Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/vLlnIbM4IzjjaW5_ksMl5w3Mdyo.roa
File: vLlnIbM4IzjjaW5_ksMl5w3Mdyo.roa (raw, json)
Hash identifier: qNTbjySkAkE6BruFWTSoo36zWMNK/1N9V7FWTBB9+Gc=
Subject key identifier: BC:B9:67:21:B3:38:23:38:E3:69:6E:7F:92:C3:25:E7:0D:CC:77:2A
Certificate issuer: /CN=117f9d55826b42486dfc84d35c1a63a5ce87507c
Certificate serial: 01961491ED29C2B1787963FF892FE85EB7C9
Authority key identifier: 11:7F:9D:55:82:6B:42:48:6D:FC:84:D3:5C:1A:63:A5:CE:87:50:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EX-dVYJrQkht_ITTXBpjpc6HUHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/vLlnIbM4IzjjaW5_ksMl5w3Mdyo.roa
Signing time: Tue 08 Apr 2025 08:43:49 +0000
ROA not before: Tue 08 Apr 2025 08:43:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213893
IP address blocks: 178.236.243.0/24 maxlen: 24
194.59.186.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/EX-dVYJrQkht_ITTXBpjpc6HUHw.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/EX-dVYJrQkht_ITTXBpjpc6HUHw.mft
rsync://rpki.ripe.net/repository/DEFAULT/EX-dVYJrQkht_ITTXBpjpc6HUHw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:14:91:ed:29:c2:b1:78:79:63:ff:89:2f:e8:5e:b7:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=117f9d55826b42486dfc84d35c1a63a5ce87507c
Validity
Not Before: Apr 8 08:43:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bcb96721b3382338e3696e7f92c325e70dcc772a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:8a:81:a2:2a:16:19:4d:5b:97:20:9f:97:67:
62:f8:41:ce:07:b3:13:1a:c5:2c:8d:5e:0b:c6:77:
cb:6b:00:53:be:4f:bf:f4:70:53:d7:cb:a4:27:57:
37:b9:17:cf:01:77:94:6e:a9:3d:fe:05:89:93:a6:
53:20:fe:d5:b5:c1:30:a6:a7:c9:2c:ee:3c:e4:7f:
a9:a5:b4:b9:61:2b:fe:6b:54:db:3c:9a:4b:59:21:
3c:81:00:42:30:bc:1a:38:67:65:76:37:2d:9c:66:
6a:fc:a8:93:10:e1:42:f2:c0:22:c3:cf:0e:70:8a:
89:d8:0c:6e:fd:04:f7:2e:68:e2:e3:9f:17:37:01:
69:21:03:7a:0e:e3:f0:5e:88:a5:98:ec:66:cb:67:
d1:98:cc:f3:67:a4:e9:b9:44:8d:d1:0b:09:c0:f4:
7b:e8:85:38:d2:c1:53:f9:89:01:92:be:87:0b:c6:
d2:93:e0:96:07:7c:c9:67:5d:ec:db:03:38:b3:e1:
0d:99:4e:5a:a3:14:29:56:d4:ea:d8:ed:67:4a:8c:
de:fd:b3:76:04:3c:54:8a:af:b2:68:74:75:5f:be:
07:e4:19:27:a0:f8:a7:32:16:80:80:3f:bc:db:fc:
74:b6:dd:ef:18:76:99:7e:96:2c:c1:e9:24:af:df:
98:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:B9:67:21:B3:38:23:38:E3:69:6E:7F:92:C3:25:E7:0D:CC:77:2A
X509v3 Authority Key Identifier:
keyid:11:7F:9D:55:82:6B:42:48:6D:FC:84:D3:5C:1A:63:A5:CE:87:50:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EX-dVYJrQkht_ITTXBpjpc6HUHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/vLlnIbM4IzjjaW5_ksMl5w3Mdyo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/EX-dVYJrQkht_ITTXBpjpc6HUHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.236.243.0/24
