Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/f9a93c-0d69-44ec-8445-f58a5b88c73e/1/t-4cbJi-Ew3u3ipzgXiueic4IR4.roa
File: t-4cbJi-Ew3u3ipzgXiueic4IR4.roa (raw, json)
Hash identifier: bVpOfO45u9FlgP+T8GAth2ynXzQ4yeosDEHag/U9nSY=
Subject key identifier: B7:EE:1C:6C:98:BE:13:0D:EE:DE:2A:73:81:78:AE:7A:27:38:21:1E
Certificate issuer: /CN=fdcbf7a2a43b180d722b37631e879afa1b9a5edb
Certificate serial: 01942826162DE38CFB6163F837C25D405671
Authority key identifier: FD:CB:F7:A2:A4:3B:18:0D:72:2B:37:63:1E:87:9A:FA:1B:9A:5E:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_cv3oqQ7GA1yKzdjHoea-huaXts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/f9a93c-0d69-44ec-8445-f58a5b88c73e/1/t-4cbJi-Ew3u3ipzgXiueic4IR4.roa
Signing time: Thu 02 Jan 2025 17:52:52 +0000
ROA not before: Thu 02 Jan 2025 17:52:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29081
IP address blocks: 5.253.216.0/22 maxlen: 22
45.90.68.0/22 maxlen: 22
62.212.160.0/19 maxlen: 19
185.108.200.0/22 maxlen: 22
185.225.88.0/22 maxlen: 22
2a00:1f30::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/f9a93c-0d69-44ec-8445-f58a5b88c73e/1/_cv3oqQ7GA1yKzdjHoea-huaXts.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/f9a93c-0d69-44ec-8445-f58a5b88c73e/1/_cv3oqQ7GA1yKzdjHoea-huaXts.mft
rsync://rpki.ripe.net/repository/DEFAULT/_cv3oqQ7GA1yKzdjHoea-huaXts.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:16:2d:e3:8c:fb:61:63:f8:37:c2:5d:40:56:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fdcbf7a2a43b180d722b37631e879afa1b9a5edb
Validity
Not Before: Jan 2 17:52:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b7ee1c6c98be130deede2a738178ae7a2738211e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:e7:c2:59:c4:cd:7c:ea:fe:97:97:9e:88:3a:
d6:f6:b8:c3:bc:d3:e3:0e:63:c8:25:37:7a:57:6b:
a6:84:5f:e8:63:0d:c6:f3:dc:4c:57:24:77:df:44:
1f:fb:9e:f4:75:3e:18:4b:d9:f1:dc:08:2a:45:93:
60:68:7e:20:7f:06:ca:ad:0a:6e:cf:e0:a9:2e:9b:
19:a8:81:a8:37:d6:3f:9f:81:31:8d:82:77:df:be:
f1:4a:82:7c:47:0e:4a:8f:40:3c:2c:1b:16:7f:30:
04:36:3a:d7:86:39:96:f2:0a:ef:88:17:25:9c:26:
d1:48:ff:a2:de:1a:3d:20:d7:d8:ce:22:7b:56:0a:
8b:15:14:4b:d4:a1:60:01:a9:eb:cc:08:b5:3a:7a:
42:84:aa:59:ce:17:15:46:52:e0:41:30:69:97:2f:
f4:d7:80:30:fb:14:26:bb:26:79:a3:29:1f:6d:ef:
b6:71:03:d3:1b:20:a5:e8:84:1c:84:18:a7:90:b3:
2c:c6:a0:fb:34:ca:f1:f3:97:06:4a:87:63:09:57:
e0:4e:d3:f6:7e:b3:95:51:39:1a:08:61:0a:f5:60:
db:93:4c:90:1e:76:ad:23:ec:26:b9:b6:c6:0f:32:
cd:64:91:aa:7d:5a:fa:0b:08:19:dd:5e:30:c3:aa:
2e:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:EE:1C:6C:98:BE:13:0D:EE:DE:2A:73:81:78:AE:7A:27:38:21:1E
X509v3 Authority Key Identifier:
keyid:FD:CB:F7:A2:A4:3B:18:0D:72:2B:37:63:1E:87:9A:FA:1B:9A:5E:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_cv3oqQ7GA1yKzdjHoea-huaXts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/f9a93c-0d69-44ec-8445-f58a5b88c73e/1/t-4cbJi-Ew3u3ipzgXiueic4IR4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/f9a93c-0d69-44ec-8445-f58a5b88c73e/1/_cv3oqQ7GA1yKzdjHoea-huaXts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.216.0/22
