Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/883fd6-c6b6-4ae1-a187-f3069ee590da/1/F94-zZFEc6qh0jKnwFf7o1uXF7I.roa
File: F94-zZFEc6qh0jKnwFf7o1uXF7I.roa (raw, json)
Hash identifier: w7SpfiHOXF1SxdkUidpIylH68mEs/yNWYY/p77Td/KQ=
Subject key identifier: 17:DE:3E:CD:91:44:73:AA:A1:D2:32:A7:C0:57:FB:A3:5B:97:17:B2
Certificate issuer: /CN=70b4da0f1013acdb61c2f7a26d14c4f0de8222ec
Certificate serial: 0194252085442411A5744BC0F7A1DC123D05
Authority key identifier: 70:B4:DA:0F:10:13:AC:DB:61:C2:F7:A2:6D:14:C4:F0:DE:82:22:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cLTaDxATrNthwveibRTE8N6CIuw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/883fd6-c6b6-4ae1-a187-f3069ee590da/1/F94-zZFEc6qh0jKnwFf7o1uXF7I.roa
Signing time: Thu 02 Jan 2025 03:47:55 +0000
ROA not before: Thu 02 Jan 2025 03:47:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 559
IP address blocks: 129.194.0.0/15 maxlen: 16
192.33.212.0/22 maxlen: 22
192.33.216.0/22 maxlen: 22
192.33.220.0/24 maxlen: 24
192.33.222.0/23 maxlen: 23
192.33.224.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/94/883fd6-c6b6-4ae1-a187-f3069ee590da/1/cLTaDxATrNthwveibRTE8N6CIuw.crl
rsync://rpki.ripe.net/repository/DEFAULT/94/883fd6-c6b6-4ae1-a187-f3069ee590da/1/cLTaDxATrNthwveibRTE8N6CIuw.mft
rsync://rpki.ripe.net/repository/DEFAULT/cLTaDxATrNthwveibRTE8N6CIuw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 11 Apr 2025 21:50:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:20:85:44:24:11:a5:74:4b:c0:f7:a1:dc:12:3d:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70b4da0f1013acdb61c2f7a26d14c4f0de8222ec
Validity
Not Before: Jan 2 03:47:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=17de3ecd914473aaa1d232a7c057fba35b9717b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:c3:63:a9:15:57:48:87:56:53:66:b4:d7:75:
48:09:34:75:e1:0c:76:ca:c5:47:40:97:22:ce:eb:
bf:4d:49:ac:b9:b5:f8:ef:e5:f2:44:4f:76:dc:74:
4b:8d:0a:54:9f:39:e9:c9:7c:0c:f3:04:a1:8d:c1:
de:fd:67:03:23:64:9d:30:44:65:38:e1:19:cc:9d:
7c:da:a9:13:7c:6e:12:40:02:a1:7e:31:ed:20:2a:
47:a8:90:ca:15:52:18:48:66:fe:d0:25:45:b7:d5:
f3:bf:11:fa:eb:8d:b3:5f:10:ab:80:90:d4:bc:7d:
a1:88:60:af:b8:10:e6:9c:a4:11:b6:ee:98:13:1d:
da:da:33:85:48:55:55:a2:60:53:28:35:52:c7:3e:
ac:50:de:53:ed:b6:7a:6f:5a:92:ae:01:45:cc:e9:
14:49:c3:43:e3:2a:b4:a1:e9:07:70:c0:73:af:43:
28:e8:dd:1e:e4:6c:0d:7f:c2:61:0d:ab:f7:0a:d0:
e9:e9:5e:f7:ee:0d:ec:4e:69:b3:3e:c5:63:6b:08:
fa:3d:2a:d0:d7:86:40:aa:b4:0f:d7:71:06:06:91:
4a:46:53:7c:23:21:e1:c7:d1:a2:e4:f0:4e:c5:a3:
42:25:e7:7e:39:d4:d4:32:29:db:6d:b4:61:c2:b5:
34:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:DE:3E:CD:91:44:73:AA:A1:D2:32:A7:C0:57:FB:A3:5B:97:17:B2
X509v3 Authority Key Identifier:
