Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/e7f884-cf7b-491c-9ed9-423afc2b68b8/1/rAdBLvyRbVu9ByeGD622HSDJlBU.roa
File: rAdBLvyRbVu9ByeGD622HSDJlBU.roa (raw, json)
Hash identifier: CZZqdpQQG94RuUVqGtWwcTYbY/5K07OCSVEcHRuO4vA=
Subject key identifier: AC:07:41:2E:FC:91:6D:5B:BD:07:27:86:0F:AD:B6:1D:20:C9:94:15
Certificate issuer: /CN=b79220a805e4378547e43bac731ce86fe01145c7
Certificate serial: 0194236A07AB0B512C167167F2137B4888C8
Authority key identifier: B7:92:20:A8:05:E4:37:85:47:E4:3B:AC:73:1C:E8:6F:E0:11:45:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t5IgqAXkN4VH5Duscxzob-ARRcc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/e7f884-cf7b-491c-9ed9-423afc2b68b8/1/rAdBLvyRbVu9ByeGD622HSDJlBU.roa
Signing time: Wed 01 Jan 2025 19:48:58 +0000
ROA not before: Wed 01 Jan 2025 19:48:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9121
IP address blocks: 31.200.0.0/17 maxlen: 24
62.29.0.0/17 maxlen: 24
83.66.0.0/16 maxlen: 24
94.120.0.0/14 maxlen: 24
213.243.0.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/e7f884-cf7b-491c-9ed9-423afc2b68b8/1/t5IgqAXkN4VH5Duscxzob-ARRcc.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/e7f884-cf7b-491c-9ed9-423afc2b68b8/1/t5IgqAXkN4VH5Duscxzob-ARRcc.mft
rsync://rpki.ripe.net/repository/DEFAULT/t5IgqAXkN4VH5Duscxzob-ARRcc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 19:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:07:ab:0b:51:2c:16:71:67:f2:13:7b:48:88:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b79220a805e4378547e43bac731ce86fe01145c7
Validity
Not Before: Jan 1 19:48:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ac07412efc916d5bbd0727860fadb61d20c99415
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:15:98:d1:19:86:d2:a6:aa:09:75:4f:6d:d5:
da:d5:3b:ee:8c:41:9a:db:bb:90:08:17:00:57:7c:
4a:37:7b:3b:39:9a:d0:0f:b4:9c:91:06:72:56:d5:
c6:39:3c:cf:57:01:e5:b4:f4:15:8c:cd:6f:b0:f2:
33:7d:c9:3f:d3:9b:0b:35:db:3d:10:66:02:86:9a:
85:a8:e6:70:4b:b0:94:8e:ee:54:1e:3a:2d:50:8d:
16:2f:26:dd:84:65:c1:90:0e:5a:c9:ab:c7:dc:4f:
19:2d:36:b5:54:b2:2f:a6:13:86:14:b5:49:f0:fb:
97:4f:32:80:7a:57:c3:6d:28:c3:ac:fb:61:35:fc:
e6:f1:0c:0c:00:84:84:0d:18:e2:ed:03:64:a6:3d:
8f:f2:11:f6:0b:7f:6e:e9:e2:95:fd:9d:90:45:a2:
22:a1:4b:e7:f5:02:04:ee:74:bb:b5:9e:eb:01:cb:
64:8e:de:de:bc:fe:48:a6:11:ac:a4:11:10:04:d1:
c5:b2:87:f9:6d:04:83:94:42:73:bc:83:01:a7:38:
be:79:49:70:a4:5c:b4:d7:29:ec:9f:6c:54:d4:72:
ee:f1:61:0c:15:e3:e6:a7:74:a9:0e:2b:35:03:53:
ea:ce:fa:e4:78:8b:60:0d:2c:15:30:30:3a:07:75:
73:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:07:41:2E:FC:91:6D:5B:BD:07:27:86:0F:AD:B6:1D:20:C9:94:15
X509v3 Authority Key Identifier:
keyid:B7:92:20:A8:05:E4:37:85:47:E4:3B:AC:73:1C:E8:6F:E0:11:45:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t5IgqAXkN4VH5Duscxzob-ARRcc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/e7f884-cf7b-491c-9ed9-423afc2b68b8/1/rAdBLvyRbVu9ByeGD622HSDJlBU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/e7f884-cf7b-491c-9ed9-423afc2b68b8/1/t5IgqAXkN4VH5Duscxzob-ARRcc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.200.0.0/17
62.29.0.0/17
83.66.0.0/16
94.120.0.0/14
213.243.0.0/18
Signature Algorithm: sha256WithRSAEncryption
1d:e4:38:a5:10:b9:5e:24:80:36:90:ea:22:f4:72:cd:e6:46:
c9:2a:fd:a8:18:3c:35:f7:7e:75:d8:26:98:46:30:42:55:20:
b7:50:52:aa:56:7f:b4:f0:c2:6f:e2:8e:89:96:67:66:9d:75:
a0:d9:71:1f:ef:4d:61:7c:ba:90:54:74:5e:75:68:30:55:95:
f2:e6:02:fc:ca:35:d5:26:f3:a9:d6:20:b0:15:1e:ef:04:45:
94:dc:30:f7:0a:95:9f:92:91:a2:d8:9b:30:c9:8d:59:d6:5b:
2a:0f:63:cd:0e:8c:7d:28:87:b0:8a:80:26:92:bb:37:d1:09:
ae:f3:dd:bc:83:14:6a:32:28:c0:cf:32:07:00:0c:7b:a0:38:
1c:53:64:12:d5:38:de:5f:18:db:2a:f8:8d:a4:b6:ee:18:ca:
d9:77:fd:e3:ab:7c:82:71:c1:db:5f:83:4a:f7:bb:37:69:b9:
7b:42:a1:0b:0c:49:1e:83:0a:20:dc:1e:09:9e:7b:c4:77:04:
ba:ac:d6:bb:06:92:ad:dc:70:6e:ef:0c:a1:3a:e2:b0:e1:b4:
cf:58:b0:b4:b8:e7:5a:b2:f8:67:1c:56:c5:0c:7c:2c:06:1e:
66:7b:e9:c1:09:c4:a4:d7:46:c8:02:85:a3:3f:a6:1f:1a:2b:
79:54:f3:dc
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZQjagerC1EsFnFn8hN7SIjIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3OTIyMGE4MDVlNDM3ODU0N2U0M2JhYzczMWNlODZmZTAx
MTQ1YzcwHhcNMjUwMTAxMTk0ODU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzA3NDEyZWZjOTE2ZDViYmQwNzI3ODYwZmFkYjYxZDIwYzk5NDE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwRWY0RmG0qaqCXVPbdXa1TvujEGa
27uQCBcAV3xKN3s7OZrQD7SckQZyVtXGOTzPVwHltPQVjM1vsPIzfck/05sLNds9
EGYChpqFqOZwS7CUju5UHjotUI0WLybdhGXBkA5ayavH3E8ZLTa1VLIvphOGFLVJ
8PuXTzKAelfDbSjDrPthNfzm8QwMAISEDRji7QNkpj2P8hH2C39u6eKV/Z2QRaIi
oUvn9QIE7nS7tZ7rActkjt7evP5IphGspBEQBNHFsof5bQSDlEJzvIMBpzi+eUlw
pFy01ynsn2xU1HLu8WEMFePmp3SpDis1A1PqzvrkeItgDSwVMDA6B3VzEQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFKwHQS78kW1bvQcnhg+tth0gyZQVMB8GA1UdIwQY
MBaAFLeSIKgF5DeFR+Q7rHMc6G/gEUXHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDVJZ3FBWGtONFZINUR1c2N4em9iLUFSUmNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9lN2Y4ODQtY2Y3Yi00OTFjLTllZDkt
NDIzYWZjMmI2OGI4LzEvckFkQkx2eVJiVnU5QnllR0Q2MjJIU0RKbEJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9lN2Y4ODQtY2Y3Yi00OTFjLTllZDktNDIzYWZjMmI2OGI4
LzEvdDVJZ3FBWGtONFZINUR1c2N4em9iLUFSUmNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcAwQHH8gAAwQH
Ph0AAwMAU0IDAwJeeAMEBtXzADANBgkqhkiG9w0BAQsFAAOCAQEAHeQ4pRC5XiSA
NpDqIvRyzeZGySr9qBg8Nfd+ddgmmEYwQlUgt1BSqlZ/tPDCb+KOiZZnZp11oNlx
H+9NYXy6kFR0XnVoMFWV8uYC/Mo11SbzqdYgsBUe7wRFlNww9wqVn5KRotibMMmN
WdZbKg9jzQ6MfSiHsIqAJpK7N9EJrvPdvIMUajIowM8yBwAMe6A4HFNkEtU43l8Y
2yr4jaS27hjK2Xf946t8gnHB21+DSve7N2m5e0KhCwxJHoMKINweCZ57xHcEuqzW
uwaSrdxwbu8MoTrisOG0z1iwtLjnWrL4ZxxWxQx8LAYeZnvpwQnEpNdGyAKFoz+m
HxoreVTz3A==
-----END CERTIFICATE-----
Generated at Mon Apr 7 04:42:43 2025 by rpki-client