Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/Oa9fZBvOqWy32dRz1PHBABUaIzQ.roa
File: Oa9fZBvOqWy32dRz1PHBABUaIzQ.roa (raw, json)
Hash identifier: MqkddHDHa8K73/9pilamdty/ggEfODhUuDZ7Ojixofw=
Subject key identifier: 39:AF:5F:64:1B:CE:A9:6C:B7:D9:D4:73:D4:F1:C1:00:15:1A:23:34
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0194258F9E1524C84CDBBFE267EF8DADF550
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/Oa9fZBvOqWy32dRz1PHBABUaIzQ.roa
Signing time: Thu 02 Jan 2025 05:49:16 +0000
ROA not before: Thu 02 Jan 2025 05:49:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43049
IP address blocks: 95.46.104.0/24 maxlen: 24
95.46.142.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:9e:15:24:c8:4c:db:bf:e2:67:ef:8d:ad:f5:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 05:49:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=39af5f641bcea96cb7d9d473d4f1c100151a2334
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:ae:5f:01:da:f1:2e:5b:7b:55:3e:64:2b:83:
be:b4:71:97:86:54:ac:38:57:48:4f:db:1c:e7:51:
34:26:7b:e5:17:23:35:76:a9:87:83:b3:26:a9:bd:
89:49:ce:12:f1:8e:f6:70:5d:95:fc:6c:88:e3:e9:
7d:7c:5e:2e:1f:3e:23:17:a6:25:55:94:e8:cf:fa:
9a:71:cf:d8:d4:8b:49:35:38:79:5c:5c:45:b3:cd:
66:68:1e:eb:36:11:e2:8a:13:4b:cb:35:3f:47:ab:
31:ac:61:e3:f3:13:b4:d5:03:1a:4a:09:62:ac:f8:
8c:70:7e:be:e1:89:fb:eb:40:70:3d:36:ff:57:68:
b9:d9:5c:f9:d7:20:c9:f0:ab:4d:52:dd:ee:21:20:
cf:90:fd:16:7d:8b:05:3f:9a:13:d7:7d:11:7c:07:
05:8b:84:4b:25:02:06:4a:59:e7:fd:48:c9:e9:4f:
42:49:78:8e:0b:4f:ee:56:56:18:fe:f3:21:ec:82:
24:b8:a2:56:9f:7c:da:e9:3b:9e:2e:61:b3:1f:ec:
9a:45:a5:52:2d:04:b1:a9:92:94:ac:51:1f:2b:3b:
eb:01:9d:bc:0e:02:29:e5:8b:c6:72:4e:df:c4:29:
eb:d6:e1:bd:f8:45:78:1e:71:fe:21:11:76:54:20:
3b:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:AF:5F:64:1B:CE:A9:6C:B7:D9:D4:73:D4:F1:C1:00:15:1A:23:34
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/Oa9fZBvOqWy32dRz1PHBABUaIzQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.46.104.0/24
95.46.142.0/24
Signature Algorithm: sha256WithRSAEncryption
51:30:fc:d8:4f:2a:10:cf:7c:2c:3a:1e:0f:8d:b1:a1:bc:fe:
62:62:03:9e:64:c2:60:1e:2a:93:f5:3a:67:f8:d9:0f:1b:b4:
8f:86:74:da:0c:cf:fc:f4:2c:1b:d8:95:2c:fe:eb:93:f0:33:
67:9f:65:9a:bc:c6:5b:62:71:70:08:ec:ca:4d:36:09:fd:fd:
ba:9d:0b:a2:04:87:42:00:0f:ab:ce:e7:8a:ae:63:cd:12:e0:
8f:84:c7:30:69:62:13:db:2f:21:ac:c8:66:f2:c0:9d:de:49:
8d:51:72:1a:ff:71:f1:49:9d:48:e8:01:62:c6:57:6e:04:a1:
3d:19:38:61:f8:97:99:14:fe:77:ab:5b:7d:92:d9:2c:20:70:
f4:23:73:1e:f7:97:f1:95:6d:9d:90:5d:21:92:b0:56:34:5f:
33:d9:d8:c2:50:59:b1:85:13:9e:58:e1:d1:6f:4f:44:5d:7d:
0a:2c:62:a8:86:c7:b0:3e:f2:7b:2e:1d:8e:ea:98:bd:a2:9d:
fe:a6:99:e4:c7:3e:d5:a8:41:5d:70:cf:98:1c:ca:ef:a7:32:
f3:e2:cc:36:c3:8a:f8:bb:94:f7:0b:a1:b7:39:1b:d3:9f:13:
91:f4:70:79:7b:b8:68:a0:db:31:61:b6:80:96:1e:02:3c:ae:
49:e8:d2:b6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQlj54VJMhM27/iZ++NrfVQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwMTAyMDU0OTE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWFmNWY2NDFiY2VhOTZjYjdkOWQ0NzNkNGYxYzEwMDE1MWEyMzM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA965fAdrxLlt7VT5kK4O+tHGXhlSs
OFdIT9sc51E0JnvlFyM1dqmHg7Mmqb2JSc4S8Y72cF2V/GyI4+l9fF4uHz4jF6Yl
VZToz/qacc/Y1ItJNTh5XFxFs81maB7rNhHiihNLyzU/R6sxrGHj8xO01QMaSgli
rPiMcH6+4Yn760BwPTb/V2i52Vz51yDJ8KtNUt3uISDPkP0WfYsFP5oT130RfAcF
i4RLJQIGSlnn/UjJ6U9CSXiOC0/uVlYY/vMh7IIkuKJWn3za6TueLmGzH+yaRaVS
LQSxqZKUrFEfKzvrAZ28DgIp5YvGck7fxCnr1uG9+EV4HnH+IRF2VCA7jwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDmvX2Qbzqlst9nUc9TxwQAVGiM0MB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvT2E5ZlpCdk9xV3kzMmRSejFQSEJBQlVhSXpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXy5oAwQA
Xy6OMA0GCSqGSIb3DQEBCwUAA4IBAQBRMPzYTyoQz3wsOh4PjbGhvP5iYgOeZMJg
HiqT9Tpn+NkPG7SPhnTaDM/89Cwb2JUs/uuT8DNnn2WavMZbYnFwCOzKTTYJ/f26
nQuiBIdCAA+rzueKrmPNEuCPhMcwaWIT2y8hrMhm8sCd3kmNUXIa/3HxSZ1I6AFi
xlduBKE9GThh+JeZFP53q1t9ktksIHD0I3Me95fxlW2dkF0hkrBWNF8z2djCUFmx
hROeWOHRb09EXX0KLGKohsewPvJ7Lh2O6pi9op3+ppnkxz7VqEFdcM+YHMrvpzLz
4sw2w4r4u5T3C6G3ORvTnxOR9HB5e7hooNsxYbaAlh4CPK5J6NK2
-----END CERTIFICATE-----
Generated at Sat Apr 12 07:27:10 2025 by rpki-client