Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/3fa36d-8faf-4bdc-ad9e-013c1f01edb9/1/7Jx_d84jw9RCpVbZlGjBj5ncWcE.roa
File: 7Jx_d84jw9RCpVbZlGjBj5ncWcE.roa (raw, json)
Hash identifier: 5qe+SEXJJD8iF6SfIvYp7Poby6fZfVkFooQVkliL5/M=
Subject key identifier: EC:9C:7F:77:CE:23:C3:D4:42:A5:56:D9:94:68:C1:8F:99:DC:59:C1
Certificate issuer: /CN=0830bc34b8f4fcbc2bf523bbdbe9a044a2445fbe
Certificate serial: 019425FC9C1E546F9A7A96434215AA78A548
Authority key identifier: 08:30:BC:34:B8:F4:FC:BC:2B:F5:23:BB:DB:E9:A0:44:A2:44:5F:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CDC8NLj0_Lwr9SO72-mgRKJEX74.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/3fa36d-8faf-4bdc-ad9e-013c1f01edb9/1/7Jx_d84jw9RCpVbZlGjBj5ncWcE.roa
Signing time: Thu 02 Jan 2025 07:48:19 +0000
ROA not before: Thu 02 Jan 2025 07:48:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396982
IP address blocks: 5.154.244.0/22 maxlen: 23
5.154.246.0/23 maxlen: 23
185.48.80.0/23 maxlen: 23
185.48.82.0/23 maxlen: 23
2a01:9560::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/3fa36d-8faf-4bdc-ad9e-013c1f01edb9/1/CDC8NLj0_Lwr9SO72-mgRKJEX74.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/3fa36d-8faf-4bdc-ad9e-013c1f01edb9/1/CDC8NLj0_Lwr9SO72-mgRKJEX74.mft
rsync://rpki.ripe.net/repository/DEFAULT/CDC8NLj0_Lwr9SO72-mgRKJEX74.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 12:02:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:9c:1e:54:6f:9a:7a:96:43:42:15:aa:78:a5:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0830bc34b8f4fcbc2bf523bbdbe9a044a2445fbe
Validity
Not Before: Jan 2 07:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ec9c7f77ce23c3d442a556d99468c18f99dc59c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:a9:45:69:c4:c4:ea:7c:c0:35:22:e3:43:03:
2c:8c:7a:4e:32:3a:d6:30:93:82:e0:bd:9d:95:ce:
67:b1:79:e3:78:7c:e9:37:83:be:d4:29:b2:a9:ea:
c6:5c:c1:9f:01:80:78:d8:7a:87:be:be:b1:2f:54:
48:fc:f5:47:8f:2c:b2:95:04:a9:7f:07:9c:48:55:
fe:a2:bf:f9:6f:e3:04:50:f1:ae:78:5f:9e:70:64:
6f:88:48:56:77:3c:28:d6:9d:74:2a:db:0d:1c:97:
08:10:3b:68:12:1e:62:bf:02:03:0d:27:e9:7b:d4:
2d:16:7a:4a:e8:f0:01:f5:d3:a2:80:7b:bd:3a:d2:
3e:b8:29:1e:c0:ac:3f:fb:49:f7:19:62:12:58:30:
62:4b:df:ca:0b:b3:f6:9b:a6:d2:57:db:78:e8:44:
9d:9b:ef:af:4d:fb:3a:ee:9e:e6:74:28:eb:f4:b1:
e7:30:b2:94:a9:fb:19:a8:30:a4:9a:1a:a6:cb:9d:
af:0a:1c:ce:a2:bb:0b:53:ba:d7:99:fc:ed:6c:20:
9c:31:9d:83:4e:c5:eb:bd:60:57:da:7d:1f:cd:31:
24:2b:d4:4b:12:2b:e9:46:36:52:d4:4a:78:a9:aa:
3b:ff:54:28:18:44:41:1a:c8:32:7e:d3:2d:8d:fe:
e6:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:9C:7F:77:CE:23:C3:D4:42:A5:56:D9:94:68:C1:8F:99:DC:59:C1
X509v3 Authority Key Identifier:
keyid:08:30:BC:34:B8:F4:FC:BC:2B:F5:23:BB:DB:E9:A0:44:A2:44:5F:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CDC8NLj0_Lwr9SO72-mgRKJEX74.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/3fa36d-8faf-4bdc-ad9e-013c1f01edb9/1/7Jx_d84jw9RCpVbZlGjBj5ncWcE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/3fa36d-8faf-4bdc-ad9e-013c1f01edb9/1/CDC8NLj0_Lwr9SO72-mgRKJEX74.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.244.0/22
185.48.80.0/22
IPv6:
2a01:9560::/32
Signature Algorithm: sha256WithRSAEncryption
aa:bc:7a:87:bb:ad:93:dc:4d:45:1d:a3:a4:bb:bc:49:3e:36:
ee:25:2c:5a:cc:68:3f:e6:45:cd:85:ad:05:05:62:4d:be:1b:
44:e5:36:d2:24:9f:d9:00:83:e3:69:2d:5b:8b:82:71:dd:73:
d9:46:11:c1:3e:5a:a4:54:50:6c:d9:f3:6a:b5:c7:17:67:70:
0e:92:9c:37:28:2f:59:ce:2e:c3:38:76:26:36:4e:91:d6:c4:
68:50:b1:a8:f9:a2:f2:53:fd:d4:f5:1a:3e:d0:a1:1c:9b:e7:
aa:3a:4a:7c:1f:ff:a5:9c:07:83:eb:84:8c:f9:fe:0b:5e:67:
80:b4:d4:7e:da:af:1c:49:87:1a:1c:9d:a2:c0:7e:59:4e:0b:
e4:89:48:af:22:76:d1:1e:19:68:29:37:09:a8:81:ab:90:f5:
db:9d:f0:38:0b:ec:60:5a:da:3f:fb:23:2b:89:65:40:53:88:
8c:0d:47:c3:ff:31:eb:4a:19:29:88:51:50:ed:8f:13:7c:74:
20:89:6c:4b:fe:11:06:98:73:8b:35:01:03:3a:6d:72:8f:c1:
d8:d4:b5:b2:88:8d:e8:c7:25:53:97:b3:18:a2:b2:79:f8:40:
55:2f:69:70:19:33:f7:36:aa:1c:f4:8d:8a:86:2f:9e:9d:32:
45:3c:3d:7f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQl/JweVG+aepZDQhWqeKVIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MzBiYzM0YjhmNGZjYmMyYmY1MjNiYmRiZTlhMDQ0YTI0
NDVmYmUwHhcNMjUwMTAyMDc0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzljN2Y3N2NlMjNjM2Q0NDJhNTU2ZDk5NDY4YzE4Zjk5ZGM1OWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqalFacTE6nzANSLjQwMsjHpOMjrW
MJOC4L2dlc5nsXnjeHzpN4O+1CmyqerGXMGfAYB42HqHvr6xL1RI/PVHjyyylQSp
fwecSFX+or/5b+MEUPGueF+ecGRviEhWdzwo1p10KtsNHJcIEDtoEh5ivwIDDSfp
e9QtFnpK6PAB9dOigHu9OtI+uCkewKw/+0n3GWISWDBiS9/KC7P2m6bSV9t46ESd
m++vTfs67p7mdCjr9LHnMLKUqfsZqDCkmhqmy52vChzOorsLU7rXmfztbCCcMZ2D
TsXrvWBX2n0fzTEkK9RLEivpRjZS1Ep4qao7/1QoGERBGsgyftMtjf7m5QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOycf3fOI8PUQqVW2ZRowY+Z3FnBMB8GA1UdIwQY
MBaAFAgwvDS49Py8K/Uju9vpoESiRF++MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0RDOE5MajBfTHdyOVNPNzItbWdSS0pFWDc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC8zZmEzNmQtOGZhZi00YmRjLWFkOWUt
MDEzYzFmMDFlZGI5LzEvN0p4X2Q4NGp3OVJDcFZiWmxHakJqNW5jV2NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC8zZmEzNmQtOGZhZi00YmRjLWFkOWUtMDEzYzFmMDFlZGI5
LzEvQ0RDOE5MajBfTHdyOVNPNzItbWdSS0pFWDc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCBZr0AwQC
uTBQMA0EAgACMAcDBQAqAZVgMA0GCSqGSIb3DQEBCwUAA4IBAQCqvHqHu62T3E1F
HaOku7xJPjbuJSxazGg/5kXNha0FBWJNvhtE5TbSJJ/ZAIPjaS1bi4Jx3XPZRhHB
PlqkVFBs2fNqtccXZ3AOkpw3KC9Zzi7DOHYmNk6R1sRoULGo+aLyU/3U9Ro+0KEc
m+eqOkp8H/+lnAeD64SM+f4LXmeAtNR+2q8cSYcaHJ2iwH5ZTgvkiUivInbRHhlo
KTcJqIGrkPXbnfA4C+xgWto/+yMriWVAU4iMDUfD/zHrShkpiFFQ7Y8TfHQgiWxL
/hEGmHOLNQEDOm1yj8HY1LWyiI3oxyVTl7MYorJ5+EBVL2lwGTP3Nqoc9I2Khi+e
nTJFPD1/
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:45:15 2025 by rpki-client