Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/b9178b-c7ba-4d4e-af9e-6acd21d4baf8/1/SifsSXB3IxM773oq0Xz9LePnp8I.roa
File: SifsSXB3IxM773oq0Xz9LePnp8I.roa (raw, json)
Hash identifier: zgIEbQQ5tBYSjxuoWIlb12GUFr1oCylWnPsgULnZLUs=
Subject key identifier: 4A:27:EC:49:70:77:23:13:3B:EF:7A:2A:D1:7C:FD:2D:E3:E7:A7:C2
Certificate issuer: /CN=e224e450eafed4c259b6dc0a34e306f1ad284bc4
Certificate serial: 019425FDDBC1B4D3089CC454338F52A1E5A3
Authority key identifier: E2:24:E4:50:EA:FE:D4:C2:59:B6:DC:0A:34:E3:06:F1:AD:28:4B:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4iTkUOr-1MJZttwKNOMG8a0oS8Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/b9178b-c7ba-4d4e-af9e-6acd21d4baf8/1/SifsSXB3IxM773oq0Xz9LePnp8I.roa
Signing time: Thu 02 Jan 2025 07:49:41 +0000
ROA not before: Thu 02 Jan 2025 07:49:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6894
IP address blocks: 95.131.152.0/21 maxlen: 21
195.14.64.0/19 maxlen: 19
195.14.65.0/24 maxlen: 24
2a02:b78::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/b9178b-c7ba-4d4e-af9e-6acd21d4baf8/1/4iTkUOr-1MJZttwKNOMG8a0oS8Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/b9178b-c7ba-4d4e-af9e-6acd21d4baf8/1/4iTkUOr-1MJZttwKNOMG8a0oS8Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/4iTkUOr-1MJZttwKNOMG8a0oS8Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Mar 2025 03:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:db:c1:b4:d3:08:9c:c4:54:33:8f:52:a1:e5:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e224e450eafed4c259b6dc0a34e306f1ad284bc4
Validity
Not Before: Jan 2 07:49:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4a27ec49707723133bef7a2ad17cfd2de3e7a7c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:c1:05:75:9b:af:b2:87:f6:b2:89:9d:29:93:
b6:2c:d6:af:ee:e5:4a:4d:d4:f0:53:d7:c9:ae:bf:
28:d1:f3:7b:27:78:be:25:f0:ac:4d:67:30:9a:50:
ac:f3:ee:88:81:75:5c:10:b3:78:e9:8c:a2:2e:b9:
3e:1d:b7:cf:68:80:db:b5:3a:8c:70:b7:3e:17:51:
4f:a8:4e:f0:05:f1:4f:8b:55:8f:64:97:7c:4e:02:
91:97:e3:e4:a9:81:40:e6:db:a9:2a:d0:65:12:fd:
5e:3b:c0:6f:34:be:cc:d0:33:72:f7:e9:28:80:94:
85:82:81:b7:1c:1a:62:f9:8e:95:7e:2c:30:fc:88:
94:9c:63:0f:1c:3f:f3:d3:ec:99:4f:5e:f7:c7:2d:
3d:79:78:7e:77:f6:72:f2:cc:ee:39:97:94:99:36:
00:58:62:58:92:94:65:d8:e9:41:ba:1d:e0:b0:87:
45:36:7e:c3:80:8b:16:10:cd:7f:b7:e3:d4:74:e1:
dc:61:a7:68:75:e3:18:4d:f5:1f:fa:ae:d1:2b:31:
bf:84:35:d4:a5:1c:d3:0f:59:14:fd:a9:39:19:6a:
2d:db:98:7a:75:df:60:e1:0e:06:fc:c2:7c:4a:48:
93:7e:1d:99:86:04:cb:5f:31:20:05:f6:74:cb:60:
33:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:27:EC:49:70:77:23:13:3B:EF:7A:2A:D1:7C:FD:2D:E3:E7:A7:C2
X509v3 Authority Key Identifier:
