Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/cLRpZsuHj1Ogs0ExPm-7o6d-jPI.roa
File: cLRpZsuHj1Ogs0ExPm-7o6d-jPI.roa (raw, json)
Hash identifier: TUBUIVHrB/n/iv6Q1YfM7h8U6VmMHs60X+y0rpIetb0=
Subject key identifier: 70:B4:69:66:CB:87:8F:53:A0:B3:41:31:3E:6F:BB:A3:A7:7E:8C:F2
Certificate issuer: /CN=a4327c56e941171ea3beba26ebb9e23f4df5bcf3
Certificate serial: 019421B1C8E49B51E435ECDCF5E70FD6E8D7
Authority key identifier: A4:32:7C:56:E9:41:17:1E:A3:BE:BA:26:EB:B9:E2:3F:4D:F5:BC:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pDJ8VulBFx6jvrom67niP031vPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/cLRpZsuHj1Ogs0ExPm-7o6d-jPI.roa
Signing time: Wed 01 Jan 2025 11:48:06 +0000
ROA not before: Wed 01 Jan 2025 11:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198949
IP address blocks: 149.238.0.0/19 maxlen: 24
149.238.32.0/19 maxlen: 24
149.238.64.0/19 maxlen: 24
149.238.96.0/19 maxlen: 24
149.238.128.0/19 maxlen: 24
149.238.160.0/19 maxlen: 24
149.238.192.0/19 maxlen: 24
149.238.224.0/19 maxlen: 24
192.77.114.0/23 maxlen: 24
192.112.208.0/24 maxlen: 24
193.33.52.0/23 maxlen: 24
2a13:cb40::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/pDJ8VulBFx6jvrom67niP031vPM.crl
rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/pDJ8VulBFx6jvrom67niP031vPM.mft
rsync://rpki.ripe.net/repository/DEFAULT/pDJ8VulBFx6jvrom67niP031vPM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 23:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:c8:e4:9b:51:e4:35:ec:dc:f5:e7:0f:d6:e8:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4327c56e941171ea3beba26ebb9e23f4df5bcf3
Validity
Not Before: Jan 1 11:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=70b46966cb878f53a0b341313e6fbba3a77e8cf2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:07:8e:47:dc:01:b5:1d:11:b9:99:b7:d1:c6:
59:80:5f:66:af:c9:53:6e:47:09:80:f7:46:9d:95:
c0:ec:14:28:21:b0:9b:47:3d:0b:fd:c0:7c:e9:3c:
ce:5e:06:8f:6b:c0:1c:6c:6f:8b:33:c1:e4:ee:15:
ca:ea:57:8e:21:53:e6:06:a1:e6:77:9a:7e:03:72:
ed:e9:9d:78:f4:39:de:e1:d7:5a:45:53:b4:59:3a:
e2:10:10:27:0c:c8:d9:79:a2:87:b2:dc:f2:37:e9:
01:73:f7:99:34:50:86:0e:23:7b:95:34:f1:02:aa:
50:ef:5f:db:b2:28:ba:ce:2b:e4:80:56:67:4e:81:
b7:76:f1:71:80:46:a9:1d:a2:e1:65:7f:75:3d:d7:
58:ef:08:80:05:43:60:df:7e:e8:6a:a7:a6:4b:e8:
87:04:97:8f:05:01:33:f2:b6:ef:e5:b7:b1:4c:06:
e1:fe:f7:16:88:25:58:28:8c:0b:52:9e:2f:55:8a:
d9:28:b8:a4:1b:ca:cb:55:02:b5:87:2b:3b:f1:60:
cc:5a:14:53:bb:20:4a:92:a1:c0:86:87:f7:10:01:
7a:27:86:6a:7c:b3:fb:b6:3f:75:69:bc:ab:7e:91:
0c:bf:04:72:82:cd:49:fe:b1:ed:de:22:c4:eb:25:
f2:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:B4:69:66:CB:87:8F:53:A0:B3:41:31:3E:6F:BB:A3:A7:7E:8C:F2
X509v3 Authority Key Identifier:
keyid:A4:32:7C:56:E9:41:17:1E:A3:BE:BA:26:EB:B9:E2:3F:4D:F5:BC:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pDJ8VulBFx6jvrom67niP031vPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/cLRpZsuHj1Ogs0ExPm-7o6d-jPI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/pDJ8VulBFx6jvrom67niP031vPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.238.0.0/16
192.77.114.0/23
192.112.208.0/24
193.33.52.0/23
IPv6:
2a13:cb40::/29
Signature Algorithm: sha256WithRSAEncryption
ba:c8:24:66:d2:84:9e:39:4d:df:e5:d9:a3:d4:8d:b0:ad:9e:
06:d7:d9:cc:ce:5e:32:d0:fc:39:64:11:e9:1b:0b:3b:cf:6c:
75:fb:1e:7e:c4:1c:d7:e6:fd:2a:db:70:41:ff:2c:dc:20:40:
78:15:4f:74:6a:ab:42:8a:4f:37:75:dc:4f:65:8a:09:f0:9e:
4e:45:69:00:87:e1:47:bb:1c:85:f5:92:c5:5f:eb:42:95:45:
f7:70:8f:a6:e1:f0:94:b1:da:8e:2d:1c:83:61:7b:a9:a2:ed:
f2:be:9a:1f:0b:64:7a:15:7a:3e:60:46:f7:8e:ba:66:1f:12:
60:cc:a8:29:ed:91:ae:ba:df:98:e5:6e:35:dc:ca:d4:e7:59:
8f:a6:96:fd:dc:cc:ed:c7:49:8d:8d:02:4d:f3:0c:ba:26:d4:
89:4b:2c:7f:86:6c:90:fe:e3:09:91:87:9f:d4:a6:fc:a7:fb:
24:f3:1d:02:54:e9:cc:6d:22:96:c9:f2:8d:ec:09:ae:22:df:
84:39:b8:b0:3e:ba:78:c4:23:41:75:c5:77:97:c5:46:76:91:
58:5c:d0:62:f1:f7:fe:04:2b:85:62:4b:b3:b6:fe:cd:e9:b9:
e5:de:7e:64:00:cd:46:9b:3e:e8:60:fc:c6:b8:56:c4:fe:c5:
4c:32:c8:ee
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZQhscjkm1HkNezc9ecP1ujXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MzI3YzU2ZTk0MTE3MWVhM2JlYmEyNmViYjllMjNmNGRm
NWJjZjMwHhcNMjUwMTAxMTE0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGI0Njk2NmNiODc4ZjUzYTBiMzQxMzEzZTZmYmJhM2E3N2U4Y2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQeOR9wBtR0RuZm30cZZgF9mr8lT
bkcJgPdGnZXA7BQoIbCbRz0L/cB86TzOXgaPa8AcbG+LM8Hk7hXK6leOIVPmBqHm
d5p+A3Lt6Z149Dne4ddaRVO0WTriEBAnDMjZeaKHstzyN+kBc/eZNFCGDiN7lTTx
AqpQ71/bsii6zivkgFZnToG3dvFxgEapHaLhZX91PddY7wiABUNg337oaqemS+iH
BJePBQEz8rbv5bexTAbh/vcWiCVYKIwLUp4vVYrZKLikG8rLVQK1hys78WDMWhRT
uyBKkqHAhof3EAF6J4ZqfLP7tj91abyrfpEMvwRygs1J/rHt3iLE6yXy5QIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFHC0aWbLh49ToLNBMT5vu6OnfozyMB8GA1UdIwQY
MBaAFKQyfFbpQRceo766Juu54j9N9bzzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcERKOFZ1bEJGeDZqdnJvbTY3bmlQMDMxdlBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS85YTQ4MzMtNmRhNC00ZGRhLWI3YWIt
MjhjMzQzY2U5ZDVkLzEvY0xScFpzdUhqMU9nczBFeFBtLTdvNmQtalBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS85YTQ4MzMtNmRhNC00ZGRhLWI3YWItMjhjMzQzY2U5ZDVk
LzEvcERKOFZ1bEJGeDZqdnJvbTY3bmlQMDMxdlBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAdBAIAATAXAwMAle4DBAHA
TXIDBADAcNADBAHBITQwDQQCAAIwBwMFAyoTy0AwDQYJKoZIhvcNAQELBQADggEB
ALrIJGbShJ45Td/l2aPUjbCtngbX2czOXjLQ/DlkEekbCzvPbHX7Hn7EHNfm/Srb
cEH/LNwgQHgVT3Rqq0KKTzd13E9lignwnk5FaQCH4Ue7HIX1ksVf60KVRfdwj6bh
8JSx2o4tHINhe6mi7fK+mh8LZHoVej5gRveOumYfEmDMqCntka6635jlbjXcytTn
WY+mlv3czO3HSY2NAk3zDLom1IlLLH+GbJD+4wmRh5/Upvyn+yTzHQJU6cxtIpbJ
8o3sCa4i34Q5uLA+unjEI0F1xXeXxUZ2kVhc0GLx9/4EK4ViS7O2/s3pueXefmQA
zUabPuhg/Ma4VsT+xUwyyO4=
-----END CERTIFICATE-----
Generated at Sat Apr 12 07:50:33 2025 by rpki-client