Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/F4qa4HfDTUXnRR2Jl-vUaIEpuuQ.roa
File: F4qa4HfDTUXnRR2Jl-vUaIEpuuQ.roa (raw, json)
Hash identifier: H94JqKDuN0w8w3kszOGT0OGt/TDr+PLzdLP/Zf3G55E=
Subject key identifier: 17:8A:9A:E0:77:C3:4D:45:E7:45:1D:89:97:EB:D4:68:81:29:BA:E4
Certificate issuer: /CN=70f9b16adf2fd31988859922b4457481dd7eef40
Certificate serial: 0195EB255F00D044D04A6CC3083E28F10225
Authority key identifier: 70:F9:B1:6A:DF:2F:D3:19:88:85:99:22:B4:45:74:81:DD:7E:EF:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cPmxat8v0xmIhZkitEV0gd1-70A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/F4qa4HfDTUXnRR2Jl-vUaIEpuuQ.roa
Signing time: Mon 31 Mar 2025 07:40:49 +0000
ROA not before: Mon 31 Mar 2025 07:40:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 141.226.245.0/24 maxlen: 24
141.226.246.0/24 maxlen: 24
213.137.88.0/24 maxlen: 24
213.137.92.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/cPmxat8v0xmIhZkitEV0gd1-70A.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/cPmxat8v0xmIhZkitEV0gd1-70A.mft
rsync://rpki.ripe.net/repository/DEFAULT/cPmxat8v0xmIhZkitEV0gd1-70A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 16:04:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:eb:25:5f:00:d0:44:d0:4a:6c:c3:08:3e:28:f1:02:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70f9b16adf2fd31988859922b4457481dd7eef40
Validity
Not Before: Mar 31 07:40:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=178a9ae077c34d45e7451d8997ebd4688129bae4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:75:60:7b:8d:9f:2b:ad:78:13:07:14:e6:dc:
c4:23:4d:54:86:2b:de:7c:74:2a:a7:6d:4a:3b:77:
98:ca:7f:04:c5:37:ce:02:4a:cc:62:79:98:0f:23:
98:42:a8:20:af:e7:c3:a3:88:09:e1:8e:fc:c1:9b:
3d:ac:be:2e:34:19:3f:d9:5f:19:3f:26:95:88:2e:
c2:b2:b9:0e:13:68:53:e3:58:4f:51:72:50:6b:74:
0c:42:cf:6b:c0:43:4f:58:c3:50:0d:34:6d:09:28:
3a:34:39:e2:b7:06:89:38:12:63:16:db:50:a6:3b:
29:2a:5f:43:ef:f1:f8:dc:41:f7:17:3f:d2:e1:8d:
18:a3:ee:87:97:18:f4:93:33:59:3e:9b:77:04:18:
91:89:a1:05:07:af:ea:28:4e:73:27:f0:e8:05:27:
0f:5d:d7:02:a2:0e:6a:6e:b9:e6:98:62:64:a1:26:
f0:ee:44:d0:2c:9a:2b:59:5b:f3:16:9a:94:2d:c3:
c1:03:60:33:21:6c:80:00:20:8c:23:01:1b:a9:d8:
c4:a9:62:43:6c:93:46:19:8b:3f:9d:93:0f:67:b5:
57:60:ad:b9:b6:79:bd:92:ac:0d:14:99:7f:c8:a3:
ea:12:18:7b:a0:92:e7:0d:c4:28:7e:9b:55:9a:88:
54:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:8A:9A:E0:77:C3:4D:45:E7:45:1D:89:97:EB:D4:68:81:29:BA:E4
X509v3 Authority Key Identifier:
keyid:70:F9:B1:6A:DF:2F:D3:19:88:85:99:22:B4:45:74:81:DD:7E:EF:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cPmxat8v0xmIhZkitEV0gd1-70A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/F4qa4HfDTUXnRR2Jl-vUaIEpuuQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/cPmxat8v0xmIhZkitEV0gd1-70A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.226.245.0-141.226.246.255
