Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/741872-a425-4367-9ac2-dcd937fd07a7/1/cThp0KEND3BT4KvCeUid-rjEug4.roa
File: cThp0KEND3BT4KvCeUid-rjEug4.roa (raw, json)
Hash identifier: ImpSaegWwcNvwqQ9pHSgJ6wWRXJrvYa1vES4AMD51Qc=
Subject key identifier: 71:38:69:D0:A1:0D:0F:70:53:E0:AB:C2:79:48:9D:FA:B8:C4:BA:0E
Certificate issuer: /CN=9d4f9bf87aff00fd5db21585781b46f36f9e3626
Certificate serial: 019513FADD7627EB2FFF149CA88DE350BDFD
Authority key identifier: 9D:4F:9B:F8:7A:FF:00:FD:5D:B2:15:85:78:1B:46:F3:6F:9E:36:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nU-b-Hr_AP1dshWFeBtG82-eNiY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/741872-a425-4367-9ac2-dcd937fd07a7/1/cThp0KEND3BT4KvCeUid-rjEug4.roa
Signing time: Mon 17 Feb 2025 12:56:02 +0000
ROA not before: Mon 17 Feb 2025 12:56:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198178
IP address blocks: 83.242.100.0/24 maxlen: 24
2a13:7e40:1::/48 maxlen: 48
2a13:7e40:2::/48 maxlen: 48
2a13:7e40:3::/48 maxlen: 48
2a13:7e40:4::/48 maxlen: 48
2a13:7e40:5::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/741872-a425-4367-9ac2-dcd937fd07a7/1/nU-b-Hr_AP1dshWFeBtG82-eNiY.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/741872-a425-4367-9ac2-dcd937fd07a7/1/nU-b-Hr_AP1dshWFeBtG82-eNiY.mft
rsync://rpki.ripe.net/repository/DEFAULT/nU-b-Hr_AP1dshWFeBtG82-eNiY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:13:fa:dd:76:27:eb:2f:ff:14:9c:a8:8d:e3:50:bd:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d4f9bf87aff00fd5db21585781b46f36f9e3626
Validity
Not Before: Feb 17 12:56:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=713869d0a10d0f7053e0abc279489dfab8c4ba0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:b6:b0:f2:fd:de:b8:af:27:80:a5:14:d2:81:
5b:04:3c:d7:eb:b1:8a:b5:a1:91:38:5f:81:de:90:
e6:59:24:43:86:65:61:e4:dd:6b:de:14:46:ab:50:
19:69:de:97:57:5b:01:36:9b:df:97:5f:38:97:55:
52:15:00:c6:f2:8d:2c:32:a8:81:6b:11:6e:e1:a7:
5d:c1:fe:13:e8:50:44:8e:96:34:ed:ee:e4:42:0b:
21:97:2a:12:3d:0e:3b:ce:c9:59:32:f0:11:21:c3:
94:49:a6:18:36:c6:d1:1b:52:2f:aa:92:35:0e:50:
d9:c8:84:23:8f:1c:ff:84:b6:ea:ce:cb:ef:e3:12:
49:c7:e9:bd:e3:a1:af:fb:40:a8:f7:a8:d2:b4:23:
66:2d:39:a2:cb:d9:5f:d0:f0:be:1f:1e:79:33:26:
b5:20:8d:a7:77:fb:c5:d5:b9:18:f8:d3:cf:57:53:
3b:8d:41:48:37:36:c7:df:3e:f1:1e:71:e6:85:5e:
bf:2f:75:03:8f:7b:ac:0b:57:c0:72:f3:58:56:8d:
06:d6:8b:a4:bb:7d:a8:20:74:76:fa:28:38:7c:e9:
08:75:2f:2f:d7:16:05:12:71:63:cc:fb:18:c8:ac:
57:eb:20:45:f9:65:0c:51:32:5a:2f:16:e2:b7:72:
f6:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:38:69:D0:A1:0D:0F:70:53:E0:AB:C2:79:48:9D:FA:B8:C4:BA:0E
X509v3 Authority Key Identifier:
keyid:9D:4F:9B:F8:7A:FF:00:FD:5D:B2:15:85:78:1B:46:F3:6F:9E:36:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nU-b-Hr_AP1dshWFeBtG82-eNiY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/741872-a425-4367-9ac2-dcd937fd07a7/1/cThp0KEND3BT4KvCeUid-rjEug4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/741872-a425-4367-9ac2-dcd937fd07a7/1/nU-b-Hr_AP1dshWFeBtG82-eNiY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.242.100.0/24
IPv6:
2a13:7e40:1::-2a13:7e40:5:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
06:18:fd:8d:cc:9b:fd:34:a1:9b:78:d6:b3:dd:7b:8e:87:34:
0e:9d:e7:8e:ae:01:de:27:f9:3d:03:4a:03:3d:18:a7:73:35:
81:75:a8:61:f0:0c:80:88:6f:a8:e6:e6:e5:86:7d:ad:d0:31:
8a:4d:92:6a:5e:ab:8a:35:fd:ae:d7:d2:92:71:75:5f:42:c2:
9e:f6:ad:2a:e0:06:83:33:19:81:45:f2:c1:3d:89:e3:c9:cf:
6d:15:1c:e9:d2:b8:48:f5:aa:ff:77:13:a2:75:3d:97:4e:25:
73:fa:d1:ae:f4:d6:8f:fc:fe:d8:0f:0c:03:52:79:f0:40:02:
08:cd:48:4c:ac:01:27:21:73:26:e0:a9:75:c4:3b:dc:bb:a4:
c9:6f:fb:ba:44:61:e8:32:0d:c4:68:69:1f:f3:8e:9f:5b:08:
69:b0:c9:3c:bd:7a:66:d7:88:d3:ff:53:49:b7:53:e8:52:6c:
e0:7a:c1:ea:b6:08:e5:ad:dd:3e:6f:13:67:15:40:3d:ce:28:
81:68:11:db:35:d8:24:dd:33:01:31:4c:df:8c:ba:32:e3:47:
22:83:ca:07:7b:d4:f4:0b:00:99:bf:bd:20:59:b3:f6:84:a6:
9a:72:3e:7f:9f:22:1c:4a:3c:9b:95:f0:09:91:32:9c:e0:76:
b7:d8:69:c5
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZUT+t12J+sv/xScqI3jUL39MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkNGY5YmY4N2FmZjAwZmQ1ZGIyMTU4NTc4MWI0NmYzNmY5
ZTM2MjYwHhcNMjUwMjE3MTI1NjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTM4NjlkMGExMGQwZjcwNTNlMGFiYzI3OTQ4OWRmYWI4YzRiYTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsraw8v3euK8ngKUU0oFbBDzX67GK
taGROF+B3pDmWSRDhmVh5N1r3hRGq1AZad6XV1sBNpvfl184l1VSFQDG8o0sMqiB
axFu4addwf4T6FBEjpY07e7kQgshlyoSPQ47zslZMvARIcOUSaYYNsbRG1IvqpI1
DlDZyIQjjxz/hLbqzsvv4xJJx+m946Gv+0Co96jStCNmLTmiy9lf0PC+Hx55Mya1
II2nd/vF1bkY+NPPV1M7jUFINzbH3z7xHnHmhV6/L3UDj3usC1fAcvNYVo0G1ouk
u32oIHR2+ig4fOkIdS8v1xYFEnFjzPsYyKxX6yBF+WUMUTJaLxbit3L2iwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFHE4adChDQ9wU+CrwnlInfq4xLoOMB8GA1UdIwQY
MBaAFJ1Pm/h6/wD9XbIVhXgbRvNvnjYmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblUtYi1Icl9BUDFkc2hXRmVCdEc4Mi1lTmlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS83NDE4NzItYTQyNS00MzY3LTlhYzIt
ZGNkOTM3ZmQwN2E3LzEvY1RocDBLRU5EM0JUNEt2Q2VVaWQtcmpFdWc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS83NDE4NzItYTQyNS00MzY3LTlhYzItZGNkOTM3ZmQwN2E3
LzEvblUtYi1Icl9BUDFkc2hXRmVCdEc4Mi1lTmlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQAU/JkMBoE
AgACMBQwEgMHACoTfkAAAQMHASoTfkAABDANBgkqhkiG9w0BAQsFAAOCAQEABhj9
jcyb/TShm3jWs917joc0Dp3njq4B3if5PQNKAz0Yp3M1gXWoYfAMgIhvqObm5YZ9
rdAxik2Sal6rijX9rtfSknF1X0LCnvatKuAGgzMZgUXywT2J48nPbRUc6dK4SPWq
/3cTonU9l04lc/rRrvTWj/z+2A8MA1J58EACCM1ITKwBJyFzJuCpdcQ73LukyW/7
ukRh6DINxGhpH/OOn1sIabDJPL16ZteI0/9TSbdT6FJs4HrB6rYI5a3dPm8TZxVA
Pc4ogWgR2zXYJN0zATFM34y6MuNHIoPKB3vU9AsAmb+9IFmz9oSmmnI+f58iHEo8
m5XwCZEynOB2t9hpxQ==
-----END CERTIFICATE-----
Generated at Fri Apr 18 07:00:08 2025 by rpki-client