Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/b6b9c4-82df-4ea6-aefc-70644e8f3641/1/fQ0Sre67u9FqAYj17x6CK1Kn0s0.roa
File: fQ0Sre67u9FqAYj17x6CK1Kn0s0.roa (raw, json)
Hash identifier: gbYNt5MQ+KrOgley7XtqGDbUm1YLGIimwaWi/r+Sqf4=
Subject key identifier: 7D:0D:12:AD:EE:BB:BB:D1:6A:01:88:F5:EF:1E:82:2B:52:A7:D2:CD
Certificate issuer: /CN=2dfc54d5543e12484b6bab2fdc399a8f5295787c
Certificate serial: 019421B1F4C36F790A34449D6E0E7C87C6C4
Authority key identifier: 2D:FC:54:D5:54:3E:12:48:4B:6B:AB:2F:DC:39:9A:8F:52:95:78:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LfxU1VQ-EkhLa6sv3Dmaj1KVeHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/b6b9c4-82df-4ea6-aefc-70644e8f3641/1/fQ0Sre67u9FqAYj17x6CK1Kn0s0.roa
Signing time: Wed 01 Jan 2025 11:48:18 +0000
ROA not before: Wed 01 Jan 2025 11:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56522
IP address blocks: 91.224.200.0/23 maxlen: 23
176.121.72.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/b6b9c4-82df-4ea6-aefc-70644e8f3641/1/LfxU1VQ-EkhLa6sv3Dmaj1KVeHw.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/b6b9c4-82df-4ea6-aefc-70644e8f3641/1/LfxU1VQ-EkhLa6sv3Dmaj1KVeHw.mft
rsync://rpki.ripe.net/repository/DEFAULT/LfxU1VQ-EkhLa6sv3Dmaj1KVeHw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 23:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:f4:c3:6f:79:0a:34:44:9d:6e:0e:7c:87:c6:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2dfc54d5543e12484b6bab2fdc399a8f5295787c
Validity
Not Before: Jan 1 11:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7d0d12adeebbbbd16a0188f5ef1e822b52a7d2cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:5a:1c:e7:b2:ef:18:c9:ff:9d:79:53:03:9b:
4c:07:14:eb:18:33:ce:0d:fa:82:23:4b:63:8b:b2:
35:a1:1b:0d:15:ca:22:d1:2b:f7:c3:d4:77:ef:a4:
91:99:8e:ce:02:3f:12:69:59:78:e4:d4:bf:ec:ac:
9e:74:55:30:06:61:3e:77:eb:c5:d4:0d:be:30:4f:
f7:e9:fa:5b:1d:4d:75:a3:14:c3:9d:1a:a5:5a:55:
b2:35:86:24:f8:eb:ef:68:32:df:13:a6:69:ba:6e:
c7:6d:c6:ed:b4:4f:2c:71:01:22:13:61:97:f5:e1:
4c:f6:3c:ea:d6:de:d2:f1:6b:fc:75:3f:66:07:f8:
5f:ad:dc:4a:3e:13:b5:84:d8:1e:98:39:e6:8d:45:
21:94:88:ff:29:d3:e0:5b:f7:62:c3:51:7d:92:b7:
c9:99:c1:4c:33:ea:f6:a1:6f:1b:b5:f9:9f:a7:31:
bc:31:3a:2a:c8:6d:ce:bf:4b:94:97:65:45:cb:4e:
84:ec:cc:22:cf:6e:a1:4e:38:f5:9c:d2:98:e2:a9:
8c:68:30:f0:9e:ed:d0:76:58:ca:04:90:d5:6b:0a:
36:d6:0d:c7:f4:56:8a:e9:20:97:40:a7:92:c1:78:
1b:57:7e:a9:4e:12:a5:5a:bb:c0:87:71:c2:18:46:
ce:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:0D:12:AD:EE:BB:BB:D1:6A:01:88:F5:EF:1E:82:2B:52:A7:D2:CD
X509v3 Authority Key Identifier:
keyid:2D:FC:54:D5:54:3E:12:48:4B:6B:AB:2F:DC:39:9A:8F:52:95:78:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LfxU1VQ-EkhLa6sv3Dmaj1KVeHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/b6b9c4-82df-4ea6-aefc-70644e8f3641/1/fQ0Sre67u9FqAYj17x6CK1Kn0s0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/b6b9c4-82df-4ea6-aefc-70644e8f3641/1/LfxU1VQ-EkhLa6sv3Dmaj1KVeHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.224.200.0/23
176.121.72.0/21
Signature Algorithm: sha256WithRSAEncryption
1a:8b:b7:81:d7:59:62:cf:c8:09:af:d1:32:ad:bd:0f:a9:55:
da:af:d0:16:d8:9b:c3:55:48:30:f6:52:53:2f:e6:40:12:4e:
07:26:3f:94:5e:53:22:f3:eb:0c:89:2a:5a:2b:5c:6e:7e:a3:
42:05:9d:92:39:7e:4a:8e:5d:c8:55:28:bf:e6:43:fa:b2:fa:
56:d1:ef:f6:e4:2b:ad:49:20:c0:b0:2d:c3:a0:f0:c8:96:2e:
a7:05:9a:ff:4b:2e:0f:24:5d:aa:e9:19:dd:0c:94:ef:37:8b:
52:57:ab:7e:c4:63:a2:1c:fa:45:2e:83:65:ea:02:99:55:e2:
2c:44:5e:8e:bb:36:3c:c4:85:62:18:c8:9f:36:52:c3:54:5a:
d1:2f:d4:63:3e:89:02:f0:6b:9c:b4:dd:68:8e:4c:c5:2f:52:
86:74:21:cc:93:20:72:ec:3a:83:33:d5:33:d9:66:5b:ed:3d:
5d:5e:bc:73:59:b8:f2:7f:1d:cb:a6:85:f1:ff:bd:3d:67:5d:
7c:5c:bc:55:ef:e5:3a:52:81:6b:c8:c4:ed:d9:95:da:a3:62:
2d:90:51:a7:75:80:0c:25:f0:cb:80:9f:2f:4d:bf:9d:50:a8:
da:15:a7:30:a5:39:5d:84:16:05:1d:30:1c:65:d8:74:a9:3b:
d4:7b:f8:ba
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQhsfTDb3kKNESdbg58h8bEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkZmM1NGQ1NTQzZTEyNDg0YjZiYWIyZmRjMzk5YThmNTI5
NTc4N2MwHhcNMjUwMTAxMTE0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDBkMTJhZGVlYmJiYmQxNmEwMTg4ZjVlZjFlODIyYjUyYTdkMmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Voc57LvGMn/nXlTA5tMBxTrGDPO
DfqCI0tji7I1oRsNFcoi0Sv3w9R376SRmY7OAj8SaVl45NS/7KyedFUwBmE+d+vF
1A2+ME/36fpbHU11oxTDnRqlWlWyNYYk+OvvaDLfE6Zpum7HbcbttE8scQEiE2GX
9eFM9jzq1t7S8Wv8dT9mB/hfrdxKPhO1hNgemDnmjUUhlIj/KdPgW/diw1F9krfJ
mcFMM+r2oW8btfmfpzG8MToqyG3Ov0uUl2VFy06E7Mwiz26hTjj1nNKY4qmMaDDw
nu3QdljKBJDVawo21g3H9FaK6SCXQKeSwXgbV36pThKlWrvAh3HCGEbOCwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFH0NEq3uu7vRagGI9e8egitSp9LNMB8GA1UdIwQY
MBaAFC38VNVUPhJIS2urL9w5mo9SlXh8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGZ4VTFWUS1Fa2hMYTZzdjNEbWFqMUtWZUh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9iNmI5YzQtODJkZi00ZWE2LWFlZmMt
NzA2NDRlOGYzNjQxLzEvZlEwU3JlNjd1OUZxQVlqMTd4NkNLMUtuMHMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9iNmI5YzQtODJkZi00ZWE2LWFlZmMtNzA2NDRlOGYzNjQx
LzEvTGZ4VTFWUS1Fa2hMYTZzdjNEbWFqMUtWZUh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW+DIAwQD
sHlIMA0GCSqGSIb3DQEBCwUAA4IBAQAai7eB11liz8gJr9Eyrb0PqVXar9AW2JvD
VUgw9lJTL+ZAEk4HJj+UXlMi8+sMiSpaK1xufqNCBZ2SOX5Kjl3IVSi/5kP6svpW
0e/25CutSSDAsC3DoPDIli6nBZr/Sy4PJF2q6RndDJTvN4tSV6t+xGOiHPpFLoNl
6gKZVeIsRF6OuzY8xIViGMifNlLDVFrRL9RjPokC8GuctN1ojkzFL1KGdCHMkyBy
7DqDM9Uz2WZb7T1dXrxzWbjyfx3LpoXx/709Z118XLxV7+U6UoFryMTt2ZXao2It
kFGndYAMJfDLgJ8vTb+dUKjaFacwpTldhBYFHTAcZdh0qTvUe/i6
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:54:09 2025 by rpki-client