Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/ACd3XF1uNQyYL8yy4VDYybO_SOA.roa
File: ACd3XF1uNQyYL8yy4VDYybO_SOA.roa (raw, json)
Hash identifier: FV+eZRNgoox0gJ25gUqundtMtJ8vULMUuZKtsYSK06w=
Subject key identifier: 00:27:77:5C:5D:6E:35:0C:98:2F:CC:B2:E1:50:D8:C9:B3:BF:48:E0
Certificate issuer: /CN=1e9fdc7fb39ebbbed4ee54f703d3ac6153ddee69
Certificate serial: 019421B1AFAF46EA03118DD27AF14274AF56
Authority key identifier: 1E:9F:DC:7F:B3:9E:BB:BE:D4:EE:54:F7:03:D3:AC:61:53:DD:EE:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/ACd3XF1uNQyYL8yy4VDYybO_SOA.roa
Signing time: Wed 01 Jan 2025 11:48:00 +0000
ROA not before: Wed 01 Jan 2025 11:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209372
IP address blocks: 45.80.228.0/22 maxlen: 24
185.221.196.0/23 maxlen: 24
185.238.88.0/22 maxlen: 24
185.246.216.0/24 maxlen: 24
194.113.238.0/24 maxlen: 24
194.113.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 13:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:af:af:46:ea:03:11:8d:d2:7a:f1:42:74:af:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e9fdc7fb39ebbbed4ee54f703d3ac6153ddee69
Validity
Not Before: Jan 1 11:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0027775c5d6e350c982fccb2e150d8c9b3bf48e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:37:23:a2:d5:89:ea:c6:47:7a:fe:f7:03:f6:
c7:4e:24:1e:cc:98:a0:15:52:b9:05:8d:57:a5:59:
45:09:8e:f7:ee:a9:2b:0b:61:ac:d3:7c:20:61:83:
b7:e2:c5:fe:14:2a:6b:20:1b:aa:de:30:fc:05:55:
90:32:94:f0:6e:50:8f:9d:ae:14:6f:01:f4:94:62:
23:fa:f2:9a:3d:9c:33:00:32:25:38:be:2f:4f:19:
09:2f:5b:c8:0c:de:ed:35:81:55:73:ef:28:55:6f:
1f:88:9b:93:f2:98:e0:c7:62:f1:e7:1b:36:54:ab:
78:27:68:4e:e6:8c:7a:bb:00:57:40:b3:e1:18:d2:
7f:84:b6:77:f7:34:f0:8e:2e:8a:a6:01:89:44:fa:
e9:72:66:76:d4:d4:9c:b4:65:82:1f:69:7b:ff:fd:
c8:87:41:44:41:6a:e1:7c:4f:a2:87:5f:8c:3a:e6:
9d:87:51:09:72:61:72:cb:5c:35:0c:24:75:3b:0d:
0b:ae:ef:de:7b:c9:8e:f6:0e:e0:7d:57:96:e0:64:
0f:e8:cc:ca:65:72:b4:be:20:b9:bf:c5:f1:54:73:
93:62:4c:23:52:81:15:08:ea:81:e3:5c:2e:32:cb:
f9:15:dc:ce:f3:46:d2:0a:25:f6:8c:dd:62:85:b4:
d8:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:27:77:5C:5D:6E:35:0C:98:2F:CC:B2:E1:50:D8:C9:B3:BF:48:E0
X509v3 Authority Key Identifier:
keyid:1E:9F:DC:7F:B3:9E:BB:BE:D4:EE:54:F7:03:D3:AC:61:53:DD:EE:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/ACd3XF1uNQyYL8yy4VDYybO_SOA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.228.0/22
185.221.196.0/23
185.238.88.0/22
185.246.216.0/24
194.113.238.0/23
Signature Algorithm: sha256WithRSAEncryption
