Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/b96259-33b8-454a-8c5f-a862b88593a0/1/h09V_pfLhbG06t0gQbFrPM7mXKs.roa
File: h09V_pfLhbG06t0gQbFrPM7mXKs.roa (raw, json)
Hash identifier: 5yQRSQYWk0Fc992YjmOb7t6zzDvUZZ6yh9Kn/c45gMw=
Subject key identifier: 87:4F:55:FE:97:CB:85:B1:B4:EA:DD:20:41:B1:6B:3C:CE:E6:5C:AB
Certificate issuer: /CN=14bf39139b710c4f7237edfd88518655af39c323
Certificate serial: 019428259915F56F5C4C0FFC00F16704B116
Authority key identifier: 14:BF:39:13:9B:71:0C:4F:72:37:ED:FD:88:51:86:55:AF:39:C3:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FL85E5txDE9yN-39iFGGVa85wyM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/b96259-33b8-454a-8c5f-a862b88593a0/1/h09V_pfLhbG06t0gQbFrPM7mXKs.roa
Signing time: Thu 02 Jan 2025 17:52:20 +0000
ROA not before: Thu 02 Jan 2025 17:52:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16262
IP address blocks: 94.199.4.0/24 maxlen: 24
192.162.240.0/21 maxlen: 21
195.211.100.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/b96259-33b8-454a-8c5f-a862b88593a0/1/FL85E5txDE9yN-39iFGGVa85wyM.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/b96259-33b8-454a-8c5f-a862b88593a0/1/FL85E5txDE9yN-39iFGGVa85wyM.mft
rsync://rpki.ripe.net/repository/DEFAULT/FL85E5txDE9yN-39iFGGVa85wyM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:01:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:99:15:f5:6f:5c:4c:0f:fc:00:f1:67:04:b1:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=14bf39139b710c4f7237edfd88518655af39c323
Validity
Not Before: Jan 2 17:52:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=874f55fe97cb85b1b4eadd2041b16b3ccee65cab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:ef:e8:fc:12:1f:27:53:7a:cd:98:12:5c:4f:
08:b4:02:e9:23:35:c7:2c:07:a0:6a:ce:80:e3:9e:
96:89:af:a4:87:fd:2e:3b:f4:9c:f8:f8:25:b7:f0:
c5:d6:d8:a5:f2:7f:68:06:e1:b3:c9:ec:ed:42:49:
81:8f:df:a1:73:fc:d2:c5:14:0d:46:46:18:b4:d5:
dc:02:48:9f:27:8a:45:de:ec:a1:95:97:a6:07:4b:
7e:f1:db:94:45:1f:2a:20:db:d9:29:60:c9:ab:d6:
55:42:44:bb:a8:f7:99:c5:ea:b9:03:93:b5:eb:02:
ab:5f:8c:a4:c3:ac:92:4e:3b:07:f9:f3:90:3c:18:
36:f6:b7:fa:16:1f:0d:fb:7e:cc:2a:ed:bc:1f:73:
49:a5:05:27:db:bd:7b:b4:03:bf:45:1e:ed:a0:6e:
35:ea:96:c0:ec:f2:6b:86:74:c3:95:81:13:5a:9e:
33:a0:91:f8:7a:68:c6:f6:51:19:04:e9:25:d8:3e:
47:ec:72:ff:c1:90:00:9f:49:93:6d:e8:af:0a:f1:
68:d8:50:75:c4:42:d3:a7:9d:a2:0c:3d:27:ae:03:
f0:0a:59:bc:b3:67:0e:33:f5:73:3d:14:e0:e6:bb:
fd:b4:f4:08:a6:3b:68:22:ff:19:78:02:2e:9f:94:
e2:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:4F:55:FE:97:CB:85:B1:B4:EA:DD:20:41:B1:6B:3C:CE:E6:5C:AB
X509v3 Authority Key Identifier:
