Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/c253e3-4133-4a16-9061-b79cfc24d3b7/1/1-4EUUJ60y6tCuL7fMYLuUTMussI.roa
File: 1-4EUUJ60y6tCuL7fMYLuUTMussI.roa (raw, json)
Hash identifier: ZCZ3I6CzJy+9WHfI/N/oUofNXCUICsdPSdQOOtiTJMs=
Subject key identifier: FB:81:14:50:9E:B4:CB:AB:42:B8:BE:DF:31:82:EE:51:33:2E:B2:C2
Certificate issuer: /CN=d6c269f9e93b0fb8bc4b1c947abc5b21f21f2305
Certificate serial: 019420D616C882F07778F1B8145FD54C8530
Authority key identifier: D6:C2:69:F9:E9:3B:0F:B8:BC:4B:1C:94:7A:BC:5B:21:F2:1F:23:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1sJp-ek7D7i8SxyUerxbIfIfIwU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/c253e3-4133-4a16-9061-b79cfc24d3b7/1/1-4EUUJ60y6tCuL7fMYLuUTMussI.roa
Signing time: Wed 01 Jan 2025 07:48:08 +0000
ROA not before: Wed 01 Jan 2025 07:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12480
IP address blocks: 185.149.156.0/22 maxlen: 24
194.45.22.0/24 maxlen: 24
212.86.192.0/19 maxlen: 32
2a00:1970::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/c253e3-4133-4a16-9061-b79cfc24d3b7/1/1sJp-ek7D7i8SxyUerxbIfIfIwU.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/c253e3-4133-4a16-9061-b79cfc24d3b7/1/1sJp-ek7D7i8SxyUerxbIfIfIwU.mft
rsync://rpki.ripe.net/repository/DEFAULT/1sJp-ek7D7i8SxyUerxbIfIfIwU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:16:c8:82:f0:77:78:f1:b8:14:5f:d5:4c:85:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6c269f9e93b0fb8bc4b1c947abc5b21f21f2305
Validity
Not Before: Jan 1 07:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fb8114509eb4cbab42b8bedf3182ee51332eb2c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:b1:71:65:d9:6f:1f:c1:f1:e7:1b:8b:60:ff:
f3:57:45:3e:b0:85:7e:7f:8d:a4:a0:4e:b6:f4:8d:
05:be:dc:2f:c3:cd:a0:04:cf:47:e6:84:25:ff:34:
61:2d:e4:76:f2:d3:5b:38:42:d6:8b:92:e6:c7:b1:
7e:18:8c:67:b6:72:4b:bc:41:3c:2f:5c:6a:58:28:
99:0d:e5:d8:95:c7:56:c8:75:e8:cf:82:73:1a:ab:
9d:61:1b:03:8d:12:1e:c4:71:ed:58:78:1c:45:f3:
65:31:e2:18:7c:8a:b9:cd:e6:80:68:45:09:a3:e3:
6f:cf:89:7c:c6:90:ff:e6:8c:f4:b4:20:d0:d3:3e:
4d:35:9d:69:f8:93:7c:bc:2e:3d:a1:31:d0:49:56:
d1:df:a2:f2:6d:96:4b:2e:fc:2e:3c:33:6b:b0:27:
30:73:4a:3b:80:9c:43:ff:62:8c:c9:8c:66:fe:64:
b2:8c:79:16:c3:7f:af:c8:c9:12:9a:af:c9:d8:ee:
79:10:7a:c2:e2:a5:cd:61:f7:1d:3a:65:de:b5:5f:
3e:22:39:e2:c8:2a:8b:0f:93:16:e0:f9:b7:09:f3:
51:2c:c5:f1:d2:06:38:ef:b7:87:f2:d1:7e:a1:97:
20:d4:9e:b7:98:d5:d3:90:0a:2e:8a:3e:48:6b:74:
1f:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:81:14:50:9E:B4:CB:AB:42:B8:BE:DF:31:82:EE:51:33:2E:B2:C2
X509v3 Authority Key Identifier:
keyid:D6:C2:69:F9:E9:3B:0F:B8:BC:4B:1C:94:7A:BC:5B:21:F2:1F:23:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1sJp-ek7D7i8SxyUerxbIfIfIwU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/c253e3-4133-4a16-9061-b79cfc24d3b7/1/1-4EUUJ60y6tCuL7fMYLuUTMussI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/c253e3-4133-4a16-9061-b79cfc24d3b7/1/1sJp-ek7D7i8SxyUerxbIfIfIwU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.149.156.0/22
