Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/03ca01-b959-41a6-8133-07228812d017/1/1-xE0-vSES3q7X24C7bA8kScsYVE.roa
File: 1-xE0-vSES3q7X24C7bA8kScsYVE.roa (raw, json)
Hash identifier: AMR+YDswQHGejlMnTq+0urVDztOvK2YpsO5lA8H1zXk=
Subject key identifier: FB:11:34:FA:F4:84:4B:7A:BB:5F:6E:02:ED:B0:3C:91:27:2C:61:51
Certificate issuer: /CN=c8003c979603f7cea12aca01ebc2057c36fd7f30
Certificate serial: 0194236A39DE2BF7C4FC3D73FF6BC96BD2DD
Authority key identifier: C8:00:3C:97:96:03:F7:CE:A1:2A:CA:01:EB:C2:05:7C:36:FD:7F:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yAA8l5YD986hKsoB68IFfDb9fzA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/03ca01-b959-41a6-8133-07228812d017/1/1-xE0-vSES3q7X24C7bA8kScsYVE.roa
Signing time: Wed 01 Jan 2025 19:49:11 +0000
ROA not before: Wed 01 Jan 2025 19:49:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19905
IP address blocks: 62.112.224.0/19 maxlen: 24
94.143.208.0/21 maxlen: 24
185.61.224.0/22 maxlen: 24
185.63.20.0/22 maxlen: 24
213.108.29.0/24 maxlen: 24
2a00:1558::/32 maxlen: 48
2a02:27c8::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/03ca01-b959-41a6-8133-07228812d017/1/yAA8l5YD986hKsoB68IFfDb9fzA.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/03ca01-b959-41a6-8133-07228812d017/1/yAA8l5YD986hKsoB68IFfDb9fzA.mft
rsync://rpki.ripe.net/repository/DEFAULT/yAA8l5YD986hKsoB68IFfDb9fzA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 05:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:39:de:2b:f7:c4:fc:3d:73:ff:6b:c9:6b:d2:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8003c979603f7cea12aca01ebc2057c36fd7f30
Validity
Not Before: Jan 1 19:49:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fb1134faf4844b7abb5f6e02edb03c91272c6151
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:99:f0:70:23:ed:eb:dc:08:bb:29:55:83:57:
35:2c:a9:48:cb:a7:79:35:0b:3c:8d:92:d6:d1:b3:
9b:83:4a:fe:23:4c:92:df:0f:44:05:fb:29:2a:f5:
0b:c5:e2:4b:0b:72:9e:5f:c1:6d:27:a5:4c:90:ce:
f3:2a:e7:23:b2:eb:38:57:2f:76:65:51:9b:1d:ad:
34:55:bd:a3:6a:13:a1:d4:ca:cf:f7:39:5d:da:0d:
b4:e5:93:8c:28:b3:3e:b5:c2:ae:f1:ad:b2:ef:77:
09:a6:de:0b:f7:c6:43:e3:52:51:a7:c3:c3:7f:f4:
6c:83:04:05:13:ba:ad:09:8d:39:45:bd:99:7f:7e:
27:2d:1e:f4:a3:9a:e3:2d:be:d9:e8:76:13:b6:34:
ab:5f:9f:0c:9a:75:70:41:29:69:43:fe:cb:75:82:
ec:f7:0b:33:ce:65:ef:be:e3:c2:f2:71:df:af:ab:
fc:6e:c8:0b:ef:a8:4e:0b:6a:8a:93:99:95:2f:d6:
35:15:7a:5f:64:4e:d9:bd:96:2c:e5:0f:4c:5c:53:
4d:c3:96:a5:e1:ca:0a:eb:6d:26:8a:30:89:99:8a:
10:67:42:51:6f:00:bf:b8:49:36:a4:be:a9:2b:0c:
a8:a2:b8:29:ef:a1:f2:11:96:82:57:8e:f5:54:ad:
44:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:11:34:FA:F4:84:4B:7A:BB:5F:6E:02:ED:B0:3C:91:27:2C:61:51
X509v3 Authority Key Identifier:
keyid:C8:00:3C:97:96:03:F7:CE:A1:2A:CA:01:EB:C2:05:7C:36:FD:7F:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yAA8l5YD986hKsoB68IFfDb9fzA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/03ca01-b959-41a6-8133-07228812d017/1/1-xE0-vSES3q7X24C7bA8kScsYVE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/03ca01-b959-41a6-8133-07228812d017/1/yAA8l5YD986hKsoB68IFfDb9fzA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.112.224.0/19
