Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/c5a159-8568-4945-8026-23c338680771/1/fEfLOGBVJeUecVVlEjapZ06Oj8U.roa
File: fEfLOGBVJeUecVVlEjapZ06Oj8U.roa (raw, json)
Hash identifier: OleUOgz+9pFvUxQajAS7ULw6aOZyzyIU0DZD60L7Tws=
Subject key identifier: 7C:47:CB:38:60:55:25:E5:1E:71:55:65:12:36:A9:67:4E:8E:8F:C5
Certificate issuer: /CN=acbe212a2f1a119ef64ab62e1a96d711524c8bc7
Certificate serial: 01941FFA3481C142219EBC292CF74AE44990
Authority key identifier: AC:BE:21:2A:2F:1A:11:9E:F6:4A:B6:2E:1A:96:D7:11:52:4C:8B:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rL4hKi8aEZ72SrYuGpbXEVJMi8c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/c5a159-8568-4945-8026-23c338680771/1/fEfLOGBVJeUecVVlEjapZ06Oj8U.roa
Signing time: Wed 01 Jan 2025 03:47:58 +0000
ROA not before: Wed 01 Jan 2025 03:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48469
IP address blocks: 94.127.56.0/22 maxlen: 22
185.247.96.0/24 maxlen: 24
185.247.99.0/24 maxlen: 24
2a02:2188::/48 maxlen: 48
2a02:2188:1000::/36 maxlen: 36
2a02:2188:f000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/c5a159-8568-4945-8026-23c338680771/1/rL4hKi8aEZ72SrYuGpbXEVJMi8c.crl
rsync://rpki.ripe.net/repository/DEFAULT/8c/c5a159-8568-4945-8026-23c338680771/1/rL4hKi8aEZ72SrYuGpbXEVJMi8c.mft
rsync://rpki.ripe.net/repository/DEFAULT/rL4hKi8aEZ72SrYuGpbXEVJMi8c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:34:81:c1:42:21:9e:bc:29:2c:f7:4a:e4:49:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=acbe212a2f1a119ef64ab62e1a96d711524c8bc7
Validity
Not Before: Jan 1 03:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7c47cb38605525e51e7155651236a9674e8e8fc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:0f:96:b3:fc:57:89:35:d1:4b:a4:11:0c:74:
b3:a7:71:dc:86:f9:80:68:31:05:3f:0c:ba:7e:a4:
5a:8c:fb:ef:a9:6a:2b:77:da:13:72:f6:95:6d:12:
6c:49:95:6e:4f:58:99:3c:bc:ef:19:33:8c:d4:99:
27:52:21:2d:3a:b0:f9:fd:36:2e:38:ea:27:3c:f0:
c0:fc:b4:b8:c2:34:5d:79:8e:df:86:2c:bb:f9:3e:
ac:9f:96:4e:33:40:73:e4:7e:bd:b9:f9:98:d7:e9:
43:ab:25:86:57:b1:59:86:9e:20:a9:bc:c2:3e:90:
1a:e9:23:17:2b:80:49:a4:4d:89:2c:56:ea:7f:37:
05:16:c8:74:21:9e:42:fe:b8:63:4f:59:c2:ba:01:
40:85:ee:68:ee:69:12:c5:2f:74:79:95:85:39:6a:
65:ce:db:64:13:85:ad:26:0f:5a:19:a6:20:75:6f:
75:b0:03:43:10:cd:29:5d:1d:73:ca:a1:37:75:1b:
3b:94:b8:ad:25:13:27:34:66:f5:5c:ef:94:bb:58:
d3:6b:c6:46:92:c0:a7:09:86:e8:32:8c:24:3d:0a:
e7:71:3c:82:ea:2e:71:21:f2:38:2e:dc:ac:d4:55:
06:09:b5:fa:47:8f:b1:b6:d0:fa:05:26:09:6a:ea:
3a:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:47:CB:38:60:55:25:E5:1E:71:55:65:12:36:A9:67:4E:8E:8F:C5
X509v3 Authority Key Identifier:
keyid:AC:BE:21:2A:2F:1A:11:9E:F6:4A:B6:2E:1A:96:D7:11:52:4C:8B:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rL4hKi8aEZ72SrYuGpbXEVJMi8c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/c5a159-8568-4945-8026-23c338680771/1/fEfLOGBVJeUecVVlEjapZ06Oj8U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/c5a159-8568-4945-8026-23c338680771/1/rL4hKi8aEZ72SrYuGpbXEVJMi8c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.127.56.0/22
