Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/F7yuxB3rSQXv2e3QR7lP2VYZOl4.roa
File: F7yuxB3rSQXv2e3QR7lP2VYZOl4.roa (raw, json)
Hash identifier: Hb0YQdZj2T1tpCI4BSwoqOiW5xXUYr05ZCOvDEHOELk=
Subject key identifier: 17:BC:AE:C4:1D:EB:49:05:EF:D9:ED:D0:47:B9:4F:D9:56:19:3A:5E
Certificate issuer: /CN=f030658f16d2d88d34164592fcd4de13131f1695
Certificate serial: 0194221FA8F77F3C33575EE90424A3824A6A
Authority key identifier: F0:30:65:8F:16:D2:D8:8D:34:16:45:92:FC:D4:DE:13:13:1F:16:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8DBljxbS2I00FkWS_NTeExMfFpU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/F7yuxB3rSQXv2e3QR7lP2VYZOl4.roa
Signing time: Wed 01 Jan 2025 13:48:07 +0000
ROA not before: Wed 01 Jan 2025 13:48:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216024
IP address blocks: 45.15.156.0/24 maxlen: 24
217.196.104.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/8DBljxbS2I00FkWS_NTeExMfFpU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/8DBljxbS2I00FkWS_NTeExMfFpU.mft
rsync://rpki.ripe.net/repository/DEFAULT/8DBljxbS2I00FkWS_NTeExMfFpU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:a8:f7:7f:3c:33:57:5e:e9:04:24:a3:82:4a:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f030658f16d2d88d34164592fcd4de13131f1695
Validity
Not Before: Jan 1 13:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=17bcaec41deb4905efd9edd047b94fd956193a5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:93:66:b4:66:2d:9e:e4:99:5a:d0:b6:85:94:
2f:b8:df:05:ed:5e:ce:6f:fe:d6:68:c1:3a:02:87:
23:2d:d7:70:c4:fd:b4:00:dc:8d:5c:59:f8:a6:70:
28:ed:a4:a6:a4:36:ce:89:25:fa:75:8e:f0:0d:c6:
eb:01:b8:de:89:62:e8:c0:35:86:de:2f:6e:95:0c:
bc:da:e4:75:2c:59:3f:79:2d:fd:e3:73:c4:f2:74:
7d:5b:e1:c6:a0:62:31:76:24:2f:36:21:1f:2b:79:
04:06:52:a1:d5:c3:79:38:37:6b:f6:a0:f8:ac:a9:
04:05:5d:9d:e0:1e:ff:cb:07:3a:91:88:54:22:b6:
fb:bb:56:b8:80:ac:d8:10:81:81:a0:9d:98:ed:0f:
81:27:47:6a:7b:27:31:43:0e:38:ad:2e:64:ef:37:
db:d7:fd:37:31:ba:14:eb:e4:7d:8e:c8:02:fb:e2:
5f:9f:2e:68:a0:0f:17:1b:4e:a5:69:a6:e4:22:cb:
67:5d:81:24:a8:b5:c2:c9:3a:47:d8:64:d2:04:2d:
da:63:0a:73:5a:7b:ce:ed:0b:b6:d3:fc:f6:d8:85:
13:92:0d:0c:66:55:e3:f2:e0:84:d1:6b:b4:40:bc:
39:74:6e:b1:03:4a:b0:fa:8b:f5:39:e1:6e:82:84:
05:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:BC:AE:C4:1D:EB:49:05:EF:D9:ED:D0:47:B9:4F:D9:56:19:3A:5E
X509v3 Authority Key Identifier:
keyid:F0:30:65:8F:16:D2:D8:8D:34:16:45:92:FC:D4:DE:13:13:1F:16:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8DBljxbS2I00FkWS_NTeExMfFpU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/F7yuxB3rSQXv2e3QR7lP2VYZOl4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/8DBljxbS2I00FkWS_NTeExMfFpU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.156.0/24
