Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/f4a80d-f5f7-4522-b9b5-f772a0139016/1/dK0aI2R_s129Y-75FIrpBYL1yE8.roa
File: dK0aI2R_s129Y-75FIrpBYL1yE8.roa (raw, json)
Hash identifier: R66OS8lUtMZTTbo9eo/xMi56yXXva1T37X0KuifJS+s=
Subject key identifier: 74:AD:1A:23:64:7F:B3:5D:BD:63:EE:F9:14:8A:E9:05:82:F5:C8:4F
Certificate issuer: /CN=23d8448c5cb90398e4c285cec9c0f4766ac931df
Certificate serial: 0194221FD5E71E09E8A02898534FBCBD9AC1
Authority key identifier: 23:D8:44:8C:5C:B9:03:98:E4:C2:85:CE:C9:C0:F4:76:6A:C9:31:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I9hEjFy5A5jkwoXOycD0dmrJMd8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/f4a80d-f5f7-4522-b9b5-f772a0139016/1/dK0aI2R_s129Y-75FIrpBYL1yE8.roa
Signing time: Wed 01 Jan 2025 13:48:19 +0000
ROA not before: Wed 01 Jan 2025 13:48:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1853
IP address blocks: 78.104.0.0/16 maxlen: 16
185.154.40.0/22 maxlen: 22
193.170.0.0/15 maxlen: 15
193.171.1.0/24 maxlen: 24
2001:628::/29 maxlen: 29
2001:67c:1864::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/f4a80d-f5f7-4522-b9b5-f772a0139016/1/I9hEjFy5A5jkwoXOycD0dmrJMd8.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/f4a80d-f5f7-4522-b9b5-f772a0139016/1/I9hEjFy5A5jkwoXOycD0dmrJMd8.mft
rsync://rpki.ripe.net/repository/DEFAULT/I9hEjFy5A5jkwoXOycD0dmrJMd8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:d5:e7:1e:09:e8:a0:28:98:53:4f:bc:bd:9a:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23d8448c5cb90398e4c285cec9c0f4766ac931df
Validity
Not Before: Jan 1 13:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=74ad1a23647fb35dbd63eef9148ae90582f5c84f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:d0:97:10:48:b9:03:bf:cc:86:d8:7a:24:6a:
dd:0f:a6:b0:ab:c9:e8:4d:be:43:a2:c4:1f:a3:8c:
6f:28:fa:23:3e:22:25:72:7b:22:5e:ec:99:f1:88:
04:30:d3:09:31:6d:a5:78:55:78:b7:cc:3d:e8:45:
82:c5:aa:86:e1:9d:b6:ee:dd:37:57:d7:d7:5f:86:
09:1c:6e:34:32:14:91:05:61:2a:88:46:60:31:e7:
2f:ad:de:61:0d:2e:aa:b5:a3:7e:32:34:34:1f:0e:
f4:fe:4a:83:13:5c:32:c9:03:55:af:e9:b8:a2:b4:
09:27:ca:1b:41:92:63:78:8f:c0:54:6b:db:17:48:
62:5f:c1:0c:9d:84:d9:d6:a1:a9:c1:b7:9d:d3:48:
9a:2e:c7:00:11:4f:99:e8:c1:63:ce:a2:3f:e3:30:
fb:2a:01:60:73:45:d9:df:d5:51:41:81:0d:6b:50:
9f:35:20:f3:36:d4:50:50:ef:d7:6e:6f:c9:67:23:
4c:59:71:d3:73:e7:9e:a1:b8:63:15:43:07:33:4f:
cb:12:63:5d:cc:78:0f:17:ae:5e:db:a6:5d:88:1f:
3d:b6:4b:3d:5a:e5:3b:08:f0:f3:5e:29:86:bc:ac:
13:c3:e4:da:c2:a7:50:07:88:0a:60:ca:60:bc:9f:
17:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:AD:1A:23:64:7F:B3:5D:BD:63:EE:F9:14:8A:E9:05:82:F5:C8:4F
X509v3 Authority Key Identifier:
keyid:23:D8:44:8C:5C:B9:03:98:E4:C2:85:CE:C9:C0:F4:76:6A:C9:31:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I9hEjFy5A5jkwoXOycD0dmrJMd8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/f4a80d-f5f7-4522-b9b5-f772a0139016/1/dK0aI2R_s129Y-75FIrpBYL1yE8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/f4a80d-f5f7-4522-b9b5-f772a0139016/1/I9hEjFy5A5jkwoXOycD0dmrJMd8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.104.0.0/16
