Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/393842-e7ef-4893-9c1b-1e842118db6f/1/foMqTIfk3NGRU1ECjEYc0FzWeHQ.roa
File: foMqTIfk3NGRU1ECjEYc0FzWeHQ.roa (raw, json)
Hash identifier: 8/tSFYSbydeBOM5cDt+MQjefx680IbM6wdc9EqGW/uQ=
Subject key identifier: 7E:83:2A:4C:87:E4:DC:D1:91:53:51:02:8C:46:1C:D0:5C:D6:78:74
Certificate issuer: /CN=29b79380fe407439cc2ecd3fac18157db36cf768
Certificate serial: 0194266BF734675E2F17341D5083FCA2FF99
Authority key identifier: 29:B7:93:80:FE:40:74:39:CC:2E:CD:3F:AC:18:15:7D:B3:6C:F7:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KbeTgP5AdDnMLs0_rBgVfbNs92g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/393842-e7ef-4893-9c1b-1e842118db6f/1/foMqTIfk3NGRU1ECjEYc0FzWeHQ.roa
Signing time: Thu 02 Jan 2025 09:49:57 +0000
ROA not before: Thu 02 Jan 2025 09:49:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1759
IP address blocks: 143.161.74.0/24 maxlen: 24
143.161.91.0/24 maxlen: 24
143.161.92.0/22 maxlen: 22
143.161.96.0/22 maxlen: 22
143.161.100.0/23 maxlen: 23
2a05:6747::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/393842-e7ef-4893-9c1b-1e842118db6f/1/KbeTgP5AdDnMLs0_rBgVfbNs92g.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/393842-e7ef-4893-9c1b-1e842118db6f/1/KbeTgP5AdDnMLs0_rBgVfbNs92g.mft
rsync://rpki.ripe.net/repository/DEFAULT/KbeTgP5AdDnMLs0_rBgVfbNs92g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 03:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:f7:34:67:5e:2f:17:34:1d:50:83:fc:a2:ff:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29b79380fe407439cc2ecd3fac18157db36cf768
Validity
Not Before: Jan 2 09:49:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7e832a4c87e4dcd1915351028c461cd05cd67874
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:b2:e7:31:0c:6d:0b:3d:18:34:bf:b1:88:80:
1f:c8:60:e0:a4:6c:76:98:0b:bd:66:ff:90:61:d9:
15:47:0f:11:7f:0a:33:fd:d2:63:86:0a:e5:69:46:
a7:71:90:dd:1e:66:ab:10:b8:fa:78:b2:94:17:65:
3e:85:a5:98:41:a6:a9:b5:fc:9a:0c:39:7b:5b:5b:
b7:de:df:30:28:7d:dd:83:b1:af:39:b9:74:87:6e:
ed:a4:9c:54:9c:37:39:f9:1d:2b:39:a0:24:53:62:
17:9f:57:5d:a4:9f:f7:96:70:74:a9:c5:e5:30:9b:
68:e7:d6:bf:94:05:34:18:bf:3d:ce:1d:1e:b6:90:
bf:c3:fc:ef:d1:31:5b:57:c8:b9:9c:34:0e:c6:70:
25:c3:63:a8:9e:e9:e5:7f:6c:0b:50:07:aa:be:40:
09:25:f4:ab:03:9d:63:ed:64:15:93:1e:0e:b8:e5:
c2:17:3a:25:d6:88:7e:b1:f4:bd:31:32:54:24:9c:
93:38:ff:45:bc:b5:32:1c:2d:51:4a:10:ff:ce:ee:
02:08:46:ed:20:1d:2d:b7:69:3a:8a:04:eb:48:0d:
7c:9a:87:c6:22:a6:69:6e:b9:cd:ae:98:29:03:ee:
17:8c:c6:a6:8c:f9:66:a0:c2:70:9a:8d:2e:af:e1:
1d:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:83:2A:4C:87:E4:DC:D1:91:53:51:02:8C:46:1C:D0:5C:D6:78:74
X509v3 Authority Key Identifier:
keyid:29:B7:93:80:FE:40:74:39:CC:2E:CD:3F:AC:18:15:7D:B3:6C:F7:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KbeTgP5AdDnMLs0_rBgVfbNs92g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/393842-e7ef-4893-9c1b-1e842118db6f/1/foMqTIfk3NGRU1ECjEYc0FzWeHQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/393842-e7ef-4893-9c1b-1e842118db6f/1/KbeTgP5AdDnMLs0_rBgVfbNs92g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.161.74.0/24
143.161.91.0-143.161.101.255
IPv6:
2a05:6747::/48
Signature Algorithm: sha256WithRSAEncryption
4e:93:f5:12:75:c9:ce:2c:2f:4b:d5:3e:ec:40:f5:70:c0:e3:
7c:d7:d1:a8:42:dc:29:96:ac:f6:e8:36:51:39:8d:c2:c0:bd:
25:c5:08:d7:ee:5e:53:4b:b2:7c:ff:d3:2f:6a:fa:d5:32:62:
ad:27:18:63:0d:2f:fa:68:ad:90:77:ae:61:bf:3a:d7:62:86:
9d:52:08:b7:50:37:df:46:e6:d5:3c:ad:35:94:fb:e8:47:ed:
83:a0:af:86:07:7b:ce:4a:2b:d1:49:d1:96:1e:b6:49:79:81:
16:0a:c4:32:0a:64:8a:4d:97:1f:32:27:36:9b:c7:b8:dd:40:
79:7a:98:f8:00:16:58:2a:21:bd:eb:0f:ec:38:b1:f2:50:e6:
62:95:ae:33:f5:a3:72:d5:ba:f8:4f:97:6c:c2:c3:86:59:46:
29:2b:b5:22:f2:18:27:77:f8:77:a2:72:ea:3f:ba:53:5c:c6:
76:b3:1f:c7:fd:29:df:5f:22:02:c7:33:09:62:d4:77:1e:ec:
38:ee:2e:10:10:e0:68:9e:4d:8a:99:3c:b3:2a:8b:bf:28:49:
13:f7:e6:d0:65:c3:3c:1b:e4:14:79:53:4f:a3:ce:5a:69:69:
de:77:f9:46:28:97:13:c7:4c:f7:28:43:39:f3:12:a1:4f:4a:
90:c3:59:ac
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAZQma/c0Z14vFzQdUIP8ov+ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5Yjc5MzgwZmU0MDc0MzljYzJlY2QzZmFjMTgxNTdkYjM2
Y2Y3NjgwHhcNMjUwMTAyMDk0OTU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTgzMmE0Yzg3ZTRkY2QxOTE1MzUxMDI4YzQ2MWNkMDVjZDY3ODc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4LLnMQxtCz0YNL+xiIAfyGDgpGx2
mAu9Zv+QYdkVRw8Rfwoz/dJjhgrlaUancZDdHmarELj6eLKUF2U+haWYQaaptfya
DDl7W1u33t8wKH3dg7GvObl0h27tpJxUnDc5+R0rOaAkU2IXn1ddpJ/3lnB0qcXl
MJto59a/lAU0GL89zh0etpC/w/zv0TFbV8i5nDQOxnAlw2Oonunlf2wLUAeqvkAJ
JfSrA51j7WQVkx4OuOXCFzol1oh+sfS9MTJUJJyTOP9FvLUyHC1RShD/zu4CCEbt
IB0tt2k6igTrSA18mofGIqZpbrnNrpgpA+4XjMamjPlmoMJwmo0ur+EdAwIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFH6DKkyH5NzRkVNRAoxGHNBc1nh0MB8GA1UdIwQY
MBaAFCm3k4D+QHQ5zC7NP6wYFX2zbPdoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2JlVGdQNUFkRG5NTHMwX3JCZ1ZmYk5zOTJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8zOTM4NDItZTdlZi00ODkzLTljMWIt
MWU4NDIxMThkYjZmLzEvZm9NcVRJZmszTkdSVTFFQ2pFWWMwRnpXZUhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi8zOTM4NDItZTdlZi00ODkzLTljMWItMWU4NDIxMThkYjZm
LzEvS2JlVGdQNUFkRG5NTHMwX3JCZ1ZmYk5zOTJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAaBAIAATAUAwQAj6FKMAwD
BACPoVsDBAGPoWQwDwQCAAIwCQMHACoFZ0cAADANBgkqhkiG9w0BAQsFAAOCAQEA
TpP1EnXJziwvS9U+7ED1cMDjfNfRqELcKZas9ug2UTmNwsC9JcUI1+5eU0uyfP/T
L2r61TJirScYYw0v+mitkHeuYb8612KGnVIIt1A330bm1TytNZT76Eftg6Cvhgd7
zkor0UnRlh62SXmBFgrEMgpkik2XHzInNpvHuN1AeXqY+AAWWCohvesP7Dix8lDm
YpWuM/WjctW6+E+XbMLDhllGKSu1IvIYJ3f4d6Jy6j+6U1zGdrMfx/0p318iAscz
CWLUdx7sOO4uEBDgaJ5Nipk8syqLvyhJE/fm0GXDPBvkFHlTT6POWmlp3nf5RiiX
E8dM9yhDOfMSoU9KkMNZrA==
-----END CERTIFICATE-----
Generated at Tue Apr 15 12:59:58 2025 by rpki-client