Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/72281a-d688-415d-a2c6-17f4e0f6cdeb/1/OfdMOcUbbc7oEojb1zo08qkIRuQ.roa
File: OfdMOcUbbc7oEojb1zo08qkIRuQ.roa (raw, json)
Hash identifier: IicrU+y2VcBYbd4QyyTDfZZRjrYA59p1rvePkvFgFRg=
Subject key identifier: 39:F7:4C:39:C5:1B:6D:CE:E8:12:88:DB:D7:3A:34:F2:A9:08:46:E4
Certificate issuer: /CN=b187ccec49aa5f66aa02648d91b4a2ee8ff7bde6
Certificate serial: 019426D939B80E701FCBF9376211ED57241C
Authority key identifier: B1:87:CC:EC:49:AA:5F:66:AA:02:64:8D:91:B4:A2:EE:8F:F7:BD:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sYfM7EmqX2aqAmSNkbSi7o_3veY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/72281a-d688-415d-a2c6-17f4e0f6cdeb/1/OfdMOcUbbc7oEojb1zo08qkIRuQ.roa
Signing time: Thu 02 Jan 2025 11:49:17 +0000
ROA not before: Thu 02 Jan 2025 11:49:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 559
IP address blocks: 144.200.0.0/16 maxlen: 16
2a02:7dc0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/72281a-d688-415d-a2c6-17f4e0f6cdeb/1/sYfM7EmqX2aqAmSNkbSi7o_3veY.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/72281a-d688-415d-a2c6-17f4e0f6cdeb/1/sYfM7EmqX2aqAmSNkbSi7o_3veY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sYfM7EmqX2aqAmSNkbSi7o_3veY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 10 Mar 2025 11:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:39:b8:0e:70:1f:cb:f9:37:62:11:ed:57:24:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b187ccec49aa5f66aa02648d91b4a2ee8ff7bde6
Validity
Not Before: Jan 2 11:49:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=39f74c39c51b6dcee81288dbd73a34f2a90846e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:24:24:a1:e3:1f:7d:04:1a:89:a7:22:a8:46:
1e:6b:25:20:96:af:53:ac:10:e8:37:d9:0b:c9:5b:
bc:01:57:6a:ce:4c:cd:be:6f:17:ef:7c:05:33:92:
a2:89:92:db:5a:2b:c9:87:af:1f:09:f7:f7:5e:19:
cd:7f:ae:20:de:5d:3b:e5:db:5c:00:ff:c1:03:23:
2f:1d:32:7e:9a:34:0d:3f:3a:30:19:d0:78:c6:01:
29:b2:a1:1e:f5:50:60:a2:ba:9e:3e:cd:c2:53:70:
f1:3f:93:78:94:1f:d0:31:8f:89:b6:c6:f2:9e:82:
5b:74:27:fd:ab:f3:04:54:85:8c:ba:d7:29:44:19:
dc:6f:8a:a5:8e:e9:56:87:9a:72:ad:06:a9:63:81:
8e:52:2a:b5:28:67:74:5c:2d:35:d5:8e:62:d1:2d:
3a:5c:3f:59:2c:33:81:d7:ba:92:ea:82:ee:bb:ab:
6b:44:f6:79:bf:37:58:59:c1:52:6e:50:19:97:10:
db:6b:70:49:af:3c:fc:bb:00:1a:ac:92:13:a0:8b:
fc:ed:a7:46:73:f1:2f:af:bd:23:a7:61:8d:57:ab:
e8:90:d0:34:ba:22:dc:10:ad:aa:bf:16:69:d5:d7:
13:53:41:a1:44:f8:56:fa:45:da:f3:85:c7:d3:69:
1b:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:F7:4C:39:C5:1B:6D:CE:E8:12:88:DB:D7:3A:34:F2:A9:08:46:E4
X509v3 Authority Key Identifier:
keyid:B1:87:CC:EC:49:AA:5F:66:AA:02:64:8D:91:B4:A2:EE:8F:F7:BD:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sYfM7EmqX2aqAmSNkbSi7o_3veY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/72281a-d688-415d-a2c6-17f4e0f6cdeb/1/OfdMOcUbbc7oEojb1zo08qkIRuQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/72281a-d688-415d-a2c6-17f4e0f6cdeb/1/sYfM7EmqX2aqAmSNkbSi7o_3veY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.200.0.0/16
IPv6:
2a02:7dc0::/32
Signature Algorithm: sha256WithRSAEncryption
30:4d:c8:c7:6f:fe:67:13:07:74:7c:54:3d:ad:77:aa:8b:3c:
2f:45:9d:86:89:82:35:6d:7e:ae:03:29:b0:ea:e1:a2:3f:e0:
a4:82:29:b5:db:c5:7c:dc:d5:9c:f8:7b:ed:d3:c2:a3:45:13:
75:a2:f6:80:7c:8c:19:ea:bf:41:51:0d:ce:01:be:da:0f:d1:
2d:a7:ed:ff:5d:47:65:8e:7f:98:22:a6:e5:e2:60:e5:a9:14:
1d:77:83:65:d2:d7:38:ab:60:46:60:51:d3:7d:26:28:8b:39:
c0:65:6f:1e:0e:87:16:5a:b2:02:32:9a:7d:ae:cc:74:80:0c:
91:27:20:4b:ac:13:5c:0a:84:07:95:c8:1a:a0:b0:43:ca:c0:
6c:0a:13:fb:37:57:5c:b5:b8:64:b6:ad:d9:76:29:19:1a:d0:
91:73:a8:e7:83:09:85:b2:06:87:ba:4c:0a:e9:d7:8a:c9:4d:
d9:e1:cf:ae:b3:7a:88:26:7c:31:5c:28:cc:f5:5d:a4:dc:5c:
3d:97:73:ff:72:6e:4a:6a:a3:f1:6a:3e:c4:40:b7:c7:46:3d:
63:ef:fd:46:29:55:b5:27:a5:37:f6:2e:76:d2:9e:e9:ee:d9:
e9:9c:44:0c:10:f9:b8:1c:aa:15:c6:1a:c1:42:9b:97:dc:da:
25:25:28:3a
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQm2Tm4DnAfy/k3YhHtVyQcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxODdjY2VjNDlhYTVmNjZhYTAyNjQ4ZDkxYjRhMmVlOGZm
N2JkZTYwHhcNMjUwMTAyMTE0OTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWY3NGMzOWM1MWI2ZGNlZTgxMjg4ZGJkNzNhMzRmMmE5MDg0NmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7iQkoeMffQQaiaciqEYeayUglq9T
rBDoN9kLyVu8AVdqzkzNvm8X73wFM5KiiZLbWivJh68fCff3XhnNf64g3l075dtc
AP/BAyMvHTJ+mjQNPzowGdB4xgEpsqEe9VBgorqePs3CU3DxP5N4lB/QMY+Jtsby
noJbdCf9q/MEVIWMutcpRBncb4qljulWh5pyrQapY4GOUiq1KGd0XC011Y5i0S06
XD9ZLDOB17qS6oLuu6trRPZ5vzdYWcFSblAZlxDba3BJrzz8uwAarJIToIv87adG
c/Evr70jp2GNV6vokNA0uiLcEK2qvxZp1dcTU0GhRPhW+kXa84XH02kbHQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFDn3TDnFG23O6BKI29c6NPKpCEbkMB8GA1UdIwQY
MBaAFLGHzOxJql9mqgJkjZG0ou6P973mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1lmTTdFbXFYMmFxQW1TTmtiU2k3b18zdmVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC83MjI4MWEtZDY4OC00MTVkLWEyYzYt
MTdmNGUwZjZjZGViLzEvT2ZkTU9jVWJiYzdvRW9qYjF6bzA4cWtJUnVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC83MjI4MWEtZDY4OC00MTVkLWEyYzYtMTdmNGUwZjZjZGVi
LzEvc1lmTTdFbXFYMmFxQW1TTmtiU2k3b18zdmVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDALBAIAATAFAwMAkMgwDQQC
AAIwBwMFACoCfcAwDQYJKoZIhvcNAQELBQADggEBADBNyMdv/mcTB3R8VD2td6qL
PC9FnYaJgjVtfq4DKbDq4aI/4KSCKbXbxXzc1Zz4e+3TwqNFE3Wi9oB8jBnqv0FR
Dc4BvtoP0S2n7f9dR2WOf5gipuXiYOWpFB13g2XS1zirYEZgUdN9JiiLOcBlbx4O
hxZasgIymn2uzHSADJEnIEusE1wKhAeVyBqgsEPKwGwKE/s3V1y1uGS2rdl2KRka
0JFzqOeDCYWyBoe6TArp14rJTdnhz66zeogmfDFcKMz1XaTcXD2Xc/9ybkpqo/Fq
PsRAt8dGPWPv/UYpVbUnpTf2LnbSnunu2emcRAwQ+bgcqhXGGsFCm5fc2iUlKDo=
-----END CERTIFICATE-----
Generated at Sun Mar 9 19:05:18 2025 by rpki-client