Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/23968a-fa36-4654-bfbf-9404e177200e/1/7wo8i41Up9XbCW4B5tKeIytyMsA.roa
File: 7wo8i41Up9XbCW4B5tKeIytyMsA.roa (raw, json)
Hash identifier: yirWyb5pij+onS9AdwvB/WtmePzfdhsn+x4XqsoWk2E=
Subject key identifier: EF:0A:3C:8B:8D:54:A7:D5:DB:09:6E:01:E6:D2:9E:23:2B:72:32:C0
Certificate issuer: /CN=6ad70ef25e522c0d26e977a1d24ff77ead3ada19
Certificate serial: 019421B2421AD9C6365483691711BCA35220
Authority key identifier: 6A:D7:0E:F2:5E:52:2C:0D:26:E9:77:A1:D2:4F:F7:7E:AD:3A:DA:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/atcO8l5SLA0m6Xeh0k_3fq062hk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/23968a-fa36-4654-bfbf-9404e177200e/1/7wo8i41Up9XbCW4B5tKeIytyMsA.roa
Signing time: Wed 01 Jan 2025 11:48:37 +0000
ROA not before: Wed 01 Jan 2025 11:48:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21058
IP address blocks: 80.83.160.0/20 maxlen: 20
80.83.160.0/24 maxlen: 24
80.83.161.0/24 maxlen: 24
80.83.162.0/24 maxlen: 24
80.83.163.0/24 maxlen: 24
80.83.164.0/24 maxlen: 24
80.83.165.0/24 maxlen: 24
80.83.166.0/24 maxlen: 24
80.83.167.0/24 maxlen: 24
80.83.168.0/24 maxlen: 24
80.83.169.0/24 maxlen: 24
80.83.170.0/24 maxlen: 24
80.83.171.0/24 maxlen: 24
80.83.172.0/24 maxlen: 24
80.83.173.0/24 maxlen: 24
80.83.174.0/24 maxlen: 24
80.83.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/23968a-fa36-4654-bfbf-9404e177200e/1/atcO8l5SLA0m6Xeh0k_3fq062hk.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/23968a-fa36-4654-bfbf-9404e177200e/1/atcO8l5SLA0m6Xeh0k_3fq062hk.mft
rsync://rpki.ripe.net/repository/DEFAULT/atcO8l5SLA0m6Xeh0k_3fq062hk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 23:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:42:1a:d9:c6:36:54:83:69:17:11:bc:a3:52:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ad70ef25e522c0d26e977a1d24ff77ead3ada19
Validity
Not Before: Jan 1 11:48:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ef0a3c8b8d54a7d5db096e01e6d29e232b7232c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:aa:39:9f:60:4d:67:93:ad:f9:27:1a:22:92:
d5:15:c0:20:6d:bd:ba:7f:18:a5:d8:7c:d8:54:85:
03:ba:e6:43:70:19:47:43:c0:58:0b:94:22:94:8a:
78:65:c8:0c:ab:9e:6b:02:88:00:80:a5:1d:92:21:
96:03:fa:7b:73:cf:1e:6d:02:65:d1:e0:02:9a:54:
1b:dc:3b:ef:da:fe:b1:80:e5:e1:2a:8f:52:34:bc:
4f:b7:1b:34:32:86:5f:82:79:38:e1:99:42:89:9d:
3c:47:ed:6e:53:ea:e1:dc:8f:fb:c0:58:11:6f:10:
06:d7:f3:53:e7:61:72:55:a8:2c:42:dd:13:54:8c:
a5:50:9e:af:83:f8:a5:a6:49:2f:55:65:7b:06:13:
00:54:29:3b:7c:8b:0e:83:cd:a7:27:0a:de:b5:09:
2c:90:56:da:a0:80:56:f7:5d:3f:0a:da:2d:b0:99:
d3:81:cd:4b:7e:61:f8:e3:97:a5:9b:23:8c:96:8c:
c9:70:83:89:c4:7c:c2:0c:30:9b:27:02:b5:61:50:
7d:8f:4a:7f:fe:ef:f5:0d:e3:02:a9:ba:3b:67:89:
68:56:3f:14:9c:76:c3:c7:30:e5:05:d4:b0:ce:31:
ae:6d:42:a4:ab:90:1e:bf:83:c3:28:10:89:32:24:
93:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:0A:3C:8B:8D:54:A7:D5:DB:09:6E:01:E6:D2:9E:23:2B:72:32:C0
X509v3 Authority Key Identifier:
keyid:6A:D7:0E:F2:5E:52:2C:0D:26:E9:77:A1:D2:4F:F7:7E:AD:3A:DA:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/atcO8l5SLA0m6Xeh0k_3fq062hk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/23968a-fa36-4654-bfbf-9404e177200e/1/7wo8i41Up9XbCW4B5tKeIytyMsA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/23968a-fa36-4654-bfbf-9404e177200e/1/atcO8l5SLA0m6Xeh0k_3fq062hk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.83.160.0/20
Signature Algorithm: sha256WithRSAEncryption
06:7d:5f:65:ce:e6:66:20:ce:e3:42:4b:0c:62:4f:5d:fe:24:
d7:5e:7e:dd:d2:57:83:56:7f:11:21:bd:50:be:4b:f3:47:33:
72:cf:c7:b5:6c:18:01:0f:4e:f1:1b:e4:d5:2e:4a:ac:a8:2a:
53:68:bf:78:51:84:29:c0:e1:3f:5d:f6:5d:89:76:50:66:7f:
45:6a:1b:07:41:a0:b0:82:28:ee:76:bc:ae:df:72:73:fa:16:
8e:b5:62:1e:6c:fc:16:95:4d:d6:8c:06:7f:91:39:c5:2c:1c:
31:03:64:07:a5:db:4b:89:dd:43:32:a6:c2:47:88:4a:3c:7c:
9d:45:a8:8d:74:86:6b:23:cb:6b:dc:a0:f0:0c:34:da:3a:e8:
54:6d:ba:0c:90:d9:a1:67:36:05:3c:ce:1b:63:44:bb:67:13:
82:f8:a9:5e:74:5c:f3:93:30:7d:37:b5:e2:10:53:f3:94:d0:
db:6f:11:aa:77:d0:86:de:9e:24:9e:34:63:4b:1a:58:b9:4e:
ff:83:a5:b0:da:8b:8d:02:f1:0f:77:44:bb:c0:7a:7c:a8:70:
70:c1:2d:99:fa:e2:f9:12:f5:17:13:f2:f9:21:a0:9c:6e:b6:
20:97:2f:df:d3:1e:bc:53:0f:89:80:7c:3d:86:ef:3e:6c:99:
3f:46:1d:c7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhskIa2cY2VINpFxG8o1IgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhZDcwZWYyNWU1MjJjMGQyNmU5NzdhMWQyNGZmNzdlYWQz
YWRhMTkwHhcNMjUwMTAxMTE0ODM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjBhM2M4YjhkNTRhN2Q1ZGIwOTZlMDFlNmQyOWUyMzJiNzIzMmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArao5n2BNZ5Ot+ScaIpLVFcAgbb26
fxil2HzYVIUDuuZDcBlHQ8BYC5QilIp4ZcgMq55rAogAgKUdkiGWA/p7c88ebQJl
0eACmlQb3Dvv2v6xgOXhKo9SNLxPtxs0MoZfgnk44ZlCiZ08R+1uU+rh3I/7wFgR
bxAG1/NT52FyVagsQt0TVIylUJ6vg/ilpkkvVWV7BhMAVCk7fIsOg82nJwretQks
kFbaoIBW910/CtotsJnTgc1LfmH445elmyOMlozJcIOJxHzCDDCbJwK1YVB9j0p/
/u/1DeMCqbo7Z4loVj8UnHbDxzDlBdSwzjGubUKkq5Aev4PDKBCJMiSTgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO8KPIuNVKfV2wluAebSniMrcjLAMB8GA1UdIwQY
MBaAFGrXDvJeUiwNJul3odJP936tOtoZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXRjTzhsNVNMQTBtNlhlaDBrXzNmcTA2MmhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8yMzk2OGEtZmEzNi00NjU0LWJmYmYt
OTQwNGUxNzcyMDBlLzEvN3dvOGk0MVVwOVhiQ1c0QjV0S2VJeXR5TXNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi8yMzk2OGEtZmEzNi00NjU0LWJmYmYtOTQwNGUxNzcyMDBl
LzEvYXRjTzhsNVNMQTBtNlhlaDBrXzNmcTA2MmhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEUFOgMA0G
CSqGSIb3DQEBCwUAA4IBAQAGfV9lzuZmIM7jQksMYk9d/iTXXn7d0leDVn8RIb1Q
vkvzRzNyz8e1bBgBD07xG+TVLkqsqCpTaL94UYQpwOE/XfZdiXZQZn9FahsHQaCw
gijudryu33Jz+haOtWIebPwWlU3WjAZ/kTnFLBwxA2QHpdtLid1DMqbCR4hKPHyd
RaiNdIZrI8tr3KDwDDTaOuhUbboMkNmhZzYFPM4bY0S7ZxOC+KledFzzkzB9N7Xi
EFPzlNDbbxGqd9CG3p4knjRjSxpYuU7/g6Ww2ouNAvEPd0S7wHp8qHBwwS2Z+uL5
EvUXE/L5IaCcbrYgly/f0x68Uw+JgHw9hu8+bJk/Rh3H
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:46:54 2025 by rpki-client