185.154.40.0/22
193.170.0.0/15
IPv6:
2001:628::/29
2001:67c:1864::/48
Signature Algorithm: sha256WithRSAEncryption
be:58:05:40:fe:71:cf:1d:09:a3:a1:e9:16:9a:a4:d9:28:d1:
df:51:59:2e:44:ae:25:9a:9f:f9:cd:28:44:cc:f5:d4:e1:f2:
e6:53:05:33:0e:b5:36:1f:16:5d:03:4e:a5:eb:86:ef:fe:61:
9f:20:1f:ec:fb:97:33:0c:5c:0e:06:48:74:e7:ac:5f:73:19:
e7:c2:df:17:b0:3b:fa:78:1f:8d:6f:bd:78:ab:f1:29:b7:6d:
7d:e6:4b:b2:86:d6:f0:57:a8:3e:fd:46:91:dd:70:70:53:bc:
c9:cf:97:c8:d9:42:b7:c8:f1:f5:96:ad:48:10:79:26:05:c3:
30:99:b1:c3:dd:09:4f:e3:97:9f:de:84:4e:3a:d0:ca:f3:fd:
12:7b:40:f4:d4:a1:4e:80:24:4c:3e:70:13:1f:3f:fb:6c:5b:
ce:2d:41:60:fa:a4:c4:b1:28:bd:eb:1e:f8:e0:62:d4:32:c7:
ab:03:38:69:91:7d:46:92:a3:3d:bd:dc:93:e5:08:c7:a8:10:
b9:3d:5a:c2:8c:63:59:be:8d:b4:39:a4:81:fd:35:47:46:d2:
d4:45:d7:b8:36:cc:01:13:8f:83:e9:73:d6:05:5b:6e:95:8b:
31:26:1d:5f:c7:df:9d:5b:12:3f:69:29:75:0e:c4:e4:7a:5e:
a4:cb:af:74
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZQiH9XnHgnooCiYU0+8vZrBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZDg0NDhjNWNiOTAzOThlNGMyODVjZWM5YzBmNDc2NmFj
OTMxZGYwHhcNMjUwMTAxMTM0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGFkMWEyMzY0N2ZiMzVkYmQ2M2VlZjkxNDhhZTkwNTgyZjVjODRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArdCXEEi5A7/Mhth6JGrdD6awq8no
Tb5DosQfo4xvKPojPiIlcnsiXuyZ8YgEMNMJMW2leFV4t8w96EWCxaqG4Z227t03
V9fXX4YJHG40MhSRBWEqiEZgMecvrd5hDS6qtaN+MjQ0Hw70/kqDE1wyyQNVr+m4
orQJJ8obQZJjeI/AVGvbF0hiX8EMnYTZ1qGpwbed00iaLscAEU+Z6MFjzqI/4zD7
KgFgc0XZ39VRQYENa1CfNSDzNtRQUO/Xbm/JZyNMWXHTc+eeobhjFUMHM0/LEmNd
zHgPF65e26ZdiB89tks9WuU7CPDzXimGvKwTw+TawqdQB4gKYMpgvJ8XUQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFHStGiNkf7NdvWPu+RSK6QWC9chPMB8GA1UdIwQY
MBaAFCPYRIxcuQOY5MKFzsnA9HZqyTHfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTloRWpGeTVBNWprd29YT3ljRDBkbXJKTWQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9mNGE4MGQtZjVmNy00NTIyLWI5YjUt
Zjc3MmEwMTM5MDE2LzEvZEswYUkyUl9zMTI5WS03NUZJcnBCWUwxeUU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9mNGE4MGQtZjVmNy00NTIyLWI5YjUtZjc3MmEwMTM5MDE2
LzEvSTloRWpGeTVBNWprd29YT3ljRDBkbXJKTWQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAWBAIAATAQAwMATmgDBAK5
migDAwHBqjAWBAIAAjAQAwUDIAEGKAMHACABBnwYZDANBgkqhkiG9w0BAQsFAAOC
AQEAvlgFQP5xzx0Jo6HpFpqk2SjR31FZLkSuJZqf+c0oRMz11OHy5lMFMw61Nh8W
XQNOpeuG7/5hnyAf7PuXMwxcDgZIdOesX3MZ58LfF7A7+ngfjW+9eKvxKbdtfeZL
sobW8FeoPv1Gkd1wcFO8yc+XyNlCt8jx9ZatSBB5JgXDMJmxw90JT+OXn96ETjrQ
yvP9EntA9NShToAkTD5wEx8/+2xbzi1BYPqkxLEovese+OBi1DLHqwM4aZF9RpKj
Pb3ck+UIx6gQuT1awoxjWb6NtDmkgf01R0bS1EXXuDbMAROPg+lz1gVbbpWLMSYd
X8ffnVsSP2kpdQ7E5HpepMuvdA==
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:48:27 2025 by rpki-client