Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/fe276f-946a-446b-8453-170eb1c9fec8/1/pHJ5oRo1kF5oiX8KeKirS42gdJI.roa
File: pHJ5oRo1kF5oiX8KeKirS42gdJI.roa (raw, json)
Hash identifier: pWmX7zoUYI3ChoG1HELYfAkOPLPYyR79PMNSLK6H1B0=
Subject key identifier: A4:72:79:A1:1A:35:90:5E:68:89:7F:0A:78:A8:AB:4B:8D:A0:74:92
Certificate issuer: /CN=b4a5be3307120e65e3c4165c9c8e748c1c12a7a2
Certificate serial: 0194214455C52319E9FB76374E28B9E770CC
Authority key identifier: B4:A5:BE:33:07:12:0E:65:E3:C4:16:5C:9C:8E:74:8C:1C:12:A7:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tKW-MwcSDmXjxBZcnI50jBwSp6I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/fe276f-946a-446b-8453-170eb1c9fec8/1/pHJ5oRo1kF5oiX8KeKirS42gdJI.roa
Signing time: Wed 01 Jan 2025 09:48:34 +0000
ROA not before: Wed 01 Jan 2025 09:48:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49115
IP address blocks: 185.70.0.0/22 maxlen: 22
188.120.0.0/19 maxlen: 19
2a03:2760::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/fe276f-946a-446b-8453-170eb1c9fec8/1/tKW-MwcSDmXjxBZcnI50jBwSp6I.crl
rsync://rpki.ripe.net/repository/DEFAULT/7d/fe276f-946a-446b-8453-170eb1c9fec8/1/tKW-MwcSDmXjxBZcnI50jBwSp6I.mft
rsync://rpki.ripe.net/repository/DEFAULT/tKW-MwcSDmXjxBZcnI50jBwSp6I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 21:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:55:c5:23:19:e9:fb:76:37:4e:28:b9:e7:70:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4a5be3307120e65e3c4165c9c8e748c1c12a7a2
Validity
Not Before: Jan 1 09:48:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a47279a11a35905e68897f0a78a8ab4b8da07492
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:f5:b4:13:53:8e:00:85:13:69:bd:cf:ec:2c:
3e:72:50:9d:05:9b:7c:ed:a4:65:31:44:7c:35:96:
2c:a9:57:65:5a:f3:45:9f:7a:07:2f:51:9b:af:cc:
b4:d3:ac:e9:27:e4:51:d5:5c:56:d1:2c:19:47:12:
ae:7e:5c:0d:2c:2a:6a:01:c0:40:a1:02:7d:7d:c4:
68:14:99:7a:35:4b:14:d1:f3:b3:75:e8:3a:eb:d4:
49:3c:26:18:c5:67:63:fb:3c:b0:ad:0b:2a:10:0f:
8f:d0:6d:0b:77:e1:21:1b:98:5d:95:46:cf:af:27:
31:7a:51:9d:04:ed:57:0b:b2:ca:e3:da:ca:00:71:
da:9e:7b:bb:e7:dc:2c:57:9a:27:15:50:e7:c8:2d:
cd:22:0f:78:70:ce:1e:d7:61:46:74:12:96:13:8a:
d1:cc:5f:8f:a2:ff:71:6e:4d:73:76:52:34:10:0e:
6f:4d:a2:b3:05:b2:88:cf:90:8a:aa:ea:ed:4c:4c:
0a:49:41:22:de:c8:d4:3a:41:9a:23:df:5f:8f:72:
f9:c0:53:34:84:f8:8e:81:05:21:ec:bd:0d:26:70:
b2:34:26:31:55:39:af:8c:f3:40:56:f1:70:c6:ba:
ea:df:6f:c8:08:51:35:8d:16:8a:15:f8:2f:24:9d:
93:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:72:79:A1:1A:35:90:5E:68:89:7F:0A:78:A8:AB:4B:8D:A0:74:92
X509v3 Authority Key Identifier:
keyid:B4:A5:BE:33:07:12:0E:65:E3:C4:16:5C:9C:8E:74:8C:1C:12:A7:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tKW-MwcSDmXjxBZcnI50jBwSp6I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/fe276f-946a-446b-8453-170eb1c9fec8/1/pHJ5oRo1kF5oiX8KeKirS42gdJI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/fe276f-946a-446b-8453-170eb1c9fec8/1/tKW-MwcSDmXjxBZcnI50jBwSp6I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.70.0.0/22
188.120.0.0/19
IPv6:
2a03:2760::/32
Signature Algorithm: sha256WithRSAEncryption
8c:64:d7:09:96:f3:2a:20:8a:05:ff:25:35:55:28:5d:6c:3c:
ce:86:a4:19:08:35:6e:f9:27:47:8f:74:6f:97:b6:0f:c4:c3:
45:fc:74:6d:6d:ea:be:9c:8e:f1:7c:45:e7:da:66:71:46:30:
9b:5a:93:7e:85:36:8e:c9:23:63:0d:22:de:b1:fc:6f:71:7e:
f8:fb:56:36:71:b0:6f:3a:60:c5:f1:28:6e:02:04:8f:42:2d:
4a:94:e4:d7:43:08:8d:54:37:00:f1:54:2b:68:1a:0c:8e:2a:
bd:80:7c:5b:a6:62:0f:80:dc:ba:6a:7a:3a:9d:b5:b0:4b:ee:
55:df:f2:b3:a8:49:5f:2b:a2:6a:cc:27:2d:42:68:d6:d1:34:
d5:5f:76:42:81:f8:2b:70:2a:6c:53:ea:dc:8a:ba:78:0d:5a:
8e:db:06:4f:69:08:08:a8:5c:52:21:10:21:1b:75:57:37:d7:
1d:2f:ef:d8:66:7f:dc:93:83:a3:35:b4:3d:dc:5c:4f:46:c9:
81:05:bd:82:3e:20:e1:7f:9a:06:5c:f8:01:1c:e7:ba:91:99:
10:96:1d:d2:50:44:39:79:ec:ba:9e:9d:9c:9a:eb:76:de:b1:
f3:bd:19:9d:6f:02:14:42:d0:ca:d9:2d:0b:c7:d7:be:df:d7:
46:98:b7:b6
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQhRFXFIxnp+3Y3Tii553DMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0YTViZTMzMDcxMjBlNjVlM2M0MTY1YzljOGU3NDhjMWMx
MmE3YTIwHhcNMjUwMTAxMDk0ODM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDcyNzlhMTFhMzU5MDVlNjg4OTdmMGE3OGE4YWI0YjhkYTA3NDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1fW0E1OOAIUTab3P7Cw+clCdBZt8
7aRlMUR8NZYsqVdlWvNFn3oHL1Gbr8y006zpJ+RR1VxW0SwZRxKuflwNLCpqAcBA
oQJ9fcRoFJl6NUsU0fOzdeg669RJPCYYxWdj+zywrQsqEA+P0G0Ld+EhG5hdlUbP
rycxelGdBO1XC7LK49rKAHHannu759wsV5onFVDnyC3NIg94cM4e12FGdBKWE4rR
zF+Pov9xbk1zdlI0EA5vTaKzBbKIz5CKqurtTEwKSUEi3sjUOkGaI99fj3L5wFM0
hPiOgQUh7L0NJnCyNCYxVTmvjPNAVvFwxrrq32/ICFE1jRaKFfgvJJ2TFwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKRyeaEaNZBeaIl/Cnioq0uNoHSSMB8GA1UdIwQY
MBaAFLSlvjMHEg5l48QWXJyOdIwcEqeiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEtXLU13Y1NEbVhqeEJaY25JNTBqQndTcDZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9mZTI3NmYtOTQ2YS00NDZiLTg0NTMt
MTcwZWIxYzlmZWM4LzEvcEhKNW9SbzFrRjVvaVg4S2VLaXJTNDJnZEpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9mZTI3NmYtOTQ2YS00NDZiLTg0NTMtMTcwZWIxYzlmZWM4
LzEvdEtXLU13Y1NEbVhqeEJaY25JNTBqQndTcDZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuUYAAwQF
vHgAMA0EAgACMAcDBQAqAydgMA0GCSqGSIb3DQEBCwUAA4IBAQCMZNcJlvMqIIoF
/yU1VShdbDzOhqQZCDVu+SdHj3Rvl7YPxMNF/HRtbeq+nI7xfEXn2mZxRjCbWpN+
hTaOySNjDSLesfxvcX74+1Y2cbBvOmDF8ShuAgSPQi1KlOTXQwiNVDcA8VQraBoM
jiq9gHxbpmIPgNy6ano6nbWwS+5V3/KzqElfK6JqzCctQmjW0TTVX3ZCgfgrcCps
U+rcirp4DVqO2wZPaQgIqFxSIRAhG3VXN9cdL+/YZn/ck4OjNbQ93FxPRsmBBb2C
PiDhf5oGXPgBHOe6kZkQlh3SUEQ5eey6np2cmut23rHzvRmdbwIUQtDK2S0Lx9e+
39dGmLe2
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:38:02 2025 by rpki-client