Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/768fdb-d1b5-4bef-bcbd-4924fa000b7c/1/_-FUjYz5pLdhL7MicJJ-uRt5LKI.roa
File: _-FUjYz5pLdhL7MicJJ-uRt5LKI.roa (raw, json)
Hash identifier: FdRIrcXaoKNyd2lS+olFcjF6MT37TxwlG2cpQ0ijFig=
Subject key identifier: FF:E1:54:8D:8C:F9:A4:B7:61:2F:B3:22:70:92:7E:B9:1B:79:2C:A2
Certificate issuer: /CN=a63bcc6d25f7476fbb3ec33f6dbc3e9eead92212
Certificate serial: 01942220194366E8DD36933A775E6D8C354D
Authority key identifier: A6:3B:CC:6D:25:F7:47:6F:BB:3E:C3:3F:6D:BC:3E:9E:EA:D9:22:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pjvMbSX3R2-7PsM_bbw-nurZIhI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/768fdb-d1b5-4bef-bcbd-4924fa000b7c/1/_-FUjYz5pLdhL7MicJJ-uRt5LKI.roa
Signing time: Wed 01 Jan 2025 13:48:36 +0000
ROA not before: Wed 01 Jan 2025 13:48:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215524
IP address blocks: 212.24.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/768fdb-d1b5-4bef-bcbd-4924fa000b7c/1/pjvMbSX3R2-7PsM_bbw-nurZIhI.crl
rsync://rpki.ripe.net/repository/DEFAULT/4a/768fdb-d1b5-4bef-bcbd-4924fa000b7c/1/pjvMbSX3R2-7PsM_bbw-nurZIhI.mft
rsync://rpki.ripe.net/repository/DEFAULT/pjvMbSX3R2-7PsM_bbw-nurZIhI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 22:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:19:43:66:e8:dd:36:93:3a:77:5e:6d:8c:35:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a63bcc6d25f7476fbb3ec33f6dbc3e9eead92212
Validity
Not Before: Jan 1 13:48:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ffe1548d8cf9a4b7612fb32270927eb91b792ca2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:47:43:6a:e6:8e:04:06:81:3e:53:2f:01:9f:
34:74:9d:9d:d0:3b:b8:d3:59:b4:90:82:ae:f1:aa:
ad:d4:83:66:7f:50:0e:57:2b:b4:80:1b:6a:a4:0c:
17:1f:ac:c2:6d:4a:b6:41:10:d6:b5:c5:dc:89:8a:
60:fb:cd:45:c5:07:ea:d4:aa:19:80:ab:3f:83:47:
32:4c:d9:aa:9a:94:9a:97:2a:e7:c7:64:14:46:24:
ad:99:bd:f0:89:92:35:28:9b:00:b2:bd:55:9d:b0:
37:ad:82:94:18:06:7c:89:60:51:da:c5:51:78:bc:
1f:96:cc:88:bf:5d:89:c3:72:8e:a5:c8:76:5c:7a:
1e:0b:b0:bb:d1:4f:d1:db:eb:6d:0d:95:63:79:2a:
c2:39:f5:c5:6c:ee:05:92:4d:5e:b5:47:6f:dd:95:
f8:60:c6:16:3a:79:e4:b5:f7:81:f5:e6:d6:b0:dc:
2c:8c:95:65:22:51:6f:49:de:00:f2:77:71:2e:23:
2c:d6:69:83:14:5c:25:ad:04:17:af:63:bb:8d:20:
d0:2d:9c:50:49:59:90:c6:43:25:1b:aa:15:36:ed:
c1:03:68:fc:9c:60:3b:19:e5:1c:c4:3f:26:a8:e1:
8f:c1:d3:6c:52:f0:d7:79:88:9c:e3:fb:03:66:21:
f2:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:E1:54:8D:8C:F9:A4:B7:61:2F:B3:22:70:92:7E:B9:1B:79:2C:A2
X509v3 Authority Key Identifier:
keyid:A6:3B:CC:6D:25:F7:47:6F:BB:3E:C3:3F:6D:BC:3E:9E:EA:D9:22:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pjvMbSX3R2-7PsM_bbw-nurZIhI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/768fdb-d1b5-4bef-bcbd-4924fa000b7c/1/_-FUjYz5pLdhL7MicJJ-uRt5LKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/768fdb-d1b5-4bef-bcbd-4924fa000b7c/1/pjvMbSX3R2-7PsM_bbw-nurZIhI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.24.240.0/24
Signature Algorithm: sha256WithRSAEncryption
28:41:39:1e:92:6e:81:f4:46:11:0f:43:26:19:36:df:f0:0c:
9d:5e:f1:7f:f1:ed:51:67:0d:35:45:c9:87:af:b8:64:21:9c:
ed:a1:36:a0:94:0c:90:a9:f3:d5:9b:28:7e:6f:ab:f4:d0:76:
6b:7f:83:76:0f:59:3a:b4:ba:37:84:6d:0e:97:dd:50:3b:59:
52:e5:5e:ac:02:52:9a:8f:c3:26:3c:46:5a:bd:59:d9:92:75:
e2:90:d9:5b:91:e5:f3:70:12:42:b0:18:08:57:52:df:82:2a:
25:25:26:93:df:f5:0c:00:58:cb:d7:07:b8:cb:81:a9:e2:84:
d1:e3:f3:21:47:0c:ba:54:e2:ad:56:ac:8a:16:fb:96:58:8c:
bf:21:a8:c7:7d:31:60:57:df:c9:b7:73:cc:df:f4:24:1b:cb:
fb:e5:2c:45:2b:3b:b6:29:61:01:c7:de:7d:9e:e2:8f:36:dd:
3d:69:9a:03:67:e7:db:62:de:02:0a:ca:11:fc:55:a2:43:9f:
de:e4:0c:9f:bd:14:a2:f3:b4:db:3b:bc:11:a1:a7:34:33:97:
6c:7e:4c:fa:1a:dc:fa:e5:df:df:9c:44:61:5b:7b:cb:75:bb:
03:4d:8b:f0:f6:c0:08:10:50:b7:9b:2d:8f:dd:83:49:2c:6c:
82:c9:ac:92
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiIBlDZujdNpM6d15tjDVNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2M2JjYzZkMjVmNzQ3NmZiYjNlYzMzZjZkYmMzZTllZWFk
OTIyMTIwHhcNMjUwMTAxMTM0ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmUxNTQ4ZDhjZjlhNGI3NjEyZmIzMjI3MDkyN2ViOTFiNzkyY2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvEdDauaOBAaBPlMvAZ80dJ2d0Du4
01m0kIKu8aqt1INmf1AOVyu0gBtqpAwXH6zCbUq2QRDWtcXciYpg+81FxQfq1KoZ
gKs/g0cyTNmqmpSalyrnx2QURiStmb3wiZI1KJsAsr1VnbA3rYKUGAZ8iWBR2sVR
eLwflsyIv12Jw3KOpch2XHoeC7C70U/R2+ttDZVjeSrCOfXFbO4Fkk1etUdv3ZX4
YMYWOnnktfeB9ebWsNwsjJVlIlFvSd4A8ndxLiMs1mmDFFwlrQQXr2O7jSDQLZxQ
SVmQxkMlG6oVNu3BA2j8nGA7GeUcxD8mqOGPwdNsUvDXeYic4/sDZiHyIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP/hVI2M+aS3YS+zInCSfrkbeSyiMB8GA1UdIwQY
MBaAFKY7zG0l90dvuz7DP228Pp7q2SISMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGp2TWJTWDNSMi03UHNNX2Jidy1udXJaSWhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS83NjhmZGItZDFiNS00YmVmLWJjYmQt
NDkyNGZhMDAwYjdjLzEvXy1GVWpZejVwTGRoTDdNaWNKSi11UnQ1TEtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS83NjhmZGItZDFiNS00YmVmLWJjYmQtNDkyNGZhMDAwYjdj
LzEvcGp2TWJTWDNSMi03UHNNX2Jidy1udXJaSWhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1BjwMA0G
CSqGSIb3DQEBCwUAA4IBAQAoQTkekm6B9EYRD0MmGTbf8AydXvF/8e1RZw01RcmH
r7hkIZztoTaglAyQqfPVmyh+b6v00HZrf4N2D1k6tLo3hG0Ol91QO1lS5V6sAlKa
j8MmPEZavVnZknXikNlbkeXzcBJCsBgIV1LfgiolJSaT3/UMAFjL1we4y4Gp4oTR
4/MhRwy6VOKtVqyKFvuWWIy/IajHfTFgV9/Jt3PM3/QkG8v75SxFKzu2KWEBx959
nuKPNt09aZoDZ+fbYt4CCsoR/FWiQ5/e5AyfvRSi87TbO7wRoac0M5dsfkz6Gtz6
5d/fnERhW3vLdbsDTYvw9sAIEFC3my2P3YNJLGyCyayS
-----END CERTIFICATE-----
Generated at Sun Apr 6 05:58:57 2025 by rpki-client