Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/fb1827-a7e9-45c8-b643-76e07a577e4d/1/YOoATeftAqa3NPiX4GaHabwS1wo.roa
File: YOoATeftAqa3NPiX4GaHabwS1wo.roa (raw, json)
Hash identifier: DFj5QH8pLrMMR4sLFXByWiOjYdjY2qX4JxhZH4EeUc8=
Subject key identifier: 60:EA:00:4D:E7:ED:02:A6:B7:34:F8:97:E0:66:87:69:BC:12:D7:0A
Certificate issuer: /CN=7a10ee228073328a2c2081cbb2a96cd1264dbef1
Certificate serial: 0194228D5ACEC3E6037499B09CCE5F82C946
Authority key identifier: 7A:10:EE:22:80:73:32:8A:2C:20:81:CB:B2:A9:6C:D1:26:4D:BE:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ehDuIoBzMoosIIHLsqls0SZNvvE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/fb1827-a7e9-45c8-b643-76e07a577e4d/1/YOoATeftAqa3NPiX4GaHabwS1wo.roa
Signing time: Wed 01 Jan 2025 15:47:56 +0000
ROA not before: Wed 01 Jan 2025 15:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56373
IP address blocks: 62.122.120.0/21 maxlen: 32
91.224.116.0/23 maxlen: 32
185.53.144.0/22 maxlen: 32
194.49.104.0/22 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/fb1827-a7e9-45c8-b643-76e07a577e4d/1/ehDuIoBzMoosIIHLsqls0SZNvvE.crl
rsync://rpki.ripe.net/repository/DEFAULT/7d/fb1827-a7e9-45c8-b643-76e07a577e4d/1/ehDuIoBzMoosIIHLsqls0SZNvvE.mft
rsync://rpki.ripe.net/repository/DEFAULT/ehDuIoBzMoosIIHLsqls0SZNvvE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:5a:ce:c3:e6:03:74:99:b0:9c:ce:5f:82:c9:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a10ee228073328a2c2081cbb2a96cd1264dbef1
Validity
Not Before: Jan 1 15:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=60ea004de7ed02a6b734f897e0668769bc12d70a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:da:4e:86:06:1a:2b:bc:fc:17:e0:bd:bb:84:
0b:28:38:b6:e2:21:d2:bf:77:a4:d5:5c:3f:00:1d:
c0:97:81:89:99:89:1e:a0:1c:97:be:1e:c6:bd:30:
82:24:6f:a4:1b:04:2e:2f:d8:74:8c:80:5a:94:a5:
08:0c:0f:a4:75:11:e8:1b:19:21:fd:4d:13:bf:e3:
a6:a4:c2:fb:93:50:83:60:c8:e0:75:7e:e3:70:f6:
02:0f:67:e1:33:d2:2a:ab:5f:58:f8:7f:92:bc:92:
0a:c4:57:5d:d9:c0:1e:ae:96:dd:b5:6a:83:75:af:
05:ad:4b:6d:2b:2e:16:66:ee:fb:82:72:c9:e7:e9:
35:17:e6:3c:a9:fa:a0:25:a3:16:b9:d9:27:33:e2:
75:1d:a4:81:c8:1c:29:44:61:21:25:91:25:89:7c:
0d:80:58:ea:c5:b9:d9:23:20:ed:be:e8:30:25:8e:
77:b7:c4:d8:c1:e5:da:1f:3e:30:57:1a:59:ee:75:
c7:02:0d:94:8b:d4:32:f3:a4:a9:2b:87:67:57:30:
28:60:fb:6f:cc:e9:c0:1a:9b:a9:17:3a:b7:23:58:
93:f2:0a:ce:33:e8:38:01:01:ab:c5:ed:85:a0:67:
49:10:29:91:0a:d7:85:14:d0:d9:98:11:49:4a:ab:
f4:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:EA:00:4D:E7:ED:02:A6:B7:34:F8:97:E0:66:87:69:BC:12:D7:0A
X509v3 Authority Key Identifier:
keyid:7A:10:EE:22:80:73:32:8A:2C:20:81:CB:B2:A9:6C:D1:26:4D:BE:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ehDuIoBzMoosIIHLsqls0SZNvvE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/fb1827-a7e9-45c8-b643-76e07a577e4d/1/YOoATeftAqa3NPiX4GaHabwS1wo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/fb1827-a7e9-45c8-b643-76e07a577e4d/1/ehDuIoBzMoosIIHLsqls0SZNvvE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.122.120.0/21
