Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/36275e-6759-4d52-b2d1-8c70de9e9b9d/1/adNqeNQUFWI4IAHxy1r153UdECA.roa
File: adNqeNQUFWI4IAHxy1r153UdECA.roa (raw, json)
Hash identifier: xLvUeb8ak+yii4A1TZl7dHrog2mgx9j4/AxydjM8K8Q=
Subject key identifier: 69:D3:6A:78:D4:14:15:62:38:20:01:F1:CB:5A:F5:E7:75:1D:10:20
Certificate issuer: /CN=fce4f396729bf478e636549821f6f6970d893f52
Certificate serial: 019426D9DAF3B52AA9AF74F0310BEDB52AFD
Authority key identifier: FC:E4:F3:96:72:9B:F4:78:E6:36:54:98:21:F6:F6:97:0D:89:3F:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_OTzlnKb9HjmNlSYIfb2lw2JP1I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/36275e-6759-4d52-b2d1-8c70de9e9b9d/1/adNqeNQUFWI4IAHxy1r153UdECA.roa
Signing time: Thu 02 Jan 2025 11:49:59 +0000
ROA not before: Thu 02 Jan 2025 11:49:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47648
IP address blocks: 152.89.188.0/22 maxlen: 24
185.239.196.0/22 maxlen: 24
195.68.248.0/23 maxlen: 24
195.68.254.0/23 maxlen: 24
2a0c:6180::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/63/36275e-6759-4d52-b2d1-8c70de9e9b9d/1/_OTzlnKb9HjmNlSYIfb2lw2JP1I.crl
rsync://rpki.ripe.net/repository/DEFAULT/63/36275e-6759-4d52-b2d1-8c70de9e9b9d/1/_OTzlnKb9HjmNlSYIfb2lw2JP1I.mft
rsync://rpki.ripe.net/repository/DEFAULT/_OTzlnKb9HjmNlSYIfb2lw2JP1I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:da:f3:b5:2a:a9:af:74:f0:31:0b:ed:b5:2a:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fce4f396729bf478e636549821f6f6970d893f52
Validity
Not Before: Jan 2 11:49:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69d36a78d4141562382001f1cb5af5e7751d1020
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:49:bd:64:d6:27:90:6c:10:ef:75:07:d5:07:
ea:08:fe:12:dc:df:ae:8d:39:2b:b2:59:ef:fd:42:
cd:70:48:c4:67:5a:80:f0:59:a2:5d:82:78:89:0c:
30:ed:96:16:14:c5:d2:9a:46:7b:da:e6:57:96:f4:
f7:4b:0a:ec:49:5b:fb:7f:00:3d:5f:76:7b:0a:1c:
f1:8d:b5:b9:80:9f:f8:b0:82:db:24:7c:88:82:db:
20:fa:6b:f3:7d:0c:d3:c4:18:21:ab:90:3e:6a:86:
9a:59:bf:a2:e7:ab:e7:5f:02:28:e1:cf:12:70:ec:
e6:b2:58:4c:f5:af:77:66:8d:2c:23:6a:47:e2:d4:
e9:04:80:07:5f:d2:f1:18:0d:25:81:55:cd:8c:dc:
a4:09:25:f9:98:e3:c2:7a:db:95:97:97:4c:12:71:
e9:d5:8d:bd:a9:38:77:0e:93:a3:be:3a:53:92:c7:
e3:02:7a:dd:5c:ae:cc:c5:14:cd:67:70:40:ea:33:
b9:d9:36:c3:9e:4c:b0:47:54:14:d9:14:1c:71:53:
05:36:0a:cc:f2:3c:00:e5:f0:67:ea:85:15:75:a4:
77:98:4f:2c:73:b7:1c:52:54:66:8a:0c:7b:33:ff:
e6:37:00:2c:77:45:db:9b:57:20:13:43:0c:e1:e0:
da:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:D3:6A:78:D4:14:15:62:38:20:01:F1:CB:5A:F5:E7:75:1D:10:20
X509v3 Authority Key Identifier:
keyid:FC:E4:F3:96:72:9B:F4:78:E6:36:54:98:21:F6:F6:97:0D:89:3F:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_OTzlnKb9HjmNlSYIfb2lw2JP1I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/36275e-6759-4d52-b2d1-8c70de9e9b9d/1/adNqeNQUFWI4IAHxy1r153UdECA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/36275e-6759-4d52-b2d1-8c70de9e9b9d/1/_OTzlnKb9HjmNlSYIfb2lw2JP1I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.188.0/22
