Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/1-l8IN9WmFAM_8sHp6ULKXINOpuo.roa
File: 1-l8IN9WmFAM_8sHp6ULKXINOpuo.roa (raw, json)
Hash identifier: OepTW0KIexB7Ma6Qq1vDY3wE1ZrCvSqnaxM/NAfOK20=
Subject key identifier: FA:5F:08:37:D5:A6:14:03:3F:F2:C1:E9:E9:42:CA:5C:83:4E:A6:EA
Certificate issuer: /CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Certificate serial: 01942823D0F4B97F311E89124CF4A1E65766
Authority key identifier: A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/1-l8IN9WmFAM_8sHp6ULKXINOpuo.roa
Signing time: Thu 02 Jan 2025 17:50:23 +0000
ROA not before: Thu 02 Jan 2025 17:50:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41272
IP address blocks: 46.165.64.0/18 maxlen: 18
80.185.0.0/16 maxlen: 16
188.7.0.0/16 maxlen: 16
2a00:8380::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.mft
rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 04:01:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:d0:f4:b9:7f:31:1e:89:12:4c:f4:a1:e6:57:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Validity
Not Before: Jan 2 17:50:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fa5f0837d5a614033ff2c1e9e942ca5c834ea6ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:a4:53:dc:18:a1:2a:62:f8:6e:3a:94:c4:f5:
db:4f:73:b6:c8:f6:54:fd:f5:06:8c:67:08:20:44:
82:e2:d0:da:8d:25:90:1a:cf:4f:0b:30:81:fd:46:
40:9a:4f:3c:33:09:3f:e9:ed:e1:1b:ce:d1:1b:7a:
5a:e2:4b:72:b5:a2:76:76:7b:95:c9:42:6b:e3:29:
ef:b2:5d:90:f8:89:76:5f:85:df:68:9e:70:c9:df:
ac:6e:e8:6a:93:92:67:a3:f3:d1:fd:59:a9:b1:75:
45:1c:6a:1c:2b:cf:a7:6b:2a:1a:a2:a0:21:d1:af:
f7:50:7e:27:97:7e:b4:ee:42:b6:b6:9c:ae:2d:79:
7f:1e:1d:ae:a2:8b:d1:4f:bc:ce:dc:d9:2c:6a:8d:
b0:97:77:c1:88:d4:93:f8:40:fa:ec:11:48:85:e0:
04:22:12:c1:65:d5:b2:13:66:07:34:1c:4c:73:ff:
86:79:13:50:f7:e3:00:c0:82:ae:de:d9:39:47:d4:
7a:3d:d5:4d:2e:8f:52:28:ea:cb:e2:11:23:52:cb:
e7:3c:4f:a9:04:dd:55:d4:2d:f7:7f:32:3a:31:ba:
86:bd:ce:55:13:15:32:70:9d:67:cd:6d:f7:20:ab:
09:11:52:ad:03:51:4c:05:2e:2a:0a:b8:89:d0:bf:
eb:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:5F:08:37:D5:A6:14:03:3F:F2:C1:E9:E9:42:CA:5C:83:4E:A6:EA
X509v3 Authority Key Identifier:
keyid:A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/1-l8IN9WmFAM_8sHp6ULKXINOpuo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.165.64.0/18
80.185.0.0/16
188.7.0.0/16
IPv6:
2a00:8380::/32
Signature Algorithm: sha256WithRSAEncryption
81:be:cd:97:86:7c:e9:d2:cd:95:a1:78:3a:87:2b:9b:23:b9:
82:44:64:cb:14:88:87:fc:8c:36:0e:47:8c:37:64:e3:6f:cf:
75:c5:35:69:a4:f5:8f:85:69:3b:3c:be:c5:7d:02:5d:eb:8e:
11:e3:4b:c6:f9:8e:88:e7:69:81:43:b0:41:66:81:0c:d2:23:
9f:8b:33:25:3e:88:3c:27:0a:9f:15:e1:98:ee:73:16:19:19:
73:0a:08:2f:3e:ed:a1:26:a3:14:a9:e9:5b:b3:59:f9:1e:0b:
ed:a9:ce:f0:c4:c1:f1:a7:a3:06:d5:7c:24:79:45:ed:a4:ad:
e6:e1:0a:f1:07:3b:15:3c:d1:98:cf:3f:3e:3f:28:ec:f3:00:
a5:2f:db:93:44:f3:2c:5e:d3:70:ec:82:90:e1:b6:88:a4:88:
35:82:02:92:e7:74:5a:28:93:15:f8:fc:b6:05:60:57:06:ef:
7f:7e:23:dd:14:40:be:2d:62:33:44:7d:6b:90:07:84:f5:c0:
30:f5:af:09:9c:54:05:7e:fa:5a:95:a9:da:d9:54:58:01:95:
66:ed:d2:3b:e0:e4:2e:5a:d3:ad:41:43:59:a1:0d:22:6a:19:
1f:be:0f:72:ba:8b:0b:27:65:f3:01:94:c2:e3:29:31:45:15:
4f:47:68:f9
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQoI9D0uX8xHokSTPSh5ldmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZWY1ZmJiZmNhN2E5M2NmZWU5NjVlZWI2YmRlZTZmYjQz
YzQwM2UwHhcNMjUwMTAyMTc1MDIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTVmMDgzN2Q1YTYxNDAzM2ZmMmMxZTllOTQyY2E1YzgzNGVhNmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr6RT3BihKmL4bjqUxPXbT3O2yPZU
/fUGjGcIIESC4tDajSWQGs9PCzCB/UZAmk88Mwk/6e3hG87RG3pa4ktytaJ2dnuV
yUJr4ynvsl2Q+Il2X4XfaJ5wyd+sbuhqk5Jno/PR/VmpsXVFHGocK8+nayoaoqAh
0a/3UH4nl3607kK2tpyuLXl/Hh2uoovRT7zO3Nksao2wl3fBiNST+ED67BFIheAE
IhLBZdWyE2YHNBxMc/+GeRNQ9+MAwIKu3tk5R9R6PdVNLo9SKOrL4hEjUsvnPE+p
BN1V1C33fzI6MbqGvc5VExUycJ1nzW33IKsJEVKtA1FMBS4qCriJ0L/rNQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFPpfCDfVphQDP/LB6elCylyDTqbqMB8GA1UdIwQY
MBaAFKDvX7v8p6k8/ull7ra97m+0PEA+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2Mt
MDI5MmIwMjAxNTBhLzEvMS1sOElOOVdtRkFNXzhzSHA2VUxLWElOT3B1by5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzIvZmU5MTVjLWJmNzAtNDYwMi04YTNjLTAyOTJiMDIwMTUw
YS8xL29POWZ1X3lucVR6LTZXWHV0cjN1YjdROFFENC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA4BggrBgEFBQcBBwEB/wQpMCcwFgQCAAEwEAMEBi6lQAMD
AFC5AwMAvAcwDQQCAAIwBwMFACoAg4AwDQYJKoZIhvcNAQELBQADggEBAIG+zZeG
fOnSzZWheDqHK5sjuYJEZMsUiIf8jDYOR4w3ZONvz3XFNWmk9Y+FaTs8vsV9Al3r
jhHjS8b5jojnaYFDsEFmgQzSI5+LMyU+iDwnCp8V4ZjucxYZGXMKCC8+7aEmoxSp
6VuzWfkeC+2pzvDEwfGnowbVfCR5Re2krebhCvEHOxU80ZjPPz4/KOzzAKUv25NE
8yxe03DsgpDhtoikiDWCApLndFookxX4/LYFYFcG739+I90UQL4tYjNEfWuQB4T1
wDD1rwmcVAV++lqVqdrZVFgBlWbt0jvg5C5a061BQ1mhDSJqGR++D3K6iwsnZfMB
lMLjKTFFFU9HaPk=
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:02:54 2025 by rpki-client