Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/0OeAqS6vX3gO6vvCqqj93y9hg-0.roa
File: 0OeAqS6vX3gO6vvCqqj93y9hg-0.roa (raw, json)
Hash identifier: 4e6GVSZZmDnDLgJOl3djtnEbqT5lDhaJq4dAZ/qU/lk=
Subject key identifier: D0:E7:80:A9:2E:AF:5F:78:0E:EA:FB:C2:AA:A8:FD:DF:2F:61:83:ED
Certificate issuer: /CN=faccbb72aa9884a5bf8d0e757404a17e5e23322c
Certificate serial: 01942522387C33B1C2FD14C09790D1CFA826
Authority key identifier: FA:CC:BB:72:AA:98:84:A5:BF:8D:0E:75:74:04:A1:7E:5E:23:32:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-sy7cqqYhKW_jQ51dAShfl4jMiw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/0OeAqS6vX3gO6vvCqqj93y9hg-0.roa
Signing time: Thu 02 Jan 2025 03:49:47 +0000
ROA not before: Thu 02 Jan 2025 03:49:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205473
IP address blocks: 212.126.113.0/24 maxlen: 24
212.126.114.0/24 maxlen: 24
212.126.116.0/24 maxlen: 24
212.126.126.0/24 maxlen: 24
2a04:2dc0:1d::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/1-sy7cqqYhKW_jQ51dAShfl4jMiw.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/1-sy7cqqYhKW_jQ51dAShfl4jMiw.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-sy7cqqYhKW_jQ51dAShfl4jMiw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 09:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:38:7c:33:b1:c2:fd:14:c0:97:90:d1:cf:a8:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=faccbb72aa9884a5bf8d0e757404a17e5e23322c
Validity
Not Before: Jan 2 03:49:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d0e780a92eaf5f780eeafbc2aaa8fddf2f6183ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:bd:8b:bc:d8:e6:90:fe:14:1b:0c:56:3c:6e:
fe:ff:ae:3f:73:a9:bd:c5:09:00:75:ac:1c:b0:2b:
e8:dd:75:75:33:b5:72:a0:0e:42:75:96:4f:2e:b7:
46:ca:12:85:99:58:c9:6d:70:2b:bc:f7:27:7b:ad:
8c:bb:1d:34:d1:93:90:f9:53:9a:45:13:7a:f6:1c:
8c:8a:d9:89:60:1e:8b:f2:99:82:8e:5b:c5:9a:d6:
69:f7:86:6e:76:1e:8e:d4:50:dc:54:b9:1a:58:e5:
e2:22:65:26:72:f0:53:6f:2f:2c:a0:d3:0b:e3:77:
41:03:f2:fe:0e:0d:4c:6d:22:be:17:80:f2:e5:1d:
3c:75:22:7e:e2:bc:d1:05:f4:2d:a6:70:b1:7b:d0:
e6:26:a7:31:85:d7:f7:ab:64:70:cc:24:fd:98:07:
b7:50:a3:85:01:12:07:0d:a4:4d:ef:89:ff:94:51:
a4:d7:f6:a9:da:a5:38:9c:f4:79:1c:d0:7d:b8:55:
5b:29:fe:1d:24:53:8c:cd:72:62:c8:da:ff:34:1a:
eb:e1:38:39:ea:2e:86:17:05:7c:74:64:60:59:dd:
85:02:84:42:6a:56:46:57:1e:be:a2:41:2c:cd:63:
2c:19:07:9b:d1:30:87:ce:92:72:92:15:3d:c1:12:
72:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:E7:80:A9:2E:AF:5F:78:0E:EA:FB:C2:AA:A8:FD:DF:2F:61:83:ED
X509v3 Authority Key Identifier:
keyid:FA:CC:BB:72:AA:98:84:A5:BF:8D:0E:75:74:04:A1:7E:5E:23:32:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-sy7cqqYhKW_jQ51dAShfl4jMiw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/0OeAqS6vX3gO6vvCqqj93y9hg-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/1-sy7cqqYhKW_jQ51dAShfl4jMiw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.126.113.0-212.126.114.255
