Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/16afe5-a443-4237-ad7d-dab6e2c5fdd9/1/f5XMhdDv4boUrAlP04hly_uT_DY.roa
File: f5XMhdDv4boUrAlP04hly_uT_DY.roa (raw, json)
Hash identifier: eL7YWqbohX8ob6HoNr2HS/CxgsCuHhS0bMMR1aWHqbs=
Subject key identifier: 7F:95:CC:85:D0:EF:E1:BA:14:AC:09:4F:D3:88:65:CB:FB:93:FC:36
Certificate issuer: /CN=cef84e4749cccd583fefc7797c3d67b10898a188
Certificate serial: 019420D6491647E3D4B44098E290E6CB3646
Authority key identifier: CE:F8:4E:47:49:CC:CD:58:3F:EF:C7:79:7C:3D:67:B1:08:98:A1:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zvhOR0nMzVg_78d5fD1nsQiYoYg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/16afe5-a443-4237-ad7d-dab6e2c5fdd9/1/f5XMhdDv4boUrAlP04hly_uT_DY.roa
Signing time: Wed 01 Jan 2025 07:48:21 +0000
ROA not before: Wed 01 Jan 2025 07:48:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43627
IP address blocks: 46.36.92.0/22 maxlen: 24
185.61.64.0/24 maxlen: 24
185.61.65.0/24 maxlen: 24
185.61.66.0/24 maxlen: 24
185.61.67.0/24 maxlen: 24
213.164.120.0/23 maxlen: 24
213.164.122.0/23 maxlen: 24
213.164.124.0/23 maxlen: 24
213.164.126.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/16afe5-a443-4237-ad7d-dab6e2c5fdd9/1/zvhOR0nMzVg_78d5fD1nsQiYoYg.crl
rsync://rpki.ripe.net/repository/DEFAULT/67/16afe5-a443-4237-ad7d-dab6e2c5fdd9/1/zvhOR0nMzVg_78d5fD1nsQiYoYg.mft
rsync://rpki.ripe.net/repository/DEFAULT/zvhOR0nMzVg_78d5fD1nsQiYoYg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:49:16:47:e3:d4:b4:40:98:e2:90:e6:cb:36:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cef84e4749cccd583fefc7797c3d67b10898a188
Validity
Not Before: Jan 1 07:48:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7f95cc85d0efe1ba14ac094fd38865cbfb93fc36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:7f:bc:e0:5d:2f:7b:d9:f4:6e:d5:80:6d:7b:
ff:c4:4c:cd:76:9f:0a:ff:bd:b1:77:57:f8:98:5f:
34:1a:ed:6e:18:b3:79:12:85:c9:d2:be:fb:6a:2b:
d0:91:32:c7:88:05:11:8a:3e:51:b3:b9:47:c8:50:
8c:25:a4:82:10:1e:ca:12:f8:f2:99:6e:69:be:d9:
76:86:f3:19:ac:76:50:f9:81:20:f3:29:da:85:77:
3f:82:c9:f7:3d:e0:06:aa:bd:4d:74:dd:8a:3b:b6:
6c:e8:f4:24:08:93:1b:65:e6:9f:3b:74:5d:25:35:
4e:d3:67:41:c6:b2:35:a0:3e:80:75:46:ac:00:47:
9a:15:c5:18:1e:73:bc:93:a3:cc:62:03:91:46:77:
51:5e:db:4f:34:1b:a6:5a:7d:9d:fb:4f:1b:bf:e0:
cd:56:20:9b:49:af:18:d9:59:af:ba:df:f0:fb:e4:
09:61:37:2d:2e:92:e1:65:af:c2:20:8e:ae:62:f3:
19:e4:57:d2:14:68:15:94:7f:29:9c:6b:85:ea:a1:
4d:a8:46:a1:47:61:c9:a1:43:bd:00:7e:88:02:0b:
2c:59:16:74:e2:b0:d6:63:cc:22:5b:02:6e:9e:63:
92:32:85:67:c3:78:aa:85:48:40:55:24:2c:eb:a5:
c4:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:95:CC:85:D0:EF:E1:BA:14:AC:09:4F:D3:88:65:CB:FB:93:FC:36
X509v3 Authority Key Identifier:
keyid:CE:F8:4E:47:49:CC:CD:58:3F:EF:C7:79:7C:3D:67:B1:08:98:A1:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zvhOR0nMzVg_78d5fD1nsQiYoYg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/16afe5-a443-4237-ad7d-dab6e2c5fdd9/1/f5XMhdDv4boUrAlP04hly_uT_DY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/16afe5-a443-4237-ad7d-dab6e2c5fdd9/1/zvhOR0nMzVg_78d5fD1nsQiYoYg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.36.92.0/22
185.61.64.0/22
213.164.120.0/21
Signature Algorithm: sha256WithRSAEncryption
59:2a:ab:b5:ed:69:af:f0:eb:6c:a3:41:00:df:34:a5:f4:be:
81:9d:b8:c7:29:d9:19:fd:a8:c9:83:01:7b:80:13:22:73:da:
6b:b5:8f:af:46:e4:64:93:20:69:8a:61:79:59:e1:6a:19:70:
70:22:fe:fe:1b:53:66:91:9b:5f:f3:2b:6b:2d:da:f9:54:f0:
41:84:17:e6:52:7f:db:80:f8:99:b2:29:78:75:8d:37:14:e9:
4b:93:64:70:0f:bb:9c:58:59:c7:4f:1c:5e:b7:00:0d:9f:3b:
98:bf:bd:37:47:df:76:d4:a6:e5:b1:14:40:70:ca:ce:ec:a9:
2f:32:8b:dd:03:eb:f3:98:bf:6b:4b:7b:34:14:b8:4f:71:25:
0f:50:40:54:cf:f3:d2:f8:ef:11:20:c5:81:63:55:20:c8:26:
a2:c7:17:e3:13:85:50:c0:31:2c:a5:54:5e:1f:cc:ca:3a:ce:
de:f7:ff:0b:e0:74:fe:b1:6e:07:c1:90:da:33:b8:dd:22:f8:
84:27:26:b9:a6:1d:19:24:5a:03:54:21:7b:24:58:a9:26:d1:
14:35:80:c0:e5:19:e6:aa:6a:27:f6:72:48:0c:4d:4c:f7:ac:
82:81:34:69:2a:51:9b:e1:8e:ee:7a:7d:82:07:da:a7:6a:86:
7c:30:0f:95
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQg1kkWR+PUtECY4pDmyzZGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlZjg0ZTQ3NDljY2NkNTgzZmVmYzc3OTdjM2Q2N2IxMDg5
OGExODgwHhcNMjUwMTAxMDc0ODIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Zjk1Y2M4NWQwZWZlMWJhMTRhYzA5NGZkMzg4NjVjYmZiOTNmYzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvH+84F0ve9n0btWAbXv/xEzNdp8K
/72xd1f4mF80Gu1uGLN5EoXJ0r77aivQkTLHiAURij5Rs7lHyFCMJaSCEB7KEvjy
mW5pvtl2hvMZrHZQ+YEg8ynahXc/gsn3PeAGqr1NdN2KO7Zs6PQkCJMbZeafO3Rd
JTVO02dBxrI1oD6AdUasAEeaFcUYHnO8k6PMYgORRndRXttPNBumWn2d+08bv+DN
ViCbSa8Y2Vmvut/w++QJYTctLpLhZa/CII6uYvMZ5FfSFGgVlH8pnGuF6qFNqEah
R2HJoUO9AH6IAgssWRZ04rDWY8wiWwJunmOSMoVnw3iqhUhAVSQs66XEwQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFH+VzIXQ7+G6FKwJT9OIZcv7k/w2MB8GA1UdIwQY
MBaAFM74TkdJzM1YP+/HeXw9Z7EImKGIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenZoT1Iwbk16VmdfNzhkNWZEMW5zUWlZb1lnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny8xNmFmZTUtYTQ0My00MjM3LWFkN2Qt
ZGFiNmUyYzVmZGQ5LzEvZjVYTWhkRHY0Ym9VckFsUDA0aGx5X3VUX0RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny8xNmFmZTUtYTQ0My00MjM3LWFkN2QtZGFiNmUyYzVmZGQ5
LzEvenZoT1Iwbk16VmdfNzhkNWZEMW5zUWlZb1lnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLiRcAwQC
uT1AAwQD1aR4MA0GCSqGSIb3DQEBCwUAA4IBAQBZKqu17Wmv8Otso0EA3zSl9L6B
nbjHKdkZ/ajJgwF7gBMic9prtY+vRuRkkyBpimF5WeFqGXBwIv7+G1NmkZtf8ytr
Ldr5VPBBhBfmUn/bgPiZsil4dY03FOlLk2RwD7ucWFnHTxxetwANnzuYv703R992
1KblsRRAcMrO7KkvMovdA+vzmL9rS3s0FLhPcSUPUEBUz/PS+O8RIMWBY1UgyCai
xxfjE4VQwDEspVReH8zKOs7e9/8L4HT+sW4HwZDaM7jdIviEJya5ph0ZJFoDVCF7
JFipJtEUNYDA5Rnmqmon9nJIDE1M96yCgTRpKlGb4Y7uen2CB9qnaoZ8MA+V
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:00:21 2025 by rpki-client