217.196.104.0/24
Signature Algorithm: sha256WithRSAEncryption
43:a4:7c:98:6a:1d:7e:f4:7d:c3:46:9d:65:e2:1b:5f:99:aa:
05:89:e1:b0:bb:16:fd:7d:ed:2a:e3:10:5b:b5:57:0e:ec:85:
de:24:9d:67:24:bd:06:1a:12:7b:eb:d8:69:7d:cf:f3:0f:4c:
ab:4f:58:22:fe:bc:72:9f:4e:28:77:2a:67:0b:0c:9e:9e:fa:
fa:b6:df:7e:b3:aa:5d:f6:4c:45:1d:0b:01:42:5e:aa:bb:94:
b9:3d:c2:5a:0c:6d:03:95:ba:af:63:64:7f:fa:d6:62:ad:b5:
6b:a9:a4:fd:ab:f7:a4:4f:96:75:8a:2e:51:9d:5d:eb:60:01:
36:a6:04:f8:43:e3:9a:5c:8c:c1:ab:32:35:8c:ba:a5:7c:ae:
e9:a7:a7:65:27:64:0e:d1:5e:58:b7:18:cb:60:2a:16:b2:0c:
75:b2:77:b2:42:a2:a4:76:78:05:b8:d7:82:f1:a6:6e:3e:5b:
70:c8:a8:ea:72:2a:66:12:d6:ee:27:db:03:5d:a6:18:a5:86:
5a:dc:2a:71:be:66:fd:cb:a0:85:86:8e:3a:7a:d1:a5:bc:b6:
9a:3e:7c:18:7e:ef:50:55:d0:5a:ee:c8:bd:19:3f:dc:bb:ce:
7a:42:47:97:9c:af:4b:d7:56:43:4f:1a:5e:68:8c:cf:28:8d:
76:59:aa:a1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQiH6j3fzwzV17pBCSjgkpqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMzA2NThmMTZkMmQ4OGQzNDE2NDU5MmZjZDRkZTEzMTMx
ZjE2OTUwHhcNMjUwMTAxMTM0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2JjYWVjNDFkZWI0OTA1ZWZkOWVkZDA0N2I5NGZkOTU2MTkzYTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ZNmtGYtnuSZWtC2hZQvuN8F7V7O
b/7WaME6AocjLddwxP20ANyNXFn4pnAo7aSmpDbOiSX6dY7wDcbrAbjeiWLowDWG
3i9ulQy82uR1LFk/eS3943PE8nR9W+HGoGIxdiQvNiEfK3kEBlKh1cN5ODdr9qD4
rKkEBV2d4B7/ywc6kYhUIrb7u1a4gKzYEIGBoJ2Y7Q+BJ0dqeycxQw44rS5k7zfb
1/03MboU6+R9jsgC++Jfny5ooA8XG06laabkIstnXYEkqLXCyTpH2GTSBC3aYwpz
WnvO7Qu20/z22IUTkg0MZlXj8uCE0Wu0QLw5dG6xA0qw+ov1OeFugoQFSwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBe8rsQd60kF79nt0Ee5T9lWGTpeMB8GA1UdIwQY
MBaAFPAwZY8W0tiNNBZFkvzU3hMTHxaVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOERCbGp4YlMySTAwRmtXU19OVGVFeE1mRnBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi82NjkzZTMtODljYS00NGExLWE4YjYt
ODk0ODA1Mjg5Y2MwLzEvRjd5dXhCM3JTUVh2MmUzUVI3bFAyVllaT2w0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi82NjkzZTMtODljYS00NGExLWE4YjYtODk0ODA1Mjg5Y2Mw
LzEvOERCbGp4YlMySTAwRmtXU19OVGVFeE1mRnBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALQ+cAwQA
2cRoMA0GCSqGSIb3DQEBCwUAA4IBAQBDpHyYah1+9H3DRp1l4htfmaoFieGwuxb9
fe0q4xBbtVcO7IXeJJ1nJL0GGhJ769hpfc/zD0yrT1gi/rxyn04odypnCwyenvr6
tt9+s6pd9kxFHQsBQl6qu5S5PcJaDG0DlbqvY2R/+tZirbVrqaT9q/ekT5Z1ii5R
nV3rYAE2pgT4Q+OaXIzBqzI1jLqlfK7pp6dlJ2QO0V5YtxjLYCoWsgx1sneyQqKk
dngFuNeC8aZuPltwyKjqcipmEtbuJ9sDXaYYpYZa3Cpxvmb9y6CFho46etGlvLaa
PnwYfu9QVdBa7si9GT/cu856QkeXnK9L11ZDTxpeaIzPKI12Waqh
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:45:12 2025 by rpki-client