Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/e287d9-9c3b-4121-92b6-a1d9e754c12e/1/oohgjiQIj_tIu1PGNdnlfQkGF6M.roa
File: oohgjiQIj_tIu1PGNdnlfQkGF6M.roa (raw, json)
Hash identifier: 6v4z144BDrgglq1LMAS7dreBWe+2oC3G15H9vrrNnFU=
Subject key identifier: A2:88:60:8E:24:08:8F:FB:48:BB:53:C6:35:D9:E5:7D:09:06:17:A3
Certificate issuer: /CN=54272ff3172973c869a52212bf7ce801e1f8e783
Certificate serial: 019420D60DB02D4FE43693EBDF0C324BE101
Authority key identifier: 54:27:2F:F3:17:29:73:C8:69:A5:22:12:BF:7C:E8:01:E1:F8:E7:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VCcv8xcpc8hppSISv3zoAeH454M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/e287d9-9c3b-4121-92b6-a1d9e754c12e/1/oohgjiQIj_tIu1PGNdnlfQkGF6M.roa
Signing time: Wed 01 Jan 2025 07:48:06 +0000
ROA not before: Wed 01 Jan 2025 07:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47986
IP address blocks: 94.124.48.0/21 maxlen: 21
94.124.48.0/24 maxlen: 24
94.124.49.0/24 maxlen: 24
94.124.50.0/24 maxlen: 24
94.124.51.0/24 maxlen: 24
94.124.52.0/24 maxlen: 24
94.124.53.0/24 maxlen: 24
94.124.54.0/24 maxlen: 24
94.124.55.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/e287d9-9c3b-4121-92b6-a1d9e754c12e/1/VCcv8xcpc8hppSISv3zoAeH454M.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/e287d9-9c3b-4121-92b6-a1d9e754c12e/1/VCcv8xcpc8hppSISv3zoAeH454M.mft
rsync://rpki.ripe.net/repository/DEFAULT/VCcv8xcpc8hppSISv3zoAeH454M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Feb 2025 07:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:0d:b0:2d:4f:e4:36:93:eb:df:0c:32:4b:e1:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54272ff3172973c869a52212bf7ce801e1f8e783
Validity
Not Before: Jan 1 07:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a288608e24088ffb48bb53c635d9e57d090617a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:16:b5:62:bf:92:44:a2:45:fd:9a:0a:e9:60:
0a:73:dd:a6:bd:c4:9c:db:10:95:e4:69:fe:83:cc:
1e:78:12:ef:4b:01:5a:97:d3:f0:64:ab:77:4b:5d:
b4:0b:e2:01:a3:81:71:44:ce:71:04:01:dd:ab:8e:
f9:78:75:04:8e:e9:1f:1f:1c:12:8f:74:88:5e:cf:
75:dc:59:74:e6:56:fb:c2:1e:c6:5e:cb:0f:fc:b5:
b0:b2:7f:82:c7:df:31:3f:4e:d0:78:23:2a:60:71:
95:dc:89:4e:c6:4a:1f:8c:3c:8c:42:89:bf:ce:e9:
ab:52:78:e5:53:99:05:6f:0a:bd:69:94:12:15:9c:
f5:71:5d:55:49:03:8a:70:91:d9:06:af:cf:2a:2c:
b8:a5:4f:c9:76:93:ca:2b:89:92:45:7d:74:6f:fd:
7d:20:e8:70:44:44:9f:2c:a0:5f:e7:73:32:73:79:
ea:c1:cc:f6:20:27:1d:97:58:d0:93:39:db:de:71:
c2:3c:53:9f:c1:0a:66:20:ec:4f:6b:aa:ca:f2:f0:
21:c1:07:69:65:a0:d3:7e:59:80:a7:54:18:2e:75:
03:3b:ca:99:f4:e4:7e:28:0b:b3:51:a1:2c:b4:e1:
25:71:a9:85:58:cd:c4:6c:39:5a:02:fa:41:67:5a:
48:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:88:60:8E:24:08:8F:FB:48:BB:53:C6:35:D9:E5:7D:09:06:17:A3
X509v3 Authority Key Identifier:
keyid:54:27:2F:F3:17:29:73:C8:69:A5:22:12:BF:7C:E8:01:E1:F8:E7:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VCcv8xcpc8hppSISv3zoAeH454M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/e287d9-9c3b-4121-92b6-a1d9e754c12e/1/oohgjiQIj_tIu1PGNdnlfQkGF6M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/e287d9-9c3b-4121-92b6-a1d9e754c12e/1/VCcv8xcpc8hppSISv3zoAeH454M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.124.48.0/21
Signature Algorithm: sha256WithRSAEncryption
ab:24:32:5a:2e:c8:5d:83:62:c6:45:c0:19:42:06:f9:b5:d0:
66:47:8c:08:35:b1:fd:cb:72:af:75:a7:49:38:a8:e1:58:4c:
40:5f:5b:5b:4a:49:ee:b9:d3:98:bd:06:1f:06:89:ed:e8:a7:
a3:08:68:01:8b:80:55:56:50:0f:7e:5c:34:a1:3a:0a:8a:9e:
75:1e:e2:db:5d:5a:ff:51:66:dd:b0:87:fa:76:7d:8a:59:2d:
e9:22:76:52:c0:59:28:dc:2e:ec:86:3b:5c:75:6f:06:10:95:
53:61:62:5c:13:93:6d:14:e8:e9:6c:ba:fe:29:25:f1:96:2c:
8e:d7:50:2c:a4:a2:79:e8:00:5d:f7:e4:38:75:8f:0f:37:02:
cf:26:4c:73:90:50:cb:db:fb:67:5b:7e:eb:13:14:00:f8:ce:
53:0a:fb:0d:85:cb:3a:e7:d8:40:93:c6:de:52:6b:87:87:f5:
df:7a:2d:1c:3f:89:cc:06:df:99:1e:72:21:25:bb:4a:df:de:
06:8a:d6:bc:be:6d:73:70:26:e0:6e:2b:35:5b:97:55:db:70:
b8:02:f9:76:0a:42:18:4f:d1:a7:07:d3:16:ea:cd:74:fb:b7:
9f:83:e4:35:fe:43:ec:c7:26:ef:8b:b2:b9:97:5c:f5:97:23:
db:5e:6f:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1g2wLU/kNpPr3wwyS+EBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0MjcyZmYzMTcyOTczYzg2OWE1MjIxMmJmN2NlODAxZTFm
OGU3ODMwHhcNMjUwMTAxMDc0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjg4NjA4ZTI0MDg4ZmZiNDhiYjUzYzYzNWQ5ZTU3ZDA5MDYxN2EzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzBa1Yr+SRKJF/ZoK6WAKc92mvcSc
2xCV5Gn+g8weeBLvSwFal9PwZKt3S120C+IBo4FxRM5xBAHdq475eHUEjukfHxwS
j3SIXs913Fl05lb7wh7GXssP/LWwsn+Cx98xP07QeCMqYHGV3IlOxkofjDyMQom/
zumrUnjlU5kFbwq9aZQSFZz1cV1VSQOKcJHZBq/PKiy4pU/JdpPKK4mSRX10b/19
IOhwRESfLKBf53Myc3nqwcz2ICcdl1jQkznb3nHCPFOfwQpmIOxPa6rK8vAhwQdp
ZaDTflmAp1QYLnUDO8qZ9OR+KAuzUaEstOElcamFWM3EbDlaAvpBZ1pIFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKKIYI4kCI/7SLtTxjXZ5X0JBhejMB8GA1UdIwQY
MBaAFFQnL/MXKXPIaaUiEr986AHh+OeDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkNjdjh4Y3BjOGhwcFNJU3Yzem9BZUg0NTRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9lMjg3ZDktOWMzYi00MTIxLTkyYjYt
YTFkOWU3NTRjMTJlLzEvb29oZ2ppUUlqX3RJdTFQR05kbmxmUWtHRjZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9lMjg3ZDktOWMzYi00MTIxLTkyYjYtYTFkOWU3NTRjMTJl
LzEvVkNjdjh4Y3BjOGhwcFNJU3Yzem9BZUg0NTRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDXnwwMA0G
CSqGSIb3DQEBCwUAA4IBAQCrJDJaLshdg2LGRcAZQgb5tdBmR4wINbH9y3KvdadJ
OKjhWExAX1tbSknuudOYvQYfBont6KejCGgBi4BVVlAPflw0oToKip51HuLbXVr/
UWbdsIf6dn2KWS3pInZSwFko3C7shjtcdW8GEJVTYWJcE5NtFOjpbLr+KSXxliyO
11AspKJ56ABd9+Q4dY8PNwLPJkxzkFDL2/tnW37rExQA+M5TCvsNhcs659hAk8be
UmuHh/Xfei0cP4nMBt+ZHnIhJbtK394Gita8vm1zcCbgbis1W5dV23C4Avl2CkIY
T9GnB9MW6s10+7efg+Q1/kPsxybvi7K5l1z1lyPbXm9b
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:57:09 2025 by rpki-client