185.239.196.0/22
195.68.248.0/23
195.68.254.0/23
IPv6:
2a0c:6180::/29
Signature Algorithm: sha256WithRSAEncryption
c3:eb:94:34:bd:9e:b5:6e:6b:ca:91:b0:4c:89:08:79:0f:55:
a7:22:a8:ea:aa:5c:3b:46:21:d0:69:1b:d3:ba:0d:44:30:c3:
0f:17:58:38:d2:3d:02:65:2c:e7:c6:57:53:25:8e:81:84:30:
8f:1b:18:be:62:89:da:ce:4c:86:a2:19:a6:9a:ed:b5:cf:de:
72:6f:e0:f6:f2:0d:8c:83:d6:5c:91:26:53:94:fc:62:e4:67:
f3:ca:84:ef:6c:70:a6:36:95:a3:38:c4:b7:4a:82:b1:92:76:
5b:7b:c4:24:62:76:77:82:bc:de:ee:f1:12:2a:6c:8d:57:df:
89:32:b5:b8:0f:c5:4d:c1:bf:a7:4e:87:5a:03:25:28:2b:61:
e0:e5:27:95:07:21:1b:6a:a1:41:85:a0:99:6c:87:25:6d:5d:
11:f3:25:f9:71:f3:8d:71:8c:16:02:b6:74:3e:e3:bb:06:e7:
fd:cd:81:71:35:69:03:1a:b7:3c:f0:eb:bf:73:e2:11:5b:c3:
1d:65:7c:89:a8:a6:91:5f:7c:e1:6c:89:d3:e3:4b:f9:78:83:
dc:85:1b:f8:0a:f8:3f:f8:c9:ae:6e:ba:17:ba:5a:7b:0a:f0:
ab:59:c8:95:c7:64:d1:0b:0d:ff:7a:f7:14:04:1f:41:e1:33:
b4:0f:47:fa
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQm2drztSqpr3TwMQvttSr9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjZTRmMzk2NzI5YmY0NzhlNjM2NTQ5ODIxZjZmNjk3MGQ4
OTNmNTIwHhcNMjUwMTAyMTE0OTU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWQzNmE3OGQ0MTQxNTYyMzgyMDAxZjFjYjVhZjVlNzc1MWQxMDIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUm9ZNYnkGwQ73UH1QfqCP4S3N+u
jTkrslnv/ULNcEjEZ1qA8FmiXYJ4iQww7ZYWFMXSmkZ72uZXlvT3SwrsSVv7fwA9
X3Z7ChzxjbW5gJ/4sILbJHyIgtsg+mvzfQzTxBghq5A+aoaaWb+i56vnXwIo4c8S
cOzmslhM9a93Zo0sI2pH4tTpBIAHX9LxGA0lgVXNjNykCSX5mOPCetuVl5dMEnHp
1Y29qTh3DpOjvjpTksfjAnrdXK7MxRTNZ3BA6jO52TbDnkywR1QU2RQccVMFNgrM
8jwA5fBn6oUVdaR3mE8sc7ccUlRmigx7M//mNwAsd0Xbm1cgE0MM4eDaMwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFGnTanjUFBViOCAB8cta9ed1HRAgMB8GA1UdIwQY
MBaAFPzk85Zym/R45jZUmCH29pcNiT9SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX09UemxuS2I5SGptTmxTWUlmYjJsdzJKUDFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8zNjI3NWUtNjc1OS00ZDUyLWIyZDEt
OGM3MGRlOWU5YjlkLzEvYWROcWVOUVVGV0k0SUFIeHkxcjE1M1VkRUNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8zNjI3NWUtNjc1OS00ZDUyLWIyZDEtOGM3MGRlOWU5Yjlk
LzEvX09UemxuS2I5SGptTmxTWUlmYjJsdzJKUDFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCmFm8AwQC
ue/EAwQBw0T4AwQBw0T+MA0EAgACMAcDBQMqDGGAMA0GCSqGSIb3DQEBCwUAA4IB
AQDD65Q0vZ61bmvKkbBMiQh5D1WnIqjqqlw7RiHQaRvTug1EMMMPF1g40j0CZSzn
xldTJY6BhDCPGxi+YonazkyGohmmmu21z95yb+D28g2Mg9ZckSZTlPxi5GfzyoTv
bHCmNpWjOMS3SoKxknZbe8QkYnZ3grze7vESKmyNV9+JMrW4D8VNwb+nTodaAyUo
K2Hg5SeVByEbaqFBhaCZbIclbV0R8yX5cfONcYwWArZ0PuO7Buf9zYFxNWkDGrc8
8Ou/c+IRW8MdZXyJqKaRX3zhbInT40v5eIPchRv4Cvg/+MmubroXulp7CvCrWciV
x2TRCw3/evcUBB9B4TO0D0f6
-----END CERTIFICATE-----
Generated at Mon Apr 21 17:03:42 2025 by rpki-client