Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/7e500d-5552-4b82-a3bd-aa0071b7bf84/1/F3E0kox0yNLNp6GPi3ZmqfgQKTs.roa
File: F3E0kox0yNLNp6GPi3ZmqfgQKTs.roa (raw, json)
Hash identifier: UneyfmP6aoU2v1WkHtcA23llsK6rkwb/p+IXrda/FUg=
Subject key identifier: 17:71:34:92:8C:74:C8:D2:CD:A7:A1:8F:8B:76:66:A9:F8:10:29:3B
Certificate issuer: /CN=339cbb1e439a3a71eb8796692f622bf838f8488c
Certificate serial: 019424B37CFB2907B5066E3A75B7B594BE74
Authority key identifier: 33:9C:BB:1E:43:9A:3A:71:EB:87:96:69:2F:62:2B:F8:38:F8:48:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M5y7HkOaOnHrh5ZpL2Ir-Dj4SIw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/7e500d-5552-4b82-a3bd-aa0071b7bf84/1/F3E0kox0yNLNp6GPi3ZmqfgQKTs.roa
Signing time: Thu 02 Jan 2025 01:48:50 +0000
ROA not before: Thu 02 Jan 2025 01:48:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34409
IP address blocks: 78.24.160.0/21 maxlen: 21
78.24.160.0/24 maxlen: 24
78.24.161.0/24 maxlen: 24
78.24.162.0/24 maxlen: 24
78.24.163.0/24 maxlen: 24
78.24.164.0/24 maxlen: 24
78.24.165.0/24 maxlen: 24
78.24.166.0/24 maxlen: 24
78.24.167.0/24 maxlen: 24
193.151.36.0/24 maxlen: 24
193.151.37.0/24 maxlen: 24
193.151.38.0/24 maxlen: 24
195.8.99.0/24 maxlen: 24
2a02:1320::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/7e500d-5552-4b82-a3bd-aa0071b7bf84/1/M5y7HkOaOnHrh5ZpL2Ir-Dj4SIw.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/7e500d-5552-4b82-a3bd-aa0071b7bf84/1/M5y7HkOaOnHrh5ZpL2Ir-Dj4SIw.mft
rsync://rpki.ripe.net/repository/DEFAULT/M5y7HkOaOnHrh5ZpL2Ir-Dj4SIw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:7c:fb:29:07:b5:06:6e:3a:75:b7:b5:94:be:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=339cbb1e439a3a71eb8796692f622bf838f8488c
Validity
Not Before: Jan 2 01:48:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=177134928c74c8d2cda7a18f8b7666a9f810293b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:da:ae:85:59:fb:93:40:e8:7c:18:0c:e6:ec:
10:e9:01:b9:35:82:0c:9d:42:54:f1:f3:8e:21:94:
c0:9d:9e:5b:61:1f:1f:5e:4c:99:36:ed:6f:c2:6c:
6c:e6:4b:e2:40:e1:ff:65:ab:58:44:e7:fc:cd:0f:
d9:7d:8a:f8:87:46:fe:38:33:f2:12:79:8c:1b:3a:
a6:42:c9:ba:63:b4:14:5a:25:d9:65:21:c1:49:22:
bc:dd:3a:51:f5:d9:db:db:21:10:57:ca:38:db:9b:
f3:03:c5:cc:1a:fc:f1:3a:f7:44:fb:c7:b6:d8:d3:
53:fc:47:cd:84:bb:9b:ec:99:b1:dd:54:b5:82:91:
2d:8e:bc:7a:15:37:28:57:d5:5d:57:a6:57:ad:6c:
48:30:97:4a:bd:b0:87:b1:76:1b:73:1a:c7:fb:9d:
1b:4b:a8:bf:2d:18:ce:96:af:62:f4:0e:16:90:1d:
ca:94:5a:d6:a4:6e:26:17:75:05:9a:74:96:55:d0:
78:66:49:19:a1:7c:4e:1b:15:9c:bb:f9:06:14:a5:
4a:e9:21:20:9c:aa:ec:23:41:a3:aa:52:1f:3e:ad:
50:b5:29:57:6c:8c:9c:9e:70:63:21:42:b4:e5:59:
f6:67:d0:78:28:e1:a2:10:15:2e:e9:c0:c8:54:22:
0e:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:71:34:92:8C:74:C8:D2:CD:A7:A1:8F:8B:76:66:A9:F8:10:29:3B
X509v3 Authority Key Identifier:
