:ce:5b:ab:19:84:aa:73:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fde8d1c6aaf4a93ff41bbfa1bd1dac6197d59575
Validity
Not Before: Jan 1 05:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a20749e735f9c1317bb269577545223f73bfd936
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:bd:05:37:2c:fe:7e:c2:3d:e7:64:aa:72:7b:
37:30:6e:1d:7f:75:c8:7a:8c:a3:f3:21:1f:16:ef:
6f:d0:9c:d7:7e:b5:ef:a4:fb:e0:75:04:5e:e1:95:
4d:ee:eb:44:33:2b:70:4c:c7:7c:03:87:33:14:20:
10:3d:e5:0a:db:d0:8e:82:5c:78:58:8a:2d:ed:59:
c5:32:58:9f:05:da:ea:00:24:79:0f:a9:87:78:e3:
11:50:19:55:5e:bd:ec:4c:7f:b4:46:36:98:1f:04:
13:e2:c7:70:77:1e:8c:bd:55:0c:6d:a4:4b:ad:c4:
11:7c:f7:40:ec:8b:23:e6:f9:b3:03:93:6a:fb:54:
38:83:67:05:78:4b:c5:0e:8c:00:80:3c:aa:d2:9b:
56:af:fb:68:0d:01:fd:17:4e:60:78:c8:06:83:0b:
0e:73:f0:7c:56:ce:6e:9e:fc:c0:2a:3e:07:e5:10:
af:cc:52:f9:67:c1:e4:2d:46:a9:e5:39:5e:a6:8d:
7c:dd:4c:e2:a4:18:b2:33:8b:91:b6:d3:56:f9:15:
bc:ed:07:a8:f4:34:f9:6e:ad:e0:33:3e:44:f4:21:
94:29:6c:22:18:6b:d6:e7:98:b3:e0:25:59:e5:63:
d7:84:2c:43:75:0a:96:a2:59:85:c4:5d:76:96:00:
47:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:07:49:E7:35:F9:C1:31:7B:B2:69:57:75:45:22:3F:73:BF:D9:36
X509v3 Authority Key Identifier:
keyid:FD:E8:D1:C6:AA:F4:A9:3F:F4:1B:BF:A1:BD:1D:AC:61:97:D5:95:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_ejRxqr0qT_0G7-hvR2sYZfVlXU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/496885-709f-4bbb-9375-954d19549b61/1/ogdJ5zX5wTF7smlXdUUiP3O_2TY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/496885-709f-4bbb-9375-954d19549b61/1/_ejRxqr0qT_0G7-hvR2sYZfVlXU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.232.192.0/21
185.45.88.0/22
217.171.240.0/20
IPv6:
2a00:1920::/48
Signature Algorithm: sha256WithRSAEncryption
37:64:9a:59:71:ca:b8:db:87:db:e2:57:a9:29:2d:6b:7d:cb:
c0:bf:dc:29:a4:68:7f:17:7d:df:e1:e2:56:e5:2f:86:3c:d4:
0f:7e:48:39:72:a0:db:30:fa:a1:73:27:85:3f:b9:fb:9f:76:
6f:6a:53:d0:24:e2:fb:11:05:d2:13:9a:90:b5:3a:bc:45:a1:
00:67:ce:c3:32:fe:67:50:17:22:27:01:be:67:8a:7b:55:8a:
35:48:30:d2:00:7a:84:48:63:6c:f7:4a:4f:25:b2:90:8d:5d:
7f:eb:a4:e3:bb:0e:1c:20:11:cb:52:1e:ba:50:79:7d:8f:2e:
c0:58:96:2f:18:7e:44:1b:27:b2:32:99:13:e9:60:f5:28:3d:
97:bb:65:87:86:86:bc:6c:05:5b:80:57:04:74:2e:ce:9e:3f:
d0:63:d3:f4:cc:ed:ba:3f:a6:a4:5f:53:83:e7:d1:67:92:76:
c3:97:90:b4:a4:7e:1f:17:71:b5:00:04:f8:1b:02:86:9e:94:
bb:b4:fd:07:31:48:17:6e:e3:00:98:a5:3d:8d:32:ba:63:62:
83:af:70:a1:d3:41:7d:de:12:a0:61:9e:ab:64:11:c6:94:47:
20:8f:e4:1d:13:18:82:88:ad:d4:7f:0c:32:6f:ff:d4:e4:c7:
7c:52:e8:20
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZQgaBOeYqB3YM5bqxmEqnOmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkZThkMWM2YWFmNGE5M2ZmNDFiYmZhMWJkMWRhYzYxOTdk
NTk1NzUwHhcNMjUwMTAxMDU0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjA3NDllNzM1ZjljMTMxN2JiMjY5NTc3NTQ1MjIzZjczYmZkOTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5b0FNyz+fsI952Sqcns3MG4df3XI
eoyj8yEfFu9v0JzXfrXvpPvgdQRe4ZVN7utEMytwTMd8A4czFCAQPeUK29COglx4
WIot7VnFMlifBdrqACR5D6mHeOMRUBlVXr3sTH+0RjaYHwQT4sdwdx6MvVUMbaRL
rcQRfPdA7Isj5vmzA5Nq+1Q4g2cFeEvFDowAgDyq0ptWr/toDQH9F05geMgGgwsO
c/B8Vs5unvzAKj4H5RCvzFL5Z8HkLUap5Tlepo183UzipBiyM4uRttNW+RW87Qeo
9DT5bq3gMz5E9CGUKWwiGGvW55iz4CVZ5WPXhCxDdQqWolmFxF12lgBHnQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFKIHSec1+cExe7JpV3VFIj9zv9k2MB8GA1UdIwQY
MBaAFP3o0caq9Kk/9Bu/ob0drGGX1ZV1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2VqUnhxcjBxVF8wRzctaHZSMnNZWmZWbFhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC80OTY4ODUtNzA5Zi00YmJiLTkzNzUt
OTU0ZDE5NTQ5YjYxLzEvb2dkSjV6WDV3VEY3c21sWGRVVWlQM09fMlRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC80OTY4ODUtNzA5Zi00YmJiLTkzNzUtOTU0ZDE5NTQ5YjYx
LzEvX2VqUnhxcjBxVF8wRzctaHZSMnNZWmZWbFhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQDXujAAwQC
uS1YAwQE2avwMA8EAgACMAkDBwAqABkgAAAwDQYJKoZIhvcNAQELBQADggEBADdk
mllxyrjbh9viV6kpLWt9y8C/3CmkaH8Xfd/h4lblL4Y81A9+SDlyoNsw+qFzJ4U/
ufufdm9qU9Ak4vsRBdITmpC1OrxFoQBnzsMy/mdQFyInAb5nintVijVIMNIAeoRI
Y2z3Sk8lspCNXX/rpOO7DhwgEctSHrpQeX2PLsBYli8YfkQbJ7IymRPpYPUoPZe7
ZYeGhrxsBVuAVwR0Ls6eP9Bj0/TM7bo/pqRfU4Pn0WeSdsOXkLSkfh8XcbUABPgb
AoaelLu0/QcxSBdu4wCYpT2NMrpjYoOvcKHTQX3eEqBhnqtkEcaURyCP5B0TGIKI
rdR/DDJv/9Tkx3xS6CA=
-----END CERTIFICATE-----
Generated at Tue Apr 22 16:39:28 2025 by rpki-client