91.224.116.0/23
185.53.144.0/22
194.49.104.0/22
Signature Algorithm: sha256WithRSAEncryption
20:89:c9:5c:9e:34:c4:ae:a8:30:d0:8c:7f:88:1a:d0:ee:d3:
91:e4:47:aa:f0:bf:23:95:1c:d9:f0:e8:f1:e3:31:21:a5:ad:
09:8a:ce:f1:64:34:6f:3f:f3:fd:8a:35:d4:73:21:0f:4e:60:
5b:15:6c:f3:be:dc:43:c3:43:71:34:63:cd:e1:11:83:09:5b:
44:f8:4d:91:62:fb:f2:1d:ca:8e:16:77:7e:f3:50:ff:2e:e3:
dc:6d:19:89:82:3b:e5:4f:ce:07:39:55:d5:2b:33:c5:7a:ce:
c0:75:f3:2c:5b:99:d1:b4:cd:06:8c:62:92:0a:0e:00:b4:ce:
09:56:02:c5:c5:fa:b9:da:cc:cc:9a:9d:e1:71:36:7b:e7:e2:
9c:12:31:7b:19:50:d6:1e:5c:09:68:83:5c:96:4b:28:35:01:
f8:98:cd:d7:3f:83:10:5f:c6:d6:17:88:6d:fb:b4:71:38:79:
cf:7a:56:18:44:33:71:1b:f9:f7:48:17:fb:00:c2:19:10:b1:
38:ae:93:2b:4a:8e:1d:20:50:8d:be:9e:28:b5:f0:a6:21:19:
b8:d5:37:5b:1e:0d:f6:28:2e:fc:cc:d8:38:0c:ea:52:0b:37:
b2:46:3e:71:0e:9f:a4:86:b6:5f:ec:15:30:f4:ac:e3:53:7c:
10:ca:2a:95
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQijVrOw+YDdJmwnM5fgslGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhMTBlZTIyODA3MzMyOGEyYzIwODFjYmIyYTk2Y2QxMjY0
ZGJlZjEwHhcNMjUwMTAxMTU0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGVhMDA0ZGU3ZWQwMmE2YjczNGY4OTdlMDY2ODc2OWJjMTJkNzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9pOhgYaK7z8F+C9u4QLKDi24iHS
v3ek1Vw/AB3Al4GJmYkeoByXvh7GvTCCJG+kGwQuL9h0jIBalKUIDA+kdRHoGxkh
/U0Tv+OmpML7k1CDYMjgdX7jcPYCD2fhM9Iqq19Y+H+SvJIKxFdd2cAerpbdtWqD
da8FrUttKy4WZu77gnLJ5+k1F+Y8qfqgJaMWudknM+J1HaSByBwpRGEhJZEliXwN
gFjqxbnZIyDtvugwJY53t8TYweXaHz4wVxpZ7nXHAg2Ui9Qy86SpK4dnVzAoYPtv
zOnAGpupFzq3I1iT8grOM+g4AQGrxe2FoGdJECmRCteFFNDZmBFJSqv08QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGDqAE3n7QKmtzT4l+Bmh2m8EtcKMB8GA1UdIwQY
MBaAFHoQ7iKAczKKLCCBy7KpbNEmTb7xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWhEdUlvQnpNb29zSUlITHNxbHMwU1pOdnZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9mYjE4MjctYTdlOS00NWM4LWI2NDMt
NzZlMDdhNTc3ZTRkLzEvWU9vQVRlZnRBcWEzTlBpWDRHYUhhYndTMXdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9mYjE4MjctYTdlOS00NWM4LWI2NDMtNzZlMDdhNTc3ZTRk
LzEvZWhEdUlvQnpNb29zSUlITHNxbHMwU1pOdnZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDPnp4AwQB
W+B0AwQCuTWQAwQCwjFoMA0GCSqGSIb3DQEBCwUAA4IBAQAgiclcnjTErqgw0Ix/
iBrQ7tOR5Eeq8L8jlRzZ8Ojx4zEhpa0Jis7xZDRvP/P9ijXUcyEPTmBbFWzzvtxD
w0NxNGPN4RGDCVtE+E2RYvvyHcqOFnd+81D/LuPcbRmJgjvlT84HOVXVKzPFes7A
dfMsW5nRtM0GjGKSCg4AtM4JVgLFxfq52szMmp3hcTZ75+KcEjF7GVDWHlwJaINc
lksoNQH4mM3XP4MQX8bWF4ht+7RxOHnPelYYRDNxG/n3SBf7AMIZELE4rpMrSo4d
IFCNvp4otfCmIRm41TdbHg32KC78zNg4DOpSCzeyRj5xDp+khrZf7BUw9KzjU3wQ
yiqV
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:35:59 2025 by rpki-client