Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/7s-kRW15wfOY4-sOfxDBcecv-8g.roa
File: 7s-kRW15wfOY4-sOfxDBcecv-8g.roa (raw, json)
Hash identifier: 4P0C1BGP3QHpEQVAqgQur0JFPU07CPZaJXvyjV3BZyw=
Subject key identifier: EE:CF:A4:45:6D:79:C1:F3:98:E3:EB:0E:7F:10:C1:71:E7:2F:FB:C8
Certificate issuer: /CN=ba4d0e69ab769f65bb2b155bdfa83a7186eeac44
Certificate serial: 0194228E363D6B138A84F3ABE781F639AA16
Authority key identifier: BA:4D:0E:69:AB:76:9F:65:BB:2B:15:5B:DF:A8:3A:71:86:EE:AC:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uk0Oaat2n2W7KxVb36g6cYburEQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/7s-kRW15wfOY4-sOfxDBcecv-8g.roa
Signing time: Wed 01 Jan 2025 15:48:52 +0000
ROA not before: Wed 01 Jan 2025 15:48:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21859
IP address blocks: 194.247.45.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/uk0Oaat2n2W7KxVb36g6cYburEQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/uk0Oaat2n2W7KxVb36g6cYburEQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/uk0Oaat2n2W7KxVb36g6cYburEQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 21:19:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:36:3d:6b:13:8a:84:f3:ab:e7:81:f6:39:aa:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba4d0e69ab769f65bb2b155bdfa83a7186eeac44
Validity
Not Before: Jan 1 15:48:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eecfa4456d79c1f398e3eb0e7f10c171e72ffbc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:49:af:93:35:e5:41:32:2f:df:94:73:72:c3:
f1:72:99:d5:53:39:46:ad:7b:96:8c:9f:14:ce:5b:
a4:0e:9e:93:78:3a:d4:c8:5f:6d:82:54:7f:76:29:
97:84:5e:49:97:e3:65:bd:50:a1:30:24:97:18:7b:
e0:57:72:15:d9:de:b5:3e:af:55:b2:70:16:05:f1:
5b:4e:50:c8:22:ae:78:f6:5c:78:13:63:ce:43:02:
bd:f6:83:f7:62:67:b4:c8:5a:73:bf:5a:9a:3a:1b:
24:70:31:9b:ad:43:7c:39:5b:b7:64:49:2e:19:db:
bd:d5:ad:83:c7:d0:31:66:31:1c:60:c1:16:3d:9c:
8d:cd:f2:7b:66:8f:c3:ac:c7:9e:aa:36:e9:ff:ad:
3d:21:40:b8:c1:cc:d0:ab:31:e6:d7:5e:89:dd:8f:
87:1e:6c:3d:79:3a:1c:b2:e6:e2:6b:89:cc:30:09:
d8:0e:fa:67:6e:c3:6e:1d:4c:e4:35:3f:9f:9a:55:
5a:56:21:3c:f4:ac:56:25:33:c1:0e:f2:b1:6f:11:
c5:bb:ef:99:a7:cd:2f:2b:15:35:f7:32:55:af:d9:
97:63:86:7e:01:38:d4:88:9a:db:0f:85:0d:66:1c:
ea:3e:f6:26:93:c3:4e:d3:59:8f:f5:fc:fe:c8:1f:
f1:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:CF:A4:45:6D:79:C1:F3:98:E3:EB:0E:7F:10:C1:71:E7:2F:FB:C8
X509v3 Authority Key Identifier:
keyid:BA:4D:0E:69:AB:76:9F:65:BB:2B:15:5B:DF:A8:3A:71:86:EE:AC:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uk0Oaat2n2W7KxVb36g6cYburEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/7s-kRW15wfOY4-sOfxDBcecv-8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/uk0Oaat2n2W7KxVb36g6cYburEQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.247.45.0/24