212.126.116.0/24
212.126.126.0/24
IPv6:
2a04:2dc0:1d::/48
Signature Algorithm: sha256WithRSAEncryption
04:79:ac:b4:82:9a:f8:a6:d7:ca:80:d3:f3:82:7e:e4:6d:37:
b1:52:ad:02:9e:fe:19:aa:62:f9:a5:45:e5:d2:8c:66:a1:79:
7e:b8:ba:91:34:b5:b0:e7:8d:97:45:65:71:51:51:8d:dd:b3:
ee:d6:4b:01:32:0f:cb:58:1e:8d:11:8f:4e:78:56:19:af:f9:
c9:3a:7d:b3:16:8e:f6:c7:66:7d:c6:f6:a1:26:1a:81:79:65:
e3:ea:4c:69:ea:94:d0:c7:a6:f6:6a:15:54:7c:27:1a:c7:77:
38:fc:64:01:f1:b7:a6:fd:c9:49:c5:4c:0a:7f:08:b0:e2:63:
87:0b:38:f2:74:42:25:6d:97:f6:81:82:62:39:49:5c:b3:b8:
cf:d2:ae:58:b9:1d:35:09:06:ef:1e:62:b5:56:f8:f9:99:77:
94:a6:0e:a1:e4:5f:d6:e3:a3:44:34:56:c0:f4:05:98:fa:14:
fa:7b:83:cc:8e:1c:cd:9f:5c:ea:64:32:e8:85:68:a7:45:10:
2f:0c:ac:8d:ff:84:d9:38:03:c1:28:77:7a:d8:6f:88:7f:9e:
e8:ee:10:ff:d2:82:59:52:25:48:26:af:d0:66:8b:b9:81:db:
95:4f:dd:37:d4:ff:04:c3:75:e4:e3:d9:62:f4:4e:eb:89:ee:
1a:41:ee:7e
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQlIjh8M7HC/RTAl5DRz6gmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhY2NiYjcyYWE5ODg0YTViZjhkMGU3NTc0MDRhMTdlNWUy
MzMyMmMwHhcNMjUwMTAyMDM0OTQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGU3ODBhOTJlYWY1Zjc4MGVlYWZiYzJhYWE4ZmRkZjJmNjE4M2VkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyL2LvNjmkP4UGwxWPG7+/64/c6m9
xQkAdawcsCvo3XV1M7VyoA5CdZZPLrdGyhKFmVjJbXArvPcne62Mux000ZOQ+VOa
RRN69hyMitmJYB6L8pmCjlvFmtZp94Zudh6O1FDcVLkaWOXiImUmcvBTby8soNML
43dBA/L+Dg1MbSK+F4Dy5R08dSJ+4rzRBfQtpnCxe9DmJqcxhdf3q2RwzCT9mAe3
UKOFARIHDaRN74n/lFGk1/ap2qU4nPR5HNB9uFVbKf4dJFOMzXJiyNr/NBrr4Tg5
6i6GFwV8dGRgWd2FAoRCalZGVx6+okEszWMsGQeb0TCHzpJykhU9wRJymwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFNDngKkur194Dur7wqqo/d8vYYPtMB8GA1UdIwQY
MBaAFPrMu3KqmISlv40OdXQEoX5eIzIsMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1zeTdjcXFZaEtXX2pRNTFkQVNoZmw0ak1pdy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTMvZThjYjQ0LWE5NTQtNDY3Mi1iOWE0
LWE0OWU1YzY2MzNiZC8xLzBPZUFxUzZ2WDNnTzZ2dkNxcWo5M3k5aGctMC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTMvZThjYjQ0LWE5NTQtNDY3Mi1iOWE0LWE0OWU1YzY2MzNi
ZC8xLzEtc3k3Y3FxWWhLV19qUTUxZEFTaGZsNGpNaXcuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwRAYIKwYBBQUHAQcBAf8ENTAzMCAEAgABMBowDAMEANR+
cQMEANR+cgMEANR+dAMEANR+fjAPBAIAAjAJAwcAKgQtwAAdMA0GCSqGSIb3DQEB
CwUAA4IBAQAEeay0gpr4ptfKgNPzgn7kbTexUq0Cnv4ZqmL5pUXl0oxmoXl+uLqR
NLWw542XRWVxUVGN3bPu1ksBMg/LWB6NEY9OeFYZr/nJOn2zFo72x2Z9xvahJhqB
eWXj6kxp6pTQx6b2ahVUfCcax3c4/GQB8bem/clJxUwKfwiw4mOHCzjydEIlbZf2
gYJiOUlcs7jP0q5YuR01CQbvHmK1Vvj5mXeUpg6h5F/W46NENFbA9AWY+hT6e4PM
jhzNn1zqZDLohWinRRAvDKyN/4TZOAPBKHd62G+If57o7hD/0oJZUiVIJq/QZou5
gduVT9031P8Ew3Xk49li9E7rie4aQe5+
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:18:49 2025 by rpki-client