Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/ecd1bb-fbda-4dd9-9ef9-3ac7d9623291/1/buWauLtfMC3GcFJJMi4SlwdwaoI.roa
File: buWauLtfMC3GcFJJMi4SlwdwaoI.roa (raw, json)
Hash identifier: dGDi40pRAf4C2JEAwUiWsT7itHv7hqD0XOyXY8zr8H8=
Subject key identifier: 6E:E5:9A:B8:BB:5F:30:2D:C6:70:52:49:32:2E:12:97:07:70:6A:82
Certificate issuer: /CN=ee4c3fc0122d831fbea8abb20a4e9b65c54039b2
Certificate serial: 0194236A13E56EE563E70C2415C04A0483A3
Authority key identifier: EE:4C:3F:C0:12:2D:83:1F:BE:A8:AB:B2:0A:4E:9B:65:C5:40:39:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7kw_wBItgx--qKuyCk6bZcVAObI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/ecd1bb-fbda-4dd9-9ef9-3ac7d9623291/1/buWauLtfMC3GcFJJMi4SlwdwaoI.roa
Signing time: Wed 01 Jan 2025 19:49:01 +0000
ROA not before: Wed 01 Jan 2025 19:49:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3301
IP address blocks: 136.163.0.0/16 maxlen: 24
139.58.0.0/16 maxlen: 24
147.13.0.0/16 maxlen: 24
148.2.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9d/ecd1bb-fbda-4dd9-9ef9-3ac7d9623291/1/7kw_wBItgx--qKuyCk6bZcVAObI.crl
rsync://rpki.ripe.net/repository/DEFAULT/9d/ecd1bb-fbda-4dd9-9ef9-3ac7d9623291/1/7kw_wBItgx--qKuyCk6bZcVAObI.mft
rsync://rpki.ripe.net/repository/DEFAULT/7kw_wBItgx--qKuyCk6bZcVAObI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 01:01:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:13:e5:6e:e5:63:e7:0c:24:15:c0:4a:04:83:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee4c3fc0122d831fbea8abb20a4e9b65c54039b2
Validity
Not Before: Jan 1 19:49:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6ee59ab8bb5f302dc6705249322e129707706a82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ea:2f:7b:d3:01:0f:57:fa:43:01:41:6e:4e:
0c:32:7f:5f:08:49:78:bc:3d:4c:d2:2f:cb:76:de:
aa:a2:ba:4f:9e:da:96:02:1a:02:23:cc:d7:8f:d0:
39:eb:c4:26:e0:fd:5e:1f:54:82:6e:80:6e:ef:d0:
a4:05:91:3a:78:bc:b4:16:9a:7d:56:82:56:d5:13:
21:0f:f3:b4:e8:e2:46:b6:cd:a3:f2:6e:a2:3e:48:
f2:8b:a5:9f:10:38:22:2a:9a:fc:0a:08:f5:8f:fa:
13:52:c5:b1:dc:a0:ec:e4:6d:be:db:36:f4:93:41:
90:de:53:0f:68:85:4a:00:f8:63:15:44:9f:f5:11:
ae:be:f8:46:67:09:2f:ed:e8:12:a1:32:0f:6e:a2:
8b:9b:3f:97:46:08:73:c5:d3:0b:4b:80:01:68:84:
dc:a4:64:50:1b:5b:5b:9c:1a:a0:30:68:c5:04:95:
7e:4b:a6:a1:27:eb:08:cf:5a:c1:fb:a4:ec:72:4c:
88:36:c4:e6:71:6c:72:da:b9:a8:e8:b7:9c:88:cc:
a2:46:aa:d7:aa:5e:01:76:81:da:c1:dd:86:78:10:
9c:bb:51:ff:6d:1d:81:3e:1d:1c:1b:25:54:e6:1d:
64:ea:ab:9d:37:67:ea:d9:34:b0:e1:2e:da:2a:7c:
d8:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:E5:9A:B8:BB:5F:30:2D:C6:70:52:49:32:2E:12:97:07:70:6A:82
X509v3 Authority Key Identifier:
keyid:EE:4C:3F:C0:12:2D:83:1F:BE:A8:AB:B2:0A:4E:9B:65:C5:40:39:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7kw_wBItgx--qKuyCk6bZcVAObI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/ecd1bb-fbda-4dd9-9ef9-3ac7d9623291/1/buWauLtfMC3GcFJJMi4SlwdwaoI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/ecd1bb-fbda-4dd9-9ef9-3ac7d9623291/1/7kw_wBItgx--qKuyCk6bZcVAObI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
136.163.0.0/16
139.58.0.0/16
147.13.0.0/16
148.2.0.0/16
Signature Algorithm: sha256WithRSAEncryption
06:55:11:49:4e:45:e0:06:46:7d:3a:dc:9d:da:76:85:d0:43:
bd:be:ef:cd:74:b6:ec:9f:94:49:1d:2b:e6:fe:4a:a5:5a:9d:
96:e7:0e:e8:10:7d:70:06:c2:13:f3:3d:3b:1c:4b:a1:f0:30:
20:79:c5:e3:3e:a1:41:f7:a8:e2:41:6f:c9:bc:0b:10:5d:51:
56:86:74:e0:95:48:06:d6:e5:88:3d:5c:9b:82:7e:67:f1:4c:
02:69:c5:71:e1:f3:48:85:a9:b0:e5:e1:31:bb:71:30:bd:d9:
8a:d5:52:cd:4f:11:c9:be:50:c9:77:6e:e1:51:42:9a:5f:ce:
cc:1d:9d:96:29:66:9e:d5:68:9a:8b:ae:04:b1:dd:ac:bf:46:
b8:08:eb:e9:f5:7a:c1:c6:ba:e2:ec:57:d9:1e:68:da:ea:4b:
8e:65:c5:63:18:db:35:c8:66:c8:49:1a:15:88:41:ed:2b:93:
05:c4:c5:ae:d4:21:ce:25:0e:11:2a:2b:bf:ce:12:c2:6c:fe:
a9:58:dc:87:51:7a:a9:53:93:b6:48:e0:4d:c5:7f:ea:91:f3:
89:75:85:56:f9:12:6a:e4:46:25:32:da:c6:63:04:aa:88:f4:
2e:14:18:da:d2:dc:a9:7f:b8:a9:8a:98:7d:45:b1:fe:43:b3:
ff:bc:ee:81
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQjahPlbuVj5wwkFcBKBIOjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlNGMzZmMwMTIyZDgzMWZiZWE4YWJiMjBhNGU5YjY1YzU0
MDM5YjIwHhcNMjUwMTAxMTk0OTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWU1OWFiOGJiNWYzMDJkYzY3MDUyNDkzMjJlMTI5NzA3NzA2YTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAueove9MBD1f6QwFBbk4MMn9fCEl4
vD1M0i/Ldt6qorpPntqWAhoCI8zXj9A568Qm4P1eH1SCboBu79CkBZE6eLy0Fpp9
VoJW1RMhD/O06OJGts2j8m6iPkjyi6WfEDgiKpr8Cgj1j/oTUsWx3KDs5G2+2zb0
k0GQ3lMPaIVKAPhjFUSf9RGuvvhGZwkv7egSoTIPbqKLmz+XRghzxdMLS4ABaITc
pGRQG1tbnBqgMGjFBJV+S6ahJ+sIz1rB+6TsckyINsTmcWxy2rmo6LeciMyiRqrX
ql4BdoHawd2GeBCcu1H/bR2BPh0cGyVU5h1k6qudN2fq2TSw4S7aKnzYPQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFG7lmri7XzAtxnBSSTIuEpcHcGqCMB8GA1UdIwQY
MBaAFO5MP8ASLYMfvqirsgpOm2XFQDmyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2t3X3dCSXRneC0tcUt1eUNrNmJaY1ZBT2JJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC9lY2QxYmItZmJkYS00ZGQ5LTllZjkt
M2FjN2Q5NjIzMjkxLzEvYnVXYXVMdGZNQzNHY0ZKSk1pNFNsd2R3YW9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC9lY2QxYmItZmJkYS00ZGQ5LTllZjktM2FjN2Q5NjIzMjkx
LzEvN2t3X3dCSXRneC0tcUt1eUNrNmJaY1ZBT2JJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwMAiKMDAwCL
OgMDAJMNAwMAlAIwDQYJKoZIhvcNAQELBQADggEBAAZVEUlOReAGRn063J3adoXQ
Q72+7810tuyflEkdK+b+SqVanZbnDugQfXAGwhPzPTscS6HwMCB5xeM+oUH3qOJB
b8m8CxBdUVaGdOCVSAbW5Yg9XJuCfmfxTAJpxXHh80iFqbDl4TG7cTC92YrVUs1P
Ecm+UMl3buFRQppfzswdnZYpZp7VaJqLrgSx3ay/RrgI6+n1esHGuuLsV9keaNrq
S45lxWMY2zXIZshJGhWIQe0rkwXExa7UIc4lDhEqK7/OEsJs/qlY3IdReqlTk7ZI
4E3Ff+qR84l1hVb5EmrkRiUy2sZjBKqI9C4UGNrS3Kl/uKmKmH1Fsf5Ds/+87oE=
-----END CERTIFICATE-----
Generated at Sun Apr 13 11:49:27 2025 by rpki-client