Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/1-Ib3ePsRA5A4NzmQHsGZ6WhlfLg.roa
File: 1-Ib3ePsRA5A4NzmQHsGZ6WhlfLg.roa (raw, json)
Hash identifier: KapOr1wMzQ4a6V+iTDayaFAT/0xfPbcJAwEYW1S99AM=
Subject key identifier: F8:86:F7:78:FB:11:03:90:38:37:39:90:1E:C1:99:E9:68:65:7C:B8
Certificate issuer: /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial: 01941FFA69E1F80E7EAA8A19DDF84DA6A330
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/1-Ib3ePsRA5A4NzmQHsGZ6WhlfLg.roa
Signing time: Wed 01 Jan 2025 03:48:12 +0000
ROA not before: Wed 01 Jan 2025 03:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198154
IP address blocks: 5.57.38.0/24 maxlen: 24
37.32.47.0/24 maxlen: 24
178.239.145.0/24 maxlen: 24
185.215.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 11 Apr 2025 08:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:69:e1:f8:0e:7e:aa:8a:19:dd:f8:4d:a6:a3:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Validity
Not Before: Jan 1 03:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f886f778fb110390383739901ec199e968657cb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:94:13:04:7d:0c:bb:46:90:73:2b:d3:26:bb:
bc:d6:8b:27:c5:bb:27:20:bf:77:51:d5:e1:66:99:
da:26:0c:68:59:31:3a:2f:5d:b3:2f:59:d2:31:07:
b8:0e:35:2b:f6:08:33:c2:b2:c3:a2:e9:f6:ec:02:
ed:d3:76:75:4f:81:c2:c2:02:90:08:7e:74:d7:74:
15:43:f2:b9:f4:78:dc:e4:1f:50:22:7a:c0:da:41:
51:7d:4b:f1:b2:e0:f1:31:89:4d:d7:76:e6:07:9b:
89:06:bb:77:95:e2:9c:00:5e:5e:66:f8:8f:7c:ee:
72:6d:b5:0f:93:ce:87:54:0a:a7:c8:fc:e6:38:a1:
86:25:4d:18:f4:0d:75:23:27:99:4c:42:aa:f0:a7:
f8:0f:64:9e:42:56:0f:2a:5f:c8:e5:00:b7:1b:69:
a9:f8:f9:83:ea:89:f7:54:7c:3d:4a:b3:67:80:a7:
98:3e:b2:4f:43:21:02:ba:ba:b9:72:89:66:0d:9c:
56:7f:d0:5e:30:bd:24:85:e6:1d:3e:e6:51:74:c1:
ac:75:4f:9b:ae:6f:57:68:8b:26:2a:50:d7:31:0e:
8d:4c:53:1e:f8:db:9f:ed:1e:fc:b0:9a:33:1c:76:
10:49:6d:27:5a:50:ec:da:74:fc:71:e7:37:57:6b:
fb:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:86:F7:78:FB:11:03:90:38:37:39:90:1E:C1:99:E9:68:65:7C:B8
X509v3 Authority Key Identifier:
keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/1-Ib3ePsRA5A4NzmQHsGZ6WhlfLg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.38.0/24
37.32.47.0/24
178.239.145.0/24
185.215.231.0/24
Signature Algorithm: sha256WithRSAEncryption
69:32:39:48:90:fe:16:cc:57:8e:57:46:54:1f:06:3a:bb:9b:
41:f6:83:d9:ef:bd:a6:f4:4d:58:af:a5:03:3e:2f:a8:42:66:
85:80:b2:aa:a9:2b:75:3a:3d:0c:88:a5:ba:d7:ac:c3:4f:be:
da:f6:33:ad:c0:e8:a0:7a:bf:3a:1f:5d:a6:e6:17:f6:fe:51:
93:7d:ec:25:b5:8f:89:db:66:13:33:af:7f:f0:fe:49:51:7f:
17:a8:a5:80:8d:81:a4:69:06:f3:09:49:cb:12:d3:b7:0b:66:
b1:93:53:2e:59:98:98:01:35:7d:c1:c8:d4:6b:04:45:2a:9f:
da:86:83:4e:f1:8e:e6:9c:e2:a4:8d:34:9d:73:f8:38:ea:0e:
57:a0:57:8e:da:8a:21:cb:22:18:f3:c7:ac:ba:41:67:31:5c:
f7:be:a9:80:23:13:7a:70:39:9a:ec:2f:f2:f7:f4:5d:54:91:
8f:ad:32:33:0a:7d:20:a8:bc:95:90:52:fa:16:fb:19:32:2a:
25:f4:65:11:58:7c:eb:0d:6d:52:04:72:fd:d7:a3:aa:e4:89:
54:8d:6c:74:88:8c:90:ab:07:24:3d:30:6a:6f:d2:8e:c5:4b:
4f:fa:d8:69:e6:1d:86:eb:78:84:81:d1:22:e7:c3:2c:dc:25:
2d:46:2f:69
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAZQf+mnh+A5+qooZ3fhNpqMwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzUzMzM5OWY1NWViNTJlNmIyMjAwYzdjYWU0MjcyYjc0
ZDY0NjQwHhcNMjUwMTAxMDM0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODg2Zjc3OGZiMTEwMzkwMzgzNzM5OTAxZWMxOTllOTY4NjU3Y2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwpQTBH0Mu0aQcyvTJru81osnxbsn
IL93UdXhZpnaJgxoWTE6L12zL1nSMQe4DjUr9ggzwrLDoun27ALt03Z1T4HCwgKQ
CH5013QVQ/K59Hjc5B9QInrA2kFRfUvxsuDxMYlN13bmB5uJBrt3leKcAF5eZviP
fO5ybbUPk86HVAqnyPzmOKGGJU0Y9A11IyeZTEKq8Kf4D2SeQlYPKl/I5QC3G2mp
+PmD6on3VHw9SrNngKeYPrJPQyECurq5colmDZxWf9BeML0kheYdPuZRdMGsdU+b
rm9XaIsmKlDXMQ6NTFMe+Nuf7R78sJozHHYQSW0nWlDs2nT8cec3V2v7MQIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFPiG93j7EQOQODc5kB7BmeloZXy4MB8GA1UdIwQY
MBaAFPE1MzmfVetS5rIgDHyuQnK3TWRkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEt
OTg5MTY2ODgxOTY5LzEvMS1JYjNlUHNSQTVBNE56bVFIc0daNldobGZMZy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTIvODQ0ZWViLWNkZjEtNDdmMS1iY2ZhLTk4OTE2Njg4MTk2
OS8xLzhUVXpPWjlWNjFMbXNpQU1mSzVDY3JkTlpHUS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAxBggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAAU5JgME
ACUgLwMEALLvkQMEALnX5zANBgkqhkiG9w0BAQsFAAOCAQEAaTI5SJD+FsxXjldG
VB8GOrubQfaD2e+9pvRNWK+lAz4vqEJmhYCyqqkrdTo9DIilutesw0++2vYzrcDo
oHq/Oh9dpuYX9v5Rk33sJbWPidtmEzOvf/D+SVF/F6ilgI2BpGkG8wlJyxLTtwtm
sZNTLlmYmAE1fcHI1GsERSqf2oaDTvGO5pzipI00nXP4OOoOV6BXjtqKIcsiGPPH
rLpBZzFc976pgCMTenA5muwv8vf0XVSRj60yMwp9IKi8lZBS+hb7GTIqJfRlEVh8
6w1tUgRy/dejquSJVI1sdIiMkKsHJD0wam/SjsVLT/rYaeYdhut4hIHRIufDLNwl
LUYvaQ==
-----END CERTIFICATE-----
Generated at Thu Apr 10 11:43:24 2025 by rpki-client