Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/75b43d-e742-48ea-945a-aa832db7b50a/1/SEfajqd6Fo8tBAWadiViUIYfxIc.roa
File: SEfajqd6Fo8tBAWadiViUIYfxIc.roa (raw, json)
Hash identifier: buws3E1khkxa0hWtFXM/6/Y2Vl2k7b7xq83eMENRDLs=
Subject key identifier: 48:47:DA:8E:A7:7A:16:8F:2D:04:05:9A:76:25:62:50:86:1F:C4:87
Certificate issuer: /CN=9efb56415f35e63fa7403a501fdeddaeecea475a
Certificate serial: 019422201A98994636DD0F3F12C4D0771AA2
Authority key identifier: 9E:FB:56:41:5F:35:E6:3F:A7:40:3A:50:1F:DE:DD:AE:EC:EA:47:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nvtWQV815j-nQDpQH97druzqR1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/75b43d-e742-48ea-945a-aa832db7b50a/1/SEfajqd6Fo8tBAWadiViUIYfxIc.roa
Signing time: Wed 01 Jan 2025 13:48:36 +0000
ROA not before: Wed 01 Jan 2025 13:48:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9086
IP address blocks: 81.24.192.0/20 maxlen: 20
81.24.192.0/24 maxlen: 24
81.24.193.0/24 maxlen: 24
81.24.194.0/24 maxlen: 24
81.24.195.0/24 maxlen: 24
81.24.196.0/24 maxlen: 24
81.24.197.0/24 maxlen: 24
81.24.198.0/24 maxlen: 24
81.24.199.0/24 maxlen: 24
81.24.200.0/24 maxlen: 24
81.24.201.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7e/75b43d-e742-48ea-945a-aa832db7b50a/1/nvtWQV815j-nQDpQH97druzqR1o.crl
rsync://rpki.ripe.net/repository/DEFAULT/7e/75b43d-e742-48ea-945a-aa832db7b50a/1/nvtWQV815j-nQDpQH97druzqR1o.mft
rsync://rpki.ripe.net/repository/DEFAULT/nvtWQV815j-nQDpQH97druzqR1o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:1a:98:99:46:36:dd:0f:3f:12:c4:d0:77:1a:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9efb56415f35e63fa7403a501fdeddaeecea475a
Validity
Not Before: Jan 1 13:48:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4847da8ea77a168f2d04059a76256250861fc487
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:d4:1c:85:83:29:83:6d:49:c5:60:b8:f7:4e:
41:3e:59:8a:ca:94:9d:20:9c:a4:68:8e:f8:b8:b1:
cb:a7:d5:3e:25:47:0f:5a:44:2d:a1:d4:91:c4:b1:
42:bb:e4:05:26:b1:e8:86:07:38:d9:e0:64:13:24:
19:21:40:17:86:d5:d9:83:6f:80:e0:07:4e:86:6f:
50:34:a3:d0:13:71:f5:88:6c:20:d8:b2:6c:23:46:
72:6e:46:6e:16:48:5e:f9:54:94:52:f3:d9:93:08:
29:80:18:27:6b:88:a8:4a:14:e4:15:20:d8:d2:65:
d0:23:cd:71:c0:43:9b:39:99:7a:3f:54:42:e9:bb:
22:97:b2:1b:ae:f4:11:13:3e:c3:9f:12:f5:a4:be:
45:97:d0:d5:58:fc:5a:57:2a:67:12:bd:d3:44:db:
5e:a9:1a:67:c7:53:a2:bc:3d:4e:17:d8:5a:e5:fc:
da:8a:d7:d5:f9:61:8f:cc:1b:b7:72:dd:2d:aa:d4:
b6:e1:3b:5d:47:1a:cd:1d:cb:3a:eb:07:8a:61:3f:
0a:81:c1:80:25:e6:2e:5f:d4:54:d8:6f:d6:ef:62:
1b:53:e6:d2:a6:1a:09:cc:28:64:91:f7:ce:9a:a8:
db:19:a3:0e:13:46:e3:49:44:fe:10:e9:34:c7:85:
12:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:47:DA:8E:A7:7A:16:8F:2D:04:05:9A:76:25:62:50:86:1F:C4:87
X509v3 Authority Key Identifier:
keyid:9E:FB:56:41:5F:35:E6:3F:A7:40:3A:50:1F:DE:DD:AE:EC:EA:47:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nvtWQV815j-nQDpQH97druzqR1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/75b43d-e742-48ea-945a-aa832db7b50a/1/SEfajqd6Fo8tBAWadiViUIYfxIc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/75b43d-e742-48ea-945a-aa832db7b50a/1/nvtWQV815j-nQDpQH97druzqR1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.24.192.0/20
Signature Algorithm: sha256WithRSAEncryption
3f:c4:b7:21:ce:ac:06:4c:20:52:49:25:1e:04:7c:64:1b:cc:
5b:10:3d:94:f4:18:d9:e8:dc:78:fb:67:b9:e5:d3:0d:13:46:
45:31:f1:ca:a0:46:8c:b8:28:d5:e9:94:f6:35:ef:f3:51:4d:
bd:80:af:7a:1c:1f:7c:25:6c:e3:17:46:21:09:a1:5b:8a:b8:
78:19:99:39:dc:5e:cb:b6:9c:e7:6f:7b:f4:e6:87:43:a1:88:
d6:77:b5:95:bd:fb:6c:1f:23:ba:ee:bc:48:f1:fb:5a:00:a5:
c9:17:95:5a:8c:de:77:e3:af:84:30:33:2e:97:c6:d1:a1:dc:
37:e3:8d:b9:6c:b2:52:67:79:8f:80:74:51:b6:74:b4:b5:46:
bd:e4:eb:b4:99:02:21:41:41:e0:04:46:39:9f:41:71:44:8b:
89:a0:24:15:87:84:a6:28:f5:00:99:94:a5:a7:11:65:3b:d0:
2f:69:02:63:b6:e7:35:a6:66:4e:61:99:53:ea:b1:cd:a3:5a:
07:df:df:5c:16:2f:ec:60:70:ec:18:b1:37:b7:4c:bf:78:1d:
25:2a:08:93:d8:b9:ef:93:dc:13:e3:9c:e1:18:4e:cf:69:f7:
b7:44:a0:0e:74:a1:80:fd:8e:c9:53:72:cc:d0:3e:6b:fb:35:
cf:61:15:bb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiIBqYmUY23Q8/EsTQdxqiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllZmI1NjQxNWYzNWU2M2ZhNzQwM2E1MDFmZGVkZGFlZWNl
YTQ3NWEwHhcNMjUwMTAxMTM0ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODQ3ZGE4ZWE3N2ExNjhmMmQwNDA1OWE3NjI1NjI1MDg2MWZjNDg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA19QchYMpg21JxWC4905BPlmKypSd
IJykaI74uLHLp9U+JUcPWkQtodSRxLFCu+QFJrHohgc42eBkEyQZIUAXhtXZg2+A
4AdOhm9QNKPQE3H1iGwg2LJsI0ZybkZuFkhe+VSUUvPZkwgpgBgna4ioShTkFSDY
0mXQI81xwEObOZl6P1RC6bsil7IbrvQREz7DnxL1pL5Fl9DVWPxaVypnEr3TRNte
qRpnx1OivD1OF9ha5fzaitfV+WGPzBu3ct0tqtS24TtdRxrNHcs66weKYT8KgcGA
JeYuX9RU2G/W72IbU+bSphoJzChkkffOmqjbGaMOE0bjSUT+EOk0x4USJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEhH2o6nehaPLQQFmnYlYlCGH8SHMB8GA1UdIwQY
MBaAFJ77VkFfNeY/p0A6UB/e3a7s6kdaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnZ0V1FWODE1ai1uUURwUUg5N2RydXpxUjFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS83NWI0M2QtZTc0Mi00OGVhLTk0NWEt
YWE4MzJkYjdiNTBhLzEvU0VmYWpxZDZGbzh0QkFXYWRpVmlVSVlmeEljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS83NWI0M2QtZTc0Mi00OGVhLTk0NWEtYWE4MzJkYjdiNTBh
LzEvbnZ0V1FWODE1ai1uUURwUUg5N2RydXpxUjFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEURjAMA0G
CSqGSIb3DQEBCwUAA4IBAQA/xLchzqwGTCBSSSUeBHxkG8xbED2U9BjZ6Nx4+2e5
5dMNE0ZFMfHKoEaMuCjV6ZT2Ne/zUU29gK96HB98JWzjF0YhCaFbirh4GZk53F7L
tpznb3v05odDoYjWd7WVvftsHyO67rxI8ftaAKXJF5VajN5346+EMDMul8bRodw3
4425bLJSZ3mPgHRRtnS0tUa95Ou0mQIhQUHgBEY5n0FxRIuJoCQVh4SmKPUAmZSl
pxFlO9AvaQJjtuc1pmZOYZlT6rHNo1oH399cFi/sYHDsGLE3t0y/eB0lKgiT2Lnv
k9wT45zhGE7Pafe3RKAOdKGA/Y7JU3LM0D5r+zXPYRW7
-----END CERTIFICATE-----
Generated at Thu Mar 13 07:34:25 2025 by rpki-client