keyid:33:9C:BB:1E:43:9A:3A:71:EB:87:96:69:2F:62:2B:F8:38:F8:48:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M5y7HkOaOnHrh5ZpL2Ir-Dj4SIw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/7e500d-5552-4b82-a3bd-aa0071b7bf84/1/F3E0kox0yNLNp6GPi3ZmqfgQKTs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/7e500d-5552-4b82-a3bd-aa0071b7bf84/1/M5y7HkOaOnHrh5ZpL2Ir-Dj4SIw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.24.160.0/21
193.151.36.0-193.151.38.255
195.8.99.0/24
IPv6:
2a02:1320::/32
Signature Algorithm: sha256WithRSAEncryption
83:f9:e5:d1:57:4b:f1:22:fc:9b:9a:dc:a6:62:ab:64:77:b0:
3e:dc:f9:f4:5e:b3:ea:43:73:29:5b:fe:e6:c4:5d:5d:50:1e:
83:e7:d2:5b:51:b7:52:d0:41:32:aa:6b:1b:93:30:97:e7:9d:
29:58:b9:ba:a5:56:ff:54:9d:9d:40:75:30:ce:56:87:10:4d:
54:92:ed:38:67:da:16:49:f5:28:b4:7e:b5:e2:a7:1f:2a:15:
52:f0:e6:8b:62:5d:74:44:df:2a:d2:db:30:23:02:8a:4c:16:
59:be:7a:59:15:f9:af:fd:4e:a3:95:25:a2:46:0d:e1:71:e3:
da:c3:2b:22:64:4e:1e:a3:c0:82:6e:1c:0f:ab:98:00:f4:05:
f5:e8:93:f4:e7:a5:27:5f:93:84:22:ea:51:b6:5a:34:9d:e8:
cb:ff:d2:5f:bf:2f:86:91:9d:e4:7b:b3:fc:2c:47:c8:a8:33:
9a:66:d7:4e:2d:dc:40:26:4e:db:85:fd:14:88:81:88:54:0e:
fb:dd:9f:7c:00:07:99:cc:4d:f7:8c:ae:78:0a:80:ab:c5:06:
ac:21:01:c7:f0:a1:b8:e2:3d:59:5c:bc:dd:fe:56:a7:2e:1b:
4c:00:fa:7c:07:28:71:1c:a4:fe:3a:d4:94:a5:18:77:05:e0:
cc:77:5d:ff
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZQks3z7KQe1Bm46dbe1lL50MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzOWNiYjFlNDM5YTNhNzFlYjg3OTY2OTJmNjIyYmY4Mzhm
ODQ4OGMwHhcNMjUwMTAyMDE0ODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzcxMzQ5MjhjNzRjOGQyY2RhN2ExOGY4Yjc2NjZhOWY4MTAyOTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA09quhVn7k0DofBgM5uwQ6QG5NYIM
nUJU8fOOIZTAnZ5bYR8fXkyZNu1vwmxs5kviQOH/ZatYROf8zQ/ZfYr4h0b+ODPy
EnmMGzqmQsm6Y7QUWiXZZSHBSSK83TpR9dnb2yEQV8o425vzA8XMGvzxOvdE+8e2
2NNT/EfNhLub7Jmx3VS1gpEtjrx6FTcoV9VdV6ZXrWxIMJdKvbCHsXYbcxrH+50b
S6i/LRjOlq9i9A4WkB3KlFrWpG4mF3UFmnSWVdB4ZkkZoXxOGxWcu/kGFKVK6SEg
nKrsI0GjqlIfPq1QtSlXbIycnnBjIUK05Vn2Z9B4KOGiEBUu6cDIVCIOcwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFBdxNJKMdMjSzaehj4t2Zqn4ECk7MB8GA1UdIwQY
MBaAFDOcux5Dmjpx64eWaS9iK/g4+EiMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTV5N0hrT2FPbkhyaDVacEwySXItRGo0U0l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS83ZTUwMGQtNTU1Mi00YjgyLWEzYmQt
YWEwMDcxYjdiZjg0LzEvRjNFMGtveDB5TkxOcDZHUGkzWm1xZmdRS1RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS83ZTUwMGQtNTU1Mi00YjgyLWEzYmQtYWEwMDcxYjdiZjg0
LzEvTTV5N0hrT2FPbkhyaDVacEwySXItRGo0U0l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQDThigMAwD
BALBlyQDBADBlyYDBADDCGMwDQQCAAIwBwMFACoCEyAwDQYJKoZIhvcNAQELBQAD
ggEBAIP55dFXS/Ei/Jua3KZiq2R3sD7c+fRes+pDcylb/ubEXV1QHoPn0ltRt1LQ
QTKqaxuTMJfnnSlYubqlVv9UnZ1AdTDOVocQTVSS7Thn2hZJ9Si0frXipx8qFVLw
5otiXXRE3yrS2zAjAopMFlm+elkV+a/9TqOVJaJGDeFx49rDKyJkTh6jwIJuHA+r
mAD0BfXok/TnpSdfk4Qi6lG2WjSd6Mv/0l+/L4aRneR7s/wsR8ioM5pm104t3EAm
TtuF/RSIgYhUDvvdn3wAB5nMTfeMrngKgKvFBqwhAcfwobjiPVlcvN3+VqcuG0wA
+nwHKHEcpP461JSlGHcF4Mx3Xf8=
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:07:32 2025 by rpki-client