Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/d20fd2-072e-4752-afa4-0334ee1ef3ff/1/tSP2AeN0TTzbNNS7U3ruVH8nDu8.roa
File: tSP2AeN0TTzbNNS7U3ruVH8nDu8.roa (raw, json)
Hash identifier: 294+y86DARdCbg7v10Yetnf9+9TavVZ0zHk0HRwiUus=
Subject key identifier: B5:23:F6:01:E3:74:4D:3C:DB:34:D4:BB:53:7A:EE:54:7F:27:0E:EF
Certificate issuer: /CN=18f003fba37b00d5f9ce7ec84a3e0668bcd02824
Certificate serial: 0194236A1BC08618B1D525DAD38BCDB10379
Authority key identifier: 18:F0:03:FB:A3:7B:00:D5:F9:CE:7E:C8:4A:3E:06:68:BC:D0:28:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GPAD-6N7ANX5zn7ISj4GaLzQKCQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/d20fd2-072e-4752-afa4-0334ee1ef3ff/1/tSP2AeN0TTzbNNS7U3ruVH8nDu8.roa
Signing time: Wed 01 Jan 2025 19:49:03 +0000
ROA not before: Wed 01 Jan 2025 19:49:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202207
IP address blocks: 94.250.246.0/24 maxlen: 24
94.250.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/d20fd2-072e-4752-afa4-0334ee1ef3ff/1/GPAD-6N7ANX5zn7ISj4GaLzQKCQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/9e/d20fd2-072e-4752-afa4-0334ee1ef3ff/1/GPAD-6N7ANX5zn7ISj4GaLzQKCQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/GPAD-6N7ANX5zn7ISj4GaLzQKCQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Mar 2025 01:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:1b:c0:86:18:b1:d5:25:da:d3:8b:cd:b1:03:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18f003fba37b00d5f9ce7ec84a3e0668bcd02824
Validity
Not Before: Jan 1 19:49:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b523f601e3744d3cdb34d4bb537aee547f270eef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:17:20:6e:fe:a7:03:03:ab:75:2c:c3:dc:c5:
83:17:ae:2b:69:2a:79:4f:30:7f:5f:82:87:e6:6a:
a7:24:bb:08:22:1d:0b:1c:84:6b:f7:7b:21:f9:d0:
87:26:b6:b9:e0:2a:c9:66:91:19:d8:13:54:46:82:
7d:5a:18:7c:c3:00:8e:dc:b8:40:ca:a3:ac:da:1c:
c6:90:52:40:f5:07:39:c4:92:20:fe:d9:71:d3:0a:
4b:13:46:49:4e:1d:2c:cf:97:0c:2e:21:2e:39:9b:
d2:f2:ad:c9:a2:ec:31:7b:50:e0:21:7d:dc:74:e6:
cf:72:74:63:95:0d:a3:5d:bb:00:27:4d:71:8f:81:
57:84:5c:4a:1c:cb:b8:85:b3:74:ff:3a:ae:13:29:
de:c8:f8:0d:35:c9:bc:2a:f5:ea:20:cb:c6:2c:09:
d8:f8:e7:cc:ab:0d:af:7a:3a:ea:68:ca:7a:05:3b:
4d:73:b6:89:85:df:dd:24:e1:0d:55:62:1c:e1:61:
27:76:0b:ea:4d:d0:6d:6c:8a:4d:be:fd:6c:d8:66:
8a:7b:ca:8b:31:91:b8:eb:f6:0a:bb:ed:a2:3a:0f:
82:03:36:b4:3b:74:60:95:a4:c3:ab:df:37:3f:11:
6e:76:23:b7:c0:b2:14:5f:1d:21:34:0b:e7:22:43:
30:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:23:F6:01:E3:74:4D:3C:DB:34:D4:BB:53:7A:EE:54:7F:27:0E:EF
X509v3 Authority Key Identifier:
