Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/b38707-39ce-4ccb-97a0-9b70d60c4800/1/0Bo64BgX0hylRoEuTO1mVFUAcSM.roa
File: 0Bo64BgX0hylRoEuTO1mVFUAcSM.roa (raw, json)
Hash identifier: k/E5TUmiripioDJT6E/uQgRfu9E1lOiyhVTdC1Kwllc=
Subject key identifier: D0:1A:3A:E0:18:17:D2:1C:A5:46:81:2E:4C:ED:66:54:55:00:71:23
Certificate issuer: /CN=db9bfce35824f6ec9b5c9f39a81150ce16181227
Certificate serial: 019423D6BA8B7013AAB7D74ED252102BC619
Authority key identifier: DB:9B:FC:E3:58:24:F6:EC:9B:5C:9F:39:A8:11:50:CE:16:18:12:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/25v841gk9uybXJ85qBFQzhYYEic.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/b38707-39ce-4ccb-97a0-9b70d60c4800/1/0Bo64BgX0hylRoEuTO1mVFUAcSM.roa
Signing time: Wed 01 Jan 2025 21:47:42 +0000
ROA not before: Wed 01 Jan 2025 21:47:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35765
IP address blocks: 87.247.192.0/22 maxlen: 22
87.247.196.0/22 maxlen: 22
87.247.200.0/22 maxlen: 22
87.247.204.0/22 maxlen: 22
87.247.208.0/20 maxlen: 20
195.128.104.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/b38707-39ce-4ccb-97a0-9b70d60c4800/1/25v841gk9uybXJ85qBFQzhYYEic.crl
rsync://rpki.ripe.net/repository/DEFAULT/4a/b38707-39ce-4ccb-97a0-9b70d60c4800/1/25v841gk9uybXJ85qBFQzhYYEic.mft
rsync://rpki.ripe.net/repository/DEFAULT/25v841gk9uybXJ85qBFQzhYYEic.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 09:01:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:ba:8b:70:13:aa:b7:d7:4e:d2:52:10:2b:c6:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db9bfce35824f6ec9b5c9f39a81150ce16181227
Validity
Not Before: Jan 1 21:47:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d01a3ae01817d21ca546812e4ced665455007123
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:e1:ee:09:df:98:3e:3f:28:2f:18:59:13:ac:
33:19:c1:de:fa:23:9a:77:b0:f1:c7:18:84:6c:f2:
86:24:53:12:f9:d7:3e:39:78:1b:b9:95:d2:76:85:
e8:7f:35:cc:a6:28:61:04:7d:70:43:9d:29:a9:5b:
8f:fe:cd:5d:de:17:ce:8f:a7:83:5f:4a:20:f4:ff:
55:86:17:04:9d:bb:56:b2:ad:c0:25:05:e1:3f:59:
3d:67:f4:ad:7a:ff:39:39:87:70:d8:bc:14:e1:75:
b8:43:70:73:4d:92:cd:c8:28:a1:18:7d:76:68:11:
06:e5:90:07:23:67:37:31:c4:e0:4a:6d:ec:1f:b1:
7e:2a:10:6c:68:a8:d2:ee:f1:33:7a:12:7c:8f:bb:
7e:6e:e8:bf:6c:6a:e2:c7:aa:32:43:6d:a4:1c:ea:
a6:4a:72:c5:44:cc:c1:63:76:2b:56:df:0b:d7:31:
b2:23:c7:c6:51:04:32:7b:27:4e:d3:a5:16:4e:62:
8e:f2:7e:b1:b8:41:85:c4:34:6d:c5:27:70:70:55:
67:6b:3e:03:48:6d:a2:14:c6:a2:2d:38:a8:c9:1f:
b7:ea:fb:02:61:03:7c:06:61:bc:c0:ad:e7:73:eb:
8a:da:ca:88:16:23:05:f0:09:c9:11:60:54:81:b6:
e0:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:1A:3A:E0:18:17:D2:1C:A5:46:81:2E:4C:ED:66:54:55:00:71:23
X509v3 Authority Key Identifier:
keyid:DB:9B:FC:E3:58:24:F6:EC:9B:5C:9F:39:A8:11:50:CE:16:18:12:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/25v841gk9uybXJ85qBFQzhYYEic.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/b38707-39ce-4ccb-97a0-9b70d60c4800/1/0Bo64BgX0hylRoEuTO1mVFUAcSM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/b38707-39ce-4ccb-97a0-9b70d60c4800/1/25v841gk9uybXJ85qBFQzhYYEic.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.247.192.0/19
195.128.104.0/21
Signature Algorithm: sha256WithRSAEncryption
ad:aa:b2:a9:70:2f:ed:ed:ce:6b:65:cb:8a:20:3b:fd:67:11:
1b:06:5f:30:8b:7f:60:71:ad:ff:f0:15:11:97:24:b7:fb:1b:
e2:9f:3d:9a:4e:37:d2:f3:9d:87:fa:21:be:16:55:13:e3:f4:
d1:8a:99:90:3e:dd:82:7c:70:6f:0d:08:39:d6:a3:24:43:87:
06:4b:da:d4:e3:dc:8c:68:01:c3:30:69:e6:31:d3:b4:13:6d:
d8:01:a8:77:1c:63:ee:99:38:18:d0:9b:f5:6d:7b:04:b6:2f:
2f:16:62:f8:a2:d6:86:ba:cc:5e:d0:e3:d5:70:db:79:fc:e8:
57:0c:fe:e7:a8:bb:ad:6e:bc:41:aa:36:96:50:a3:29:02:c3:
51:de:bd:92:dc:97:96:a7:c5:49:bf:62:f3:7e:08:14:b7:b8:
1e:44:6f:7b:41:3f:d3:83:c8:f9:df:6d:00:a0:c4:f8:0b:16:
d0:b3:83:5b:34:7b:c3:32:5d:51:bc:29:34:0a:55:75:95:f6:
64:47:c5:05:f2:29:ef:3a:6f:c3:33:f8:0d:c4:a0:77:3e:b5:
57:87:e4:f1:08:25:93:ff:d1:df:e4:f4:ec:fd:c8:d2:45:86:
14:34:98:2a:bb:c9:a7:76:f3:4c:9b:03:cb:64:37:ea:09:f3:
16:07:1c:8e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQj1rqLcBOqt9dO0lIQK8YZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiOWJmY2UzNTgyNGY2ZWM5YjVjOWYzOWE4MTE1MGNlMTYx
ODEyMjcwHhcNMjUwMTAxMjE0NzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDFhM2FlMDE4MTdkMjFjYTU0NjgxMmU0Y2VkNjY1NDU1MDA3MTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApuHuCd+YPj8oLxhZE6wzGcHe+iOa
d7DxxxiEbPKGJFMS+dc+OXgbuZXSdoXofzXMpihhBH1wQ50pqVuP/s1d3hfOj6eD
X0og9P9VhhcEnbtWsq3AJQXhP1k9Z/Stev85OYdw2LwU4XW4Q3BzTZLNyCihGH12
aBEG5ZAHI2c3McTgSm3sH7F+KhBsaKjS7vEzehJ8j7t+bui/bGrix6oyQ22kHOqm
SnLFRMzBY3YrVt8L1zGyI8fGUQQyeydO06UWTmKO8n6xuEGFxDRtxSdwcFVnaz4D
SG2iFMaiLTioyR+36vsCYQN8BmG8wK3nc+uK2sqIFiMF8AnJEWBUgbbgaQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNAaOuAYF9IcpUaBLkztZlRVAHEjMB8GA1UdIwQY
MBaAFNub/ONYJPbsm1yfOagRUM4WGBInMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjV2ODQxZ2s5dXliWEo4NXFCRlF6aFlZRWljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9iMzg3MDctMzljZS00Y2NiLTk3YTAt
OWI3MGQ2MGM0ODAwLzEvMEJvNjRCZ1gwaHlsUm9FdVRPMW1WRlVBY1NNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9iMzg3MDctMzljZS00Y2NiLTk3YTAtOWI3MGQ2MGM0ODAw
LzEvMjV2ODQxZ2s5dXliWEo4NXFCRlF6aFlZRWljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFV/fAAwQD
w4BoMA0GCSqGSIb3DQEBCwUAA4IBAQCtqrKpcC/t7c5rZcuKIDv9ZxEbBl8wi39g
ca3/8BURlyS3+xvinz2aTjfS852H+iG+FlUT4/TRipmQPt2CfHBvDQg51qMkQ4cG
S9rU49yMaAHDMGnmMdO0E23YAah3HGPumTgY0Jv1bXsEti8vFmL4otaGusxe0OPV
cNt5/OhXDP7nqLutbrxBqjaWUKMpAsNR3r2S3JeWp8VJv2LzfggUt7geRG97QT/T
g8j5320AoMT4CxbQs4NbNHvDMl1RvCk0ClV1lfZkR8UF8invOm/DM/gNxKB3PrVX
h+TxCCWT/9Hf5PTs/cjSRYYUNJgqu8mndvNMmwPLZDfqCfMWBxyO
-----END CERTIFICATE-----
Generated at Sun Apr 6 19:30:55 2025 by rpki-client