Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/c5dd3e-937b-434f-bbb8-80cc86e51822/1/70CzLPwxRloncyisKHkgg2A7mmU.roa
File: 70CzLPwxRloncyisKHkgg2A7mmU.roa (raw, json)
Hash identifier: rFCcI5P5iNazLy7zOb4v8GZdZ3RW8sg4bh+Lo3jxJQw=
Subject key identifier: EF:40:B3:2C:FC:31:46:5A:27:73:28:AC:28:79:20:83:60:3B:9A:65
Certificate issuer: /CN=cfc0f99d79793a6f01e9ad627d1f968b0c2d0f3b
Certificate serial: 0194228DCC4BC6938250A05AF6AE2808DA6A
Authority key identifier: CF:C0:F9:9D:79:79:3A:6F:01:E9:AD:62:7D:1F:96:8B:0C:2D:0F:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z8D5nXl5Om8B6a1ifR-WiwwtDzs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/c5dd3e-937b-434f-bbb8-80cc86e51822/1/70CzLPwxRloncyisKHkgg2A7mmU.roa
Signing time: Wed 01 Jan 2025 15:48:25 +0000
ROA not before: Wed 01 Jan 2025 15:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199402
IP address blocks: 46.28.235.0/24 maxlen: 24
178.210.167.0/24 maxlen: 24
178.210.179.0/24 maxlen: 24
185.123.103.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/c5dd3e-937b-434f-bbb8-80cc86e51822/1/z8D5nXl5Om8B6a1ifR-WiwwtDzs.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/c5dd3e-937b-434f-bbb8-80cc86e51822/1/z8D5nXl5Om8B6a1ifR-WiwwtDzs.mft
rsync://rpki.ripe.net/repository/DEFAULT/z8D5nXl5Om8B6a1ifR-WiwwtDzs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 18:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:cc:4b:c6:93:82:50:a0:5a:f6:ae:28:08:da:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfc0f99d79793a6f01e9ad627d1f968b0c2d0f3b
Validity
Not Before: Jan 1 15:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ef40b32cfc31465a277328ac28792083603b9a65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:52:27:f6:25:03:42:b4:b7:55:1e:84:6e:7e:
b7:87:49:f2:37:60:1a:cd:ab:46:33:6d:59:13:58:
43:b4:d3:f3:bd:9b:63:f0:2d:87:8f:96:50:25:73:
f6:76:41:2c:e6:a9:c3:80:0f:3d:e3:39:d2:1d:5a:
30:13:b1:98:c1:8d:1a:d5:6a:7d:cf:8b:0d:e6:b1:
79:8e:a1:d3:06:44:ff:d1:16:e9:a2:87:37:42:ea:
0f:49:ae:10:c9:84:60:45:f2:41:2b:03:5b:d0:bc:
78:82:83:9c:59:ec:8c:98:01:b7:cc:3e:47:fa:34:
8e:a0:88:d0:6c:df:0d:26:ca:bc:a4:1d:87:d1:0e:
20:e8:53:88:30:0b:b8:21:02:e7:9b:bd:2f:34:6d:
66:ba:e8:6c:12:ee:c2:66:66:2a:f9:40:97:95:b0:
ce:ca:a1:2a:25:18:4b:d6:dd:2c:11:51:9d:8f:b2:
6a:15:8f:47:4c:dc:08:65:17:33:3e:a0:a4:34:75:
c1:36:a0:30:79:81:04:67:94:54:5b:24:53:16:0f:
8f:56:01:82:f7:65:da:e0:f5:16:38:21:dd:e9:44:
b2:8f:16:96:3a:21:59:a7:9d:90:06:5d:c3:b9:fc:
1a:87:24:86:b6:b7:55:28:73:eb:be:60:35:ca:67:
ef:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:40:B3:2C:FC:31:46:5A:27:73:28:AC:28:79:20:83:60:3B:9A:65
X509v3 Authority Key Identifier:
keyid:CF:C0:F9:9D:79:79:3A:6F:01:E9:AD:62:7D:1F:96:8B:0C:2D:0F:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z8D5nXl5Om8B6a1ifR-WiwwtDzs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/c5dd3e-937b-434f-bbb8-80cc86e51822/1/70CzLPwxRloncyisKHkgg2A7mmU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/c5dd3e-937b-434f-bbb8-80cc86e51822/1/z8D5nXl5Om8B6a1ifR-WiwwtDzs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.28.235.0/24
178.210.167.0/24
178.210.179.0/24
185.123.103.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:e6:f1:fa:f4:f3:4d:39:77:12:4e:40:e8:c1:96:57:5c:94:
71:79:48:bd:bd:71:09:02:1a:57:a3:d9:5c:60:7a:7a:0b:43:
c5:72:6e:37:ac:8d:93:3b:17:7f:dd:5c:c8:14:94:66:69:d8:
08:bc:15:5f:6e:1b:5b:78:1d:d2:12:9d:51:e7:78:f5:10:2e:
c5:85:d4:b8:78:9c:2b:b0:80:e4:1b:0c:c9:fb:46:2d:8f:2a:
45:0b:bd:6f:31:b1:a4:66:c2:cb:34:67:b8:de:5e:8b:3a:4b:
5a:1b:4e:8b:d5:f5:7e:c3:c1:de:e9:73:5b:17:41:a6:c9:86:
75:95:b1:49:72:86:4c:61:f4:07:e7:8e:22:45:63:0a:78:ec:
ab:b8:46:34:3a:e4:57:89:92:c1:c6:36:08:38:ac:9e:a6:55:
3b:2a:13:f0:b2:5e:d5:75:76:aa:aa:5e:fa:fe:ef:eb:d3:65:
22:d0:c2:c1:58:19:a3:49:9f:09:67:21:a8:64:c3:74:b4:e1:
ca:bf:80:2c:fc:ae:34:f1:f7:b1:f9:08:7c:d6:59:25:20:b0:
ff:11:77:34:b9:91:e3:ef:16:07:55:ad:ab:ed:30:00:df:8a:
6e:ce:f1:bb:7c:33:16:5c:71:b9:8c:06:1e:91:cc:fa:81:2b:
e3:8d:a4:50
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQijcxLxpOCUKBa9q4oCNpqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmYzBmOTlkNzk3OTNhNmYwMWU5YWQ2MjdkMWY5NjhiMGMy
ZDBmM2IwHhcNMjUwMTAxMTU0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjQwYjMyY2ZjMzE0NjVhMjc3MzI4YWMyODc5MjA4MzYwM2I5YTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy1In9iUDQrS3VR6Ebn63h0nyN2Aa
zatGM21ZE1hDtNPzvZtj8C2Hj5ZQJXP2dkEs5qnDgA894znSHVowE7GYwY0a1Wp9
z4sN5rF5jqHTBkT/0Rbpooc3QuoPSa4QyYRgRfJBKwNb0Lx4goOcWeyMmAG3zD5H
+jSOoIjQbN8NJsq8pB2H0Q4g6FOIMAu4IQLnm70vNG1muuhsEu7CZmYq+UCXlbDO
yqEqJRhL1t0sEVGdj7JqFY9HTNwIZRczPqCkNHXBNqAweYEEZ5RUWyRTFg+PVgGC
92Xa4PUWOCHd6USyjxaWOiFZp52QBl3DufwahySGtrdVKHPrvmA1ymfvmwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFO9Asyz8MUZaJ3MorCh5IINgO5plMB8GA1UdIwQY
MBaAFM/A+Z15eTpvAemtYn0flosMLQ87MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejhENW5YbDVPbThCNmExaWZSLVdpd3d0RHpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9jNWRkM2UtOTM3Yi00MzRmLWJiYjgt
ODBjYzg2ZTUxODIyLzEvNzBDekxQd3hSbG9uY3lpc0tIa2dnMkE3bW1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9jNWRkM2UtOTM3Yi00MzRmLWJiYjgtODBjYzg2ZTUxODIy
LzEvejhENW5YbDVPbThCNmExaWZSLVdpd3d0RHpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALhzrAwQA
stKnAwQAstKzAwQAuXtnMA0GCSqGSIb3DQEBCwUAA4IBAQC/5vH69PNNOXcSTkDo
wZZXXJRxeUi9vXEJAhpXo9lcYHp6C0PFcm43rI2TOxd/3VzIFJRmadgIvBVfbhtb
eB3SEp1R53j1EC7FhdS4eJwrsIDkGwzJ+0YtjypFC71vMbGkZsLLNGe43l6LOkta
G06L1fV+w8He6XNbF0GmyYZ1lbFJcoZMYfQH544iRWMKeOyruEY0OuRXiZLBxjYI
OKyeplU7KhPwsl7VdXaqql76/u/r02Ui0MLBWBmjSZ8JZyGoZMN0tOHKv4As/K40
8fex+Qh81lklILD/EXc0uZHj7xYHVa2r7TAA34puzvG7fDMWXHG5jAYekcz6gSvj
jaRQ
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:45:19 2025 by rpki-client