Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/_DWZCZ1si8aBzqMNIm8Ef7GE9Eo.roa
File: _DWZCZ1si8aBzqMNIm8Ef7GE9Eo.roa (raw, json)
Hash identifier: s4OAbwWH4R0XydqNCXaiEZGXYXtwOtGgb6PW+nNqG2U=
Subject key identifier: FC:35:99:09:9D:6C:8B:C6:81:CE:A3:0D:22:6F:04:7F:B1:84:F4:4A
Certificate issuer: /CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Certificate serial: 019427B42B1ED7655129B2391A2C11C1861B
Authority key identifier: F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/_DWZCZ1si8aBzqMNIm8Ef7GE9Eo.roa
Signing time: Thu 02 Jan 2025 15:48:26 +0000
ROA not before: Thu 02 Jan 2025 15:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209854
IP address blocks: 82.140.187.0/24 maxlen: 24
82.140.188.0/24 maxlen: 24
84.46.131.0/24 maxlen: 24
84.46.145.0/24 maxlen: 24
217.9.244.0/24 maxlen: 24
217.9.245.0/24 maxlen: 24
217.9.247.0/24 maxlen: 24
217.9.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b4:2b:1e:d7:65:51:29:b2:39:1a:2c:11:c1:86:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Validity
Not Before: Jan 2 15:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fc3599099d6c8bc681cea30d226f047fb184f44a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:20:35:fb:da:c5:75:e1:0e:49:65:24:bb:44:
92:ca:0b:a7:5a:57:41:a7:91:1e:d9:60:fd:62:85:
26:8f:10:b5:98:4b:6c:8d:9d:87:47:70:d4:7f:7a:
a0:8b:c4:ef:e2:d4:8d:6c:b8:0f:ec:ed:cb:24:95:
f3:05:d6:ab:5f:ef:b4:cf:4c:b7:90:26:db:92:b0:
35:61:94:2a:02:0c:89:7b:65:ce:ec:18:f2:04:65:
8b:01:5d:d3:55:94:7e:48:6f:af:6c:b1:b3:1a:f3:
d5:af:52:b0:23:33:d1:45:9a:28:f0:0b:34:1d:a6:
e8:0f:0f:84:7b:ab:ce:60:a7:7a:36:26:30:90:51:
a5:35:33:05:3c:b0:3a:d7:c4:7b:ea:18:88:fe:5d:
9f:35:7d:5b:f1:c6:76:a6:07:bd:ce:a8:7f:aa:ee:
85:62:6e:c6:5a:f1:bf:9b:d7:c7:13:33:21:a9:eb:
d1:98:f8:70:53:ef:d8:2e:2d:39:22:d8:e2:68:6b:
50:59:b5:3c:42:b2:75:8b:3f:4a:97:08:94:ac:91:
5d:2b:58:69:49:ed:d0:43:cb:b2:dd:5c:51:9e:11:
25:58:5a:ba:e0:b8:38:cf:51:c9:ca:f4:34:44:18:
95:9c:ba:0a:a8:23:91:ce:a5:d6:30:f4:a7:c0:31:
eb:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:35:99:09:9D:6C:8B:C6:81:CE:A3:0D:22:6F:04:7F:B1:84:F4:4A
X509v3 Authority Key Identifier:
keyid:F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/_DWZCZ1si8aBzqMNIm8Ef7GE9Eo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.140.187.0-82.140.188.255
84.46.131.0/24
84.46.145.0/24
217.9.244.0/23
217.9.247.0/24
