Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/53e26b-e7ee-473e-a54a-ffcca3e1f17f/1/e29yd0Z-TUCyBNtSl-PtOkd_vBo.roa
File: e29yd0Z-TUCyBNtSl-PtOkd_vBo.roa (raw, json)
Hash identifier: nzWZvT8LarPWL1y41WRrbr0ybd5qlEde4pStDNf4QWM=
Subject key identifier: 7B:6F:72:77:46:7E:4D:40:B2:04:DB:52:97:E3:ED:3A:47:7F:BC:1A
Certificate issuer: /CN=2c3b0ae5b7f781122c709a2650adf9729187e1e1
Certificate serial: 019537BD39CF34C2258CAA7CF8835977095E
Authority key identifier: 2C:3B:0A:E5:B7:F7:81:12:2C:70:9A:26:50:AD:F9:72:91:87:E1:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LDsK5bf3gRIscJomUK35cpGH4eE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/53e26b-e7ee-473e-a54a-ffcca3e1f17f/1/e29yd0Z-TUCyBNtSl-PtOkd_vBo.roa
Signing time: Mon 24 Feb 2025 11:35:02 +0000
ROA not before: Mon 24 Feb 2025 11:35:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2134
IP address blocks: 62.164.0.0/17 maxlen: 24
193.127.0.0/16 maxlen: 24
193.201.108.0/24 maxlen: 24
195.234.166.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/53e26b-e7ee-473e-a54a-ffcca3e1f17f/1/LDsK5bf3gRIscJomUK35cpGH4eE.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/53e26b-e7ee-473e-a54a-ffcca3e1f17f/1/LDsK5bf3gRIscJomUK35cpGH4eE.mft
rsync://rpki.ripe.net/repository/DEFAULT/LDsK5bf3gRIscJomUK35cpGH4eE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 13:43:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:37:bd:39:cf:34:c2:25:8c:aa:7c:f8:83:59:77:09:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c3b0ae5b7f781122c709a2650adf9729187e1e1
Validity
Not Before: Feb 24 11:35:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7b6f7277467e4d40b204db5297e3ed3a477fbc1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:aa:a2:d6:41:7b:83:39:f5:2e:91:8c:0a:5e:
3b:9a:e1:87:e1:86:45:1a:89:af:f9:36:20:b1:46:
7d:83:16:49:f6:b2:39:16:4a:d1:ea:71:de:b6:ec:
d2:2c:35:f2:aa:0d:28:0c:e9:43:0d:c7:5e:03:4c:
5f:95:c2:6f:d0:67:e5:9e:cc:16:4a:80:41:3b:9a:
3d:d3:c9:45:8c:dd:45:67:7e:b8:f6:2a:f6:63:c7:
ee:b1:64:84:5c:bd:7d:88:cb:d2:14:a0:be:c8:d6:
cb:66:25:26:49:48:71:01:f9:88:e4:5c:c4:a4:c2:
d5:b2:6f:a3:51:93:dd:af:19:b8:64:77:34:b2:1a:
3b:34:fd:10:25:3f:22:6c:be:7e:3c:3a:62:ee:ad:
4a:93:c0:16:2b:e4:a9:29:5a:20:5e:da:8f:95:3a:
e4:59:d7:5c:4b:0b:55:22:13:dd:97:37:50:64:81:
d4:2c:75:41:dc:57:0d:5e:bb:d1:2f:9f:90:46:d6:
24:df:30:bc:b3:9f:65:89:f3:4e:38:4b:6a:33:a6:
43:41:f7:6c:7c:b7:12:4f:a0:c2:af:92:04:14:5d:
1a:9d:d6:e6:1d:85:60:64:4b:9e:cd:fe:43:52:f2:
f5:a5:56:7c:6c:9f:b3:cd:85:dc:d1:03:59:98:47:
41:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:6F:72:77:46:7E:4D:40:B2:04:DB:52:97:E3:ED:3A:47:7F:BC:1A
X509v3 Authority Key Identifier:
