Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/smOQBtY0mSqc_Ze4IzIL_OQgdp4.roa
File: smOQBtY0mSqc_Ze4IzIL_OQgdp4.roa (raw, json)
Hash identifier: vvh2ZRdKE2P5MUzZpLaI6EQMZsM6IiskR3CQR87vZxk=
Subject key identifier: B2:63:90:06:D6:34:99:2A:9C:FD:97:B8:23:32:0B:FC:E4:20:76:9E
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0194FFF041B02E5B176605DF6146EC5412BD
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/smOQBtY0mSqc_Ze4IzIL_OQgdp4.roa
Signing time: Thu 13 Feb 2025 15:32:02 +0000
ROA not before: Thu 13 Feb 2025 15:32:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 64267
IP address blocks: 80.240.85.0/24 maxlen: 24
89.213.229.0/24 maxlen: 24
109.176.243.0/24 maxlen: 24
217.145.71.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 09:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ff:f0:41:b0:2e:5b:17:66:05:df:61:46:ec:54:12:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Feb 13 15:32:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b2639006d634992a9cfd97b823320bfce420769e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:29:98:e3:17:a1:91:78:ff:80:b1:0b:38:7f:
4c:5c:0d:ad:ff:63:4d:84:dc:f3:d4:af:93:0d:ed:
5d:7d:ed:cc:68:19:2a:76:6a:bd:d3:45:51:8f:ae:
35:f7:15:9d:fa:56:83:7c:36:dd:d3:ec:e5:ea:85:
4a:1d:48:04:67:5e:1c:5f:9f:95:c6:79:d3:c9:80:
a2:35:6b:6f:11:e8:1f:04:ef:51:0a:86:67:7c:44:
09:66:64:4f:b7:e3:46:bf:60:fd:80:48:1a:87:b6:
f7:7d:57:27:ae:35:72:de:8e:5d:de:9e:96:ed:37:
de:b8:d1:cc:0c:41:e5:6c:10:10:96:49:12:9c:a9:
35:3a:49:d0:43:f1:84:97:e6:e8:98:64:42:a8:ca:
48:e9:87:8d:e2:fa:71:fd:2a:76:e8:66:d8:39:13:
78:b7:e7:20:60:41:4a:99:b5:c1:bb:9a:e7:28:25:
a6:03:23:b8:50:7e:ab:3d:ab:aa:2d:ee:71:24:32:
f7:03:b3:7d:f0:7d:a1:ed:97:3c:c8:b3:d1:42:aa:
d1:5f:41:56:c4:e9:64:d3:98:3c:57:c2:08:90:b1:
e4:0f:e0:cb:05:90:ec:21:e5:4d:aa:01:5c:0e:11:
49:9e:2f:05:c5:3b:ce:df:fb:85:8c:f5:27:04:dc:
6a:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:63:90:06:D6:34:99:2A:9C:FD:97:B8:23:32:0B:FC:E4:20:76:9E
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/smOQBtY0mSqc_Ze4IzIL_OQgdp4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.240.85.0/24
89.213.229.0/24
109.176.243.0/24
217.145.71.0/24
Signature Algorithm: sha256WithRSAEncryption
40:a4:ad:28:fa:8f:0f:4b:78:db:56:59:aa:6b:85:e8:0c:0e:
1c:ec:03:83:aa:e7:0b:3d:31:53:a8:ae:21:07:b1:6f:8f:64:
c3:f4:00:0a:15:33:ca:5e:7d:a4:fa:57:b9:55:b5:08:9f:11:
2a:3a:92:07:2d:fa:14:f9:b5:2d:e0:0d:f3:0a:ca:7f:20:21:
8b:43:73:c4:3b:c9:b3:5a:dd:1a:82:d5:5e:73:3e:60:97:5d:
04:50:6d:8f:de:41:17:fa:d8:19:af:74:09:f9:7d:71:e8:1b:
dc:59:79:90:a2:9b:b9:4f:63:fc:b2:85:6a:90:f6:31:df:fd:
d0:da:b5:d4:f0:9a:49:2b:c5:bc:cf:9a:3c:24:45:a2:4c:ca:
9a:5b:b2:db:15:7b:bd:25:bf:0d:1d:cd:80:7d:39:dd:9f:99:
05:99:ac:4e:97:8c:4b:cf:71:a8:a4:a2:bb:65:c5:40:25:55:
69:67:97:07:d0:db:32:37:46:48:9f:e8:19:58:8c:ba:c8:09:
02:9c:0b:40:e4:86:63:bc:17:3c:48:b5:80:28:0d:44:69:aa:
d5:7e:5c:5e:9c:da:c4:57:72:48:f3:47:6d:0b:33:2f:19:12:
26:54:8a:cd:5e:99:63:70:43:11:35:29:fd:d9:57:01:9e:7d:
b0:cc:ee:8c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZT/8EGwLlsXZgXfYUbsVBK9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMjEzMTUzMjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjYzOTAwNmQ2MzQ5OTJhOWNmZDk3YjgyMzMyMGJmY2U0MjA3NjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoSmY4xehkXj/gLELOH9MXA2t/2NN
hNzz1K+TDe1dfe3MaBkqdmq900VRj6419xWd+laDfDbd0+zl6oVKHUgEZ14cX5+V
xnnTyYCiNWtvEegfBO9RCoZnfEQJZmRPt+NGv2D9gEgah7b3fVcnrjVy3o5d3p6W
7TfeuNHMDEHlbBAQlkkSnKk1OknQQ/GEl+bomGRCqMpI6YeN4vpx/Sp26GbYORN4
t+cgYEFKmbXBu5rnKCWmAyO4UH6rPauqLe5xJDL3A7N98H2h7Zc8yLPRQqrRX0FW
xOlk05g8V8IIkLHkD+DLBZDsIeVNqgFcDhFJni8FxTvO3/uFjPUnBNxqDQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLJjkAbWNJkqnP2XuCMyC/zkIHaeMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvc21PUUJ0WTBtU3FjX1plNEl6SUxfT1FnZHA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUPBVAwQA
WdXlAwQAbbDzAwQA2ZFHMA0GCSqGSIb3DQEBCwUAA4IBAQBApK0o+o8PS3jbVlmq
a4XoDA4c7AODqucLPTFTqK4hB7Fvj2TD9AAKFTPKXn2k+le5VbUInxEqOpIHLfoU
+bUt4A3zCsp/ICGLQ3PEO8mzWt0agtVecz5gl10EUG2P3kEX+tgZr3QJ+X1x6Bvc
WXmQopu5T2P8soVqkPYx3/3Q2rXU8JpJK8W8z5o8JEWiTMqaW7LbFXu9Jb8NHc2A
fTndn5kFmaxOl4xLz3GopKK7ZcVAJVVpZ5cH0NsyN0ZIn+gZWIy6yAkCnAtA5IZj
vBc8SLWAKA1EaarVflxenNrEV3JI80dtCzMvGRImVIrNXpljcEMRNSn92VcBnn2w
zO6M
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:28:36 2025 by rpki-client