Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/o-SOog9i7KjagK-xLQMzdBwxh9g.roa
File: o-SOog9i7KjagK-xLQMzdBwxh9g.roa (raw, json)
Hash identifier: rBFSEjBMS+W3HVgLwD4ih15aIhZ6uAzHYeypxM1APoI=
Subject key identifier: A3:E4:8E:A2:0F:62:EC:A8:DA:80:AF:B1:2D:03:33:74:1C:31:87:D8
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0195EAA70A08D976E3CF74E4B0044270300C
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/o-SOog9i7KjagK-xLQMzdBwxh9g.roa
Signing time: Mon 31 Mar 2025 05:22:50 +0000
ROA not before: Mon 31 Mar 2025 05:22:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214998
IP address blocks: 85.202.203.0/24 maxlen: 24
194.50.94.0/24 maxlen: 24
2a0e:97c1::/40 maxlen: 48
2a10:2f00:167::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 11 Apr 2025 15:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ea:a7:0a:08:d9:76:e3:cf:74:e4:b0:04:42:70:30:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Mar 31 05:22:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a3e48ea20f62eca8da80afb12d0333741c3187d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:e2:ba:31:7a:8e:15:ca:9b:94:5b:c2:39:da:
45:fc:72:a6:e1:09:16:d2:5c:a2:7e:3d:04:60:6f:
99:15:68:80:40:50:06:2b:d2:66:d2:1b:c7:0a:d9:
4d:1f:30:35:6a:d2:ee:d2:10:d8:8f:d4:9a:d0:82:
16:6a:32:50:8a:22:63:47:7f:36:3b:d8:ef:b9:0b:
a0:c3:e5:31:3f:57:1c:d5:50:f8:9c:d9:2f:69:12:
ec:93:99:6e:f2:c4:b1:58:15:99:24:13:56:db:3a:
5b:8f:67:c8:a0:3e:3e:1c:dd:5c:30:04:6e:95:86:
cb:86:59:60:35:19:68:dd:3a:b8:54:14:6e:41:e0:
ba:f3:e3:9a:66:e1:23:08:01:a5:96:be:d8:a9:02:
dd:98:79:c0:e8:26:bb:fb:8f:57:c8:22:80:69:14:
b6:e3:8b:74:ba:2e:9d:69:7b:fe:c8:cb:4f:52:e7:
f0:9a:b0:24:62:3b:f8:f9:91:ee:5d:56:d5:b3:16:
61:a2:64:03:d1:73:02:68:69:49:2b:87:91:64:e8:
01:7c:3b:37:f7:e9:df:54:72:d5:41:b4:d3:67:fd:
e5:1f:5a:44:58:bc:44:be:67:f8:e6:5f:ce:43:b0:
3e:2c:7e:36:bb:f4:a1:2b:aa:9d:e6:c8:4f:5f:68:
af:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:E4:8E:A2:0F:62:EC:A8:DA:80:AF:B1:2D:03:33:74:1C:31:87:D8
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/o-SOog9i7KjagK-xLQMzdBwxh9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.202.203.0/24
194.50.94.0/24
IPv6:
2a0e:97c1::/40
2a10:2f00:167::/48
Signature Algorithm: sha256WithRSAEncryption
b9:6a:33:ef:f8:72:b7:2f:f5:0a:0d:62:f7:2d:6c:5b:70:65:
ac:17:2e:72:c6:14:88:65:e4:f5:2a:fc:e3:f1:23:c0:0f:aa:
9c:92:3f:f6:9f:64:d7:0f:f6:ff:38:48:19:15:5f:4d:2d:10:
66:34:09:66:c4:d3:a4:41:f9:51:d4:9d:02:5f:2e:fc:8e:3c:
dc:85:29:e8:b4:55:a3:2d:01:72:5d:96:2c:f2:5b:38:51:14:
77:8f:8b:cf:0b:15:c3:5e:8c:41:fb:65:20:72:10:43:19:39:
8b:8c:c3:22:c7:05:3b:1b:52:fb:65:6a:bc:f9:bb:7e:aa:52:
ec:93:bb:2c:a0:a6:21:f2:97:c9:f9:af:33:89:0c:b1:82:49:
9a:f5:87:c0:05:66:47:f2:dc:2e:a8:42:1a:d5:b2:ae:d8:e2:
9a:23:05:c8:e3:51:98:59:54:09:16:3b:04:dc:60:b3:fe:b7:
c5:67:d2:ca:a4:93:cd:06:58:19:a4:ec:de:f4:40:76:2f:4d:
ff:e0:ee:60:1f:45:59:78:e3:83:41:e7:b6:40:65:f3:72:92:
e6:f0:44:e4:1b:3f:f6:82:29:68:bd:69:32:7f:26:93:12:9f:
f8:f6:77:84:c9:95:7f:34:59:c1:ce:db:e2:1f:6f:4d:6d:40:
98:8b:f4:2d
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAZXqpwoI2Xbjz3TksARCcDAMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMzMxMDUyMjUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2U0OGVhMjBmNjJlY2E4ZGE4MGFmYjEyZDAzMzM3NDFjMzE4N2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnOK6MXqOFcqblFvCOdpF/HKm4QkW
0lyifj0EYG+ZFWiAQFAGK9Jm0hvHCtlNHzA1atLu0hDYj9Sa0IIWajJQiiJjR382
O9jvuQugw+UxP1cc1VD4nNkvaRLsk5lu8sSxWBWZJBNW2zpbj2fIoD4+HN1cMARu
lYbLhllgNRlo3Tq4VBRuQeC68+OaZuEjCAGllr7YqQLdmHnA6Ca7+49XyCKAaRS2
44t0ui6daXv+yMtPUufwmrAkYjv4+ZHuXVbVsxZhomQD0XMCaGlJK4eRZOgBfDs3
9+nfVHLVQbTTZ/3lH1pEWLxEvmf45l/OQ7A+LH42u/ShK6qd5shPX2ivVQIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFKPkjqIPYuyo2oCvsS0DM3QcMYfYMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvby1TT29nOWk3S2phZ0steExRTXpkQnd4aDlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTASBAIAATAMAwQAVcrLAwQA
wjJeMBcEAgACMBEDBgAqDpfBAAMHACoQLwABZzANBgkqhkiG9w0BAQsFAAOCAQEA
uWoz7/hyty/1Cg1i9y1sW3BlrBcucsYUiGXk9Sr84/EjwA+qnJI/9p9k1w/2/zhI
GRVfTS0QZjQJZsTTpEH5UdSdAl8u/I483IUp6LRVoy0Bcl2WLPJbOFEUd4+LzwsV
w16MQftlIHIQQxk5i4zDIscFOxtS+2VqvPm7fqpS7JO7LKCmIfKXyfmvM4kMsYJJ
mvWHwAVmR/LcLqhCGtWyrtjimiMFyONRmFlUCRY7BNxgs/63xWfSyqSTzQZYGaTs
3vRAdi9N/+DuYB9FWXjjg0HntkBl83KS5vBE5Bs/9oIpaL1pMn8mkxKf+PZ3hMmV
fzRZwc7b4h9vTW1AmIv0LQ==
-----END CERTIFICATE-----
Generated at Thu Apr 10 19:36:17 2025 by rpki-client