Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/59a6b9-cd20-4cd7-b4a7-f0b962f52414/1/fyUduA7iLRzPOu8jJXAMIB-HOkE.roa
File: fyUduA7iLRzPOu8jJXAMIB-HOkE.roa (raw, json)
Hash identifier: cIQaQBrp3go+iSKqU55ZO7AX4q6Ht8Tb5+J8gXHDuFM=
Subject key identifier: 7F:25:1D:B8:0E:E2:2D:1C:CF:3A:EF:23:25:70:0C:20:1F:87:3A:41
Certificate issuer: /CN=672f0e42b08aa451fc583a358ec370ffbd2dac68
Certificate serial: 0194221FAB81DAB697152020984336BAE0EC
Authority key identifier: 67:2F:0E:42:B0:8A:A4:51:FC:58:3A:35:8E:C3:70:FF:BD:2D:AC:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zy8OQrCKpFH8WDo1jsNw_70trGg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/59a6b9-cd20-4cd7-b4a7-f0b962f52414/1/fyUduA7iLRzPOu8jJXAMIB-HOkE.roa
Signing time: Wed 01 Jan 2025 13:48:08 +0000
ROA not before: Wed 01 Jan 2025 13:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60385
IP address blocks: 87.238.139.0/24 maxlen: 24
185.18.248.0/24 maxlen: 24
185.18.249.0/24 maxlen: 24
185.18.251.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/93/59a6b9-cd20-4cd7-b4a7-f0b962f52414/1/Zy8OQrCKpFH8WDo1jsNw_70trGg.crl
rsync://rpki.ripe.net/repository/DEFAULT/93/59a6b9-cd20-4cd7-b4a7-f0b962f52414/1/Zy8OQrCKpFH8WDo1jsNw_70trGg.mft
rsync://rpki.ripe.net/repository/DEFAULT/Zy8OQrCKpFH8WDo1jsNw_70trGg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:ab:81:da:b6:97:15:20:20:98:43:36:ba:e0:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=672f0e42b08aa451fc583a358ec370ffbd2dac68
Validity
Not Before: Jan 1 13:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7f251db80ee22d1ccf3aef2325700c201f873a41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:7a:0e:7e:f7:53:2b:8a:1e:42:09:45:c9:e3:
b7:cb:a4:e4:d3:4d:b2:97:21:ca:ef:74:6c:c7:06:
9c:34:dd:0c:79:8e:0d:c9:b0:fd:a5:eb:41:37:1a:
6f:05:65:94:62:33:dd:ec:6c:9a:3d:19:25:7d:70:
e0:17:11:37:a4:a6:74:54:e3:b2:7e:38:c0:28:b9:
a9:13:4f:38:b8:b9:34:60:dd:7f:17:fb:e6:b9:84:
5e:42:9d:1c:6c:0e:1e:0a:29:99:27:86:db:1f:4a:
b6:62:47:45:16:52:cb:da:42:06:33:0d:c8:21:04:
44:a9:b9:18:5f:b4:7f:fc:8b:b3:5b:e8:d7:af:ec:
d3:b7:0e:8c:91:d2:81:d4:ac:cf:72:d2:60:f4:ea:
20:4a:90:64:83:63:98:47:0f:60:d7:00:a6:a9:e8:
85:04:d1:6e:36:bf:36:11:00:e1:e1:99:98:c8:c4:
8f:79:18:ab:47:0b:2b:0e:05:bb:63:02:7c:13:eb:
82:32:a1:d1:e7:9e:53:32:74:83:12:de:38:ab:19:
be:05:7f:3f:d5:4c:fe:1b:6f:8e:68:21:b9:1d:18:
34:45:4e:bf:53:c5:e3:ff:41:c5:0c:f9:e4:c2:30:
4b:38:9e:e8:e2:57:f4:ea:9a:ca:f3:a0:03:6d:dc:
b4:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:25:1D:B8:0E:E2:2D:1C:CF:3A:EF:23:25:70:0C:20:1F:87:3A:41
X509v3 Authority Key Identifier:
keyid:67:2F:0E:42:B0:8A:A4:51:FC:58:3A:35:8E:C3:70:FF:BD:2D:AC:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zy8OQrCKpFH8WDo1jsNw_70trGg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/59a6b9-cd20-4cd7-b4a7-f0b962f52414/1/fyUduA7iLRzPOu8jJXAMIB-HOkE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/59a6b9-cd20-4cd7-b4a7-f0b962f52414/1/Zy8OQrCKpFH8WDo1jsNw_70trGg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.238.139.0/24