81:5f:a5:4e:5b:14:03:3a:7b:eb:b6:b5:f9:f1:69:62:34:81:
35:fc:33:07:17:4b:c6:75:8f:7a:04:22:1b:70:fd:94:b7:e9:
9d:45:77:49:cb:38:96:5b:f0:48:f9:63:04:80:75:5a:a6:44:
58:2a:00:9a:5b:8a:ee:8e:de:a4:64:9d:57:b2:ec:5e:f3:4d:
b1:c4:cd:9b:ea:41:c7:76:7e:fe:30:b7:ab:f5:49:3c:0c:7c:
cd:7e:c2:62:87:ac:51:70:83:b4:15:22:b5:5c:e9:32:80:f5:
12:44:d2:a4:89:e1:5b:cf:9e:1c:5e:30:0e:3d:76:15:7b:64:
98:28:67:cb:75:38:09:f5:4c:2b:10:71:13:20:39:c5:97:d9:
b6:fd:ca:a2:15:90:de:e0:4c:3f:fd:27:33:1f:98:4b:d5:26:
0e:7f:8a:df:b4:58:d8:43:50:03:18:d9:d0:bc:36:65:d3:82:
88:5b:4f:9a:ca:0a:b9:97:f9:4e:b4:6a:db:a4:83:7f:9c:78:
f0:63:35:1a:10:fd:c1:b3:8b:b4:f2:70:44:0c:3a:06:6c:44:
78:40:3e:9f:cc:59:0c:05:6c:ea:62:aa:cd:d5:c0:fd:2a:72:
55:46:ba:9a:db:91:9a:56:0e:1c:f0:51:6a:4b:2f:77:39:23:
ad:01:88:d6
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQhsa+vRuoDEY3SevFCdK9WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlOWZkYzdmYjM5ZWJiYmVkNGVlNTRmNzAzZDNhYzYxNTNk
ZGVlNjkwHhcNMjUwMTAxMTE0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDI3Nzc1YzVkNmUzNTBjOTgyZmNjYjJlMTUwZDhjOWIzYmY0OGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0DcjotWJ6sZHev73A/bHTiQezJig
FVK5BY1XpVlFCY737qkrC2Gs03wgYYO34sX+FCprIBuq3jD8BVWQMpTwblCPna4U
bwH0lGIj+vKaPZwzADIlOL4vTxkJL1vIDN7tNYFVc+8oVW8fiJuT8pjgx2Lx5xs2
VKt4J2hO5ox6uwBXQLPhGNJ/hLZ39zTwji6KpgGJRPrpcmZ21NSctGWCH2l7//3I
h0FEQWrhfE+ih1+MOuadh1EJcmFyy1w1DCR1Ow0Lru/ee8mO9g7gfVeW4GQP6MzK
ZXK0viC5v8XxVHOTYkwjUoEVCOqB41wuMsv5FdzO80bSCiX2jN1ihbTY/wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAAnd1xdbjUMmC/MsuFQ2Mmzv0jgMB8GA1UdIwQY
MBaAFB6f3H+znru+1O5U9wPTrGFT3e5pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHBfY2Y3T2V1NzdVN2xUM0E5T3NZVlBkN21rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS80MGZkZDEtMTA5Mi00ZjY5LWI2NDgt
NjkxZmY1YjQ0YjAxLzEvQUNkM1hGMXVOUXlZTDh5eTRWRFl5Yk9fU09BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS80MGZkZDEtMTA5Mi00ZjY5LWI2NDgtNjkxZmY1YjQ0YjAx
LzEvSHBfY2Y3T2V1NzdVN2xUM0E5T3NZVlBkN21rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCLVDkAwQB
ud3EAwQCue5YAwQAufbYAwQBwnHuMA0GCSqGSIb3DQEBCwUAA4IBAQCBX6VOWxQD
OnvrtrX58WliNIE1/DMHF0vGdY96BCIbcP2Ut+mdRXdJyziWW/BI+WMEgHVapkRY
KgCaW4rujt6kZJ1Xsuxe802xxM2b6kHHdn7+MLer9Uk8DHzNfsJih6xRcIO0FSK1
XOkygPUSRNKkieFbz54cXjAOPXYVe2SYKGfLdTgJ9UwrEHETIDnFl9m2/cqiFZDe
4Ew//SczH5hL1SYOf4rftFjYQ1ADGNnQvDZl04KIW0+aygq5l/lOtGrbpIN/nHjw
YzUaEP3Bs4u08nBEDDoGbER4QD6fzFkMBWzqYqrN1cD9KnJVRrqa25GaVg4c8FFq
Sy93OSOtAYjW
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:30:21 2025 by rpki-client