217.9.250.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:77:36:8c:f7:e3:d0:b7:7d:ad:bf:f4:90:5d:ba:12:cc:88:
62:18:95:1c:ff:26:54:b4:42:78:bf:29:fa:ce:ee:ce:c0:a7:
36:63:3e:de:43:c1:0a:11:e0:a7:f4:13:7b:5f:56:0b:bc:c2:
96:f9:47:6a:6a:8d:92:54:2c:01:26:81:eb:99:1f:f7:bb:04:
74:8c:b5:2e:43:67:f2:02:71:99:7d:f7:e4:6b:dd:11:69:23:
75:35:12:12:4b:d4:21:19:2c:ca:c5:e6:0a:d7:d2:2d:17:9f:
22:4b:46:68:6b:45:a8:bf:18:be:66:f2:36:6d:fd:c3:cb:05:
d8:6d:b8:e8:ca:1d:b9:05:fe:72:75:3e:eb:10:d9:0d:6c:0b:
c7:69:c0:33:06:13:6c:8d:01:fd:ed:c2:6a:50:53:52:36:74:
83:01:dc:d6:f2:2e:7d:d6:33:43:b4:a2:9f:d9:86:0f:29:e4:
f9:e4:ad:eb:a8:14:1c:9e:bb:9e:8b:de:d8:29:bc:a5:ba:da:
b8:ce:a1:b6:7f:b3:73:f8:b8:39:3a:10:d4:42:e9:26:51:3d:
52:94:62:91:9d:4b:77:f3:dd:4f:6d:2a:e2:cf:f3:0e:d0:34:
e1:5b:c8:1a:a9:a2:90:ae:2e:3b:c8:c7:19:b1:9f:e7:1e:65:
98:c7:7a:82
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZQntCse12VRKbI5GiwRwYYbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZGQ4MWE4MzNkOWIwNDNjN2ZmZDYzNWE1OTg3ZjUzNjk3
MTE4MGQwHhcNMjUwMTAyMTU0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzM1OTkwOTlkNmM4YmM2ODFjZWEzMGQyMjZmMDQ3ZmIxODRmNDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqCA1+9rFdeEOSWUku0SSygunWldB
p5Ee2WD9YoUmjxC1mEtsjZ2HR3DUf3qgi8Tv4tSNbLgP7O3LJJXzBdarX++0z0y3
kCbbkrA1YZQqAgyJe2XO7BjyBGWLAV3TVZR+SG+vbLGzGvPVr1KwIzPRRZoo8As0
HaboDw+Ee6vOYKd6NiYwkFGlNTMFPLA618R76hiI/l2fNX1b8cZ2pge9zqh/qu6F
Ym7GWvG/m9fHEzMhqevRmPhwU+/YLi05ItjiaGtQWbU8QrJ1iz9KlwiUrJFdK1hp
Se3QQ8uy3VxRnhElWFq64Lg4z1HJyvQ0RBiVnLoKqCORzqXWMPSnwDHrTQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFPw1mQmdbIvGgc6jDSJvBH+xhPRKMB8GA1UdIwQY
MBaAFPDdgagz2bBDx//WNaWYf1NpcRgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUt
MDQ2ODA0MjQ4NmRjLzEvX0RXWkNaMXNpOGFCenFNTkltOEVmN0dFOUVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUtMDQ2ODA0MjQ4NmRj
LzEvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsMAwDBABSjLsD
BABSjLwDBABULoMDBABULpEDBAHZCfQDBADZCfcDBADZCfowDQYJKoZIhvcNAQEL
BQADggEBAKN3Noz349C3fa2/9JBduhLMiGIYlRz/JlS0Qni/KfrO7s7ApzZjPt5D
wQoR4Kf0E3tfVgu8wpb5R2pqjZJULAEmgeuZH/e7BHSMtS5DZ/ICcZl99+Rr3RFp
I3U1EhJL1CEZLMrF5grX0i0XnyJLRmhrRai/GL5m8jZt/cPLBdhtuOjKHbkF/nJ1
PusQ2Q1sC8dpwDMGE2yNAf3twmpQU1I2dIMB3NbyLn3WM0O0op/Zhg8p5Pnkreuo
FByeu56L3tgpvKW62rjOobZ/s3P4uDk6ENRC6SZRPVKUYpGdS3fz3U9tKuLP8w7Q
NOFbyBqpopCuLjvIxxmxn+ceZZjHeoI=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:06:14 2025 by rpki-client