Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/39081f-5003-41ed-b80a-3fae034c489e/1/1-ThtHy19ctjaQuYuBhqSQqIE9WU.roa
File: 1-ThtHy19ctjaQuYuBhqSQqIE9WU.roa (raw, json)
Hash identifier: V9qRoZ+PC8g7OlSlh2fBbc43/EN/zOPrb+QtN2UkltA=
Subject key identifier: F9:38:6D:1F:2D:7D:72:D8:DA:42:E6:2E:06:1A:92:42:A2:04:F5:65
Certificate issuer: /CN=b169a49700e0c3b8e39a79130c987a5000ccffe2
Certificate serial: 019422FB4B1B529FFD4A34ABD8ED438E28B8
Authority key identifier: B1:69:A4:97:00:E0:C3:B8:E3:9A:79:13:0C:98:7A:50:00:CC:FF:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sWmklwDgw7jjmnkTDJh6UADM_-I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/39081f-5003-41ed-b80a-3fae034c489e/1/1-ThtHy19ctjaQuYuBhqSQqIE9WU.roa
Signing time: Wed 01 Jan 2025 17:48:01 +0000
ROA not before: Wed 01 Jan 2025 17:48:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16302
IP address blocks: 77.246.192.0/20 maxlen: 20
79.134.96.0/19 maxlen: 19
80.248.240.0/20 maxlen: 20
83.142.72.0/21 maxlen: 21
185.9.8.0/22 maxlen: 22
185.163.14.0/23 maxlen: 23
188.127.192.0/19 maxlen: 19
217.119.32.0/20 maxlen: 20
2a00:1190::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/39081f-5003-41ed-b80a-3fae034c489e/1/sWmklwDgw7jjmnkTDJh6UADM_-I.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/39081f-5003-41ed-b80a-3fae034c489e/1/sWmklwDgw7jjmnkTDJh6UADM_-I.mft
rsync://rpki.ripe.net/repository/DEFAULT/sWmklwDgw7jjmnkTDJh6UADM_-I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 17:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:4b:1b:52:9f:fd:4a:34:ab:d8:ed:43:8e:28:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b169a49700e0c3b8e39a79130c987a5000ccffe2
Validity
Not Before: Jan 1 17:48:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f9386d1f2d7d72d8da42e62e061a9242a204f565
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:d7:ff:51:7d:35:80:f2:76:bf:34:43:7e:e3:
fd:dd:13:1e:fa:af:5f:f8:79:b9:96:3b:00:78:9b:
61:19:98:1f:4c:26:49:06:7d:fd:68:73:20:27:82:
57:a6:52:4d:a0:5f:7a:71:78:37:33:3c:51:a6:21:
e7:17:86:59:8f:7d:1d:9d:d3:7f:ef:91:4f:41:55:
88:fd:31:4d:55:79:3a:94:33:ba:a8:c9:c9:95:40:
65:18:1e:17:75:32:e0:61:a6:53:4b:b0:c0:7d:14:
c2:01:7c:39:26:c9:6e:c6:14:a0:77:f8:c3:18:f5:
03:90:0a:f1:1f:3a:e1:fa:24:6d:32:a9:8e:a8:e5:
f7:26:97:53:00:94:3b:ca:71:4f:9a:ef:63:61:00:
a8:98:5d:98:7c:35:b5:a2:a8:80:83:2e:33:7a:86:
d8:a7:8e:44:74:e3:22:ec:19:77:ac:95:15:96:e8:
36:54:8f:c8:e1:44:0d:9d:e9:84:34:13:5d:08:49:
99:af:2e:7f:cb:80:3d:df:84:fc:7a:cb:0d:60:2a:
5d:70:cf:23:b4:98:d8:ff:25:ae:b1:4e:c5:29:04:
e1:49:a6:e3:a7:2b:d8:a6:34:15:23:82:0f:c5:54:
08:7a:3d:a1:98:39:8e:28:aa:16:9e:16:b7:ea:a2:
d1:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:38:6D:1F:2D:7D:72:D8:DA:42:E6:2E:06:1A:92:42:A2:04:F5:65
X509v3 Authority Key Identifier:
keyid:B1:69:A4:97:00:E0:C3:B8:E3:9A:79:13:0C:98:7A:50:00:CC:FF:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sWmklwDgw7jjmnkTDJh6UADM_-I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/39081f-5003-41ed-b80a-3fae034c489e/1/1-ThtHy19ctjaQuYuBhqSQqIE9WU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/39081f-5003-41ed-b80a-3fae034c489e/1/sWmklwDgw7jjmnkTDJh6UADM_-I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.246.192.0/20
