Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/5b9878-2080-4354-9592-b7231941fc3a/1/O-lMv2utgSL0sF15RsiGk9rGqhU.roa
File: O-lMv2utgSL0sF15RsiGk9rGqhU.roa (raw, json)
Hash identifier: 4uJaHT6rWS3qzpOxWgNId7Ke0ps1U1qLVv6t8Kfw/Vs=
Subject key identifier: 3B:E9:4C:BF:6B:AD:81:22:F4:B0:5D:79:46:C8:86:93:DA:C6:AA:15
Certificate issuer: /CN=1662cfd26eccf289757399cc99c17d1cb4357535
Certificate serial: 01941F8C2A2CA7291ABC4383E51BDB1128F6
Authority key identifier: 16:62:CF:D2:6E:CC:F2:89:75:73:99:CC:99:C1:7D:1C:B4:35:75:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FmLP0m7M8ol1c5nMmcF9HLQ1dTU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/5b9878-2080-4354-9592-b7231941fc3a/1/O-lMv2utgSL0sF15RsiGk9rGqhU.roa
Signing time: Wed 01 Jan 2025 01:47:47 +0000
ROA not before: Wed 01 Jan 2025 01:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198818
IP address blocks: 178.132.64.0/22 maxlen: 22
178.132.70.0/23 maxlen: 23
178.132.71.0/24 maxlen: 24
2a03:2380::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/5b9878-2080-4354-9592-b7231941fc3a/1/FmLP0m7M8ol1c5nMmcF9HLQ1dTU.crl
rsync://rpki.ripe.net/repository/DEFAULT/83/5b9878-2080-4354-9592-b7231941fc3a/1/FmLP0m7M8ol1c5nMmcF9HLQ1dTU.mft
rsync://rpki.ripe.net/repository/DEFAULT/FmLP0m7M8ol1c5nMmcF9HLQ1dTU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:2a:2c:a7:29:1a:bc:43:83:e5:1b:db:11:28:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1662cfd26eccf289757399cc99c17d1cb4357535
Validity
Not Before: Jan 1 01:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3be94cbf6bad8122f4b05d7946c88693dac6aa15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:76:67:e7:5f:f7:06:73:51:6c:ce:59:1f:ff:
91:4b:32:ed:a7:f8:b2:70:2b:6c:12:43:0e:67:45:
f7:5e:af:2f:04:65:25:e2:f5:ef:2d:9e:8a:5b:ed:
85:ef:11:b6:62:4c:09:16:a7:d9:c0:7e:64:1f:4c:
a7:e5:83:30:0d:39:7e:99:9b:59:3b:56:c6:09:2a:
8a:d1:bd:76:b3:cd:58:15:fa:a4:b0:37:18:f2:97:
28:de:2e:72:8e:34:29:90:3c:d0:c3:6b:46:68:ac:
c9:1c:36:94:f0:7b:e3:fa:33:36:b8:db:56:20:70:
5a:6c:fc:f3:bb:c2:f0:2f:09:b2:cd:13:9b:25:ee:
0b:c9:46:2f:ba:3c:52:b1:bf:d6:8b:3c:7e:32:ed:
b9:51:42:51:4e:1a:30:51:3c:70:a2:cb:87:e2:ed:
6c:58:fd:54:14:70:c0:c5:f6:17:90:5e:cf:1c:3f:
e9:f9:76:5f:f1:8c:e5:9a:3e:e2:04:4e:8d:c3:5d:
61:04:05:16:c2:7a:22:7e:a7:99:5e:51:d7:a1:88:
c5:47:f3:e7:82:ec:12:7f:97:5c:68:7a:b2:4a:82:
96:bf:58:03:7a:5d:39:ce:57:da:b7:5d:96:1d:7f:
57:f3:b3:05:34:30:81:32:ac:e5:56:db:31:ed:3a:
da:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:E9:4C:BF:6B:AD:81:22:F4:B0:5D:79:46:C8:86:93:DA:C6:AA:15
X509v3 Authority Key Identifier:
keyid:16:62:CF:D2:6E:CC:F2:89:75:73:99:CC:99:C1:7D:1C:B4:35:75:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FmLP0m7M8ol1c5nMmcF9HLQ1dTU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/5b9878-2080-4354-9592-b7231941fc3a/1/O-lMv2utgSL0sF15RsiGk9rGqhU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/5b9878-2080-4354-9592-b7231941fc3a/1/FmLP0m7M8ol1c5nMmcF9HLQ1dTU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.132.64.0/22