213.137.88.0/24
213.137.92.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:42:5c:74:79:78:8e:de:b7:51:9b:11:3c:cb:fc:d8:21:fa:
b4:40:47:f1:e7:9c:b1:1b:75:e0:f5:0b:ab:16:b3:2f:21:94:
ef:ba:87:83:8a:a1:e9:6f:f4:b0:33:37:3e:5e:a9:b8:f6:79:
9c:2a:dd:5e:de:3d:38:65:69:19:51:a1:2f:ea:8c:07:4c:d3:
de:d6:a1:e7:50:b2:ea:95:0f:32:6a:2b:72:31:a0:ac:54:cb:
88:fa:88:0e:23:d0:fa:bb:ba:8d:b2:f0:7c:3a:6d:04:20:f6:
18:e8:37:11:8e:1d:2a:f7:14:1d:2d:7a:2d:37:c0:5d:53:fd:
a1:d1:bb:19:63:c9:1c:41:35:63:fc:61:02:b8:50:5a:d7:71:
55:73:d4:06:3c:38:4c:af:65:23:7d:3d:bd:0a:8d:cf:28:7f:
56:cd:cc:0f:45:12:03:e6:7f:cd:8b:7e:9a:cd:71:3b:8b:ef:
8f:dd:a0:1b:39:48:a5:6e:bc:14:0c:87:01:9f:83:46:db:15:
16:32:a2:b9:2a:8b:ec:e5:6a:a0:c5:54:20:d7:da:50:a3:96:
09:de:5c:4e:92:81:58:6e:ef:12:51:96:bc:e4:f1:91:f9:15:
3b:78:3b:cb:52:c9:f7:6c:a7:c3:24:96:70:e0:a5:e7:11:53:
87:9b:b6:b9
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZXrJV8A0ETQSmzDCD4o8QIlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZjliMTZhZGYyZmQzMTk4ODg1OTkyMmI0NDU3NDgxZGQ3
ZWVmNDAwHhcNMjUwMzMxMDc0MDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzhhOWFlMDc3YzM0ZDQ1ZTc0NTFkODk5N2ViZDQ2ODgxMjliYWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxHVge42fK614EwcU5tzEI01Uhive
fHQqp21KO3eYyn8ExTfOAkrMYnmYDyOYQqggr+fDo4gJ4Y78wZs9rL4uNBk/2V8Z
PyaViC7CsrkOE2hT41hPUXJQa3QMQs9rwENPWMNQDTRtCSg6NDnitwaJOBJjFttQ
pjspKl9D7/H43EH3Fz/S4Y0Yo+6Hlxj0kzNZPpt3BBiRiaEFB6/qKE5zJ/DoBScP
XdcCog5qbrnmmGJkoSbw7kTQLJorWVvzFpqULcPBA2AzIWyAACCMIwEbqdjEqWJD
bJNGGYs/nZMPZ7VXYK25tnm9kqwNFJl/yKPqEhh7oJLnDcQofptVmohUawIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFBeKmuB3w01F50UdiZfr1GiBKbrkMB8GA1UdIwQY
MBaAFHD5sWrfL9MZiIWZIrRFdIHdfu9AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1BteGF0OHYweG1JaFpraXRFVjBnZDEtNzBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi85NTZkYjktYzhmNy00YjlmLWE1NmUt
YmM2ZGI3MjQ4YWRkLzEvRjRxYTRIZkRUVVhuUlIySmwtdlVhSUVwdXVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi85NTZkYjktYzhmNy00YjlmLWE1NmUtYmM2ZGI3MjQ4YWRk
LzEvY1BteGF0OHYweG1JaFpraXRFVjBnZDEtNzBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBACN4vUD
BACN4vYDBADViVgDBADViVwwDQYJKoZIhvcNAQELBQADggEBALVCXHR5eI7et1Gb
ETzL/Ngh+rRAR/HnnLEbdeD1C6sWsy8hlO+6h4OKoelv9LAzNz5eqbj2eZwq3V7e
PThlaRlRoS/qjAdM097WoedQsuqVDzJqK3IxoKxUy4j6iA4j0Pq7uo2y8Hw6bQQg
9hjoNxGOHSr3FB0tei03wF1T/aHRuxljyRxBNWP8YQK4UFrXcVVz1AY8OEyvZSN9
Pb0Kjc8of1bNzA9FEgPmf82LfprNcTuL74/doBs5SKVuvBQMhwGfg0bbFRYyorkq
i+zlaqDFVCDX2lCjlgneXE6SgVhu7xJRlrzk8ZH5FTt4O8tSyfdsp8MklnDgpecR
U4ebtrk=
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:01:30 2025 by rpki-client