Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/fKLK9rPgnDMNKJ4CDJCBsgutwWk.roa
File: fKLK9rPgnDMNKJ4CDJCBsgutwWk.roa (raw, json)
Hash identifier: omQkGwEb+pneCrcfyAJFAdRPoAU/KRA7KYvc0i6Mo1U=
Subject key identifier: 7C:A2:CA:F6:B3:E0:9C:33:0D:28:9E:02:0C:90:81:B2:0B:AD:C1:69
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 01942827BF663435682BDE319014D7468FF2
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/fKLK9rPgnDMNKJ4CDJCBsgutwWk.roa
Signing time: Thu 02 Jan 2025 17:54:41 +0000
ROA not before: Thu 02 Jan 2025 17:54:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49857
IP address blocks: 87.229.101.0/24 maxlen: 24
87.229.119.0/24 maxlen: 24
178.238.216.0/24 maxlen: 24
178.238.217.0/24 maxlen: 24
2a02:730:5000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.mft
rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 16:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:bf:66:34:35:68:2b:de:31:90:14:d7:46:8f:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Jan 2 17:54:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7ca2caf6b3e09c330d289e020c9081b20badc169
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:3b:c6:6e:ba:db:ad:63:8d:4b:36:4b:07:63:
92:81:9c:03:54:cc:06:a3:a9:8e:49:83:c4:53:06:
76:00:5b:12:cd:ce:78:73:86:10:0d:ac:5b:28:24:
47:d0:bf:fe:8a:d1:f6:e1:31:82:ff:b0:c0:93:25:
15:90:a7:49:57:a1:bd:cd:f1:a5:be:0c:22:d0:3e:
6e:c2:0d:28:27:dd:9b:53:fe:c7:a4:07:ee:71:91:
53:6a:f9:b3:8e:5a:39:e0:37:45:22:29:06:12:d1:
c9:f5:39:27:51:44:08:e6:4a:c9:4d:9c:c0:ec:bb:
2e:35:ce:25:b4:d5:5b:ad:83:40:6e:d9:7e:f0:3b:
c1:52:51:86:5b:f3:01:7b:e2:26:1e:d6:cf:1e:02:
bd:73:1c:3d:4d:a3:be:55:f4:7e:85:e4:f6:f2:37:
2c:fa:2a:4e:4b:9f:1f:6f:c9:52:a6:35:e3:40:90:
98:f8:94:36:05:b0:9a:1c:4a:bb:ba:c9:7a:23:fa:
5b:78:76:07:9e:b1:11:be:af:34:70:0f:36:59:65:
75:8d:da:35:15:ae:20:24:2a:5a:7a:2a:24:a7:2a:
9b:ce:7b:45:c0:6d:2b:77:f8:74:b0:fa:fb:aa:f6:
a7:b2:13:7b:30:04:f6:ef:6c:4d:2c:f8:95:f0:c0:
0e:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:A2:CA:F6:B3:E0:9C:33:0D:28:9E:02:0C:90:81:B2:0B:AD:C1:69
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/fKLK9rPgnDMNKJ4CDJCBsgutwWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.229.101.0/24
87.229.119.0/24
178.238.216.0/23
IPv6:
2a02:730:5000::/48
Signature Algorithm: sha256WithRSAEncryption
22:17:25:7c:24:d9:2f:96:4d:bd:44:0b:ea:0a:99:46:ed:6a:
b1:bb:48:52:7c:c5:3f:fc:69:98:fa:1f:06:52:e4:d3:5e:89:
79:e4:e5:0e:45:a6:58:d7:e0:6d:2a:0b:4f:f3:66:4f:69:53:
e3:6e:77:5c:89:3c:47:63:8b:0c:96:af:e2:7f:2f:4f:76:87:
aa:7b:65:19:80:cd:ac:9f:04:13:07:25:a9:1b:c6:97:ee:05:
e0:bf:14:a9:3d:ff:7a:77:70:ed:a6:21:72:6d:81:c1:a0:37:
3a:2c:bf:95:ff:bb:7c:2d:3c:ee:f4:1d:d4:aa:87:06:94:69:
23:8c:91:ad:2c:04:47:50:4e:15:dc:1d:4d:29:78:43:b3:5d:
81:67:f2:d2:87:32:e7:e8:86:c1:70:ec:33:a9:fd:4b:e7:9b:
2e:57:87:b8:0e:b1:5d:19:a8:0b:21:a5:b9:a5:70:5e:66:86:
9f:d9:f6:ba:5c:ee:04:60:16:bd:53:29:91:0c:fd:fb:3a:4f:
f2:83:45:eb:be:b2:ed:49:3c:eb:3a:3e:6e:4b:98:9d:2b:fb:
d5:e8:1e:55:9a:57:72:14:95:cc:d4:cb:20:dc:5c:46:63:63:
92:18:3b:42:b3:e5:51:95:4d:ad:b3:51:34:58:c3:76:6d:4f:
43:d1:9d:9d
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZQoJ79mNDVoK94xkBTXRo/yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjUwMTAyMTc1NDQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2EyY2FmNmIzZTA5YzMzMGQyODllMDIwYzkwODFiMjBiYWRjMTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwjvGbrrbrWONSzZLB2OSgZwDVMwG
o6mOSYPEUwZ2AFsSzc54c4YQDaxbKCRH0L/+itH24TGC/7DAkyUVkKdJV6G9zfGl
vgwi0D5uwg0oJ92bU/7HpAfucZFTavmzjlo54DdFIikGEtHJ9TknUUQI5krJTZzA
7LsuNc4ltNVbrYNAbtl+8DvBUlGGW/MBe+ImHtbPHgK9cxw9TaO+VfR+heT28jcs
+ipOS58fb8lSpjXjQJCY+JQ2BbCaHEq7usl6I/pbeHYHnrERvq80cA82WWV1jdo1
Fa4gJCpaeiokpyqbzntFwG0rd/h0sPr7qvanshN7MAT272xNLPiV8MAO7wIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFHyiyvaz4JwzDSieAgyQgbILrcFpMB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvZktMSzlyUGduRE1OS0o0Q0RKQ0JzZ3V0d1drLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAV+VlAwQA
V+V3AwQBsu7YMA8EAgACMAkDBwAqAgcwUAAwDQYJKoZIhvcNAQELBQADggEBACIX
JXwk2S+WTb1EC+oKmUbtarG7SFJ8xT/8aZj6HwZS5NNeiXnk5Q5FpljX4G0qC0/z
Zk9pU+Nud1yJPEdjiwyWr+J/L092h6p7ZRmAzayfBBMHJakbxpfuBeC/FKk9/3p3
cO2mIXJtgcGgNzosv5X/u3wtPO70HdSqhwaUaSOMka0sBEdQThXcHU0peEOzXYFn
8tKHMufohsFw7DOp/Uvnmy5Xh7gOsV0ZqAshpbmlcF5mhp/Z9rpc7gRgFr1TKZEM
/fs6T/KDReu+su1JPOs6Pm5LmJ0r+9XoHlWaV3IUlczUyyDcXEZjY5IYO0Kz5VGV
Ta2zUTRYw3ZtT0PRnZ0=
-----END CERTIFICATE-----
Generated at Mon Apr 7 01:12:56 2025 by rpki-client