185.247.96.0/24
185.247.99.0/24
IPv6:
2a02:2188::/48
2a02:2188:1000::/36
2a02:2188:f000::/36
Signature Algorithm: sha256WithRSAEncryption
0d:c4:be:70:05:43:e9:51:8f:56:f4:85:b6:87:82:10:87:a0:
fe:03:eb:d1:8d:a5:73:ce:e8:0a:55:48:bb:96:da:cb:ab:35:
c8:c1:23:f2:f4:23:29:96:49:0f:d1:28:d9:03:59:82:56:db:
e9:1b:f1:d2:6e:89:da:ad:84:cd:f4:65:d4:0e:e8:e3:b3:1d:
73:9f:9c:8c:38:57:d4:9c:f5:bc:16:74:5a:f7:36:93:f0:56:
f7:fd:40:5a:41:2d:b4:f6:c0:4f:cd:9c:d6:9f:3d:79:2d:56:
a3:10:ec:bc:1f:78:0a:d2:98:80:39:89:b2:9a:cf:34:c3:75:
ef:b9:48:08:d3:05:ea:f1:07:4d:6b:31:f4:75:8e:94:8a:40:
8c:fb:31:fd:39:bd:24:fe:7c:76:35:6f:e4:34:1f:fe:2f:78:
7d:c1:0b:1b:6f:ab:a5:d0:de:29:5d:f9:5d:b1:e2:dc:8a:18:
0b:25:39:98:d3:70:fe:aa:b6:ac:e1:ad:fd:21:3b:3c:dd:c4:
aa:2b:ca:d7:13:f2:29:5d:0b:12:8c:0e:4c:9d:da:6f:bd:d5:
3a:01:42:4f:6c:5d:01:17:92:79:2d:0e:be:76:6e:00:2a:0a:
47:5d:5f:2c:4c:f2:c4:1b:0f:86:2d:f7:8f:c0:12:4c:88:dc:
da:09:cb:70
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZQf+jSBwUIhnrwpLPdK5EmQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYmUyMTJhMmYxYTExOWVmNjRhYjYyZTFhOTZkNzExNTI0
YzhiYzcwHhcNMjUwMTAxMDM0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzQ3Y2IzODYwNTUyNWU1MWU3MTU1NjUxMjM2YTk2NzRlOGU4ZmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvw+Ws/xXiTXRS6QRDHSzp3HchvmA
aDEFPwy6fqRajPvvqWord9oTcvaVbRJsSZVuT1iZPLzvGTOM1JknUiEtOrD5/TYu
OOonPPDA/LS4wjRdeY7fhiy7+T6sn5ZOM0Bz5H69ufmY1+lDqyWGV7FZhp4gqbzC
PpAa6SMXK4BJpE2JLFbqfzcFFsh0IZ5C/rhjT1nCugFAhe5o7mkSxS90eZWFOWpl
zttkE4WtJg9aGaYgdW91sANDEM0pXR1zyqE3dRs7lLitJRMnNGb1XO+Uu1jTa8ZG
ksCnCYboMowkPQrncTyC6i5xIfI4Ltys1FUGCbX6R4+xttD6BSYJauo6JwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFHxHyzhgVSXlHnFVZRI2qWdOjo/FMB8GA1UdIwQY
MBaAFKy+ISovGhGe9kq2LhqW1xFSTIvHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckw0aEtpOGFFWjcyU3JZdUdwYlhFVkpNaThjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9jNWExNTktODU2OC00OTQ1LTgwMjYt
MjNjMzM4NjgwNzcxLzEvZkVmTE9HQlZKZVVlY1ZWbEVqYXBaMDZPajhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9jNWExNTktODU2OC00OTQ1LTgwMjYtMjNjMzM4NjgwNzcx
LzEvckw0aEtpOGFFWjcyU3JZdUdwYlhFVkpNaThjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAYBAIAATASAwQCXn84AwQA
ufdgAwQAufdjMB8EAgACMBkDBwAqAiGIAAADBgQqAiGIEAMGBCoCIYjwMA0GCSqG
SIb3DQEBCwUAA4IBAQANxL5wBUPpUY9W9IW2h4IQh6D+A+vRjaVzzugKVUi7ltrL
qzXIwSPy9CMplkkP0SjZA1mCVtvpG/HSbonarYTN9GXUDujjsx1zn5yMOFfUnPW8
FnRa9zaT8Fb3/UBaQS209sBPzZzWnz15LVajEOy8H3gK0piAOYmyms80w3XvuUgI
0wXq8QdNazH0dY6UikCM+zH9Ob0k/nx2NW/kNB/+L3h9wQsbb6ul0N4pXfldseLc
ihgLJTmY03D+qras4a39ITs83cSqK8rXE/IpXQsSjA5MndpvvdU6AUJPbF0BF5J5
LQ6+dm4AKgpHXV8sTPLEGw+GLfePwBJMiNzaCctw
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:46:41 2025 by rpki-client