keyid:70:B4:DA:0F:10:13:AC:DB:61:C2:F7:A2:6D:14:C4:F0:DE:82:22:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cLTaDxATrNthwveibRTE8N6CIuw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/883fd6-c6b6-4ae1-a187-f3069ee590da/1/F94-zZFEc6qh0jKnwFf7o1uXF7I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/883fd6-c6b6-4ae1-a187-f3069ee590da/1/cLTaDxATrNthwveibRTE8N6CIuw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
129.194.0.0/15
192.33.212.0-192.33.220.255
192.33.222.0-192.33.231.255
Signature Algorithm: sha256WithRSAEncryption
68:a0:e5:db:22:a8:c9:22:6a:28:f9:a7:59:4f:40:e2:94:e5:
e3:13:b5:dc:48:63:00:ca:82:63:4c:b3:b7:c7:bc:b4:d7:ac:
07:10:76:3a:2e:9d:26:60:7b:d1:b0:30:cd:9b:9f:fd:cf:06:
d1:d0:73:f4:c7:91:81:bc:ec:b7:e4:a8:7e:eb:70:7f:4f:21:
ca:6c:60:15:04:b7:56:c1:0c:a5:30:73:43:66:62:08:3f:0a:
b4:a1:8c:76:bc:74:37:4a:3e:58:36:ad:4c:d3:0c:d2:75:a9:
cb:90:e0:57:16:f6:a7:6d:e1:9b:ea:54:46:8e:e6:09:6c:ca:
3a:55:6d:93:73:09:ef:1b:d3:bb:00:ab:25:b3:9f:28:65:31:
0e:0e:2e:3e:05:5e:30:20:80:25:29:2f:8a:b0:bb:dc:db:b8:
ee:8a:98:ef:81:c6:73:85:3f:b5:f1:b9:c2:45:17:49:fb:00:
2b:3f:fd:01:64:32:a1:8c:68:be:60:e9:7d:60:d6:51:4a:1d:
a8:07:1d:69:a3:46:e7:2b:c3:8f:06:b4:91:c6:72:c9:d6:46:
0a:37:ff:83:e6:e1:11:6e:42:41:c7:72:22:94:32:24:63:d4:
df:6f:79:81:78:d9:05:76:ae:5e:41:32:a0:91:08:7c:fa:bb:
11:f1:bc:8e
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQlIIVEJBGldEvA96HcEj0FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwYjRkYTBmMTAxM2FjZGI2MWMyZjdhMjZkMTRjNGYwZGU4
MjIyZWMwHhcNMjUwMTAyMDM0NzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2RlM2VjZDkxNDQ3M2FhYTFkMjMyYTdjMDU3ZmJhMzViOTcxN2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcNjqRVXSIdWU2a013VICTR14Qx2
ysVHQJcizuu/TUmsubX47+XyRE923HRLjQpUnznpyXwM8wShjcHe/WcDI2SdMERl
OOEZzJ182qkTfG4SQAKhfjHtICpHqJDKFVIYSGb+0CVFt9XzvxH6642zXxCrgJDU
vH2hiGCvuBDmnKQRtu6YEx3a2jOFSFVVomBTKDVSxz6sUN5T7bZ6b1qSrgFFzOkU
ScND4yq0oekHcMBzr0Mo6N0e5GwNf8JhDav3CtDp6V737g3sTmmzPsVjawj6PSrQ
14ZAqrQP13EGBpFKRlN8IyHhx9Gi5PBOxaNCJed+OdTUMinbbbRhwrU0DwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFBfePs2RRHOqodIyp8BX+6NblxeyMB8GA1UdIwQY
MBaAFHC02g8QE6zbYcL3om0UxPDegiLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0xUYUR4QVRyTnRod3ZlaWJSVEU4TjZDSXV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC84ODNmZDYtYzZiNi00YWUxLWExODct
ZjMwNjllZTU5MGRhLzEvRjk0LXpaRkVjNnFoMGpLbndGZjdvMXVYRjdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC84ODNmZDYtYzZiNi00YWUxLWExODctZjMwNjllZTU5MGRh
LzEvY0xUYUR4QVRyTnRod3ZlaWJSVEU4TjZDSXV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAnBAIAATAhAwMBgcIwDAME
AsAh1AMEAMAh3DAMAwQBwCHeAwQDwCHgMA0GCSqGSIb3DQEBCwUAA4IBAQBooOXb
IqjJImoo+adZT0DilOXjE7XcSGMAyoJjTLO3x7y016wHEHY6Lp0mYHvRsDDNm5/9
zwbR0HP0x5GBvOy35Kh+63B/TyHKbGAVBLdWwQylMHNDZmIIPwq0oYx2vHQ3Sj5Y
Nq1M0wzSdanLkOBXFvanbeGb6lRGjuYJbMo6VW2TcwnvG9O7AKsls58oZTEODi4+
BV4wIIAlKS+KsLvc27juipjvgcZzhT+18bnCRRdJ+wArP/0BZDKhjGi+YOl9YNZR
Sh2oBx1po0bnK8OPBrSRxnLJ1kYKN/+D5uERbkJBx3IilDIkY9Tfb3mBeNkFdq5e
QTKgkQh8+rsR8byO
-----END CERTIFICATE-----
Generated at Fri Apr 11 05:44:21 2025 by rpki-client