79.134.96.0/19
80.248.240.0/20
83.142.72.0/21
185.9.8.0/22
185.163.14.0/23
188.127.192.0/19
217.119.32.0/20
IPv6:
2a00:1190::/32
Signature Algorithm: sha256WithRSAEncryption
40:4c:b6:25:72:79:e3:a4:5d:d8:ab:74:8f:1a:8f:3e:a0:be:
f8:62:88:f9:bb:f6:85:02:7f:31:35:e8:22:05:66:7b:21:1c:
7f:76:9d:98:ac:6f:29:ad:dd:f4:0b:1d:59:02:37:6b:12:d3:
0c:ef:ef:c1:4e:b8:a6:26:50:92:bf:06:df:cb:dd:0b:c7:2c:
fc:fe:63:99:ed:47:2b:b9:eb:d8:32:a6:57:a5:da:de:21:ba:
cd:7d:f2:e3:cf:9d:37:e2:d7:fe:bc:3a:c1:10:e8:7a:8b:d5:
e6:01:78:e9:e0:b0:ec:df:c9:99:9e:64:6b:be:bf:32:6d:b4:
2a:6d:90:8d:33:01:e6:f7:c0:3a:8a:a4:d0:51:84:58:a3:6d:
52:89:b0:ef:b7:74:d0:8c:50:5d:50:d5:9a:f2:01:cb:51:7e:
d7:53:bb:1a:bb:36:a8:fa:33:80:a9:5b:db:4f:ca:3e:f1:82:
ab:04:95:f2:93:73:dd:2d:31:57:4f:db:e9:9d:7e:b2:f0:15:
53:22:fa:bf:3c:2d:06:82:78:d1:dc:f4:39:a1:b7:57:7b:d0:
c5:2d:00:ee:9b:d5:9c:e0:1f:e5:19:ca:58:db:65:a2:a5:e8:
88:68:77:80:6e:f8:97:36:dc:0a:23:db:d3:21:ea:31:15:e9:
53:30:84:95
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAZQi+0sbUp/9SjSr2O1Djii4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNjlhNDk3MDBlMGMzYjhlMzlhNzkxMzBjOTg3YTUwMDBj
Y2ZmZTIwHhcNMjUwMTAxMTc0ODAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTM4NmQxZjJkN2Q3MmQ4ZGE0MmU2MmUwNjFhOTI0MmEyMDRmNTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Nf/UX01gPJ2vzRDfuP93RMe+q9f
+Hm5ljsAeJthGZgfTCZJBn39aHMgJ4JXplJNoF96cXg3MzxRpiHnF4ZZj30dndN/
75FPQVWI/TFNVXk6lDO6qMnJlUBlGB4XdTLgYaZTS7DAfRTCAXw5JsluxhSgd/jD
GPUDkArxHzrh+iRtMqmOqOX3JpdTAJQ7ynFPmu9jYQComF2YfDW1oqiAgy4zeobY
p45EdOMi7Bl3rJUVlug2VI/I4UQNnemENBNdCEmZry5/y4A934T8essNYCpdcM8j
tJjY/yWusU7FKQThSabjpyvYpjQVI4IPxVQIej2hmDmOKKoWnha36qLR0QIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFPk4bR8tfXLY2kLmLgYakkKiBPVlMB8GA1UdIwQY
MBaAFLFppJcA4MO445p5EwyYelAAzP/iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1dta2x3RGd3N2pqbW5rVERKaDZVQURNXy1JLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zOTA4MWYtNTAwMy00MWVkLWI4MGEt
M2ZhZTAzNGM0ODllLzEvMS1UaHRIeTE5Y3RqYVF1WXVCaHFTUXFJRTlXVS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNjUvMzkwODFmLTUwMDMtNDFlZC1iODBhLTNmYWUwMzRjNDg5
ZS8xL3NXbWtsd0Rndzdqam1ua1RESmg2VUFETV8tSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBYBggrBgEFBQcBBwEB/wRJMEcwNgQCAAEwMAMEBE32wAME
BU+GYAMEBFD48AMEA1OOSAMEArkJCAMEAbmjDgMEBbx/wAMEBNl3IDANBAIAAjAH
AwUAKgARkDANBgkqhkiG9w0BAQsFAAOCAQEAQEy2JXJ546Rd2Kt0jxqPPqC++GKI
+bv2hQJ/MTXoIgVmeyEcf3admKxvKa3d9AsdWQI3axLTDO/vwU64piZQkr8G38vd
C8cs/P5jme1HK7nr2DKmV6Xa3iG6zX3y48+dN+LX/rw6wRDoeovV5gF46eCw7N/J
mZ5ka76/Mm20Km2QjTMB5vfAOoqk0FGEWKNtUomw77d00IxQXVDVmvIBy1F+11O7
Grs2qPozgKlb20/KPvGCqwSV8pNz3S0xV0/b6Z1+svAVUyL6vzwtBoJ40dz0OaG3
V3vQxS0A7pvVnOAf5RnKWNtloqXoiGh3gG74lzbcCiPb0yHqMRXpUzCElQ==
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:40:40 2025 by rpki-client