keyid:14:BF:39:13:9B:71:0C:4F:72:37:ED:FD:88:51:86:55:AF:39:C3:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FL85E5txDE9yN-39iFGGVa85wyM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b96259-33b8-454a-8c5f-a862b88593a0/1/h09V_pfLhbG06t0gQbFrPM7mXKs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b96259-33b8-454a-8c5f-a862b88593a0/1/FL85E5txDE9yN-39iFGGVa85wyM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.199.4.0/24
192.162.240.0/21
195.211.100.0/22
Signature Algorithm: sha256WithRSAEncryption
78:14:da:38:cb:5d:60:ad:a8:91:e5:59:aa:8f:79:79:f8:69:
e4:28:cd:14:20:ad:75:4d:cc:6c:65:62:ad:0b:44:dc:cb:bb:
aa:e4:f9:d1:82:cb:7a:fa:43:78:7b:a0:28:e2:54:8a:c2:04:
01:8c:85:d7:e5:b2:6d:f2:f5:6b:df:8a:25:93:45:33:66:4b:
d0:1b:1b:5c:53:f9:9a:57:a2:a4:44:b1:80:58:ac:13:51:d9:
02:d5:ab:ad:9b:a5:e4:42:41:b3:94:e8:22:65:74:18:ce:44:
ea:ce:de:00:70:ec:11:43:6e:bf:2e:61:54:60:c3:b9:33:86:
19:cd:fd:68:2d:81:9c:51:d5:0e:ff:19:a3:c8:63:4e:1f:82:
fa:dc:10:8d:e2:cb:06:d0:0a:72:b7:8f:aa:97:78:0d:74:91:
c4:c0:b5:2a:70:5c:27:db:05:f6:bd:47:c1:fc:5f:71:09:a8:
3b:16:f8:12:5c:1e:0f:8c:51:9a:5e:e9:4a:84:35:47:01:64:
8e:5f:fe:96:20:2f:88:1d:bb:5f:ec:6f:d6:c5:1a:a5:10:69:
7c:d6:51:c5:1d:3e:ce:b5:1c:41:1b:7f:50:3d:fa:6e:64:0e:
1c:4a:3a:69:b6:a2:75:f6:45:7c:24:20:e1:cd:0b:5b:de:2c:
5d:9d:90:d4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQoJZkV9W9cTA/8APFnBLEWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0YmYzOTEzOWI3MTBjNGY3MjM3ZWRmZDg4NTE4NjU1YWYz
OWMzMjMwHhcNMjUwMTAyMTc1MjIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzRmNTVmZTk3Y2I4NWIxYjRlYWRkMjA0MWIxNmIzY2NlZTY1Y2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAye/o/BIfJ1N6zZgSXE8ItALpIzXH
LAegas6A456Wia+kh/0uO/Sc+Pglt/DF1til8n9oBuGzyeztQkmBj9+hc/zSxRQN
RkYYtNXcAkifJ4pF3uyhlZemB0t+8duURR8qINvZKWDJq9ZVQkS7qPeZxeq5A5O1
6wKrX4ykw6ySTjsH+fOQPBg29rf6Fh8N+37MKu28H3NJpQUn2717tAO/RR7toG41
6pbA7PJrhnTDlYETWp4zoJH4emjG9lEZBOkl2D5H7HL/wZAAn0mTbeivCvFo2FB1
xELTp52iDD0nrgPwClm8s2cOM/VzPRTg5rv9tPQIpjtoIv8ZeAIun5TiewIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIdPVf6Xy4WxtOrdIEGxazzO5lyrMB8GA1UdIwQY
MBaAFBS/ORObcQxPcjft/YhRhlWvOcMjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkw4NUU1dHhERTl5Ti0zOWlGR0dWYTg1d3lNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9iOTYyNTktMzNiOC00NTRhLThjNWYt
YTg2MmI4ODU5M2EwLzEvaDA5Vl9wZkxoYkcwNnQwZ1FiRnJQTTdtWEtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9iOTYyNTktMzNiOC00NTRhLThjNWYtYTg2MmI4ODU5M2Ew
LzEvRkw4NUU1dHhERTl5Ti0zOWlGR0dWYTg1d3lNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAXscEAwQD
wKLwAwQCw9NkMA0GCSqGSIb3DQEBCwUAA4IBAQB4FNo4y11graiR5Vmqj3l5+Gnk
KM0UIK11TcxsZWKtC0Tcy7uq5PnRgst6+kN4e6Ao4lSKwgQBjIXX5bJt8vVr34ol
k0UzZkvQGxtcU/maV6KkRLGAWKwTUdkC1autm6XkQkGzlOgiZXQYzkTqzt4AcOwR
Q26/LmFUYMO5M4YZzf1oLYGcUdUO/xmjyGNOH4L63BCN4ssG0Apyt4+ql3gNdJHE
wLUqcFwn2wX2vUfB/F9xCag7FvgSXB4PjFGaXulKhDVHAWSOX/6WIC+IHbtf7G/W
xRqlEGl81lHFHT7OtRxBG39QPfpuZA4cSjpptqJ19kV8JCDhzQtb3ixdnZDU
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:56:01 2025 by rpki-client