Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/I7_QIP5Oj5-oE-M38-RbJEYNFIo.roa
File: I7_QIP5Oj5-oE-M38-RbJEYNFIo.roa (raw, json)
Hash identifier: qKDgZPztrOuvmcirFcBb/Aqi322w308E9hlnZArlFPM=
Subject key identifier: 23:BF:D0:20:FE:4E:8F:9F:A8:13:E3:37:F3:E4:5B:24:46:0D:14:8A
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 01955AFB1AA0B5A3BA77513DD7F33ABBB26D
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/I7_QIP5Oj5-oE-M38-RbJEYNFIo.roa
Signing time: Mon 03 Mar 2025 07:49:20 +0000
ROA not before: Mon 03 Mar 2025 07:49:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42083
IP address blocks: 188.132.150.0/24 maxlen: 24
188.132.249.0/24 maxlen: 24
212.68.38.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.mft
rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 01:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:5a:fb:1a:a0:b5:a3:ba:77:51:3d:d7:f3:3a:bb:b2:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Mar 3 07:49:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=23bfd020fe4e8f9fa813e337f3e45b24460d148a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:75:18:b2:b0:2b:2f:17:fc:94:7a:6a:c9:b3:
b0:42:be:83:53:6c:1d:8f:43:9d:4e:b4:f2:b4:9e:
61:64:ea:48:90:f1:8c:57:d1:a9:43:ef:91:95:8b:
83:83:e5:4e:6e:f6:97:6d:79:10:7f:55:b3:73:cf:
6a:eb:a9:60:b4:bf:b5:7a:de:14:2b:98:b9:46:39:
5e:e0:2b:5f:e3:38:7d:9d:cd:f3:65:9e:59:b1:a9:
e4:c9:59:e2:b0:90:16:35:03:16:22:86:cb:ad:90:
ed:5f:ec:b5:11:41:59:72:c3:9a:54:76:db:c4:23:
cc:08:b6:ee:5f:0a:e2:f7:eb:e7:c2:17:74:77:32:
82:fe:62:8a:01:7b:95:50:6b:b0:6f:d5:ed:c1:9b:
de:d5:a0:94:65:8e:f1:73:42:63:92:2f:fb:7b:6d:
f2:20:dc:7d:4b:7a:0e:68:82:64:93:85:5d:67:2f:
12:50:12:16:b4:d1:9c:b3:43:29:8c:81:85:a3:96:
f0:7b:d1:95:d5:fc:a7:e0:46:81:61:7f:3a:64:75:
5b:0e:d5:bd:a0:22:14:37:26:98:fc:c5:d9:c5:0c:
e5:d9:e9:a4:7b:ec:1e:2e:e5:a4:42:6f:29:70:f8:
b9:c0:82:17:8c:49:92:77:47:34:bd:c6:84:8c:c7:
a1:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:BF:D0:20:FE:4E:8F:9F:A8:13:E3:37:F3:E4:5B:24:46:0D:14:8A
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/I7_QIP5Oj5-oE-M38-RbJEYNFIo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.132.150.0/24
188.132.249.0/24
212.68.38.0/24
Signature Algorithm: sha256WithRSAEncryption
71:c1:c8:81:44:ab:02:ee:9f:55:b6:7d:93:8c:73:dc:be:18:
68:2b:b7:8c:30:0e:89:5b:eb:dd:a9:79:1e:d2:20:5d:6e:bc:
ad:e2:4b:5c:27:68:85:f7:de:58:06:05:29:e7:92:f7:90:10:
97:a8:8c:97:f6:65:00:44:87:f6:af:49:63:be:9b:82:41:08:
6b:77:b2:ca:2c:8e:9f:46:f5:30:32:98:8c:56:60:2a:60:0f:
74:91:59:00:b1:06:de:18:7e:d6:e6:84:ab:6f:b9:e4:6c:7c:
3a:1c:49:d7:e1:66:d9:ec:b7:0e:50:a5:82:fa:95:89:24:06:
38:17:1c:74:37:ca:23:cf:ca:38:0c:9e:ed:7b:34:0b:ad:6e:
1a:5d:83:65:bd:86:ba:fb:66:78:28:2e:e2:23:fb:6e:08:e3:
3f:dc:52:6a:24:e2:51:cd:a4:ed:c8:20:ef:ff:b6:8a:87:c4:
45:43:6e:ec:7e:50:c9:98:cd:58:79:e8:a6:8a:41:5b:3b:0c:
6f:a9:13:45:fb:e5:03:65:7c:0a:bb:34:98:a9:8a:ac:bd:49:
20:e8:60:d3:1f:d6:6c:fc:c0:2d:19:65:75:0e:27:03:60:40:
17:c5:f3:82:e5:62:e2:46:83:70:4b:0d:f6:1f:53:cf:72:99:
a4:18:69:6b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZVa+xqgtaO6d1E91/M6u7JtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjUwMzAzMDc0OTIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2JmZDAyMGZlNGU4ZjlmYTgxM2UzMzdmM2U0NWIyNDQ2MGQxNDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHUYsrArLxf8lHpqybOwQr6DU2wd
j0OdTrTytJ5hZOpIkPGMV9GpQ++RlYuDg+VObvaXbXkQf1Wzc89q66lgtL+1et4U
K5i5Rjle4Ctf4zh9nc3zZZ5ZsankyVnisJAWNQMWIobLrZDtX+y1EUFZcsOaVHbb
xCPMCLbuXwri9+vnwhd0dzKC/mKKAXuVUGuwb9XtwZve1aCUZY7xc0Jjki/7e23y
INx9S3oOaIJkk4VdZy8SUBIWtNGcs0MpjIGFo5bwe9GV1fyn4EaBYX86ZHVbDtW9
oCIUNyaY/MXZxQzl2emke+weLuWkQm8pcPi5wIIXjEmSd0c0vcaEjMehGwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCO/0CD+To+fqBPjN/PkWyRGDRSKMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvSTdfUUlQNU9qNS1vRS1NMzgtUmJKRVlORklvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAvISWAwQA
vIT5AwQA1EQmMA0GCSqGSIb3DQEBCwUAA4IBAQBxwciBRKsC7p9Vtn2TjHPcvhho
K7eMMA6JW+vdqXke0iBdbryt4ktcJ2iF995YBgUp55L3kBCXqIyX9mUARIf2r0lj
vpuCQQhrd7LKLI6fRvUwMpiMVmAqYA90kVkAsQbeGH7W5oSrb7nkbHw6HEnX4WbZ
7LcOUKWC+pWJJAY4Fxx0N8ojz8o4DJ7tezQLrW4aXYNlvYa6+2Z4KC7iI/tuCOM/
3FJqJOJRzaTtyCDv/7aKh8RFQ27sflDJmM1YeeimikFbOwxvqRNF++UDZXwKuzSY
qYqsvUkg6GDTH9Zs/MAtGWV1DicDYEAXxfOC5WLiRoNwSw32H1PPcpmkGGlr
-----END CERTIFICATE-----
Generated at Wed Apr 9 09:08:11 2025 by rpki-client