185.18.248.0/23
185.18.251.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:a0:a9:42:b6:51:29:82:1e:2e:db:8d:49:53:49:8e:1b:6a:
0b:54:f8:5c:da:1f:09:76:90:26:7c:4b:d9:6f:bd:58:ca:b8:
30:ed:2e:82:50:c5:b1:47:44:af:a9:64:52:9a:ff:a5:5f:5d:
57:a6:e4:47:af:4a:48:2c:00:c8:c3:f9:52:f0:40:be:56:7a:
6c:f5:25:9d:41:a4:c5:9a:2a:4e:79:bc:5c:d1:4a:a9:8d:76:
2a:43:c9:3f:7f:44:a3:9f:9f:77:fa:1e:87:ec:da:f8:0b:9f:
0b:b1:15:f6:8e:15:d8:30:10:55:82:3f:65:d5:da:30:a5:35:
b9:e5:1f:44:73:6b:00:63:5f:25:c6:f1:f4:f6:96:76:d9:ae:
43:b1:2f:b3:60:6b:27:53:89:00:5b:55:65:35:46:e3:1e:de:
8b:fc:69:c6:8e:cf:24:a9:23:b8:36:87:a5:6c:ec:72:33:19:
6b:f4:1b:cd:a3:e8:fc:27:5e:f3:8b:a6:e2:6f:81:ad:3e:76:
b8:ce:4c:15:62:7d:f2:d6:28:ff:ea:14:fa:14:f5:d3:eb:0d:
65:ae:14:3c:4f:97:22:35:6c:f4:9e:31:f5:04:99:aa:03:79:
6e:cd:1c:15:e3:a5:b3:ec:62:40:db:7c:7b:e1:8d:88:60:f0:
cc:ab:71:13
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQiH6uB2raXFSAgmEM2uuDsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3MmYwZTQyYjA4YWE0NTFmYzU4M2EzNThlYzM3MGZmYmQy
ZGFjNjgwHhcNMjUwMTAxMTM0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjI1MWRiODBlZTIyZDFjY2YzYWVmMjMyNTcwMGMyMDFmODczYTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3oOfvdTK4oeQglFyeO3y6Tk002y
lyHK73RsxwacNN0MeY4NybD9petBNxpvBWWUYjPd7GyaPRklfXDgFxE3pKZ0VOOy
fjjAKLmpE084uLk0YN1/F/vmuYReQp0cbA4eCimZJ4bbH0q2YkdFFlLL2kIGMw3I
IQREqbkYX7R//IuzW+jXr+zTtw6MkdKB1KzPctJg9OogSpBkg2OYRw9g1wCmqeiF
BNFuNr82EQDh4ZmYyMSPeRirRwsrDgW7YwJ8E+uCMqHR555TMnSDEt44qxm+BX8/
1Uz+G2+OaCG5HRg0RU6/U8Xj/0HFDPnkwjBLOJ7o4lf06prK86ADbdy0twIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFH8lHbgO4i0czzrvIyVwDCAfhzpBMB8GA1UdIwQY
MBaAFGcvDkKwiqRR/Fg6NY7DcP+9LaxoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnk4T1FyQ0twRkg4V0RvMWpzTndfNzB0ckdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My81OWE2YjktY2QyMC00Y2Q3LWI0YTct
ZjBiOTYyZjUyNDE0LzEvZnlVZHVBN2lMUnpQT3U4akpYQU1JQi1IT2tFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My81OWE2YjktY2QyMC00Y2Q3LWI0YTctZjBiOTYyZjUyNDE0
LzEvWnk4T1FyQ0twRkg4V0RvMWpzTndfNzB0ckdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAV+6LAwQB
uRL4AwQAuRL7MA0GCSqGSIb3DQEBCwUAA4IBAQC8oKlCtlEpgh4u241JU0mOG2oL
VPhc2h8JdpAmfEvZb71Yyrgw7S6CUMWxR0SvqWRSmv+lX11XpuRHr0pILADIw/lS
8EC+Vnps9SWdQaTFmipOebxc0UqpjXYqQ8k/f0Sjn593+h6H7Nr4C58LsRX2jhXY
MBBVgj9l1dowpTW55R9Ec2sAY18lxvH09pZ22a5DsS+zYGsnU4kAW1VlNUbjHt6L
/GnGjs8kqSO4NoelbOxyMxlr9BvNo+j8J17zi6bib4GtPna4zkwVYn3y1ij/6hT6
FPXT6w1lrhQ8T5ciNWz0njH1BJmqA3luzRwV46Wz7GJA23x74Y2IYPDMq3ET
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:30:34 2025 by rpki-client