Signature Algorithm: sha256WithRSAEncryption
62:05:e2:f2:b4:83:6b:c8:22:ad:9d:9b:81:92:18:de:fb:2f:
1d:bd:ad:78:62:5a:f3:48:2d:6b:75:6a:8e:69:7a:da:2a:5f:
12:a7:69:82:bb:fd:d1:cd:cc:fa:55:6f:04:34:42:fe:1c:d2:
e8:5a:58:65:bd:2d:2a:15:a0:3f:35:20:bf:97:63:2d:d3:d0:
02:9a:c7:94:67:5c:06:19:28:46:e0:36:fb:fb:e7:71:b2:86:
94:68:d4:ee:f0:ea:eb:7e:11:83:1e:d0:3e:75:18:b2:4b:85:
5c:d1:5c:65:03:47:5c:a4:78:a0:40:a5:7e:13:30:07:4a:be:
b4:f3:b7:db:71:ac:72:c2:a3:53:bc:b0:3b:d3:58:a9:af:20:
bf:30:e5:e2:42:e3:5c:7f:31:15:88:a1:5a:82:57:5f:91:bf:
45:36:eb:52:66:e1:30:df:f5:c2:a0:ea:2b:e2:0f:da:37:96:
2c:50:9a:0e:b5:ee:90:26:ff:61:92:04:56:3c:00:98:e5:6c:
e5:1c:66:1d:65:49:44:ab:35:4e:cc:92:b6:01:10:68:42:d0:
08:54:73:a9:0e:e1:ff:e9:09:1c:6b:36:ec:60:2f:42:ae:23:
ac:73:16:4a:f2:07:a7:32:4f:d6:8b:42:be:1c:cf:a7:f5:dc:
53:fa:01:e1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijjY9axOKhPOr54H2OaoWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNGQwZTY5YWI3NjlmNjViYjJiMTU1YmRmYTgzYTcxODZl
ZWFjNDQwHhcNMjUwMTAxMTU0ODUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWNmYTQ0NTZkNzljMWYzOThlM2ViMGU3ZjEwYzE3MWU3MmZmYmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoEmvkzXlQTIv35RzcsPxcpnVUzlG
rXuWjJ8UzlukDp6TeDrUyF9tglR/dimXhF5Jl+NlvVChMCSXGHvgV3IV2d61Pq9V
snAWBfFbTlDIIq549lx4E2POQwK99oP3Yme0yFpzv1qaOhskcDGbrUN8OVu3ZEku
Gdu91a2Dx9AxZjEcYMEWPZyNzfJ7Zo/DrMeeqjbp/609IUC4wczQqzHm116J3Y+H
Hmw9eTocsubia4nMMAnYDvpnbsNuHUzkNT+fmlVaViE89KxWJTPBDvKxbxHFu++Z
p80vKxU19zJVr9mXY4Z+ATjUiJrbD4UNZhzqPvYmk8NO01mP9fz+yB/x/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO7PpEVtecHzmOPrDn8QwXHnL/vIMB8GA1UdIwQY
MBaAFLpNDmmrdp9luysVW9+oOnGG7qxEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWswT2FhdDJuMlc3S3hWYjM2ZzZjWWJ1ckVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8zZDZkNmMtZjU4ZC00MmU2LWI2ODgt
OGVmZjNmZDNjNDhhLzEvN3Mta1JXMTV3Zk9ZNC1zT2Z4REJjZWN2LThnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8zZDZkNmMtZjU4ZC00MmU2LWI2ODgtOGVmZjNmZDNjNDhh
LzEvdWswT2FhdDJuMlc3S3hWYjM2ZzZjWWJ1ckVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwvctMA0G
CSqGSIb3DQEBCwUAA4IBAQBiBeLytINryCKtnZuBkhje+y8dva14YlrzSC1rdWqO
aXraKl8Sp2mCu/3Rzcz6VW8ENEL+HNLoWlhlvS0qFaA/NSC/l2Mt09ACmseUZ1wG
GShG4Db7++dxsoaUaNTu8OrrfhGDHtA+dRiyS4Vc0VxlA0dcpHigQKV+EzAHSr60
87fbcaxywqNTvLA701ipryC/MOXiQuNcfzEViKFagldfkb9FNutSZuEw3/XCoOor
4g/aN5YsUJoOte6QJv9hkgRWPACY5WzlHGYdZUlEqzVOzJK2ARBoQtAIVHOpDuH/
6QkcazbsYC9CriOscxZK8genMk/Wi0K+HM+n9dxT+gHh
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:26:41 2025 by rpki-client