Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/ioEYoSKyEtfdiu8IAgBkdSDUxq0.roa
File: ioEYoSKyEtfdiu8IAgBkdSDUxq0.roa (raw, json)
Hash identifier: CEmR3YzuPC7K/CwWVdeEu1K1wp1B5QCNbwR4nRi5bvI=
Subject key identifier: 8A:81:18:A1:22:B2:12:D7:DD:8A:EF:08:02:00:64:75:20:D4:C6:AD
Certificate issuer: /CN=5853e65a3087b4ca85c8802b60ff0f02b4106d97
Certificate serial: 01941FFA62361FE467DAA0DEC8094C56E676
Authority key identifier: 58:53:E6:5A:30:87:B4:CA:85:C8:80:2B:60:FF:0F:02:B4:10:6D:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WFPmWjCHtMqFyIArYP8PArQQbZc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/ioEYoSKyEtfdiu8IAgBkdSDUxq0.roa
Signing time: Wed 01 Jan 2025 03:48:10 +0000
ROA not before: Wed 01 Jan 2025 03:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34573
IP address blocks: 78.140.32.0/20 maxlen: 20
78.140.32.0/24 maxlen: 24
78.140.33.0/24 maxlen: 24
78.140.34.0/24 maxlen: 24
78.140.35.0/24 maxlen: 24
78.140.36.0/24 maxlen: 24
78.140.37.0/24 maxlen: 24
78.140.38.0/24 maxlen: 24
78.140.39.0/24 maxlen: 24
78.140.40.0/24 maxlen: 24
78.140.41.0/24 maxlen: 24
78.140.42.0/24 maxlen: 24
78.140.43.0/24 maxlen: 24
78.140.44.0/24 maxlen: 24
78.140.45.0/24 maxlen: 24
78.140.46.0/24 maxlen: 24
78.140.47.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/WFPmWjCHtMqFyIArYP8PArQQbZc.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/WFPmWjCHtMqFyIArYP8PArQQbZc.mft
rsync://rpki.ripe.net/repository/DEFAULT/WFPmWjCHtMqFyIArYP8PArQQbZc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:62:36:1f:e4:67:da:a0:de:c8:09:4c:56:e6:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5853e65a3087b4ca85c8802b60ff0f02b4106d97
Validity
Not Before: Jan 1 03:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8a8118a122b212d7dd8aef080200647520d4c6ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:1d:58:84:78:53:d2:aa:53:3e:76:33:95:8d:
0d:9f:0d:0d:c4:59:28:7f:86:a0:2c:23:4e:1d:07:
12:27:7f:f5:dd:b4:02:5a:8c:14:90:a0:d5:5c:46:
76:36:32:76:f4:41:56:76:20:d3:e8:67:2a:5c:ee:
b8:d6:c0:0a:51:cb:38:98:51:ce:3c:d1:15:0c:35:
d6:20:07:2b:97:04:c1:06:04:a9:89:c5:fa:0a:b5:
22:5d:91:79:77:c8:33:e1:2c:ce:67:70:10:c9:9f:
6a:65:b0:fb:24:4e:bc:b5:94:95:e0:b8:39:f9:63:
8e:b4:11:44:76:92:48:17:ba:20:4f:82:36:30:cd:
56:56:9a:39:bc:af:a3:8c:61:6d:98:01:53:76:ea:
93:c5:58:aa:0f:e4:45:7a:e8:e4:b7:13:c0:70:fb:
00:a1:03:62:b1:65:c6:15:b0:11:94:d0:e9:1c:ee:
ac:25:c9:89:88:88:3e:70:fc:be:4d:2b:ab:55:15:
82:f6:b0:af:1b:04:a5:a8:be:ba:ed:c8:0f:f6:d6:
f3:ad:f3:35:d8:cf:19:fd:c5:27:c6:c9:8e:06:e5:
aa:a1:fa:f7:92:92:5a:da:f8:dd:1d:55:05:b4:b6:
29:2d:f1:be:c3:9a:7d:01:ad:e1:6f:ba:a5:3a:39:
81:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:81:18:A1:22:B2:12:D7:DD:8A:EF:08:02:00:64:75:20:D4:C6:AD
X509v3 Authority Key Identifier:
keyid:58:53:E6:5A:30:87:B4:CA:85:C8:80:2B:60:FF:0F:02:B4:10:6D:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WFPmWjCHtMqFyIArYP8PArQQbZc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/ioEYoSKyEtfdiu8IAgBkdSDUxq0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/WFPmWjCHtMqFyIArYP8PArQQbZc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.140.32.0/20
Signature Algorithm: sha256WithRSAEncryption
9b:2c:7f:d8:48:a0:1a:c7:f1:83:9b:82:af:e3:0d:3a:b2:45:
09:4f:23:96:15:a1:d0:30:8b:58:c7:44:fd:ff:1e:4b:e1:ab:
5e:4b:16:dc:d3:3b:b5:5f:a1:c8:d5:23:4f:69:d4:92:5a:eb:
df:16:10:f7:ee:bf:fd:9f:ef:09:18:e0:26:65:a6:a3:72:79:
e2:95:37:33:e2:63:d6:d7:bf:5c:e3:27:df:8d:3a:a4:56:ad:
09:ae:d7:d9:97:58:64:fb:19:25:be:b2:94:6d:20:82:ff:c8:
fe:47:95:84:3c:ea:95:d0:03:0f:f5:7d:72:2b:fa:3e:e3:98:
17:4e:ca:33:3b:36:2b:ba:93:07:c4:7d:b4:41:a0:1c:85:0a:
25:11:6c:7e:21:74:ec:6d:69:d5:34:29:50:d9:74:1f:a0:d7:
8c:da:04:87:c5:76:ca:1f:5a:87:cf:da:fa:89:c7:7d:06:2c:
6f:95:61:0a:12:49:63:87:dc:7b:66:ee:0a:87:2e:a8:ce:61:
11:12:fc:7f:58:63:67:17:ce:57:8a:3b:d5:27:c3:d1:1c:a8:
01:8d:72:66:5a:5d:8c:50:5d:b4:bd:15:12:fe:20:cb:a2:6f:
9c:75:7d:6f:73:ca:05:c9:97:18:d9:02:d7:13:46:da:e7:5d:
81:01:5e:8f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+mI2H+Rn2qDeyAlMVuZ2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4NTNlNjVhMzA4N2I0Y2E4NWM4ODAyYjYwZmYwZjAyYjQx
MDZkOTcwHhcNMjUwMTAxMDM0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTgxMThhMTIyYjIxMmQ3ZGQ4YWVmMDgwMjAwNjQ3NTIwZDRjNmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyh1YhHhT0qpTPnYzlY0Nnw0NxFko
f4agLCNOHQcSJ3/13bQCWowUkKDVXEZ2NjJ29EFWdiDT6GcqXO641sAKUcs4mFHO
PNEVDDXWIAcrlwTBBgSpicX6CrUiXZF5d8gz4SzOZ3AQyZ9qZbD7JE68tZSV4Lg5
+WOOtBFEdpJIF7ogT4I2MM1WVpo5vK+jjGFtmAFTduqTxViqD+RFeujktxPAcPsA
oQNisWXGFbARlNDpHO6sJcmJiIg+cPy+TSurVRWC9rCvGwSlqL667cgP9tbzrfM1
2M8Z/cUnxsmOBuWqofr3kpJa2vjdHVUFtLYpLfG+w5p9Aa3hb7qlOjmBYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIqBGKEishLX3YrvCAIAZHUg1MatMB8GA1UdIwQY
MBaAFFhT5lowh7TKhciAK2D/DwK0EG2XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0ZQbVdqQ0h0TXFGeUlBcllQOFBBclFRYlpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi82YWZkMWUtY2I3ZS00ZTZlLWE4YTQt
ZTE4NjAyNzM5Y2Q1LzEvaW9FWW9TS3lFdGZkaXU4SUFnQmtkU0RVeHEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi82YWZkMWUtY2I3ZS00ZTZlLWE4YTQtZTE4NjAyNzM5Y2Q1
LzEvV0ZQbVdqQ0h0TXFGeUlBcllQOFBBclFRYlpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQETowgMA0G
CSqGSIb3DQEBCwUAA4IBAQCbLH/YSKAax/GDm4Kv4w06skUJTyOWFaHQMItYx0T9
/x5L4ateSxbc0zu1X6HI1SNPadSSWuvfFhD37r/9n+8JGOAmZaajcnnilTcz4mPW
179c4yffjTqkVq0JrtfZl1hk+xklvrKUbSCC/8j+R5WEPOqV0AMP9X1yK/o+45gX
TsozOzYrupMHxH20QaAchQolEWx+IXTsbWnVNClQ2XQfoNeM2gSHxXbKH1qHz9r6
icd9BixvlWEKEkljh9x7Zu4Khy6ozmEREvx/WGNnF85XijvVJ8PRHKgBjXJmWl2M
UF20vRUS/iDLom+cdX1vc8oFyZcY2QLXE0ba512BAV6P
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:51:24 2025 by rpki-client