Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/748741-870d-4770-83e5-1af3965717f7/1/A1IHvzr80p19NJwiJMcDQphdaaM.roa
File: A1IHvzr80p19NJwiJMcDQphdaaM.roa (raw, json)
Hash identifier: 8TEFqh69arr6lwHcUIob0787g8rOpyOuebdTkdVTUag=
Subject key identifier: 03:52:07:BF:3A:FC:D2:9D:7D:34:9C:22:24:C7:03:42:98:5D:69:A3
Certificate issuer: /CN=59ec8a5afa3ed8ebb856d4d821f696d157f8a757
Certificate serial: 01942444E7F72BD833AB2535115B10AA3E63
Authority key identifier: 59:EC:8A:5A:FA:3E:D8:EB:B8:56:D4:D8:21:F6:96:D1:57:F8:A7:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WeyKWvo-2Ou4VtTYIfaW0Vf4p1c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/748741-870d-4770-83e5-1af3965717f7/1/A1IHvzr80p19NJwiJMcDQphdaaM.roa
Signing time: Wed 01 Jan 2025 23:48:03 +0000
ROA not before: Wed 01 Jan 2025 23:48:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 680
IP address blocks: 129.247.0.0/16 maxlen: 16
192.108.54.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/748741-870d-4770-83e5-1af3965717f7/1/WeyKWvo-2Ou4VtTYIfaW0Vf4p1c.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/748741-870d-4770-83e5-1af3965717f7/1/WeyKWvo-2Ou4VtTYIfaW0Vf4p1c.mft
rsync://rpki.ripe.net/repository/DEFAULT/WeyKWvo-2Ou4VtTYIfaW0Vf4p1c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 05:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:e7:f7:2b:d8:33:ab:25:35:11:5b:10:aa:3e:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=59ec8a5afa3ed8ebb856d4d821f696d157f8a757
Validity
Not Before: Jan 1 23:48:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=035207bf3afcd29d7d349c2224c70342985d69a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:74:7f:86:00:e3:3a:f5:78:f4:5d:05:9f:80:
47:23:fc:57:b7:ef:31:0a:62:6a:4c:60:83:6f:cb:
c5:c2:08:90:9e:5b:47:45:46:e7:53:e8:27:45:25:
e9:aa:9e:bd:0f:16:e6:1b:27:64:74:2c:aa:00:fa:
c4:e9:77:38:22:58:19:ff:5e:bc:d7:f1:a0:c7:2c:
eb:72:35:f7:05:f1:ab:da:39:2f:fa:04:3e:d0:50:
16:76:8b:fa:16:96:54:a2:a1:35:79:8b:ca:7e:9d:
1a:11:ec:42:a2:71:87:22:f9:4e:5e:8c:6a:28:1d:
48:bc:49:e2:10:bc:32:42:2f:69:12:c6:67:ff:5c:
41:ff:b9:c8:f7:f6:b0:06:1f:ba:53:68:32:69:70:
2d:30:37:90:5c:c9:d6:8a:fb:25:1a:d9:40:8e:8b:
95:b8:05:2b:94:4f:ee:b9:0b:ab:49:5b:f9:80:22:
e2:b5:f2:7c:89:88:48:2d:3c:1f:1f:01:76:9c:2f:
a1:f9:a2:7a:d6:35:d5:8e:e5:d3:b4:92:d8:ff:ea:
3c:95:ce:e0:3d:34:47:2f:4c:f4:72:a7:66:96:f7:
27:31:93:3d:55:63:c7:77:fd:cd:49:be:f7:89:6b:
02:1d:bd:98:76:89:e3:38:4a:d2:b9:97:1a:07:ca:
21:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:52:07:BF:3A:FC:D2:9D:7D:34:9C:22:24:C7:03:42:98:5D:69:A3
X509v3 Authority Key Identifier:
keyid:59:EC:8A:5A:FA:3E:D8:EB:B8:56:D4:D8:21:F6:96:D1:57:F8:A7:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WeyKWvo-2Ou4VtTYIfaW0Vf4p1c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/748741-870d-4770-83e5-1af3965717f7/1/A1IHvzr80p19NJwiJMcDQphdaaM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/748741-870d-4770-83e5-1af3965717f7/1/WeyKWvo-2Ou4VtTYIfaW0Vf4p1c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
