Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/OOj6UEfy7tJhVvIZwv67cVkbCsw.roa
File: OOj6UEfy7tJhVvIZwv67cVkbCsw.roa (raw, json)
Hash identifier: bFAFslFKUorfRmuJkRc7/SiL4ZsIaQRH0zH9zHF2pgI=
Subject key identifier: 38:E8:FA:50:47:F2:EE:D2:61:56:F2:19:C2:FE:BB:71:59:1B:0A:CC
Certificate issuer: /CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Certificate serial: 019421B1DD3389BBB8CFA443AB0E5A136F40
Authority key identifier: F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/OOj6UEfy7tJhVvIZwv67cVkbCsw.roa
Signing time: Wed 01 Jan 2025 11:48:12 +0000
ROA not before: Wed 01 Jan 2025 11:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200940
IP address blocks: 195.228.73.0/24 maxlen: 24
195.228.94.0/24 maxlen: 24
195.228.95.0/24 maxlen: 24
195.228.103.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.mft
rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 08:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:dd:33:89:bb:b8:cf:a4:43:ab:0e:5a:13:6f:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Validity
Not Before: Jan 1 11:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=38e8fa5047f2eed26156f219c2febb71591b0acc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:84:32:a5:93:21:83:50:7d:64:60:38:13:5f:
f8:6a:b0:03:43:55:52:22:3f:f0:9f:bb:07:49:32:
8e:e2:64:96:97:fe:1c:9a:c7:3d:47:00:e0:68:93:
37:8f:67:f6:bd:67:3c:4f:39:96:96:89:2f:dd:1a:
88:2b:77:93:99:91:67:45:22:58:84:5e:e9:c6:a2:
9f:91:6a:c3:d7:26:be:00:73:8c:35:14:ef:76:6c:
0b:f9:ad:8d:a8:b5:02:03:38:35:ae:28:eb:32:9a:
5f:a8:f9:c0:2d:b3:05:47:35:09:a8:33:b8:47:de:
57:27:d9:e8:f9:3f:fd:95:35:b1:8f:4c:f8:55:ca:
a7:9f:48:bc:72:1f:2a:ca:96:5c:77:2e:17:43:08:
6d:02:3c:b8:1f:02:a4:d8:bb:bc:4a:c7:6d:10:77:
65:a5:3e:1b:43:e0:f9:36:24:e4:9a:77:b0:38:af:
ae:15:df:e1:b2:c7:dd:8e:e8:e1:3c:02:e2:4a:ca:
2b:78:2e:82:63:ce:6c:6a:14:8e:12:36:a4:26:67:
b4:10:3c:60:52:8d:56:00:69:a8:78:49:36:e2:3b:
f9:1e:51:de:99:72:70:13:6d:d8:be:d5:e2:3f:a0:
7c:25:94:44:1b:c7:e2:76:a0:2d:d7:95:cb:52:fc:
3d:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:E8:FA:50:47:F2:EE:D2:61:56:F2:19:C2:FE:BB:71:59:1B:0A:CC
X509v3 Authority Key Identifier:
keyid:F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/OOj6UEfy7tJhVvIZwv67cVkbCsw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.228.73.0/24
195.228.94.0/23
195.228.103.0/24
Signature Algorithm: sha256WithRSAEncryption
27:8a:ec:5a:49:47:f0:95:eb:a4:f3:92:15:06:fb:76:58:02:
58:9d:95:b6:9c:fa:39:0c:64:2b:87:3b:ec:05:51:49:61:fe:
21:12:10:2a:57:05:f4:18:61:d4:04:d0:48:9a:df:33:b8:e2:
fc:18:62:60:b5:e4:7f:21:9b:5d:f1:be:76:fd:c8:c2:63:63:
04:1d:4c:dd:d4:1b:5c:1f:06:a5:4c:8c:f4:88:26:5f:bb:94:
ab:4d:c3:ad:11:a0:e3:0f:53:a4:2d:c0:42:63:c4:ac:be:ca:
0a:e6:dc:6d:0b:f2:7f:eb:23:28:92:7b:d1:20:1e:06:fc:8d:
9b:4b:4b:c0:d0:d6:30:c0:2d:51:9a:90:31:e0:7c:a1:29:64:
20:42:f3:54:8b:55:61:79:19:4c:b5:03:25:46:f8:80:ee:79:
ee:b6:09:ff:f8:c5:ed:88:73:aa:9c:e8:03:72:dd:50:dc:d9:
dd:f1:e4:c6:1b:f8:b9:ca:67:fd:c9:94:9f:a8:12:53:4a:a4:
f5:c0:a5:fe:0d:28:ab:1c:85:9e:2e:21:75:47:a1:79:95:2f:
1e:72:0f:67:e2:cf:8e:b8:f7:5e:a8:91:7f:17:9c:3c:bb:6a:
a7:a9:44:f4:6f:27:09:22:bf:5b:43:00:a5:f6:71:e8:87:0e:
a4:93:ba:0a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQhsd0zibu4z6RDqw5aE29AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMmRhYzYwNWY0NjU5NzE4YzBhMTVlMWY3MzJjYmQ0ZjQ4
YWFlN2IwHhcNMjUwMTAxMTE0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGU4ZmE1MDQ3ZjJlZWQyNjE1NmYyMTljMmZlYmI3MTU5MWIwYWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7IQypZMhg1B9ZGA4E1/4arADQ1VS
Ij/wn7sHSTKO4mSWl/4cmsc9RwDgaJM3j2f2vWc8TzmWlokv3RqIK3eTmZFnRSJY
hF7pxqKfkWrD1ya+AHOMNRTvdmwL+a2NqLUCAzg1rijrMppfqPnALbMFRzUJqDO4
R95XJ9no+T/9lTWxj0z4Vcqnn0i8ch8qypZcdy4XQwhtAjy4HwKk2Lu8SsdtEHdl
pT4bQ+D5NiTkmnewOK+uFd/hssfdjujhPALiSsoreC6CY85sahSOEjakJme0EDxg
Uo1WAGmoeEk24jv5HlHemXJwE23YvtXiP6B8JZREG8fidqAt15XLUvw9IQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDjo+lBH8u7SYVbyGcL+u3FZGwrMMB8GA1UdIwQY
MBaAFPAtrGBfRllxjAoV4fcyy9T0iq57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYt
MjkyYWU0NmU2MzAyLzEvT09qNlVFZnk3dEpoVnZJWnd2NjdjVmtiQ3N3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYtMjkyYWU0NmU2MzAy
LzEvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAw+RJAwQB
w+ReAwQAw+RnMA0GCSqGSIb3DQEBCwUAA4IBAQAniuxaSUfwleuk85IVBvt2WAJY
nZW2nPo5DGQrhzvsBVFJYf4hEhAqVwX0GGHUBNBImt8zuOL8GGJgteR/IZtd8b52
/cjCY2MEHUzd1BtcHwalTIz0iCZfu5SrTcOtEaDjD1OkLcBCY8SsvsoK5txtC/J/
6yMoknvRIB4G/I2bS0vA0NYwwC1RmpAx4HyhKWQgQvNUi1VheRlMtQMlRviA7nnu
tgn/+MXtiHOqnOgDct1Q3Nnd8eTGG/i5ymf9yZSfqBJTSqT1wKX+DSirHIWeLiF1
R6F5lS8ecg9n4s+OuPdeqJF/F5w8u2qnqUT0bycJIr9bQwCl9nHohw6kk7oK
-----END CERTIFICATE-----
Generated at Sun Apr 13 16:30:12 2025 by rpki-client