Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/481a35-2434-46e3-aee1-ae13053133cb/1/dfyn6nhNR8JQy6SGJlUvEZfvkyM.roa
File: dfyn6nhNR8JQy6SGJlUvEZfvkyM.roa (raw, json)
Hash identifier: k281u51pv38AcL8abAJjlmfLN2hampMY0v32cElp30w=
Subject key identifier: 75:FC:A7:EA:78:4D:47:C2:50:CB:A4:86:26:55:2F:11:97:EF:93:23
Certificate issuer: /CN=3ff7789346a9f92915f1f75b10af94f97b6e24fa
Certificate serial: 01942521A97C141BD1AA47B6050CB6B37EB2
Authority key identifier: 3F:F7:78:93:46:A9:F9:29:15:F1:F7:5B:10:AF:94:F9:7B:6E:24:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P_d4k0ap-SkV8fdbEK-U-XtuJPo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/481a35-2434-46e3-aee1-ae13053133cb/1/dfyn6nhNR8JQy6SGJlUvEZfvkyM.roa
Signing time: Thu 02 Jan 2025 03:49:10 +0000
ROA not before: Thu 02 Jan 2025 03:49:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51664
IP address blocks: 78.40.88.0/24 maxlen: 24
78.40.89.0/24 maxlen: 24
78.40.90.0/24 maxlen: 24
78.40.91.0/24 maxlen: 24
78.40.92.0/24 maxlen: 24
78.40.93.0/24 maxlen: 24
78.40.94.0/24 maxlen: 24
78.40.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/481a35-2434-46e3-aee1-ae13053133cb/1/P_d4k0ap-SkV8fdbEK-U-XtuJPo.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/481a35-2434-46e3-aee1-ae13053133cb/1/P_d4k0ap-SkV8fdbEK-U-XtuJPo.mft
rsync://rpki.ripe.net/repository/DEFAULT/P_d4k0ap-SkV8fdbEK-U-XtuJPo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:a9:7c:14:1b:d1:aa:47:b6:05:0c:b6:b3:7e:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ff7789346a9f92915f1f75b10af94f97b6e24fa
Validity
Not Before: Jan 2 03:49:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=75fca7ea784d47c250cba48626552f1197ef9323
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:63:80:3e:69:6c:10:31:af:9c:fc:6d:f6:ff:
d9:69:74:f3:be:67:6a:20:50:e8:8f:40:59:72:b6:
58:67:8d:80:a3:13:e3:db:2a:9a:27:ff:cc:ff:9c:
6f:c9:e4:02:df:8f:44:d0:4d:77:bd:ca:b6:1c:fb:
6c:6f:b6:2e:82:08:85:30:10:51:34:15:a0:ee:ae:
b5:10:33:2e:f8:3b:7d:30:64:7a:49:68:e7:e1:58:
f3:63:24:cc:ec:2e:fe:ad:6f:58:e5:21:0d:4f:15:
84:ac:77:ee:c5:ca:79:81:41:fe:ca:41:4d:6b:b5:
a6:77:85:9b:11:02:26:ec:9b:c7:a6:0e:48:b6:5b:
30:1b:22:b0:96:f4:3f:36:94:aa:cc:ce:0f:ff:0e:
a4:7f:9b:ba:6f:4d:d9:46:bc:3a:6e:dd:6c:e8:0f:
32:ee:63:0d:05:92:39:9d:f9:67:0a:27:a7:7e:11:
e8:07:90:fe:d5:5d:27:8b:72:d9:3f:11:ee:6e:53:
97:3d:df:78:f6:3c:e7:3c:24:23:b5:63:9e:12:e5:
15:7e:6f:cd:14:df:81:ed:1e:25:fd:9f:76:f0:87:
c1:fa:51:a2:03:34:ba:c4:12:4c:29:ec:22:61:65:
0d:66:1d:14:6c:47:87:d9:bd:74:e9:5e:b2:83:b0:
04:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:FC:A7:EA:78:4D:47:C2:50:CB:A4:86:26:55:2F:11:97:EF:93:23
X509v3 Authority Key Identifier:
keyid:3F:F7:78:93:46:A9:F9:29:15:F1:F7:5B:10:AF:94:F9:7B:6E:24:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P_d4k0ap-SkV8fdbEK-U-XtuJPo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/481a35-2434-46e3-aee1-ae13053133cb/1/dfyn6nhNR8JQy6SGJlUvEZfvkyM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/481a35-2434-46e3-aee1-ae13053133cb/1/P_d4k0ap-SkV8fdbEK-U-XtuJPo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.40.88.0/21
Signature Algorithm: sha256WithRSAEncryption
1d:32:61:88:fe:5a:63:8f:8c:61:9f:d8:9f:63:4e:80:92:72:
a7:5b:77:c4:88:d7:ce:2d:e7:9f:99:80:19:6a:86:f5:03:81:
b6:90:85:a7:c4:20:ac:7c:20:96:2a:19:9f:26:7f:55:06:be:
ef:8e:6f:41:8c:91:4a:d5:49:72:0f:0a:4b:cd:ef:b4:53:4d:
e0:b6:67:e9:cf:51:59:94:6a:7c:7a:fc:08:ce:99:ad:15:1c:
a0:66:d1:b7:4d:b9:2c:68:f9:56:df:6f:60:4f:79:4f:9e:d6:
ef:16:03:d5:06:be:cd:a3:8e:6b:55:19:02:cb:ef:cf:0d:3e:
04:f3:d0:c3:c7:50:f0:a3:36:44:de:84:88:63:60:6a:7c:b4:
69:6b:4f:58:41:93:31:a5:18:b3:80:cb:4d:a4:19:4c:6f:e6:
a1:11:ba:ca:92:28:e6:0d:19:73:37:8b:88:96:63:f4:ef:1c:
44:46:27:03:69:66:4c:f0:f5:c1:82:7a:92:04:90:f4:f1:4d:
ed:98:0f:eb:89:f7:86:ae:08:46:58:c4:5d:25:36:e6:34:81:
e0:17:6e:65:2e:7f:c5:de:fd:f3:eb:b8:81:22:53:11:60:ac:
f3:90:30:3d:db:38:96:b8:fb:0a:ca:19:7e:7e:5a:8e:65:65:
1b:12:5b:d3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIal8FBvRqke2BQy2s36yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZjc3ODkzNDZhOWY5MjkxNWYxZjc1YjEwYWY5NGY5N2I2
ZTI0ZmEwHhcNMjUwMTAyMDM0OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWZjYTdlYTc4NGQ0N2MyNTBjYmE0ODYyNjU1MmYxMTk3ZWY5MzIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg2OAPmlsEDGvnPxt9v/ZaXTzvmdq
IFDoj0BZcrZYZ42AoxPj2yqaJ//M/5xvyeQC349E0E13vcq2HPtsb7YuggiFMBBR
NBWg7q61EDMu+Dt9MGR6SWjn4VjzYyTM7C7+rW9Y5SENTxWErHfuxcp5gUH+ykFN
a7Wmd4WbEQIm7JvHpg5ItlswGyKwlvQ/NpSqzM4P/w6kf5u6b03ZRrw6bt1s6A8y
7mMNBZI5nflnCienfhHoB5D+1V0ni3LZPxHublOXPd949jznPCQjtWOeEuUVfm/N
FN+B7R4l/Z928IfB+lGiAzS6xBJMKewiYWUNZh0UbEeH2b106V6yg7AEGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHX8p+p4TUfCUMukhiZVLxGX75MjMB8GA1UdIwQY
MBaAFD/3eJNGqfkpFfH3WxCvlPl7biT6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUF9kNGswYXAtU2tWOGZkYkVLLVUtWHR1SlBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi80ODFhMzUtMjQzNC00NmUzLWFlZTEt
YWUxMzA1MzEzM2NiLzEvZGZ5bjZuaE5SOEpReTZTR0psVXZFWmZ2a3lNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi80ODFhMzUtMjQzNC00NmUzLWFlZTEtYWUxMzA1MzEzM2Ni
LzEvUF9kNGswYXAtU2tWOGZkYkVLLVUtWHR1SlBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDTihYMA0G
CSqGSIb3DQEBCwUAA4IBAQAdMmGI/lpjj4xhn9ifY06AknKnW3fEiNfOLeefmYAZ
aob1A4G2kIWnxCCsfCCWKhmfJn9VBr7vjm9BjJFK1UlyDwpLze+0U03gtmfpz1FZ
lGp8evwIzpmtFRygZtG3TbksaPlW329gT3lPntbvFgPVBr7No45rVRkCy+/PDT4E
89DDx1DwozZE3oSIY2BqfLRpa09YQZMxpRizgMtNpBlMb+ahEbrKkijmDRlzN4uI
lmP07xxERicDaWZM8PXBgnqSBJD08U3tmA/rifeGrghGWMRdJTbmNIHgF25lLn/F
3v3z67iBIlMRYKzzkDA92ziWuPsKyhl+flqOZWUbElvT
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:59:21 2025 by rpki-client