45.90.68.0/22
62.212.160.0/19
185.108.200.0/22
185.225.88.0/22
IPv6:
2a00:1f30::/29
Signature Algorithm: sha256WithRSAEncryption
67:e5:0b:58:94:95:1a:ea:9c:20:5d:ee:ba:7e:c3:46:11:97:
0e:7d:ac:99:10:d5:f6:e2:25:2b:15:91:6c:99:36:83:ed:dc:
91:16:33:6f:e0:31:02:93:f9:4b:c1:d0:8d:ea:0c:d7:12:e7:
05:bf:d5:09:08:eb:c8:ef:cd:f5:65:9e:51:a1:06:74:29:eb:
aa:d1:a3:85:b3:27:23:43:c9:0b:b4:33:79:c6:1f:63:c1:07:
8e:8a:fd:c4:f4:39:a6:80:c2:86:1f:e4:76:05:7a:84:46:f4:
ae:a8:67:f1:33:50:e0:97:23:8d:be:f8:68:df:9f:cb:b2:e1:
95:56:e4:8e:39:3c:1e:2c:af:0e:ea:da:83:62:24:84:69:2f:
c6:82:46:3b:12:92:a0:03:eb:33:2f:4c:fd:f5:3b:b2:aa:37:
b9:4f:c3:40:5f:6f:4d:9a:74:ff:37:ef:ca:26:74:5c:3b:98:
ab:99:09:61:1d:d6:e9:64:fc:d3:ee:b1:30:49:ae:f3:a1:55:
ce:db:c0:f3:af:ae:4e:a7:36:22:5d:09:5c:f6:f1:c6:7a:cf:
e2:c9:80:49:9d:bf:32:30:7d:92:e9:d0:bf:42:ee:21:49:8f:
46:fe:64:ee:db:35:00:51:57:8e:54:ca:92:ef:2f:e0:89:50:
8c:76:92:b0
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQoJhYt44z7YWP4N8JdQFZxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkY2JmN2EyYTQzYjE4MGQ3MjJiMzc2MzFlODc5YWZhMWI5
YTVlZGIwHhcNMjUwMTAyMTc1MjUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2VlMWM2Yzk4YmUxMzBkZWVkZTJhNzM4MTc4YWU3YTI3MzgyMTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ufCWcTNfOr+l5eeiDrW9rjDvNPj
DmPIJTd6V2umhF/oYw3G89xMVyR330Qf+570dT4YS9nx3AgqRZNgaH4gfwbKrQpu
z+CpLpsZqIGoN9Y/n4ExjYJ3377xSoJ8Rw5Kj0A8LBsWfzAENjrXhjmW8grviBcl
nCbRSP+i3ho9INfYziJ7VgqLFRRL1KFgAanrzAi1OnpChKpZzhcVRlLgQTBply/0
14Aw+xQmuyZ5oykfbe+2cQPTGyCl6IQchBinkLMsxqD7NMrx85cGSodjCVfgTtP2
frOVUTkaCGEK9WDbk0yQHnatI+wmubbGDzLNZJGqfVr6CwgZ3V4ww6ou0QIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFLfuHGyYvhMN7t4qc4F4rnonOCEeMB8GA1UdIwQY
MBaAFP3L96KkOxgNcis3Yx6Hmvobml7bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2N2M29xUTdHQTF5S3pkakhvZWEtaHVhWHRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9mOWE5M2MtMGQ2OS00NGVjLTg0NDUt
ZjU4YTViODhjNzNlLzEvdC00Y2JKaS1FdzN1M2lwemdYaXVlaWM0SVI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9mOWE5M2MtMGQ2OS00NGVjLTg0NDUtZjU4YTViODhjNzNl
LzEvX2N2M29xUTdHQTF5S3pkakhvZWEtaHVhWHRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCBf3YAwQC
LVpEAwQFPtSgAwQCuWzIAwQCueFYMA0EAgACMAcDBQMqAB8wMA0GCSqGSIb3DQEB
CwUAA4IBAQBn5QtYlJUa6pwgXe66fsNGEZcOfayZENX24iUrFZFsmTaD7dyRFjNv
4DECk/lLwdCN6gzXEucFv9UJCOvI7831ZZ5RoQZ0Keuq0aOFsycjQ8kLtDN5xh9j
wQeOiv3E9DmmgMKGH+R2BXqERvSuqGfxM1DglyONvvho35/LsuGVVuSOOTweLK8O
6tqDYiSEaS/GgkY7EpKgA+szL0z99Tuyqje5T8NAX29NmnT/N+/KJnRcO5irmQlh
HdbpZPzT7rEwSa7zoVXO28Dzr65OpzYiXQlc9vHGes/iyYBJnb8yMH2S6dC/Qu4h
SY9G/mTu2zUAUVeOVMqS7y/giVCMdpKw
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:27:26 2025 by rpki-client