keyid:2C:3B:0A:E5:B7:F7:81:12:2C:70:9A:26:50:AD:F9:72:91:87:E1:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LDsK5bf3gRIscJomUK35cpGH4eE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/53e26b-e7ee-473e-a54a-ffcca3e1f17f/1/e29yd0Z-TUCyBNtSl-PtOkd_vBo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/53e26b-e7ee-473e-a54a-ffcca3e1f17f/1/LDsK5bf3gRIscJomUK35cpGH4eE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.164.0.0/17
193.127.0.0/16
193.201.108.0/24
195.234.166.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:ca:fb:ed:e9:55:d0:fc:43:44:7a:29:d5:69:17:6d:dc:69:
57:46:51:0d:28:9f:11:43:50:96:05:92:f0:44:48:75:24:5c:
a8:57:5f:98:61:74:b0:6f:c6:85:fd:92:65:f3:ae:f4:8f:45:
99:d6:20:57:49:52:88:bf:e6:fd:77:b3:77:99:88:75:dd:9f:
3f:2c:52:bb:26:67:11:3a:3a:1f:45:20:6f:c0:56:c2:7d:a7:
af:b4:df:f1:92:4c:e1:57:85:2f:8c:0d:ce:76:e4:1a:7d:0f:
74:68:8b:56:92:8d:49:fd:ee:f6:d8:e8:88:ab:c6:1c:de:ff:
5a:96:62:2b:68:c2:b2:e9:fb:ce:6f:a7:68:d5:d7:69:c7:ca:
f3:d6:96:e3:05:80:ee:3c:c6:77:f1:8b:42:7a:a5:6a:90:33:
b5:45:15:ef:1f:5b:be:71:b5:a3:d2:36:fe:ba:25:52:27:05:
cb:df:2a:dd:6e:d0:f2:e4:81:34:7e:eb:25:67:9a:30:77:ed:
05:3a:cc:4f:82:6e:79:db:b5:74:5c:db:f1:b1:e8:46:74:78:
7c:e3:29:22:2f:fb:e3:45:fc:ec:d8:db:87:a1:eb:f8:a0:62:
dc:b1:d6:47:3b:4f:b8:4c:8f:01:de:bb:2d:7e:7b:51:d6:b2:
18:4b:19:b0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZU3vTnPNMIljKp8+INZdwleMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjM2IwYWU1YjdmNzgxMTIyYzcwOWEyNjUwYWRmOTcyOTE4
N2UxZTEwHhcNMjUwMjI0MTEzNTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjZmNzI3NzQ2N2U0ZDQwYjIwNGRiNTI5N2UzZWQzYTQ3N2ZiYzFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6qi1kF7gzn1LpGMCl47muGH4YZF
Gomv+TYgsUZ9gxZJ9rI5FkrR6nHetuzSLDXyqg0oDOlDDcdeA0xflcJv0GflnswW
SoBBO5o908lFjN1FZ3649ir2Y8fusWSEXL19iMvSFKC+yNbLZiUmSUhxAfmI5FzE
pMLVsm+jUZPdrxm4ZHc0sho7NP0QJT8ibL5+PDpi7q1Kk8AWK+SpKVogXtqPlTrk
WddcSwtVIhPdlzdQZIHULHVB3FcNXrvRL5+QRtYk3zC8s59lifNOOEtqM6ZDQfds
fLcST6DCr5IEFF0andbmHYVgZEuezf5DUvL1pVZ8bJ+zzYXc0QNZmEdBFwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHtvcndGfk1AsgTbUpfj7TpHf7waMB8GA1UdIwQY
MBaAFCw7CuW394ESLHCaJlCt+XKRh+HhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTERzSzViZjNnUklzY0pvbVVLMzVjcEdINGVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi81M2UyNmItZTdlZS00NzNlLWE1NGEt
ZmZjY2EzZTFmMTdmLzEvZTI5eWQwWi1UVUN5Qk50U2wtUHRPa2RfdkJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi81M2UyNmItZTdlZS00NzNlLWE1NGEtZmZjY2EzZTFmMTdm
LzEvTERzSzViZjNnUklzY0pvbVVLMzVjcEdINGVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAdBAIAATAXAwQHPqQAAwMA
wX8DBADByWwDBADD6qYwDQYJKoZIhvcNAQELBQADggEBAFvK++3pVdD8Q0R6KdVp
F23caVdGUQ0onxFDUJYFkvBESHUkXKhXX5hhdLBvxoX9kmXzrvSPRZnWIFdJUoi/
5v13s3eZiHXdnz8sUrsmZxE6Oh9FIG/AVsJ9p6+03/GSTOFXhS+MDc525Bp9D3Ro
i1aSjUn97vbY6Iirxhze/1qWYitowrLp+85vp2jV12nHyvPWluMFgO48xnfxi0J6
pWqQM7VFFe8fW75xtaPSNv66JVInBcvfKt1u0PLkgTR+6yVnmjB37QU6zE+Cbnnb
tXRc2/Gx6EZ0eHzjKSIv++NF/OzY24eh6/igYtyx1kc7T7hMjwHeuy1+e1HWshhL
GbA=
-----END CERTIFICATE-----
Generated at Tue Apr 8 18:55:06 2025 by rpki-client