Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/acffd6-dc1e-4e0d-8d25-ce22d5eab82f/1/aaN-bs2N1cRQu6wVRlnpd2mwkBQ.roa
File: aaN-bs2N1cRQu6wVRlnpd2mwkBQ.roa (raw, json)
Hash identifier: /bC3V57krNUgmm/Cc9N1e1boJHyImaptM9rUrHdc9Es=
Subject key identifier: 69:A3:7E:6E:CD:8D:D5:C4:50:BB:AC:15:46:59:E9:77:69:B0:90:14
Certificate issuer: /CN=27df042824273fcff3f093d0f9b1dec6960bae6a
Certificate serial: 0194214430A5DD0081DC586708A67CC3DD0F
Authority key identifier: 27:DF:04:28:24:27:3F:CF:F3:F0:93:D0:F9:B1:DE:C6:96:0B:AE:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J98EKCQnP8_z8JPQ-bHexpYLrmo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/acffd6-dc1e-4e0d-8d25-ce22d5eab82f/1/aaN-bs2N1cRQu6wVRlnpd2mwkBQ.roa
Signing time: Wed 01 Jan 2025 09:48:24 +0000
ROA not before: Wed 01 Jan 2025 09:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2852
IP address blocks: 78.128.128.0/17 maxlen: 24
185.8.160.0/22 maxlen: 24
193.84.80.0/22 maxlen: 24
195.113.0.0/16 maxlen: 24
195.178.64.0/19 maxlen: 24
2001:718::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/acffd6-dc1e-4e0d-8d25-ce22d5eab82f/1/J98EKCQnP8_z8JPQ-bHexpYLrmo.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/acffd6-dc1e-4e0d-8d25-ce22d5eab82f/1/J98EKCQnP8_z8JPQ-bHexpYLrmo.mft
rsync://rpki.ripe.net/repository/DEFAULT/J98EKCQnP8_z8JPQ-bHexpYLrmo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:30:a5:dd:00:81:dc:58:67:08:a6:7c:c3:dd:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27df042824273fcff3f093d0f9b1dec6960bae6a
Validity
Not Before: Jan 1 09:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69a37e6ecd8dd5c450bbac154659e97769b09014
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:44:21:c7:83:70:47:2f:30:cd:4e:98:78:95:
0a:34:7a:54:90:03:08:76:8b:62:53:0d:80:9c:c8:
c0:53:38:02:e1:f4:ff:f5:e2:0c:7b:10:fb:b7:1c:
d9:5d:9d:39:58:31:83:5b:9e:8f:64:2a:6b:6f:40:
63:93:c3:69:25:2a:21:4d:3f:49:93:36:7e:a9:6b:
5f:01:a9:71:59:da:5a:ea:6b:13:0f:e3:32:71:5b:
c7:64:ca:98:47:ae:4f:1e:8b:b1:10:f1:a1:21:cd:
f0:b0:cd:7c:41:8a:7f:f1:71:65:e0:12:d6:0d:d4:
41:90:45:70:4a:ab:3f:1b:92:b7:a8:87:d5:65:d2:
16:cc:44:bc:99:6c:22:4d:9d:2f:02:60:a2:f7:1a:
d5:14:8e:07:c6:85:0e:03:d1:d9:a5:28:7d:97:50:
e7:99:10:ce:ce:ba:a2:10:51:1a:4c:18:a9:07:e2:
09:1d:43:58:90:53:eb:7e:6d:fa:dc:a6:37:1d:d6:
88:07:1e:ec:0f:3b:c0:81:c8:2f:e9:64:80:9c:5e:
29:cb:9b:07:ec:fa:ce:69:83:94:6e:1a:25:85:1c:
53:59:18:8e:57:bb:36:61:85:94:d5:88:f4:fa:1d:
66:00:21:08:14:a0:87:f1:03:b1:f7:3a:37:c0:0f:
f0:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:A3:7E:6E:CD:8D:D5:C4:50:BB:AC:15:46:59:E9:77:69:B0:90:14
X509v3 Authority Key Identifier:
keyid:27:DF:04:28:24:27:3F:CF:F3:F0:93:D0:F9:B1:DE:C6:96:0B:AE:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J98EKCQnP8_z8JPQ-bHexpYLrmo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/acffd6-dc1e-4e0d-8d25-ce22d5eab82f/1/aaN-bs2N1cRQu6wVRlnpd2mwkBQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/acffd6-dc1e-4e0d-8d25-ce22d5eab82f/1/J98EKCQnP8_z8JPQ-bHexpYLrmo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.128.128.0/17