keyid:18:F0:03:FB:A3:7B:00:D5:F9:CE:7E:C8:4A:3E:06:68:BC:D0:28:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GPAD-6N7ANX5zn7ISj4GaLzQKCQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/d20fd2-072e-4752-afa4-0334ee1ef3ff/1/tSP2AeN0TTzbNNS7U3ruVH8nDu8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/d20fd2-072e-4752-afa4-0334ee1ef3ff/1/GPAD-6N7ANX5zn7ISj4GaLzQKCQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.250.246.0/23
Signature Algorithm: sha256WithRSAEncryption
95:e5:1c:9a:e8:b9:52:42:4a:38:2c:f1:ca:3b:ad:1b:c6:a3:
f1:d5:ed:1c:9b:51:c9:50:b5:f0:dc:7c:91:a6:04:d1:cc:c7:
db:8f:e2:c0:bc:85:f3:20:b4:c3:28:40:9a:27:ad:01:3f:67:
6a:1d:29:8d:b8:84:4b:28:f0:cc:48:62:1b:70:7f:e4:bf:85:
0d:8f:a9:19:c2:e5:0e:4e:ab:4a:c5:a6:74:b5:18:33:3e:3b:
c2:20:f4:81:0e:76:a6:92:e5:1a:ef:8a:4c:9a:b5:80:93:16:
65:79:e9:fc:85:d5:81:45:ed:4f:55:ba:bd:90:55:3c:fa:29:
c6:1d:71:af:de:58:a5:61:b8:7a:76:d8:14:05:36:a8:38:d7:
09:da:e5:44:96:8f:f2:42:e6:3f:cf:a5:4a:79:ef:46:0d:6c:
cf:ac:b9:e1:88:f2:5d:97:a5:80:ec:15:2e:e8:ef:53:80:af:
1d:18:63:f9:e9:b6:89:1a:ee:21:b1:66:5e:9e:fd:23:5a:1c:
cd:b4:f2:ce:9a:af:c1:a3:4e:f9:ba:0b:d9:f2:b0:4f:7b:51:
42:e0:40:94:b3:71:56:a4:9b:d9:99:d0:8f:c6:11:f7:21:80:
fd:68:e3:42:b7:0f:81:9c:97:d1:9f:ed:1f:48:4a:09:64:a3:
03:9c:0c:7f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjahvAhhix1SXa04vNsQN5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4ZjAwM2ZiYTM3YjAwZDVmOWNlN2VjODRhM2UwNjY4YmNk
MDI4MjQwHhcNMjUwMTAxMTk0OTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTIzZjYwMWUzNzQ0ZDNjZGIzNGQ0YmI1MzdhZWU1NDdmMjcwZWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2hcgbv6nAwOrdSzD3MWDF64raSp5
TzB/X4KH5mqnJLsIIh0LHIRr93sh+dCHJra54CrJZpEZ2BNURoJ9Whh8wwCO3LhA
yqOs2hzGkFJA9Qc5xJIg/tlx0wpLE0ZJTh0sz5cMLiEuOZvS8q3Jouwxe1DgIX3c
dObPcnRjlQ2jXbsAJ01xj4FXhFxKHMu4hbN0/zquEyneyPgNNcm8KvXqIMvGLAnY
+OfMqw2vejrqaMp6BTtNc7aJhd/dJOENVWIc4WEndgvqTdBtbIpNvv1s2GaKe8qL
MZG46/YKu+2iOg+CAza0O3RglaTDq983PxFudiO3wLIUXx0hNAvnIkMwAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLUj9gHjdE082zTUu1N67lR/Jw7vMB8GA1UdIwQY
MBaAFBjwA/ujewDV+c5+yEo+Bmi80CgkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1BBRC02TjdBTlg1em43SVNqNEdhTHpRS0NRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9kMjBmZDItMDcyZS00NzUyLWFmYTQt
MDMzNGVlMWVmM2ZmLzEvdFNQMkFlTjBUVHpiTk5TN1UzcnVWSDhuRHU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9kMjBmZDItMDcyZS00NzUyLWFmYTQtMDMzNGVlMWVmM2Zm
LzEvR1BBRC02TjdBTlg1em43SVNqNEdhTHpRS0NRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBXvr2MA0G
CSqGSIb3DQEBCwUAA4IBAQCV5Rya6LlSQko4LPHKO60bxqPx1e0cm1HJULXw3HyR
pgTRzMfbj+LAvIXzILTDKECaJ60BP2dqHSmNuIRLKPDMSGIbcH/kv4UNj6kZwuUO
TqtKxaZ0tRgzPjvCIPSBDnamkuUa74pMmrWAkxZleen8hdWBRe1PVbq9kFU8+inG
HXGv3lilYbh6dtgUBTaoONcJ2uVElo/yQuY/z6VKee9GDWzPrLnhiPJdl6WA7BUu
6O9TgK8dGGP56baJGu4hsWZenv0jWhzNtPLOmq/Bo075ugvZ8rBPe1FC4ECUs3FW
pJvZmdCPxhH3IYD9aONCtw+BnJfRn+0fSEoJZKMDnAx/
-----END CERTIFICATE-----
Generated at Fri Mar 14 12:12:38 2025 by rpki-client