94.143.208.0/21
185.61.224.0/22
185.63.20.0/22
213.108.29.0/24
IPv6:
2a00:1558::/32
2a02:27c8::/32
Signature Algorithm: sha256WithRSAEncryption
60:d6:3a:40:e4:9d:3f:0f:d0:f7:62:66:9a:36:56:81:76:e4:
56:aa:4d:3e:fc:ff:14:03:13:3e:d5:90:db:35:fd:1d:54:65:
23:a0:8a:8b:7c:ac:0e:87:a1:7b:8d:20:ef:be:e4:1a:0a:59:
34:23:5b:51:92:f1:de:a1:fd:87:a0:3f:ad:11:dd:bc:93:6a:
ac:2e:64:38:c4:4c:f9:ab:c1:eb:ec:6e:55:18:e6:46:83:49:
70:39:e9:f5:6c:09:70:cc:79:01:6d:c3:13:bb:b0:37:b2:6a:
81:da:3a:7a:95:aa:98:4d:66:34:c8:b8:45:07:67:2d:06:82:
90:9d:42:eb:df:4e:3d:73:2f:57:65:22:bf:8a:16:3d:af:fe:
fb:d7:23:11:e8:b5:94:e6:aa:41:0d:68:db:0d:b9:7d:32:38:
4a:32:1c:c8:65:d1:39:d9:cb:b7:92:0d:49:22:61:97:63:c4:
5f:47:5d:78:7b:54:59:3e:90:c7:94:b6:d3:5a:f8:44:26:1d:
5d:d5:88:2b:75:b4:a0:ac:e6:e1:d7:75:03:6a:9d:5c:02:92:
b0:19:de:db:69:bf:e0:46:4f:bc:08:0c:1a:a5:e4:98:8e:58:
05:e4:a3:25:ad:f0:6b:47:10:ef:a2:74:87:13:14:35:69:45:
a9:cb:4e:3b
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZQjajneK/fE/D1z/2vJa9LdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4MDAzYzk3OTYwM2Y3Y2VhMTJhY2EwMWViYzIwNTdjMzZm
ZDdmMzAwHhcNMjUwMTAxMTk0OTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjExMzRmYWY0ODQ0YjdhYmI1ZjZlMDJlZGIwM2M5MTI3MmM2MTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJnwcCPt69wIuylVg1c1LKlIy6d5
NQs8jZLW0bObg0r+I0yS3w9EBfspKvULxeJLC3KeX8FtJ6VMkM7zKucjsus4Vy92
ZVGbHa00Vb2jahOh1MrP9zld2g205ZOMKLM+tcKu8a2y73cJpt4L98ZD41JRp8PD
f/RsgwQFE7qtCY05Rb2Zf34nLR70o5rjLb7Z6HYTtjSrX58MmnVwQSlpQ/7LdYLs
9wszzmXvvuPC8nHfr6v8bsgL76hOC2qKk5mVL9Y1FXpfZE7ZvZYs5Q9MXFNNw5al
4coK620mijCJmYoQZ0JRbwC/uEk2pL6pKwyoorgp76HyEZaCV471VK1E+wIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFPsRNPr0hEt6u19uAu2wPJEnLGFRMB8GA1UdIwQY
MBaAFMgAPJeWA/fOoSrKAevCBXw2/X8wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUFBOGw1WUQ5ODZoS3NvQjY4SUZmRGI5ZnpBLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8wM2NhMDEtYjk1OS00MWE2LTgxMzMt
MDcyMjg4MTJkMDE3LzEvMS14RTAtdlNFUzNxN1gyNEM3YkE4a1Njc1lWRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvODIvMDNjYTAxLWI5NTktNDFhNi04MTMzLTA3MjI4ODEyZDAx
Ny8xL3lBQThsNVlEOTg2aEtzb0I2OElGZkRiOWZ6QS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBNBggrBgEFBQcBBwEB/wQ+MDwwJAQCAAEwHgMEBT5w4AME
A16P0AMEArk94AMEArk/FAMEANVsHTAUBAIAAjAOAwUAKgAVWAMFACoCJ8gwDQYJ
KoZIhvcNAQELBQADggEBAGDWOkDknT8P0PdiZpo2VoF25FaqTT78/xQDEz7VkNs1
/R1UZSOgiot8rA6HoXuNIO++5BoKWTQjW1GS8d6h/YegP60R3byTaqwuZDjETPmr
wevsblUY5kaDSXA56fVsCXDMeQFtwxO7sDeyaoHaOnqVqphNZjTIuEUHZy0GgpCd
QuvfTj1zL1dlIr+KFj2v/vvXIxHotZTmqkENaNsNuX0yOEoyHMhl0TnZy7eSDUki
YZdjxF9HXXh7VFk+kMeUttNa+EQmHV3ViCt1tKCs5uHXdQNqnVwCkrAZ3ttpv+BG
T7wIDBql5JiOWAXkoyWt8GtHEO+idIcTFDVpRanLTjs=
-----END CERTIFICATE-----
Generated at Sat Apr 12 16:15:14 2025 by rpki-client