Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/f90a7d-8a05-4755-b66b-09f19c6e51b2/1/8ERPvpxKfVBfAUigys2-PiTFfqA.roa
File: 8ERPvpxKfVBfAUigys2-PiTFfqA.roa (raw, json)
Hash identifier: KAiZ9xkRQ32j6xO0jLEnhDznPnUl1zJBNWjMk46qfE0=
Subject key identifier: F0:44:4F:BE:9C:4A:7D:50:5F:01:48:A0:CA:CD:BE:3E:24:C5:7E:A0
Certificate issuer: /CN=16914c51d031411c1340171593603163c3d4a08e
Certificate serial: 019426D97BB088C469B3B11AEB69E2E86BDF
Authority key identifier: 16:91:4C:51:D0:31:41:1C:13:40:17:15:93:60:31:63:C3:D4:A0:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FpFMUdAxQRwTQBcVk2AxY8PUoI4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/f90a7d-8a05-4755-b66b-09f19c6e51b2/1/8ERPvpxKfVBfAUigys2-PiTFfqA.roa
Signing time: Thu 02 Jan 2025 11:49:34 +0000
ROA not before: Thu 02 Jan 2025 11:49:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 45054
IP address blocks: 91.203.152.0/22 maxlen: 22
176.123.128.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/f90a7d-8a05-4755-b66b-09f19c6e51b2/1/FpFMUdAxQRwTQBcVk2AxY8PUoI4.crl
rsync://rpki.ripe.net/repository/DEFAULT/7d/f90a7d-8a05-4755-b66b-09f19c6e51b2/1/FpFMUdAxQRwTQBcVk2AxY8PUoI4.mft
rsync://rpki.ripe.net/repository/DEFAULT/FpFMUdAxQRwTQBcVk2AxY8PUoI4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 11:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:7b:b0:88:c4:69:b3:b1:1a:eb:69:e2:e8:6b:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16914c51d031411c1340171593603163c3d4a08e
Validity
Not Before: Jan 2 11:49:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f0444fbe9c4a7d505f0148a0cacdbe3e24c57ea0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:8a:27:15:d2:b0:fa:ac:e2:6d:2e:30:d1:1c:
22:f5:d2:96:c1:f3:82:cb:7c:2d:8b:39:44:b1:b2:
03:92:af:64:47:2b:2e:2d:7c:36:8e:9e:8b:94:68:
2d:f7:64:35:06:3c:81:45:ad:d8:4a:e2:31:1c:98:
80:0d:63:74:80:51:d0:0c:9c:35:cc:4a:c3:19:42:
18:0c:55:a8:67:7e:f8:a4:27:a0:d5:b2:2f:81:5a:
20:2f:a6:41:41:84:dd:de:13:21:5f:f4:ad:89:72:
7e:15:fa:aa:f9:ad:c8:82:c0:f9:6e:80:dc:47:b0:
b1:57:09:53:93:8e:cd:5f:a2:41:ab:0f:9e:ce:df:
b0:e1:f2:e1:b1:76:e7:de:4f:de:08:74:a5:44:5c:
cf:20:05:6a:84:7d:aa:36:05:a6:b4:75:40:d6:1c:
d6:19:c4:d2:ea:9d:a5:c6:1c:40:35:9d:b6:6b:1c:
af:ea:1c:c6:ec:de:a9:fa:38:20:46:c7:bd:08:08:
62:42:db:75:47:a6:8e:bd:90:26:c8:08:a1:14:97:
87:3e:5e:6b:18:ce:68:ca:16:68:52:cf:da:77:a6:
c3:e9:de:a6:6b:a3:ce:04:cd:61:25:d5:43:10:db:
eb:0d:1d:69:2a:3b:c0:4a:2a:bc:23:db:7b:2d:56:
76:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:44:4F:BE:9C:4A:7D:50:5F:01:48:A0:CA:CD:BE:3E:24:C5:7E:A0
X509v3 Authority Key Identifier:
keyid:16:91:4C:51:D0:31:41:1C:13:40:17:15:93:60:31:63:C3:D4:A0:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FpFMUdAxQRwTQBcVk2AxY8PUoI4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/f90a7d-8a05-4755-b66b-09f19c6e51b2/1/8ERPvpxKfVBfAUigys2-PiTFfqA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/f90a7d-8a05-4755-b66b-09f19c6e51b2/1/FpFMUdAxQRwTQBcVk2AxY8PUoI4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.203.152.0/22
176.123.128.0/19
Signature Algorithm: sha256WithRSAEncryption
06:99:d3:16:50:0b:d8:63:40:f5:36:9b:51:de:96:0c:50:ad:
12:db:4d:f6:20:de:02:0a:7b:f1:29:19:88:ab:87:f4:9f:ea:
01:e7:2f:ed:57:c4:e1:ed:9b:41:39:df:2b:57:68:04:a0:91:
8b:07:b1:ff:8c:82:b4:68:59:f9:63:55:83:73:7e:96:07:58:
da:b5:76:ea:c4:32:a2:98:a0:d9:63:a1:93:96:5e:2e:0c:50:
cf:0a:aa:08:25:9b:24:15:4b:d0:31:61:90:2c:9b:9f:51:4e:
08:10:82:e0:8f:b5:8f:9b:5a:7c:8e:44:ab:a8:33:f1:b7:fd:
63:a3:a6:67:ea:b7:22:54:7c:67:55:df:8a:2a:a9:a1:a3:60:
6d:93:93:2e:ab:a0:63:17:02:92:67:a3:17:c4:ed:fe:4d:a7:
df:79:09:d5:35:f9:56:4d:cf:bc:9a:8f:6a:cd:c1:db:52:e6:
8f:bc:fb:13:79:36:8b:7a:42:d1:63:46:fd:31:1a:8d:85:e8:
2b:de:be:b2:b6:fd:9d:ab:e6:9d:e2:b6:07:03:d1:80:24:7f:
1f:7d:57:0c:a1:ac:86:96:b9:a0:f5:26:80:cf:79:b8:e9:29:
91:58:5f:71:d6:f9:41:11:f1:3d:3e:60:31:72:02:8d:cd:7b:
d4:65:7a:82
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQm2XuwiMRps7Ea62ni6GvfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2OTE0YzUxZDAzMTQxMWMxMzQwMTcxNTkzNjAzMTYzYzNk
NGEwOGUwHhcNMjUwMTAyMTE0OTM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDQ0NGZiZTljNGE3ZDUwNWYwMTQ4YTBjYWNkYmUzZTI0YzU3ZWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6oonFdKw+qzibS4w0Rwi9dKWwfOC
y3wtizlEsbIDkq9kRysuLXw2jp6LlGgt92Q1BjyBRa3YSuIxHJiADWN0gFHQDJw1
zErDGUIYDFWoZ374pCeg1bIvgVogL6ZBQYTd3hMhX/StiXJ+Ffqq+a3IgsD5boDc
R7CxVwlTk47NX6JBqw+ezt+w4fLhsXbn3k/eCHSlRFzPIAVqhH2qNgWmtHVA1hzW
GcTS6p2lxhxANZ22axyv6hzG7N6p+jggRse9CAhiQtt1R6aOvZAmyAihFJeHPl5r
GM5oyhZoUs/ad6bD6d6ma6POBM1hJdVDENvrDR1pKjvASiq8I9t7LVZ2wwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPBET76cSn1QXwFIoMrNvj4kxX6gMB8GA1UdIwQY
MBaAFBaRTFHQMUEcE0AXFZNgMWPD1KCOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnBGTVVkQXhRUndUUUJjVmsyQXhZOFBVb0k0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9mOTBhN2QtOGEwNS00NzU1LWI2NmIt
MDlmMTljNmU1MWIyLzEvOEVSUHZweEtmVkJmQVVpZ3lzMi1QaVRGZnFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9mOTBhN2QtOGEwNS00NzU1LWI2NmItMDlmMTljNmU1MWIy
LzEvRnBGTVVkQXhRUndUUUJjVmsyQXhZOFBVb0k0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW8uYAwQF
sHuAMA0GCSqGSIb3DQEBCwUAA4IBAQAGmdMWUAvYY0D1NptR3pYMUK0S2032IN4C
CnvxKRmIq4f0n+oB5y/tV8Th7ZtBOd8rV2gEoJGLB7H/jIK0aFn5Y1WDc36WB1ja
tXbqxDKimKDZY6GTll4uDFDPCqoIJZskFUvQMWGQLJufUU4IEILgj7WPm1p8jkSr
qDPxt/1jo6Zn6rciVHxnVd+KKqmho2Btk5Muq6BjFwKSZ6MXxO3+TaffeQnVNflW
Tc+8mo9qzcHbUuaPvPsTeTaLekLRY0b9MRqNhegr3r6ytv2dq+ad4rYHA9GAJH8f
fVcMoayGlrmg9SaAz3m46SmRWF9x1vlBEfE9PmAxcgKNzXvUZXqC
-----END CERTIFICATE-----
Generated at Tue Apr 8 15:11:08 2025 by rpki-client