Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/ab7a04-ffe1-4a05-a5ef-8f539b64b8db/1/odZuXI3wehfozSyLDOqLNH6peX4.roa
File: odZuXI3wehfozSyLDOqLNH6peX4.roa (raw, json)
Hash identifier: /6STeiwL1qKoicoiRYzDSMOTgxmTXXJ8g/uFwFCldMg=
Subject key identifier: A1:D6:6E:5C:8D:F0:7A:17:E8:CD:2C:8B:0C:EA:8B:34:7E:A9:79:7E
Certificate issuer: /CN=7b8254253dc0213fe58a7aff4b82463e47978063
Certificate serial: 0195B2AB947177B0078C76907CEDB3D1A898
Authority key identifier: 7B:82:54:25:3D:C0:21:3F:E5:8A:7A:FF:4B:82:46:3E:47:97:80:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e4JUJT3AIT_linr_S4JGPkeXgGM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/ab7a04-ffe1-4a05-a5ef-8f539b64b8db/1/odZuXI3wehfozSyLDOqLNH6peX4.roa
Signing time: Thu 20 Mar 2025 08:29:03 +0000
ROA not before: Thu 20 Mar 2025 08:29:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213118
IP address blocks: 79.142.34.0/23 maxlen: 23
79.142.40.0/23 maxlen: 23
94.154.125.0/24 maxlen: 24
178.213.74.0/24 maxlen: 24
2a11:fd40:1000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/ab7a04-ffe1-4a05-a5ef-8f539b64b8db/1/e4JUJT3AIT_linr_S4JGPkeXgGM.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/ab7a04-ffe1-4a05-a5ef-8f539b64b8db/1/e4JUJT3AIT_linr_S4JGPkeXgGM.mft
rsync://rpki.ripe.net/repository/DEFAULT/e4JUJT3AIT_linr_S4JGPkeXgGM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 07:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:b2:ab:94:71:77:b0:07:8c:76:90:7c:ed:b3:d1:a8:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b8254253dc0213fe58a7aff4b82463e47978063
Validity
Not Before: Mar 20 08:29:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a1d66e5c8df07a17e8cd2c8b0cea8b347ea9797e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:1a:75:10:e6:ff:a6:fd:47:5e:15:42:57:55:
0a:1c:41:e7:11:cf:f5:50:b4:54:2e:32:aa:ca:61:
f4:fc:b3:5f:f3:57:de:b6:53:34:d3:f5:47:a7:bb:
8a:51:cb:d8:bb:c8:06:65:00:e0:de:59:de:28:86:
3e:27:30:8a:6e:66:c1:93:1c:82:d0:2b:15:78:4c:
01:a6:29:c7:07:9e:ff:bc:ff:71:2d:9d:24:51:1e:
72:b4:fd:b0:d8:3d:54:d3:0a:e8:7a:be:be:da:a6:
be:a7:29:d1:bd:13:3b:10:4b:dd:87:ac:79:a6:b6:
51:5c:29:1b:af:5c:f5:6b:ea:7f:ef:ed:d7:71:17:
13:8d:8d:5f:ce:96:e8:2a:ba:14:98:22:fe:c6:f1:
f1:96:ed:f9:14:8b:03:c9:16:be:24:03:61:e4:e6:
0f:dc:76:35:75:76:41:90:7f:c6:e9:ec:e6:4b:ab:
5d:8d:6e:b7:dd:2c:f9:f3:6e:41:63:a9:ea:b5:ae:
b2:5b:8c:7a:f8:06:f6:86:a4:ee:fd:54:fa:f7:06:
d8:f4:a5:fb:46:d9:c8:cd:6e:e6:ea:87:ba:62:a6:
4e:0d:53:4c:08:f8:63:7e:cb:a9:23:b9:53:be:03:
9e:6c:a8:6d:3e:75:76:a2:7b:70:72:65:d8:08:c2:
f3:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:D6:6E:5C:8D:F0:7A:17:E8:CD:2C:8B:0C:EA:8B:34:7E:A9:79:7E
X509v3 Authority Key Identifier:
keyid:7B:82:54:25:3D:C0:21:3F:E5:8A:7A:FF:4B:82:46:3E:47:97:80:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4JUJT3AIT_linr_S4JGPkeXgGM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/ab7a04-ffe1-4a05-a5ef-8f539b64b8db/1/odZuXI3wehfozSyLDOqLNH6peX4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/ab7a04-ffe1-4a05-a5ef-8f539b64b8db/1/e4JUJT3AIT_linr_S4JGPkeXgGM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.142.34.0/23
79.142.40.0/23
94.154.125.0/24
178.213.74.0/24
IPv6:
2a11:fd40:1000::/36
Signature Algorithm: sha256WithRSAEncryption
8c:2b:70:96:3d:e7:40:8b:e2:64:5f:f1:74:26:c9:6b:ad:1d:
9e:61:5a:ed:6f:7e:b9:dc:1b:6c:72:6a:ac:c2:fd:c4:28:ee:
ce:f4:50:ca:4a:1a:da:2c:72:d8:50:2e:f5:81:ae:cd:47:d4:
46:38:1f:b2:69:3d:8c:e8:27:6b:c4:63:6c:0f:63:15:8a:96:
ad:a1:2f:8d:96:c2:60:52:ca:f4:0e:ef:cc:9a:65:14:29:90:
f9:40:69:ab:3d:99:4b:b3:42:fb:82:71:4c:bb:c9:32:f8:77:
fa:f6:cd:5d:36:de:87:64:15:b5:9e:07:ba:e9:39:b2:2b:ed:
08:11:16:08:f7:28:42:a7:20:b7:ef:54:90:62:89:90:c9:e3:
02:a5:d3:f4:b9:c0:1b:a6:7b:3a:0d:05:21:a8:73:01:80:db:
c0:8f:8c:00:d3:2f:61:3a:c9:04:5a:f7:29:fc:4d:5c:dc:e5:
14:46:62:c3:82:ff:f3:be:4e:4f:42:f1:b8:63:25:c3:98:af:
e2:e4:93:f6:b0:30:4f:2a:f3:07:e8:45:3b:60:9b:04:ec:97:
94:57:85:eb:bb:b9:9f:d0:7d:9a:88:93:a1:2c:10:8b:c6:bc:
af:1f:81:2a:5f:c9:f1:a1:d4:99:b5:d0:1d:ac:d5:09:00:0c:
1b:0f:b1:1d
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZWyq5Rxd7AHjHaQfO2z0aiYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiODI1NDI1M2RjMDIxM2ZlNThhN2FmZjRiODI0NjNlNDc5
NzgwNjMwHhcNMjUwMzIwMDgyOTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWQ2NmU1YzhkZjA3YTE3ZThjZDJjOGIwY2VhOGIzNDdlYTk3OTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwxp1EOb/pv1HXhVCV1UKHEHnEc/1
ULRULjKqymH0/LNf81fetlM00/VHp7uKUcvYu8gGZQDg3lneKIY+JzCKbmbBkxyC
0CsVeEwBpinHB57/vP9xLZ0kUR5ytP2w2D1U0wroer6+2qa+pynRvRM7EEvdh6x5
prZRXCkbr1z1a+p/7+3XcRcTjY1fzpboKroUmCL+xvHxlu35FIsDyRa+JANh5OYP
3HY1dXZBkH/G6ezmS6tdjW633Sz5825BY6nqta6yW4x6+Ab2hqTu/VT69wbY9KX7
RtnIzW7m6oe6YqZODVNMCPhjfsupI7lTvgOebKhtPnV2ontwcmXYCMLzrwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFKHWblyN8HoX6M0siwzqizR+qXl+MB8GA1UdIwQY
MBaAFHuCVCU9wCE/5Yp6/0uCRj5Hl4BjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTRKVUpUM0FJVF9saW5yX1M0SkdQa2VYZ0dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9hYjdhMDQtZmZlMS00YTA1LWE1ZWYt
OGY1MzliNjRiOGRiLzEvb2RadVhJM3dlaGZvelN5TERPcUxOSDZwZVg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9hYjdhMDQtZmZlMS00YTA1LWE1ZWYtOGY1MzliNjRiOGRi
LzEvZTRKVUpUM0FJVF9saW5yX1M0SkdQa2VYZ0dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAeBAIAATAYAwQBT44iAwQB
T44oAwQAXpp9AwQAstVKMA4EAgACMAgDBgQqEf1AEDANBgkqhkiG9w0BAQsFAAOC
AQEAjCtwlj3nQIviZF/xdCbJa60dnmFa7W9+udwbbHJqrML9xCjuzvRQykoa2ixy
2FAu9YGuzUfURjgfsmk9jOgna8RjbA9jFYqWraEvjZbCYFLK9A7vzJplFCmQ+UBp
qz2ZS7NC+4JxTLvJMvh3+vbNXTbeh2QVtZ4Huuk5sivtCBEWCPcoQqcgt+9UkGKJ
kMnjAqXT9LnAG6Z7Og0FIahzAYDbwI+MANMvYTrJBFr3KfxNXNzlFEZiw4L/875O
T0LxuGMlw5iv4uST9rAwTyrzB+hFO2CbBOyXlFeF67u5n9B9moiToSwQi8a8rx+B
Kl/J8aHUmbXQHazVCQAMGw+xHQ==
-----END CERTIFICATE-----
Generated at Thu Apr 17 13:28:21 2025 by rpki-client