Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/cvFT9U6f9q2iEs9qYdY5pICL5uA.roa
File: cvFT9U6f9q2iEs9qYdY5pICL5uA.roa (raw, json)
Hash identifier: rpF3ncfSzctaMA19sRq+0rLTTnT49oldb4WYIOd4jLo=
Subject key identifier: 72:F1:53:F5:4E:9F:F6:AD:A2:12:CF:6A:61:D6:39:A4:80:8B:E6:E0
Certificate issuer: /CN=66de1d9dcdb25c1e532c5c9b69dfa757e306210e
Certificate serial: 019427B5AF9D82D38696E1F9582FAD8F5FF9
Authority key identifier: 66:DE:1D:9D:CD:B2:5C:1E:53:2C:5C:9B:69:DF:A7:57:E3:06:21:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zt4dnc2yXB5TLFybad-nV-MGIQ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/cvFT9U6f9q2iEs9qYdY5pICL5uA.roa
Signing time: Thu 02 Jan 2025 15:50:05 +0000
ROA not before: Thu 02 Jan 2025 15:50:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 64426
IP address blocks: 185.123.25.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/Zt4dnc2yXB5TLFybad-nV-MGIQ4.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/Zt4dnc2yXB5TLFybad-nV-MGIQ4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Zt4dnc2yXB5TLFybad-nV-MGIQ4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 00:01:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:af:9d:82:d3:86:96:e1:f9:58:2f:ad:8f:5f:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66de1d9dcdb25c1e532c5c9b69dfa757e306210e
Validity
Not Before: Jan 2 15:50:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=72f153f54e9ff6ada212cf6a61d639a4808be6e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:8a:7e:94:cf:d9:9b:0c:e4:77:1b:44:be:ba:
fa:e4:19:40:b7:26:9d:8e:25:d2:dc:50:d9:56:fa:
2a:e1:66:c0:7c:8b:de:46:43:71:28:fe:cc:8a:0d:
08:35:70:76:ac:a9:3b:85:e9:bd:b6:77:b6:36:1c:
2f:10:82:46:de:68:99:87:cc:0a:b8:50:4f:fd:00:
7f:3c:4f:64:56:05:19:14:b9:76:f9:5a:6e:8b:50:
51:59:49:74:35:a2:4f:55:e0:89:42:cc:d1:00:fc:
b3:d7:fe:8b:83:29:5f:a7:c7:3a:b2:d8:d4:c1:c1:
89:49:c7:cb:06:ef:e7:0d:9e:76:89:61:86:bf:a3:
66:a7:da:95:a1:43:2e:49:89:29:94:3e:b7:68:5a:
3c:02:67:38:a2:e3:f6:4c:54:ad:7c:85:8d:8b:f4:
75:ac:30:35:ef:ce:2f:5f:46:28:c4:fc:f0:8f:17:
88:51:05:f5:31:94:f0:ff:e7:12:d2:dc:f3:6a:65:
3e:87:57:98:a5:8f:4e:09:d9:f2:fa:14:c1:65:a4:
41:dd:81:5a:f9:ea:91:3a:d4:3b:3d:81:e7:8f:c0:
f9:50:22:e9:35:e3:46:10:c5:16:23:a6:c7:b8:6e:
64:3a:1a:cf:cc:09:3f:97:b4:7f:db:66:57:0c:69:
d9:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:F1:53:F5:4E:9F:F6:AD:A2:12:CF:6A:61:D6:39:A4:80:8B:E6:E0
X509v3 Authority Key Identifier:
keyid:66:DE:1D:9D:CD:B2:5C:1E:53:2C:5C:9B:69:DF:A7:57:E3:06:21:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt4dnc2yXB5TLFybad-nV-MGIQ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/cvFT9U6f9q2iEs9qYdY5pICL5uA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/Zt4dnc2yXB5TLFybad-nV-MGIQ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.123.25.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:75:ca:3b:d1:01:aa:4f:cf:98:25:85:65:a6:32:7b:4c:fb:
3c:c2:28:b3:b7:07:ee:c2:11:b0:75:97:8c:25:4c:24:e9:08:
03:ae:a4:19:37:91:e4:4a:e1:04:f7:d5:84:3b:30:3b:59:84:
cd:4f:4a:e9:54:7e:6f:ef:cf:90:9e:03:1a:e0:95:62:fe:2b:
5a:7d:c8:2e:71:27:f0:ec:31:cd:39:0f:75:32:7a:d1:83:99:
d4:a4:07:67:28:e3:f6:8b:c8:d9:7b:f0:0f:c0:a5:a3:11:fd:
07:37:5e:0c:bc:e6:14:c7:2d:77:e6:d6:3b:63:37:1c:02:df:
94:ab:47:24:34:19:a8:d6:7f:f9:92:23:12:b4:5d:43:27:8b:
1d:4d:53:3c:c7:5b:c3:d0:56:59:b2:b1:41:62:bd:5f:de:cb:
e7:9c:a2:09:32:2f:8a:f7:46:5d:99:a0:22:6f:ef:5d:f5:da:
6c:c4:3a:0b:1c:39:98:e3:33:2c:a2:d3:8b:72:5e:b9:51:73:
a5:20:29:6e:ba:93:70:c7:7a:b0:0b:f2:c8:fb:c8:a2:bc:b0:
6c:d7:ed:ec:00:aa:c0:fc:94:8f:12:46:2e:2f:a6:34:cb:ba:
10:9f:19:9d:93:24:c2:a3:09:b0:2b:a2:d4:a4:76:08:42:3e:
5d:d1:22:cd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnta+dgtOGluH5WC+tj1/5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZGUxZDlkY2RiMjVjMWU1MzJjNWM5YjY5ZGZhNzU3ZTMw
NjIxMGUwHhcNMjUwMTAyMTU1MDA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmYxNTNmNTRlOWZmNmFkYTIxMmNmNmE2MWQ2MzlhNDgwOGJlNmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvYp+lM/ZmwzkdxtEvrr65BlAtyad
jiXS3FDZVvoq4WbAfIveRkNxKP7Mig0INXB2rKk7hem9tne2NhwvEIJG3miZh8wK
uFBP/QB/PE9kVgUZFLl2+Vpui1BRWUl0NaJPVeCJQszRAPyz1/6Lgylfp8c6stjU
wcGJScfLBu/nDZ52iWGGv6Nmp9qVoUMuSYkplD63aFo8Amc4ouP2TFStfIWNi/R1
rDA1784vX0YoxPzwjxeIUQX1MZTw/+cS0tzzamU+h1eYpY9OCdny+hTBZaRB3YFa
+eqROtQ7PYHnj8D5UCLpNeNGEMUWI6bHuG5kOhrPzAk/l7R/22ZXDGnZsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHLxU/VOn/atohLPamHWOaSAi+bgMB8GA1UdIwQY
MBaAFGbeHZ3NslweUyxcm2nfp1fjBiEOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnQ0ZG5jMnlYQjVUTEZ5YmFkLW5WLU1HSVE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC82MGZjZmUtN2IyYy00NjcyLWJjMmYt
NDA0Nzk4NzA5NzZlLzEvY3ZGVDlVNmY5cTJpRXM5cVlkWTVwSUNMNXVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC82MGZjZmUtN2IyYy00NjcyLWJjMmYtNDA0Nzk4NzA5NzZl
LzEvWnQ0ZG5jMnlYQjVUTEZ5YmFkLW5WLU1HSVE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuXsZMA0G
CSqGSIb3DQEBCwUAA4IBAQBPdco70QGqT8+YJYVlpjJ7TPs8wiiztwfuwhGwdZeM
JUwk6QgDrqQZN5HkSuEE99WEOzA7WYTNT0rpVH5v78+QngMa4JVi/itafcgucSfw
7DHNOQ91MnrRg5nUpAdnKOP2i8jZe/APwKWjEf0HN14MvOYUxy135tY7YzccAt+U
q0ckNBmo1n/5kiMStF1DJ4sdTVM8x1vD0FZZsrFBYr1f3svnnKIJMi+K90ZdmaAi
b+9d9dpsxDoLHDmY4zMsotOLcl65UXOlICluupNwx3qwC/LI+8iivLBs1+3sAKrA
/JSPEkYuL6Y0y7oQnxmdkyTCowmwK6LUpHYIQj5d0SLN
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:12:53 2025 by rpki-client