Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/AuV7e2BCsbJh4qmXMcY9_SBZZzw.roa
File: AuV7e2BCsbJh4qmXMcY9_SBZZzw.roa (raw, json)
Hash identifier: JEseM6vYFAwHCa9/90DgXDtwSbck+TVc4HmXQD5fCLc=
Subject key identifier: 02:E5:7B:7B:60:42:B1:B2:61:E2:A9:97:31:C6:3D:FD:20:59:67:3C
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01942826C3E96C6251EAF1A38020D2A4C52D
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/AuV7e2BCsbJh4qmXMcY9_SBZZzw.roa
Signing time: Thu 02 Jan 2025 17:53:36 +0000
ROA not before: Thu 02 Jan 2025 17:53:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211192
IP address blocks: 84.32.173.0/24 maxlen: 24
88.216.56.0/24 maxlen: 24
88.216.59.0/24 maxlen: 24
88.216.232.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.mft
rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 08:01:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:c3:e9:6c:62:51:ea:f1:a3:80:20:d2:a4:c5:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 2 17:53:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=02e57b7b6042b1b261e2a99731c63dfd2059673c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:e0:1e:ca:89:26:2e:37:7e:5c:6d:38:7e:49:
83:51:8c:b5:be:66:ea:b7:c3:be:43:30:f2:72:59:
05:bf:4c:2b:10:d9:bb:bd:bd:d5:4a:53:91:f2:dc:
b1:b1:50:79:02:73:d2:56:eb:c3:71:3b:96:09:12:
91:fe:cd:5b:5a:65:d6:1e:ac:9c:c8:96:20:77:4c:
19:30:5b:b2:5a:89:5a:e4:9f:68:a4:04:af:d6:4e:
45:24:03:0f:d6:cd:2a:9c:54:ab:cd:95:52:bf:6b:
ea:cc:45:d5:41:14:5b:7b:3f:4f:c1:f8:12:60:ca:
5d:6f:b1:70:bd:9c:80:de:d6:75:55:94:4d:aa:38:
a6:24:d4:c8:79:83:17:39:fe:5b:62:e1:15:d5:b6:
67:9c:fc:55:68:a9:01:9f:6f:fa:6e:aa:3d:d3:8c:
8a:85:01:5f:c0:f8:ba:f2:c7:1c:08:63:20:0d:3a:
6e:b5:e8:e2:15:79:01:4c:97:f0:3e:b5:58:c8:9c:
c4:9e:b8:ff:66:e6:10:18:0a:8e:d1:3a:0b:c1:96:
5c:5d:59:ee:37:dd:76:62:c5:65:35:ce:4c:e7:b8:
9c:69:da:a9:9b:49:9d:b5:e8:b2:ff:2d:7d:6e:08:
b8:2e:70:f4:60:de:14:93:fb:cb:8e:74:ab:fe:76:
df:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:E5:7B:7B:60:42:B1:B2:61:E2:A9:97:31:C6:3D:FD:20:59:67:3C
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/AuV7e2BCsbJh4qmXMcY9_SBZZzw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.173.0/24
88.216.56.0/24
88.216.59.0/24
88.216.232.0/22
Signature Algorithm: sha256WithRSAEncryption
66:66:7b:c6:07:14:9c:05:35:61:37:df:79:20:5a:da:16:59:
7f:fe:56:af:94:4d:e0:27:85:b5:4d:1d:f9:e8:0c:12:79:e4:
3e:f8:da:38:a1:36:d5:0b:7f:60:e5:17:2c:7d:10:72:66:a6:
fa:3f:2f:96:5e:d6:6c:82:95:b9:e7:46:5b:da:47:6c:4a:43:
2e:79:c3:0f:70:48:43:dd:78:20:1e:b0:cc:af:d2:7d:f9:9c:
4e:6b:60:f3:1b:de:dc:51:5a:66:e2:92:b4:97:93:8a:82:88:
2f:17:b0:70:25:88:24:90:34:3b:c3:f9:d4:f0:e2:42:f5:ff:
ce:0a:ef:ef:49:9c:af:f6:6d:0a:40:a9:ca:37:55:05:3c:23:
0d:35:89:e9:da:11:89:7d:ac:a6:05:ac:7c:81:38:6e:d3:21:
52:50:08:05:68:e4:ec:73:62:c0:f3:ac:5e:ee:b7:b2:ea:ca:
e3:51:66:d6:7e:2e:fc:21:3e:49:b8:01:0b:bd:69:92:8e:0b:
c8:5f:a6:f3:69:e4:b1:3a:74:a4:c9:28:3d:b4:ee:54:4f:f2:
53:4e:aa:4d:10:5e:b8:85:b7:91:fb:b2:a4:1c:d9:a3:c6:41:
ec:d4:33:dd:ed:b1:f1:cd:af:d8:d9:fc:52:0e:e5:71:b0:ca:
b0:44:1c:47
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQoJsPpbGJR6vGjgCDSpMUtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjUwMTAyMTc1MzM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmU1N2I3YjYwNDJiMWIyNjFlMmE5OTczMWM2M2RmZDIwNTk2NzNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoeAeyokmLjd+XG04fkmDUYy1vmbq
t8O+QzDyclkFv0wrENm7vb3VSlOR8tyxsVB5AnPSVuvDcTuWCRKR/s1bWmXWHqyc
yJYgd0wZMFuyWola5J9opASv1k5FJAMP1s0qnFSrzZVSv2vqzEXVQRRbez9PwfgS
YMpdb7FwvZyA3tZ1VZRNqjimJNTIeYMXOf5bYuEV1bZnnPxVaKkBn2/6bqo904yK
hQFfwPi68sccCGMgDTputejiFXkBTJfwPrVYyJzEnrj/ZuYQGAqO0ToLwZZcXVnu
N912YsVlNc5M57icadqpm0mdteiy/y19bgi4LnD0YN4Uk/vLjnSr/nbfhwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFALle3tgQrGyYeKplzHGPf0gWWc8MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvQXVWN2UyQkNzYkpoNHFtWE1jWTlfU0JaWnp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVCCtAwQA
WNg4AwQAWNg7AwQCWNjoMA0GCSqGSIb3DQEBCwUAA4IBAQBmZnvGBxScBTVhN995
IFraFll//lavlE3gJ4W1TR356AwSeeQ++No4oTbVC39g5RcsfRByZqb6Py+WXtZs
gpW550Zb2kdsSkMuecMPcEhD3XggHrDMr9J9+ZxOa2DzG97cUVpm4pK0l5OKgogv
F7BwJYgkkDQ7w/nU8OJC9f/OCu/vSZyv9m0KQKnKN1UFPCMNNYnp2hGJfaymBax8
gThu0yFSUAgFaOTsc2LA86xe7rey6srjUWbWfi78IT5JuAELvWmSjgvIX6bzaeSx
OnSkySg9tO5UT/JTTqpNEF64hbeR+7KkHNmjxkHs1DPd7bHxza/Y2fxSDuVxsMqw
RBxH
-----END CERTIFICATE-----
Generated at Sat Apr 5 17:00:04 2025 by rpki-client