Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/3799fa-9db9-4fc8-8fd6-2d9e99f4722c/1/fDOjbGC7SXuBR1WvGEj8iP8Gi68.roa
File: fDOjbGC7SXuBR1WvGEj8iP8Gi68.roa (raw, json)
Hash identifier: hI6uFXxiWou3BV634T4h3OJSDdh6qUObBj238tGqfTQ=
Subject key identifier: 7C:33:A3:6C:60:BB:49:7B:81:47:55:AF:18:48:FC:88:FF:06:8B:AF
Certificate issuer: /CN=0ac98267a5db26c65e41e646648f1016636e544e
Certificate serial: 01942747A8CEC93CF482953BCC390F37AFF1
Authority key identifier: 0A:C9:82:67:A5:DB:26:C6:5E:41:E6:46:64:8F:10:16:63:6E:54:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CsmCZ6XbJsZeQeZGZI8QFmNuVE4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/3799fa-9db9-4fc8-8fd6-2d9e99f4722c/1/fDOjbGC7SXuBR1WvGEj8iP8Gi68.roa
Signing time: Thu 02 Jan 2025 13:49:55 +0000
ROA not before: Thu 02 Jan 2025 13:49:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203457
IP address blocks: 185.132.136.0/22 maxlen: 23
185.132.136.0/23 maxlen: 23
185.132.138.0/23 maxlen: 23
2a03:a320::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/3799fa-9db9-4fc8-8fd6-2d9e99f4722c/1/CsmCZ6XbJsZeQeZGZI8QFmNuVE4.crl
rsync://rpki.ripe.net/repository/DEFAULT/50/3799fa-9db9-4fc8-8fd6-2d9e99f4722c/1/CsmCZ6XbJsZeQeZGZI8QFmNuVE4.mft
rsync://rpki.ripe.net/repository/DEFAULT/CsmCZ6XbJsZeQeZGZI8QFmNuVE4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 22:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:a8:ce:c9:3c:f4:82:95:3b:cc:39:0f:37:af:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ac98267a5db26c65e41e646648f1016636e544e
Validity
Not Before: Jan 2 13:49:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7c33a36c60bb497b814755af1848fc88ff068baf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:1a:3a:d5:7d:cd:50:33:00:ad:17:96:e1:e6:
1b:0f:a2:6a:29:eb:08:f0:df:91:32:f2:27:e3:f9:
7f:98:dd:2f:7f:c4:98:79:17:9c:98:c2:19:d1:e8:
1c:11:fb:b5:4a:a3:5e:3f:e1:fe:bf:d8:c7:9e:0e:
66:7b:c9:27:df:63:6f:7a:2f:9f:26:41:15:8c:f5:
59:48:96:69:fe:05:53:d2:13:3d:33:e8:e8:62:89:
01:06:16:cb:da:7f:73:51:0b:7c:87:0a:6d:5b:3a:
f7:02:8b:89:51:64:96:65:f8:fd:0d:66:2b:93:d6:
ee:34:30:1e:ca:17:b3:13:da:be:1f:dd:44:aa:27:
31:e6:58:d6:3e:1b:8f:70:58:39:5d:37:d2:10:6f:
3b:78:d0:0c:0b:d1:7f:d6:cc:29:30:f3:8e:86:c6:
48:3c:41:c5:1e:0c:c8:b2:77:9c:49:22:6b:0b:c4:
4a:a6:72:32:5e:95:35:3b:32:4f:65:8f:0f:0e:7e:
36:35:81:7e:e5:40:3b:82:1b:2c:59:25:01:68:e5:
42:37:de:58:69:0e:67:ba:de:ed:06:cf:96:b6:62:
95:6a:4c:da:77:61:f0:f2:8e:6e:78:01:99:98:c9:
d5:ce:e8:7a:a0:6f:08:42:7d:24:8b:45:05:4d:68:
11:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:33:A3:6C:60:BB:49:7B:81:47:55:AF:18:48:FC:88:FF:06:8B:AF
X509v3 Authority Key Identifier:
keyid:0A:C9:82:67:A5:DB:26:C6:5E:41:E6:46:64:8F:10:16:63:6E:54:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CsmCZ6XbJsZeQeZGZI8QFmNuVE4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/3799fa-9db9-4fc8-8fd6-2d9e99f4722c/1/fDOjbGC7SXuBR1WvGEj8iP8Gi68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/3799fa-9db9-4fc8-8fd6-2d9e99f4722c/1/CsmCZ6XbJsZeQeZGZI8QFmNuVE4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.132.136.0/22
IPv6:
2a03:a320::/32
Signature Algorithm: sha256WithRSAEncryption
90:0e:2d:4b:e1:42:b1:a6:40:6c:2f:6c:9a:4d:6c:f7:ea:b6:
2a:40:10:bd:b1:4b:2d:40:64:e9:3c:b0:ff:f0:26:c8:4d:9b:
8c:26:1a:2a:32:0b:46:ef:64:99:00:f0:41:b7:65:48:a7:1d:
7b:ad:d9:ba:33:13:b2:d2:71:f4:df:04:18:2d:6d:fc:06:74:
01:9a:bc:44:5d:71:87:f2:59:49:25:80:fb:be:2a:f9:d0:fc:
26:af:ce:b2:52:13:1b:ff:d3:2d:d3:01:d8:3e:d0:f5:32:8c:
12:73:9c:31:9c:6e:bb:ff:cf:b6:2a:9c:29:dc:b7:f8:19:56:
a5:f2:7e:c4:48:03:50:95:64:ab:a9:af:9f:08:89:aa:49:9b:
e2:65:11:76:97:f4:4d:68:ca:67:9e:2b:82:e1:95:35:fa:b7:
74:26:17:39:03:66:a1:b4:79:e4:cb:16:fd:42:d1:7e:4f:75:
45:39:dd:25:ad:9d:ee:dc:28:79:37:99:3a:c5:7b:08:73:2e:
9e:df:c9:0a:b2:bb:8b:15:98:61:ad:89:da:50:e7:d3:3a:06:
e7:c7:1e:8e:e9:96:a7:2b:c2:f4:4e:9d:cf:9e:7f:55:70:5f:
92:75:5d:26:63:6f:60:52:3c:9c:2b:1d:2e:50:11:42:a6:fa:
b4:db:31:54
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQnR6jOyTz0gpU7zDkPN6/xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhYzk4MjY3YTVkYjI2YzY1ZTQxZTY0NjY0OGYxMDE2NjM2
ZTU0NGUwHhcNMjUwMTAyMTM0OTU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzMzYTM2YzYwYmI0OTdiODE0NzU1YWYxODQ4ZmM4OGZmMDY4YmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxo61X3NUDMArReW4eYbD6JqKesI
8N+RMvIn4/l/mN0vf8SYeRecmMIZ0egcEfu1SqNeP+H+v9jHng5me8kn32Nvei+f
JkEVjPVZSJZp/gVT0hM9M+joYokBBhbL2n9zUQt8hwptWzr3AouJUWSWZfj9DWYr
k9buNDAeyhezE9q+H91Eqicx5ljWPhuPcFg5XTfSEG87eNAMC9F/1swpMPOOhsZI
PEHFHgzIsnecSSJrC8RKpnIyXpU1OzJPZY8PDn42NYF+5UA7ghssWSUBaOVCN95Y
aQ5nut7tBs+WtmKVakzad2Hw8o5ueAGZmMnVzuh6oG8IQn0ki0UFTWgR4wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHwzo2xgu0l7gUdVrxhI/Ij/BouvMB8GA1UdIwQY
MBaAFArJgmel2ybGXkHmRmSPEBZjblROMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3NtQ1o2WGJKc1plUWVaR1pJOFFGbU51VkU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8zNzk5ZmEtOWRiOS00ZmM4LThmZDYt
MmQ5ZTk5ZjQ3MjJjLzEvZkRPamJHQzdTWHVCUjFXdkdFajhpUDhHaTY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8zNzk5ZmEtOWRiOS00ZmM4LThmZDYtMmQ5ZTk5ZjQ3MjJj
LzEvQ3NtQ1o2WGJKc1plUWVaR1pJOFFGbU51VkU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYSIMA0E
AgACMAcDBQAqA6MgMA0GCSqGSIb3DQEBCwUAA4IBAQCQDi1L4UKxpkBsL2yaTWz3
6rYqQBC9sUstQGTpPLD/8CbITZuMJhoqMgtG72SZAPBBt2VIpx17rdm6MxOy0nH0
3wQYLW38BnQBmrxEXXGH8llJJYD7vir50Pwmr86yUhMb/9Mt0wHYPtD1MowSc5wx
nG67/8+2Kpwp3Lf4GVal8n7ESANQlWSrqa+fCImqSZviZRF2l/RNaMpnniuC4ZU1
+rd0Jhc5A2ahtHnkyxb9QtF+T3VFOd0lrZ3u3Ch5N5k6xXsIcy6e38kKsruLFZhh
rYnaUOfTOgbnxx6O6ZanK8L0Tp3Pnn9VcF+SdV0mY29gUjycKx0uUBFCpvq02zFU
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:58:35 2025 by rpki-client