Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/StZp_TgiRV8OnCbaGk2SfAgFRPE.roa
File: StZp_TgiRV8OnCbaGk2SfAgFRPE.roa (raw, json)
Hash identifier: 7bFhCSDSqD4BHa3+GH7w56Zrb804Leqvdo+OoGq3n1E=
Subject key identifier: 4A:D6:69:FD:38:22:45:5F:0E:9C:26:DA:1A:4D:92:7C:08:05:44:F1
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01948886DC6F054ED8B1B40B58534A92CF76
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/StZp_TgiRV8OnCbaGk2SfAgFRPE.roa
Signing time: Tue 21 Jan 2025 11:02:07 +0000
ROA not before: Tue 21 Jan 2025 11:02:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 81.5.189.0/24 maxlen: 24
89.213.152.0/24 maxlen: 24
89.213.176.0/24 maxlen: 24
89.213.183.0/24 maxlen: 24
109.176.230.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Feb 2025 21:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:88:86:dc:6f:05:4e:d8:b1:b4:0b:58:53:4a:92:cf:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 21 11:02:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4ad669fd3822455f0e9c26da1a4d927c080544f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:ce:c4:ab:94:23:fc:40:b7:a4:ab:d5:27:ce:
b5:b2:f1:e4:a5:f5:b4:45:67:b8:c1:3b:16:3d:ee:
ba:83:2c:dc:4f:12:fd:c5:73:8b:d7:46:d5:c5:38:
ae:28:7c:18:0e:a5:84:09:4d:e5:ec:3d:7b:55:ce:
99:ec:7f:56:38:18:0d:29:15:ef:1f:2f:8a:35:e3:
c4:cb:8c:06:52:25:df:f3:60:62:58:36:44:bf:88:
3b:a7:df:6c:82:ad:7a:b8:32:59:1c:51:b3:eb:ad:
2b:0a:63:68:96:04:ea:85:9b:42:33:14:47:f7:5d:
57:72:f0:af:b5:0a:30:36:bc:4c:31:5a:2c:a8:fe:
c6:d4:85:01:2f:37:cc:97:02:c7:31:0d:b7:73:8b:
64:55:73:61:bb:38:15:a6:38:c4:dc:47:39:1c:e8:
ec:ac:97:5c:97:ca:e2:cf:38:d9:3e:b7:57:8a:5c:
82:d9:cf:fa:c5:4e:bb:61:53:ed:ab:d4:e3:bf:bb:
88:7b:6a:c3:df:1f:84:f3:9e:5f:2d:73:22:74:27:
aa:f8:af:25:bc:4e:63:08:2e:72:1f:e9:23:84:9e:
d5:05:8f:53:1c:70:25:29:36:95:ab:05:a6:52:cf:
9c:b3:e8:17:e9:f8:82:45:e1:96:4b:74:08:da:fc:
e0:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:D6:69:FD:38:22:45:5F:0E:9C:26:DA:1A:4D:92:7C:08:05:44:F1
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/StZp_TgiRV8OnCbaGk2SfAgFRPE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.189.0/24
89.213.152.0/24
89.213.176.0/24
89.213.183.0/24
109.176.230.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:1e:4f:e2:ab:c6:99:04:54:04:b0:c4:cb:f7:7e:65:a1:83:
b6:f4:da:9d:6d:ea:fd:6d:40:49:20:67:38:b8:ca:98:ad:84:
04:d6:b0:d0:cf:1e:48:e3:ec:95:81:43:74:48:e3:1f:11:a7:
d1:7b:9e:0f:8b:3b:ab:6c:da:af:c4:4a:a5:bd:58:55:55:6e:
32:a4:1d:f0:68:7c:bc:4e:cc:51:d2:83:48:37:7a:d2:fd:28:
1c:9a:1a:4c:66:66:c5:81:6f:2e:09:93:07:2e:c5:9d:55:6a:
a5:e6:8f:71:23:47:46:db:0a:a3:72:1a:45:96:e0:0a:50:90:
c2:e3:c1:70:3b:e8:79:46:7c:f9:f4:a1:64:35:8f:a8:6e:6d:
d6:fd:bf:2e:e3:43:4c:73:ab:d8:15:e2:e0:2b:9d:f6:67:e2:
19:d0:b4:2c:f3:a9:05:a4:d5:27:6b:4d:a2:50:83:fa:79:fc:
dd:04:8f:89:17:a7:94:ae:ea:7f:d1:a5:d6:f0:30:54:96:2c:
3b:6a:d5:f1:8c:7f:48:54:4a:3e:ed:da:a1:af:3d:fc:d2:93:
f0:87:14:6f:b5:7e:1b:fe:d1:c4:9e:7f:dd:5c:23:09:73:f0:
c2:99:fd:c3:c4:b4:e8:6f:30:75:fc:28:15:52:32:d5:7b:19:
c2:ad:95:00
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZSIhtxvBU7YsbQLWFNKks92MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTIxMTEwMjA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWQ2NjlmZDM4MjI0NTVmMGU5YzI2ZGExYTRkOTI3YzA4MDU0NGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiM7Eq5Qj/EC3pKvVJ861svHkpfW0
RWe4wTsWPe66gyzcTxL9xXOL10bVxTiuKHwYDqWECU3l7D17Vc6Z7H9WOBgNKRXv
Hy+KNePEy4wGUiXf82BiWDZEv4g7p99sgq16uDJZHFGz660rCmNolgTqhZtCMxRH
911XcvCvtQowNrxMMVosqP7G1IUBLzfMlwLHMQ23c4tkVXNhuzgVpjjE3Ec5HOjs
rJdcl8rizzjZPrdXilyC2c/6xU67YVPtq9Tjv7uIe2rD3x+E855fLXMidCeq+K8l
vE5jCC5yH+kjhJ7VBY9THHAlKTaVqwWmUs+cs+gX6fiCReGWS3QI2vzgdwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFErWaf04IkVfDpwm2hpNknwIBUTxMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvU3RacF9UZ2lSVjhPbkNiYUdrMlNmQWdGUlBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAUQW9AwQA
WdWYAwQAWdWwAwQAWdW3AwQAbbDmMA0GCSqGSIb3DQEBCwUAA4IBAQB+Hk/iq8aZ
BFQEsMTL935loYO29Nqdber9bUBJIGc4uMqYrYQE1rDQzx5I4+yVgUN0SOMfEafR
e54PizurbNqvxEqlvVhVVW4ypB3waHy8TsxR0oNIN3rS/SgcmhpMZmbFgW8uCZMH
LsWdVWql5o9xI0dG2wqjchpFluAKUJDC48FwO+h5Rnz59KFkNY+obm3W/b8u40NM
c6vYFeLgK532Z+IZ0LQs86kFpNUna02iUIP6efzdBI+JF6eUrup/0aXW8DBUliw7
atXxjH9IVEo+7dqhrz380pPwhxRvtX4b/tHEnn/dXCMJc/DCmf3DxLTobzB1/CgV
UjLVexnCrZUA
-----END CERTIFICATE-----
Generated at Wed Feb 5 07:37:46 2025 by rpki-client