194.59.186.0/24
Signature Algorithm: sha256WithRSAEncryption
35:eb:90:0c:a3:1c:e0:22:1b:5b:c3:3f:9e:bf:61:ea:6d:66:
1f:c5:3d:00:2e:1d:0a:2d:27:8b:67:ef:10:f3:8e:ea:68:7e:
1a:83:a8:a3:31:2c:2d:68:69:95:3a:56:f6:9d:92:b5:23:13:
29:68:d7:81:14:2d:4d:c6:b0:53:d6:64:62:08:1a:cc:98:1b:
9e:5a:96:68:7a:8c:45:06:95:e3:a5:15:ea:fc:d9:1a:1c:a3:
7c:61:ec:1a:96:dd:8f:48:64:82:89:ab:f0:a0:7a:f8:e8:d3:
b1:39:1a:13:b5:90:89:07:b9:db:10:2b:a5:23:82:79:ee:47:
66:02:ef:b6:7b:b7:41:60:15:f0:e5:27:e1:40:d4:62:00:68:
83:53:a6:74:83:9a:bd:c0:88:e9:de:73:9e:ee:ee:da:5d:6d:
7f:97:3f:78:63:5b:b3:36:75:37:54:1c:e3:e6:37:68:7b:32:
ab:d9:63:a2:b5:b7:1d:f8:6c:8c:28:36:a8:60:8b:a6:7b:f3:
03:d8:39:88:d1:94:ac:4f:d9:46:c9:21:6f:ba:7d:76:03:21:
19:c2:8b:35:63:32:35:c8:94:84:fc:39:6f:4b:ca:56:e7:4f:
1c:17:f0:47:d4:16:9e:dc:af:01:fa:6d:d5:e7:8e:3e:87:a4:
32:14:91:d0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZYUke0pwrF4eWP/iS/oXrfJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExN2Y5ZDU1ODI2YjQyNDg2ZGZjODRkMzVjMWE2M2E1Y2U4
NzUwN2MwHhcNMjUwNDA4MDg0MzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2I5NjcyMWIzMzgyMzM4ZTM2OTZlN2Y5MmMzMjVlNzBkY2M3NzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYqBoioWGU1blyCfl2di+EHOB7MT
GsUsjV4LxnfLawBTvk+/9HBT18ukJ1c3uRfPAXeUbqk9/gWJk6ZTIP7VtcEwpqfJ
LO485H+ppbS5YSv+a1TbPJpLWSE8gQBCMLwaOGdldjctnGZq/KiTEOFC8sAiw88O
cIqJ2Axu/QT3Lmji458XNwFpIQN6DuPwXoilmOxmy2fRmMzzZ6TpuUSN0QsJwPR7
6IU40sFT+YkBkr6HC8bSk+CWB3zJZ13s2wM4s+ENmU5aoxQpVtTq2O1nSoze/bN2
BDxUiq+yaHR1X74H5BknoPinMhaAgD+82/x0tt3vGHaZfpYswekkr9+YewIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLy5ZyGzOCM442luf5LDJecNzHcqMB8GA1UdIwQY
MBaAFBF/nVWCa0JIbfyE01waY6XOh1B8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVgtZFZZSnJRa2h0X0lUVFhCcGpwYzZIVUh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9lYWZjNDEtYzM1OC00YjUxLTliMWMt
M2ZiYmJhOTI0OWNkLzEvdkxsbkliTTRJempqYVc1X2tzTWw1dzNNZHlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi9lYWZjNDEtYzM1OC00YjUxLTliMWMtM2ZiYmJhOTI0OWNk
LzEvRVgtZFZZSnJRa2h0X0lUVFhCcGpwYzZIVUh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAsuzzAwQA
wju6MA0GCSqGSIb3DQEBCwUAA4IBAQA165AMoxzgIhtbwz+ev2HqbWYfxT0ALh0K
LSeLZ+8Q847qaH4ag6ijMSwtaGmVOlb2nZK1IxMpaNeBFC1NxrBT1mRiCBrMmBue
WpZoeoxFBpXjpRXq/NkaHKN8Yewalt2PSGSCiavwoHr46NOxORoTtZCJB7nbECul
I4J57kdmAu+2e7dBYBXw5SfhQNRiAGiDU6Z0g5q9wIjp3nOe7u7aXW1/lz94Y1uz
NnU3VBzj5jdoezKr2WOitbcd+GyMKDaoYIume/MD2DmI0ZSsT9lGySFvun12AyEZ
wos1YzI1yJSE/DlvS8pW508cF/BH1Bae3K8B+m3V544+h6QyFJHQ
-----END CERTIFICATE-----
Generated at Fri Apr 18 19:03:21 2025 by rpki-client