178.132.70.0/23
IPv6:
2a03:2380::/32
Signature Algorithm: sha256WithRSAEncryption
37:99:32:70:85:cb:6a:9e:c9:50:b5:e3:fa:a4:4e:d9:79:13:
95:d4:07:92:12:f5:f4:14:24:8a:f3:8d:e5:09:ef:36:57:b8:
3b:fc:94:43:1c:f8:79:43:64:d8:71:6f:e0:24:a2:7f:38:82:
d8:df:5b:2a:9c:f8:f7:db:2d:77:5c:73:3b:6e:c0:09:8f:a5:
b9:23:18:f5:d2:c7:cd:dc:5b:3b:c1:b3:89:6a:aa:ae:69:98:
54:15:13:98:3c:62:52:92:eb:01:92:7e:dd:8b:2a:ec:54:9e:
57:b7:83:b2:13:eb:2c:39:c4:29:64:1f:85:bf:d7:66:59:d7:
94:bf:32:c0:c8:2d:d6:36:64:59:d2:51:b4:e5:cf:fe:af:48:
d0:90:d2:11:e0:4d:5f:02:47:74:25:e5:bc:4c:2f:76:6f:58:
70:21:c1:38:b2:21:19:07:d8:ee:b8:a0:e9:34:1b:51:e3:d2:
04:7a:ac:27:01:b2:f4:6b:8d:20:9f:6f:14:96:70:79:56:50:
ba:75:9b:92:51:9c:df:a3:61:1d:94:48:80:cb:51:52:02:5a:
a3:1f:96:07:c3:08:34:73:7c:89:67:d4:c0:bf:56:eb:42:d4:
4c:f1:75:23:0c:1b:23:de:6f:86:27:13:06:82:18:45:26:a3:
8d:3b:5d:51
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQfjCospykavEOD5RvbESj2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2NjJjZmQyNmVjY2YyODk3NTczOTljYzk5YzE3ZDFjYjQz
NTc1MzUwHhcNMjUwMTAxMDE0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmU5NGNiZjZiYWQ4MTIyZjRiMDVkNzk0NmM4ODY5M2RhYzZhYTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3Zn51/3BnNRbM5ZH/+RSzLtp/iy
cCtsEkMOZ0X3Xq8vBGUl4vXvLZ6KW+2F7xG2YkwJFqfZwH5kH0yn5YMwDTl+mZtZ
O1bGCSqK0b12s81YFfqksDcY8pco3i5yjjQpkDzQw2tGaKzJHDaU8Hvj+jM2uNtW
IHBabPzzu8LwLwmyzRObJe4LyUYvujxSsb/Wizx+Mu25UUJRThowUTxwosuH4u1s
WP1UFHDAxfYXkF7PHD/p+XZf8Yzlmj7iBE6Nw11hBAUWwnoifqeZXlHXoYjFR/Pn
guwSf5dcaHqySoKWv1gDel05zlfat12WHX9X87MFNDCBMqzlVtsx7TraZwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDvpTL9rrYEi9LBdeUbIhpPaxqoVMB8GA1UdIwQY
MBaAFBZiz9JuzPKJdXOZzJnBfRy0NXU1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRm1MUDBtN004b2wxYzVuTW1jRjlITFExZFRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My81Yjk4NzgtMjA4MC00MzU0LTk1OTIt
YjcyMzE5NDFmYzNhLzEvTy1sTXYydXRnU0wwc0YxNVJzaUdrOXJHcWhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My81Yjk4NzgtMjA4MC00MzU0LTk1OTItYjcyMzE5NDFmYzNh
LzEvRm1MUDBtN004b2wxYzVuTW1jRjlITFExZFRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCsoRAAwQB
soRGMA0EAgACMAcDBQAqAyOAMA0GCSqGSIb3DQEBCwUAA4IBAQA3mTJwhctqnslQ
teP6pE7ZeROV1AeSEvX0FCSK843lCe82V7g7/JRDHPh5Q2TYcW/gJKJ/OILY31sq
nPj32y13XHM7bsAJj6W5Ixj10sfN3Fs7wbOJaqquaZhUFROYPGJSkusBkn7diyrs
VJ5Xt4OyE+ssOcQpZB+Fv9dmWdeUvzLAyC3WNmRZ0lG05c/+r0jQkNIR4E1fAkd0
JeW8TC92b1hwIcE4siEZB9juuKDpNBtR49IEeqwnAbL0a40gn28UlnB5VlC6dZuS
UZzfo2EdlEiAy1FSAlqjH5YHwwg0c3yJZ9TAv1brQtRM8XUjDBsj3m+GJxMGghhF
JqONO11R
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:21:21 2025 by rpki-client