Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/cRHhLN77kAZE1qcTNhkyC6k81Tk.roa
File: cRHhLN77kAZE1qcTNhkyC6k81Tk.roa (raw, json)
Hash identifier: YBXYh1ei+T+QZzUMb6g5CIU9fhg4uv/862OYXZANvmE=
Subject key identifier: 71:11:E1:2C:DE:FB:90:06:44:D6:A7:13:36:19:32:0B:A9:3C:D5:39
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0194258F8FBF06E1B0BC2941F0CC931F1D4C
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/cRHhLN77kAZE1qcTNhkyC6k81Tk.roa
Signing time: Thu 02 Jan 2025 05:49:12 +0000
ROA not before: Thu 02 Jan 2025 05:49:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29256
IP address blocks: 31.148.152.0/21 maxlen: 24
92.253.224.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:8f:bf:06:e1:b0:bc:29:41:f0:cc:93:1f:1d:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 05:49:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7111e12cdefb900644d6a7133619320ba93cd539
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:6e:a0:69:98:9f:72:b5:b8:36:42:66:15:e4:
e9:50:5b:3a:f7:5d:a6:2f:3d:fc:d8:7d:d3:4c:6a:
45:3c:cd:41:81:a2:51:31:98:36:1c:29:53:5c:ee:
9e:25:4d:ce:48:7b:5e:2d:3f:e0:0b:0d:cc:5f:99:
d4:37:15:5c:b5:2d:3b:1a:d5:b4:f9:a8:48:79:76:
2d:e6:a9:79:7b:f6:8c:2e:f0:47:1e:91:a5:d3:9d:
94:ba:c9:84:fc:f9:b7:4d:c3:25:8a:69:b7:bf:79:
0a:47:e3:bf:a7:1c:1b:87:3c:a9:3c:82:68:69:5c:
08:55:cd:a0:b7:75:00:03:1d:2e:45:6b:ee:d3:33:
2c:d1:88:35:02:c1:47:08:c7:99:8d:4e:c8:bc:1e:
ca:8e:3b:37:ae:da:d0:db:a4:97:e3:0b:3e:73:2b:
bd:50:29:19:ed:8e:c7:87:4c:97:80:7b:af:fb:eb:
95:bc:c6:66:50:28:3f:a6:51:8b:b7:a5:13:08:ce:
63:1d:3e:6d:d5:d7:85:20:78:42:26:d6:38:ea:5e:
ef:b0:35:1a:81:d5:2d:e3:2c:9d:8a:28:c0:70:24:
b5:43:90:7a:3b:6f:58:54:98:bb:13:1c:e1:6e:bd:
64:d6:e6:a2:f9:d4:6f:3d:3c:89:01:88:08:ac:02:
72:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:11:E1:2C:DE:FB:90:06:44:D6:A7:13:36:19:32:0B:A9:3C:D5:39
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/cRHhLN77kAZE1qcTNhkyC6k81Tk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.152.0/21
92.253.224.0/21
Signature Algorithm: sha256WithRSAEncryption
3e:3e:ec:ad:88:01:91:49:27:34:5e:51:00:76:95:7d:c3:2e:
f4:da:5d:d8:5b:a7:ab:15:2e:fb:f4:73:3c:d7:7a:1e:d0:1f:
bc:a6:cb:30:41:07:6c:24:63:9a:ad:6f:2b:37:0c:fe:94:4a:
a0:dd:a9:01:f2:24:1c:ec:06:66:8d:35:3a:61:e1:a8:ba:2f:
e5:68:d5:8d:c5:77:b5:2f:82:05:b1:ff:c5:c0:c0:7d:8d:86:
a9:56:01:04:a3:f0:40:3a:58:a4:44:23:d3:81:31:c0:ef:a6:
ea:d2:6d:e2:d9:49:de:e8:aa:5a:ce:e1:ab:69:1c:0c:3a:4b:
7c:3f:e2:bd:50:b3:f6:43:24:13:fd:f5:a9:3d:2d:87:95:e5:
3e:9f:5d:10:ff:0d:bb:d8:62:86:75:a1:1e:30:05:cb:41:b2:
fc:88:5f:b9:6a:bd:a0:fb:d7:4f:19:92:8b:83:16:8f:24:ac:
17:c5:8c:58:b6:fb:35:2e:c9:15:51:26:bd:91:4e:03:57:bf:
53:32:78:55:86:3b:09:4c:0f:0c:dd:13:10:15:09:56:d8:ac:
38:ff:74:db:e6:b8:aa:95:73:de:50:27:b0:0c:15:8a:cf:d3:
c1:91:1c:fb:05:ef:93:b0:4a:1f:fc:45:c4:b7:43:68:e0:44:
c8:b9:29:14
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQlj4+/BuGwvClB8MyTHx1MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwMTAyMDU0OTEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTExZTEyY2RlZmI5MDA2NDRkNmE3MTMzNjE5MzIwYmE5M2NkNTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0G6gaZifcrW4NkJmFeTpUFs6912m
Lz382H3TTGpFPM1BgaJRMZg2HClTXO6eJU3OSHteLT/gCw3MX5nUNxVctS07GtW0
+ahIeXYt5ql5e/aMLvBHHpGl052UusmE/Pm3TcMlimm3v3kKR+O/pxwbhzypPIJo
aVwIVc2gt3UAAx0uRWvu0zMs0Yg1AsFHCMeZjU7IvB7Kjjs3rtrQ26SX4ws+cyu9
UCkZ7Y7Hh0yXgHuv++uVvMZmUCg/plGLt6UTCM5jHT5t1deFIHhCJtY46l7vsDUa
gdUt4yydiijAcCS1Q5B6O29YVJi7Exzhbr1k1uai+dRvPTyJAYgIrAJyTQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHER4Sze+5AGRNanEzYZMgupPNU5MB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvY1JIaExONzdrQVpFMXFjVE5oa3lDNms4MVRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDH5SYAwQD
XP3gMA0GCSqGSIb3DQEBCwUAA4IBAQA+PuytiAGRSSc0XlEAdpV9wy702l3YW6er
FS779HM813oe0B+8psswQQdsJGOarW8rNwz+lEqg3akB8iQc7AZmjTU6YeGoui/l
aNWNxXe1L4IFsf/FwMB9jYapVgEEo/BAOlikRCPTgTHA76bq0m3i2Une6KpazuGr
aRwMOkt8P+K9ULP2QyQT/fWpPS2HleU+n10Q/w272GKGdaEeMAXLQbL8iF+5ar2g
+9dPGZKLgxaPJKwXxYxYtvs1LskVUSa9kU4DV79TMnhVhjsJTA8M3RMQFQlW2Kw4
/3Tb5riqlXPeUCewDBWKz9PBkRz7Be+TsEof/EXEt0No4ETIuSkU
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:08:29 2025 by rpki-client