129.247.0.0/16
192.108.54.0/24
Signature Algorithm: sha256WithRSAEncryption
16:21:3f:24:65:be:b9:fa:34:14:1a:64:11:95:fd:73:da:43:
62:f6:02:16:39:e1:8d:c5:bf:0f:86:48:d6:59:26:49:de:34:
8c:5d:44:b6:09:15:e3:11:26:4d:73:82:4f:9e:14:b1:6f:e8:
d9:29:b9:30:db:7f:3c:19:8c:e4:f4:15:27:a3:35:68:59:7d:
a7:c2:a3:97:ac:ef:72:d4:ed:f3:00:50:b3:c8:a7:a6:04:8e:
41:3b:95:3e:65:35:e3:4f:aa:2c:62:5e:78:19:f6:25:87:1c:
ac:ea:85:8e:01:2b:08:69:a7:28:33:c3:11:aa:02:8f:c8:6e:
4f:1b:1a:28:9d:e6:27:f9:14:c1:22:c7:98:65:07:b9:d1:10:
2f:e6:79:2d:42:44:bb:7e:3b:4f:80:6b:8e:af:af:86:1e:64:
b0:4b:6d:d7:75:56:4d:b0:68:a6:f7:85:89:fd:50:64:69:88:
e5:ab:7d:a2:32:9e:b2:e5:3f:f8:4a:0e:35:47:f8:a1:88:78:
64:aa:67:6f:a1:1c:6b:b1:f2:1b:f8:5d:90:41:7b:dd:c4:00:
db:9c:08:3d:91:d4:95:46:0f:8b:a4:fa:bc:3f:be:c4:7e:6b:
70:30:09:08:94:35:d9:1e:18:5e:1b:f2:ca:58:c1:ab:d2:aa:
14:43:58:2c
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgISAZQkROf3K9gzqyU1EVsQqj5jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5ZWM4YTVhZmEzZWQ4ZWJiODU2ZDRkODIxZjY5NmQxNTdm
OGE3NTcwHhcNMjUwMTAxMjM0ODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzUyMDdiZjNhZmNkMjlkN2QzNDljMjIyNGM3MDM0Mjk4NWQ2OWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApnR/hgDjOvV49F0Fn4BHI/xXt+8x
CmJqTGCDb8vFwgiQnltHRUbnU+gnRSXpqp69DxbmGydkdCyqAPrE6Xc4IlgZ/168
1/GgxyzrcjX3BfGr2jkv+gQ+0FAWdov6FpZUoqE1eYvKfp0aEexConGHIvlOXoxq
KB1IvEniELwyQi9pEsZn/1xB/7nI9/awBh+6U2gyaXAtMDeQXMnWivslGtlAjouV
uAUrlE/uuQurSVv5gCLitfJ8iYhILTwfHwF2nC+h+aJ61jXVjuXTtJLY/+o8lc7g
PTRHL0z0cqdmlvcnMZM9VWPHd/3NSb73iWsCHb2YdonjOErSuZcaB8ohDQIDAQAB
o4ICDjCCAgowHQYDVR0OBBYEFANSB786/NKdfTScIiTHA0KYXWmjMB8GA1UdIwQY
MBaAFFnsilr6PtjruFbU2CH2ltFX+KdXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2V5S1d2by0yT3U0VnRUWUlmYVcwVmY0cDFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83NDg3NDEtODcwZC00NzcwLTgzZTUt
MWFmMzk2NTcxN2Y3LzEvQTFJSHZ6cjgwcDE5Tkp3aUpNY0RRcGhkYWFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83NDg3NDEtODcwZC00NzcwLTgzZTUtMWFmMzk2NTcxN2Y3
LzEvV2V5S1d2by0yT3U0VnRUWUlmYVcwVmY0cDFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCQGCCsGAQUFBwEHAQH/BBUwEzARBAIAATALAwMAgfcDBADA
bDYwDQYJKoZIhvcNAQELBQADggEBABYhPyRlvrn6NBQaZBGV/XPaQ2L2AhY54Y3F
vw+GSNZZJkneNIxdRLYJFeMRJk1zgk+eFLFv6NkpuTDbfzwZjOT0FSejNWhZfafC
o5es73LU7fMAULPIp6YEjkE7lT5lNeNPqixiXngZ9iWHHKzqhY4BKwhppygzwxGq
Ao/Ibk8bGiid5if5FMEix5hlB7nREC/meS1CRLt+O0+Aa46vr4YeZLBLbdd1Vk2w
aKb3hYn9UGRpiOWrfaIynrLlP/hKDjVH+KGIeGSqZ2+hHGux8hv4XZBBe93EANuc
CD2R1JVGD4uk+rw/vsR+a3AwCQiUNdkeGF4b8spYwavSqhRDWCw=
-----END CERTIFICATE-----
Generated at Sat Apr 12 13:22:21 2025 by rpki-client