Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/7f13a9-7289-4e1e-bb43-c7161dc5c087/1/iKF-Q9PfXOLXW4CJahZRW_VogkE.roa
File: iKF-Q9PfXOLXW4CJahZRW_VogkE.roa (raw, json)
Hash identifier: +qqtPKI3qMehNAw49JzdFyEOoExudNvSKeInlgLAy1I=
Subject key identifier: 88:A1:7E:43:D3:DF:5C:E2:D7:5B:80:89:6A:16:51:5B:F5:68:82:41
Certificate issuer: /CN=3b80edd425050865eafba8089db9da3f3519b334
Certificate serial: 019422FB1ECC7D2FD9D173F5357FD9F7877D
Authority key identifier: 3B:80:ED:D4:25:05:08:65:EA:FB:A8:08:9D:B9:DA:3F:35:19:B3:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O4Dt1CUFCGXq-6gInbnaPzUZszQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/7f13a9-7289-4e1e-bb43-c7161dc5c087/1/iKF-Q9PfXOLXW4CJahZRW_VogkE.roa
Signing time: Wed 01 Jan 2025 17:47:50 +0000
ROA not before: Wed 01 Jan 2025 17:47:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1759
IP address blocks: 77.247.196.0/24 maxlen: 24
185.31.70.0/23 maxlen: 23
2a12:b440:1::/48 maxlen: 48
2a12:b440:100::/47 maxlen: 47
2a12:b440:100::/48 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/7f13a9-7289-4e1e-bb43-c7161dc5c087/1/O4Dt1CUFCGXq-6gInbnaPzUZszQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/7f13a9-7289-4e1e-bb43-c7161dc5c087/1/O4Dt1CUFCGXq-6gInbnaPzUZszQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/O4Dt1CUFCGXq-6gInbnaPzUZszQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 05:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:1e:cc:7d:2f:d9:d1:73:f5:35:7f:d9:f7:87:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b80edd425050865eafba8089db9da3f3519b334
Validity
Not Before: Jan 1 17:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=88a17e43d3df5ce2d75b80896a16515bf5688241
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:4f:0f:05:bc:ab:0f:aa:2d:50:0a:d7:9d:f1:
51:79:aa:8e:d9:65:2a:9a:3b:25:1d:9d:09:e0:41:
77:a1:a5:7a:d9:44:a0:e0:31:67:b0:d8:ad:64:82:
d7:35:f8:74:62:9d:dc:58:5a:66:ee:73:4b:25:32:
9b:17:80:63:f8:bf:f4:46:8b:ac:0f:06:54:70:87:
2a:49:37:88:90:cc:32:6d:1b:4b:45:1b:82:10:60:
ca:bb:0a:e7:bf:93:20:00:ac:16:11:1b:bb:62:b7:
9b:d0:11:78:73:28:0b:65:19:cc:71:9e:b9:ef:74:
dc:e0:32:00:6b:cd:5e:27:1b:57:ed:c9:9b:fd:68:
b0:cc:39:79:43:78:1d:af:d8:c6:44:a2:63:df:f5:
63:4c:8f:2c:b0:0f:47:9c:ad:15:b6:bb:2d:52:ca:
60:07:e1:ef:9c:12:a3:c8:4c:44:84:67:01:2f:03:
b3:23:b7:55:f0:48:24:0b:17:84:5a:10:00:0c:ab:
81:d0:5c:b9:5d:1d:4f:e3:55:4b:b0:8d:45:1f:9d:
3d:b6:a1:59:e7:02:ab:30:e4:ab:5e:7f:8a:fd:39:
b1:65:0e:13:fe:61:f7:9b:24:fe:94:79:fc:e0:ce:
85:5f:c0:b6:a8:9c:1b:2f:47:09:7e:36:cb:b1:04:
bf:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:A1:7E:43:D3:DF:5C:E2:D7:5B:80:89:6A:16:51:5B:F5:68:82:41
X509v3 Authority Key Identifier:
keyid:3B:80:ED:D4:25:05:08:65:EA:FB:A8:08:9D:B9:DA:3F:35:19:B3:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O4Dt1CUFCGXq-6gInbnaPzUZszQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/7f13a9-7289-4e1e-bb43-c7161dc5c087/1/iKF-Q9PfXOLXW4CJahZRW_VogkE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/7f13a9-7289-4e1e-bb43-c7161dc5c087/1/O4Dt1CUFCGXq-6gInbnaPzUZszQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.247.196.0/24
185.31.70.0/23
IPv6:
2a12:b440:1::/48
2a12:b440:100::/47
Signature Algorithm: sha256WithRSAEncryption
2e:1d:83:03:d2:0b:20:c4:c9:a9:96:14:2b:47:70:8a:5a:1f:
03:ec:b9:cb:e7:a2:36:66:23:74:a2:78:28:37:99:d0:b7:d6:
fd:bb:e5:67:b7:52:ca:26:5f:69:8d:28:55:25:24:de:b0:5c:
75:4c:32:90:7c:02:0f:ce:da:c2:ba:b5:c1:1c:7f:b0:84:22:
4a:90:04:77:b7:33:0a:24:f7:96:b8:7c:0b:21:3b:5d:13:c7:
5c:fe:66:bb:71:2f:ba:a4:cb:1f:db:a8:ac:5d:1e:ae:fb:2b:
36:49:cf:8e:50:4d:51:da:2d:27:88:11:71:da:dd:ca:c5:60:
ec:11:42:d1:ae:a1:2d:31:02:d1:71:12:5e:30:f6:66:43:cb:
e2:89:c8:94:f2:88:a2:83:8a:20:56:44:90:5b:f9:82:06:d4:
87:12:25:7c:9b:f9:d0:ea:0f:27:64:a0:ec:48:07:00:1d:77:
61:6e:38:e9:92:37:3d:2c:94:78:c0:cd:27:6b:5e:53:c7:81:
20:18:60:9d:1a:68:f6:c1:58:26:61:63:93:b3:43:3a:da:01:
73:63:a7:e9:7e:66:d4:5a:eb:ac:a4:c4:86:80:89:21:6c:f7:
7a:df:bb:00:5d:ed:29:45:5b:01:bb:2c:d3:2d:2a:37:48:f8:
14:af:85:ec
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZQi+x7MfS/Z0XP1NX/Z94d9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiODBlZGQ0MjUwNTA4NjVlYWZiYTgwODlkYjlkYTNmMzUx
OWIzMzQwHhcNMjUwMTAxMTc0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGExN2U0M2QzZGY1Y2UyZDc1YjgwODk2YTE2NTE1YmY1Njg4MjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApk8PBbyrD6otUArXnfFReaqO2WUq
mjslHZ0J4EF3oaV62USg4DFnsNitZILXNfh0Yp3cWFpm7nNLJTKbF4Bj+L/0Rous
DwZUcIcqSTeIkMwybRtLRRuCEGDKuwrnv5MgAKwWERu7Yreb0BF4cygLZRnMcZ65
73Tc4DIAa81eJxtX7cmb/WiwzDl5Q3gdr9jGRKJj3/VjTI8ssA9HnK0VtrstUspg
B+HvnBKjyExEhGcBLwOzI7dV8EgkCxeEWhAADKuB0Fy5XR1P41VLsI1FH509tqFZ
5wKrMOSrXn+K/TmxZQ4T/mH3myT+lHn84M6FX8C2qJwbL0cJfjbLsQS/CwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFIihfkPT31zi11uAiWoWUVv1aIJBMB8GA1UdIwQY
MBaAFDuA7dQlBQhl6vuoCJ252j81GbM0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzREdDFDVUZDR1hxLTZnSW5ibmFQelVac3pRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi83ZjEzYTktNzI4OS00ZTFlLWJiNDMt
YzcxNjFkYzVjMDg3LzEvaUtGLVE5UGZYT0xYVzRDSmFoWlJXX1ZvZ2tFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi83ZjEzYTktNzI4OS00ZTFlLWJiNDMtYzcxNjFkYzVjMDg3
LzEvTzREdDFDVUZDR1hxLTZnSW5ibmFQelVac3pRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQATffEAwQB
uR9GMBgEAgACMBIDBwAqErRAAAEDBwEqErRAAQAwDQYJKoZIhvcNAQELBQADggEB
AC4dgwPSCyDEyamWFCtHcIpaHwPsucvnojZmI3SieCg3mdC31v275We3UsomX2mN
KFUlJN6wXHVMMpB8Ag/O2sK6tcEcf7CEIkqQBHe3Mwok95a4fAshO10Tx1z+Zrtx
L7qkyx/bqKxdHq77KzZJz45QTVHaLSeIEXHa3crFYOwRQtGuoS0xAtFxEl4w9mZD
y+KJyJTyiKKDiiBWRJBb+YIG1IcSJXyb+dDqDydkoOxIBwAdd2FuOOmSNz0slHjA
zSdrXlPHgSAYYJ0aaPbBWCZhY5OzQzraAXNjp+l+ZtRa66ykxIaAiSFs93rfuwBd
7SlFWwG7LNMtKjdI+BSvhew=
-----END CERTIFICATE-----
Generated at Tue Apr 15 12:43:40 2025 by rpki-client