keyid:E2:24:E4:50:EA:FE:D4:C2:59:B6:DC:0A:34:E3:06:F1:AD:28:4B:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4iTkUOr-1MJZttwKNOMG8a0oS8Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/b9178b-c7ba-4d4e-af9e-6acd21d4baf8/1/SifsSXB3IxM773oq0Xz9LePnp8I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/b9178b-c7ba-4d4e-af9e-6acd21d4baf8/1/4iTkUOr-1MJZttwKNOMG8a0oS8Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.131.152.0/21
195.14.64.0/19
IPv6:
2a02:b78::/32
Signature Algorithm: sha256WithRSAEncryption
a0:09:28:5d:e5:77:fe:ae:f0:dc:ec:c4:90:1d:e1:22:5d:54:
a9:b7:93:6d:f3:a4:5c:ba:b8:8a:e7:9f:b1:3e:4a:39:b6:96:
f0:97:fd:ca:c1:6f:24:3a:85:0d:33:77:11:91:a9:23:ee:e3:
69:ff:80:fa:4a:27:c5:73:dd:c7:6c:9b:61:31:81:74:05:1f:
7c:fa:f8:6f:07:0e:92:62:d5:2c:70:85:39:d5:62:a7:7a:70:
5d:8e:5b:f6:03:dd:4e:65:b1:2f:af:07:44:28:1f:20:21:a9:
dd:0a:72:5f:22:55:44:f3:5a:c0:51:eb:f5:8c:c9:f8:41:ab:
34:ab:e2:07:bc:74:39:7b:e1:3b:24:4c:92:ec:0c:16:6e:ba:
4b:14:8c:a1:9e:1f:ba:51:89:71:55:fa:5f:20:57:12:55:59:
6f:f1:ee:67:1e:75:38:4a:54:eb:09:43:56:41:df:f2:34:32:
be:c1:00:62:51:36:33:45:d8:5b:ae:13:02:7b:43:52:c9:28:
f9:ae:41:ac:c7:51:9c:46:d3:30:6f:08:72:7b:89:05:5e:5f:
8c:cf:0f:0c:3a:54:29:1b:26:6d:19:f7:dd:6a:a6:73:22:3e:
89:71:b2:a8:c4:1b:22:20:5e:21:7d:78:6a:5e:d0:70:0d:5d:
01:4d:32:49
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQl/dvBtNMInMRUM49SoeWjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyMjRlNDUwZWFmZWQ0YzI1OWI2ZGMwYTM0ZTMwNmYxYWQy
ODRiYzQwHhcNMjUwMTAyMDc0OTQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTI3ZWM0OTcwNzcyMzEzM2JlZjdhMmFkMTdjZmQyZGUzZTdhN2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5sEFdZuvsof2somdKZO2LNav7uVK
TdTwU9fJrr8o0fN7J3i+JfCsTWcwmlCs8+6IgXVcELN46YyiLrk+HbfPaIDbtTqM
cLc+F1FPqE7wBfFPi1WPZJd8TgKRl+PkqYFA5tupKtBlEv1eO8BvNL7M0DNy9+ko
gJSFgoG3HBpi+Y6Vfiww/IiUnGMPHD/z0+yZT173xy09eXh+d/Zy8szuOZeUmTYA
WGJYkpRl2OlBuh3gsIdFNn7DgIsWEM1/t+PUdOHcYadodeMYTfUf+q7RKzG/hDXU
pRzTD1kU/ak5GWot25h6dd9g4Q4G/MJ8SkiTfh2ZhgTLXzEgBfZ0y2AzhQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEon7ElwdyMTO+96KtF8/S3j56fCMB8GA1UdIwQY
MBaAFOIk5FDq/tTCWbbcCjTjBvGtKEvEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGlUa1VPci0xTUpadHR3S05PTUc4YTBvUzhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9iOTE3OGItYzdiYS00ZDRlLWFmOWUt
NmFjZDIxZDRiYWY4LzEvU2lmc1NYQjNJeE03NzNvcTBYejlMZVBucDhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9iOTE3OGItYzdiYS00ZDRlLWFmOWUtNmFjZDIxZDRiYWY4
LzEvNGlUa1VPci0xTUpadHR3S05PTUc4YTBvUzhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDX4OYAwQF
ww5AMA0EAgACMAcDBQAqAgt4MA0GCSqGSIb3DQEBCwUAA4IBAQCgCShd5Xf+rvDc
7MSQHeEiXVSpt5Nt86RcuriK55+xPko5tpbwl/3KwW8kOoUNM3cRkakj7uNp/4D6
SifFc93HbJthMYF0BR98+vhvBw6SYtUscIU51WKnenBdjlv2A91OZbEvrwdEKB8g
IandCnJfIlVE81rAUev1jMn4Qas0q+IHvHQ5e+E7JEyS7AwWbrpLFIyhnh+6UYlx
VfpfIFcSVVlv8e5nHnU4SlTrCUNWQd/yNDK+wQBiUTYzRdhbrhMCe0NSySj5rkGs
x1GcRtMwbwhye4kFXl+Mzw8MOlQpGyZtGffdaqZzIj6JcbKoxBsiIF4hfXhqXtBw
DV0BTTJJ
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:56:01 2025 by rpki-client