185.8.160.0/22
193.84.80.0/22
195.113.0.0/16
195.178.64.0/19
IPv6:
2001:718::/29
Signature Algorithm: sha256WithRSAEncryption
36:22:a3:d7:1e:f7:a8:8e:08:9f:a9:eb:d9:b4:4c:3f:ae:2a:
67:0e:ab:ce:70:bb:52:4b:f1:60:e6:ac:7c:ce:52:c1:2d:92:
da:0d:8c:1f:4c:d3:2f:97:20:5a:e5:05:b2:6b:e9:f4:98:97:
98:4f:88:ec:fa:88:eb:f8:1e:55:a1:36:45:f4:84:a1:39:e2:
ba:94:b4:8c:48:16:ae:fd:74:60:e7:e3:f9:40:39:50:51:db:
50:b7:74:92:1b:1d:7d:76:69:21:b3:37:c8:c0:e3:3c:6c:2e:
88:bc:29:44:08:87:e2:bb:06:ad:e4:e4:fb:2e:7d:f6:23:1c:
05:ca:33:a2:11:34:96:5b:80:3e:ce:45:5a:22:4e:99:d8:9b:
f6:a5:bb:59:ad:2e:ba:48:83:a0:c0:b3:6c:93:19:72:f8:a5:
bc:f5:a3:e1:9e:7a:08:c7:97:3f:0a:9f:d9:2c:8a:19:0f:bc:
0c:c7:e5:b4:6b:33:54:30:c5:44:79:35:fc:75:11:26:40:3c:
45:dc:e5:e1:a3:ed:38:07:06:df:8a:7a:e3:5d:6b:ed:35:0b:
07:5a:d2:fe:c7:37:05:04:d6:c6:0a:85:f8:2e:0e:e2:89:ce:
d3:8f:13:b9:36:51:d7:fd:fd:3e:5d:0b:c1:01:ae:39:2a:76:
71:8e:50:a0
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZQhRDCl3QCB3FhnCKZ8w90PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3ZGYwNDI4MjQyNzNmY2ZmM2YwOTNkMGY5YjFkZWM2OTYw
YmFlNmEwHhcNMjUwMTAxMDk0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWEzN2U2ZWNkOGRkNWM0NTBiYmFjMTU0NjU5ZTk3NzY5YjA5MDE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA10Qhx4NwRy8wzU6YeJUKNHpUkAMI
dotiUw2AnMjAUzgC4fT/9eIMexD7txzZXZ05WDGDW56PZCprb0Bjk8NpJSohTT9J
kzZ+qWtfAalxWdpa6msTD+MycVvHZMqYR65PHouxEPGhIc3wsM18QYp/8XFl4BLW
DdRBkEVwSqs/G5K3qIfVZdIWzES8mWwiTZ0vAmCi9xrVFI4HxoUOA9HZpSh9l1Dn
mRDOzrqiEFEaTBipB+IJHUNYkFPrfm363KY3HdaIBx7sDzvAgcgv6WSAnF4py5sH
7PrOaYOUbholhRxTWRiOV7s2YYWU1Yj0+h1mACEIFKCH8QOx9zo3wA/wIQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFGmjfm7NjdXEULusFUZZ6XdpsJAUMB8GA1UdIwQY
MBaAFCffBCgkJz/P8/CT0Pmx3saWC65qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjk4RUtDUW5QOF96OEpQUS1iSGV4cFlMcm1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9hY2ZmZDYtZGMxZS00ZTBkLThkMjUt
Y2UyMmQ1ZWFiODJmLzEvYWFOLWJzMk4xY1JRdTZ3VlJsbnBkMm13a0JRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9hY2ZmZDYtZGMxZS00ZTBkLThkMjUtY2UyMmQ1ZWFiODJm
LzEvSjk4RUtDUW5QOF96OEpQUS1iSGV4cFlMcm1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAjBAIAATAdAwQHToCAAwQC
uQigAwQCwVRQAwMAw3EDBAXDskAwDQQCAAIwBwMFAyABBxgwDQYJKoZIhvcNAQEL
BQADggEBADYio9ce96iOCJ+p69m0TD+uKmcOq85wu1JL8WDmrHzOUsEtktoNjB9M
0y+XIFrlBbJr6fSYl5hPiOz6iOv4HlWhNkX0hKE54rqUtIxIFq79dGDn4/lAOVBR
21C3dJIbHX12aSGzN8jA4zxsLoi8KUQIh+K7Bq3k5PsuffYjHAXKM6IRNJZbgD7O
RVoiTpnYm/alu1mtLrpIg6DAs2yTGXL4pbz1o+GeegjHlz8Kn9ksihkPvAzH5bRr
M1QwxUR5Nfx1ESZAPEXc5eGj7TgHBt+KeuNda+01Cwda0v7HNwUE1sYKhfguDuKJ
ztOPE7k2Udf9/T5dC8EBrjkqdnGOUKA=
-----END CERTIFICATE-----
Generated at Wed Apr 16 21:54:36 2025 by rpki-client