194.45.22.0/24
212.86.192.0/19
IPv6:
2a00:1970::/32
Signature Algorithm: sha256WithRSAEncryption
66:65:b4:99:33:b8:36:16:44:a5:89:7c:0a:51:f4:e7:9b:33:
0f:fc:b2:6d:65:5c:22:44:40:88:f3:85:73:fa:5b:ce:3e:6a:
9f:a0:e0:a7:6b:0b:86:50:2e:79:00:fc:d9:66:53:a9:ce:92:
a5:a1:f7:67:c8:47:e7:ae:7e:83:4c:e5:f9:6b:8d:5f:7b:b3:
39:94:ce:71:3b:78:8c:cf:51:c3:ed:65:82:1c:89:b9:f4:68:
34:c0:47:e9:83:cd:11:f3:0f:c1:70:98:6a:51:29:dc:f8:33:
9d:0a:ac:ff:21:28:d2:4e:76:79:6f:d6:49:00:38:f2:75:89:
d6:e6:1e:4a:b7:d5:51:af:db:39:a7:9e:f4:cd:bc:9d:94:0b:
ee:ba:d1:57:d6:50:a2:dc:bd:59:ee:f6:b0:90:18:a5:7c:90:
c5:71:84:b7:49:f1:69:b1:f3:f9:4d:23:8c:cb:cb:a0:61:b2:
87:6f:de:df:6f:0d:31:77:ce:05:66:e7:ee:84:dd:01:be:c5:
aa:90:1c:18:d4:2c:f8:21:b2:4c:10:1b:cd:43:2d:c7:bf:50:
f2:43:7c:91:f0:38:4e:b9:7a:a1:21:de:17:8c:34:74:99:45:
5b:89:2e:3c:87:a0:02:16:94:1e:e9:40:70:45:4e:7a:a8:a4:
53:48:fd:3f
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQg1hbIgvB3ePG4FF/VTIUwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2YzI2OWY5ZTkzYjBmYjhiYzRiMWM5NDdhYmM1YjIxZjIx
ZjIzMDUwHhcNMjUwMTAxMDc0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjgxMTQ1MDllYjRjYmFiNDJiOGJlZGYzMTgyZWU1MTMzMmViMmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwrFxZdlvH8Hx5xuLYP/zV0U+sIV+
f42koE629I0Fvtwvw82gBM9H5oQl/zRhLeR28tNbOELWi5Lmx7F+GIxntnJLvEE8
L1xqWCiZDeXYlcdWyHXoz4JzGqudYRsDjRIexHHtWHgcRfNlMeIYfIq5zeaAaEUJ
o+Nvz4l8xpD/5oz0tCDQ0z5NNZ1p+JN8vC49oTHQSVbR36LybZZLLvwuPDNrsCcw
c0o7gJxD/2KMyYxm/mSyjHkWw3+vyMkSmq/J2O55EHrC4qXNYfcdOmXetV8+Ijni
yCqLD5MW4Pm3CfNRLMXx0gY477eH8tF+oZcg1J63mNXTkAouij5Ia3QfPQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFPuBFFCetMurQri+3zGC7lEzLrLCMB8GA1UdIwQY
MBaAFNbCafnpOw+4vEsclHq8WyHyHyMFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXNKcC1lazdEN2k4U3h5VWVyeGJJZklmSXdVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9jMjUzZTMtNDEzMy00YTE2LTkwNjEt
Yjc5Y2ZjMjRkM2I3LzEvMS00RVVVSjYweTZ0Q3VMN2ZNWUx1VVRNdXNzSS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTcvYzI1M2UzLTQxMzMtNGExNi05MDYxLWI3OWNmYzI0ZDNi
Ny8xLzFzSnAtZWs3RDdpOFN4eVVlcnhiSWZJZkl3VS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA6BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEArmVnAME
AMItFgMEBdRWwDANBAIAAjAHAwUAKgAZcDANBgkqhkiG9w0BAQsFAAOCAQEAZmW0
mTO4NhZEpYl8ClH055szD/yybWVcIkRAiPOFc/pbzj5qn6Dgp2sLhlAueQD82WZT
qc6SpaH3Z8hH565+g0zl+WuNX3uzOZTOcTt4jM9Rw+1lghyJufRoNMBH6YPNEfMP
wXCYalEp3PgznQqs/yEo0k52eW/WSQA48nWJ1uYeSrfVUa/bOaee9M28nZQL7rrR
V9ZQoty9We72sJAYpXyQxXGEt0nxabHz+U0jjMvLoGGyh2/e328NMXfOBWbn7oTd
Ab7FqpAcGNQs+CGyTBAbzUMtx79Q8kN8kfA4Trl6oSHeF4w0dJlFW4kuPIegAhaU
HulAcEVOeqikU0j9Pw==
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:56:04 2025 by rpki-client