Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/9dBG9JuRDTu6Pezri5X9qjGglbU.roa
File: 9dBG9JuRDTu6Pezri5X9qjGglbU.roa (raw, json)
Hash identifier: +cmNANqYW5/TEslGANWHU/0YCKjGJgRnyw8zEhIdvRo=
Subject key identifier: F5:D0:46:F4:9B:91:0D:3B:BA:3D:EC:EB:8B:95:FD:AA:31:A0:95:B5
Certificate issuer: /CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Certificate serial: 0194266BCFCFE87B9206DBB4F05853B4E452
Authority key identifier: 87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/9dBG9JuRDTu6Pezri5X9qjGglbU.roa
Signing time: Thu 02 Jan 2025 09:49:47 +0000
ROA not before: Thu 02 Jan 2025 09:49:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208082
IP address blocks: 213.33.8.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.mft
rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:cf:cf:e8:7b:92:06:db:b4:f0:58:53:b4:e4:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Validity
Not Before: Jan 2 09:49:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f5d046f49b910d3bba3deceb8b95fdaa31a095b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:ee:f2:c4:b9:17:d6:6e:7b:44:9d:61:43:e9:
b4:d1:04:5c:7c:c0:84:48:05:cc:57:49:40:ad:b4:
e2:05:4f:08:0c:f8:31:5c:be:9f:c5:3b:51:00:6c:
f7:a1:63:84:5e:80:a9:6b:7a:0a:c2:c3:04:5f:71:
89:46:19:e5:8f:c2:ef:22:72:40:a7:41:f6:b0:8b:
f1:14:25:da:71:95:2d:a5:6f:83:10:b2:12:a9:27:
2c:4c:0e:1b:9c:ec:2a:73:6b:8f:e2:8e:87:60:d5:
92:42:86:64:90:79:0d:e5:49:46:64:dc:cf:58:bd:
a4:76:8e:29:3a:27:67:f5:ad:4d:9b:0d:63:99:51:
f8:f9:d3:8d:f0:8d:75:4d:e4:c7:3b:73:93:1f:0e:
c8:4c:dd:19:0c:03:8a:de:1d:77:89:13:46:54:08:
24:8f:69:e6:49:61:d0:9a:ae:1c:73:97:b2:af:fa:
af:62:50:07:05:e2:3d:fb:18:35:e8:62:ab:de:09:
7e:b2:e5:8c:43:9a:98:25:f4:5f:7d:68:fb:b9:71:
8a:e7:fb:56:0c:f5:f6:7c:9c:2f:bd:9a:88:d8:78:
27:a6:70:bc:94:36:1c:b3:f8:e4:e3:10:7d:5c:8e:
28:fd:e6:af:d9:7a:61:dd:d7:e0:6d:93:f3:11:73:
75:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:D0:46:F4:9B:91:0D:3B:BA:3D:EC:EB:8B:95:FD:AA:31:A0:95:B5
X509v3 Authority Key Identifier:
keyid:87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/9dBG9JuRDTu6Pezri5X9qjGglbU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.33.8.0/24
Signature Algorithm: sha256WithRSAEncryption
79:40:3a:f8:da:81:23:a9:81:b0:9c:b7:1a:3e:68:6c:2e:bc:
8e:14:6d:b5:d4:37:18:77:30:35:88:b6:99:72:77:5a:2c:5a:
59:8e:d4:41:74:cc:03:a8:a5:0b:e4:8a:32:80:09:84:7b:e5:
44:7f:f0:9c:9b:f1:94:0f:af:9d:c1:52:74:49:21:25:f7:29:
4a:84:9f:83:b6:94:c5:74:3b:4b:dd:e7:01:12:fe:9a:36:54:
90:eb:73:a6:d3:9c:67:8f:b4:19:9a:3d:91:93:8c:ea:fa:ef:
82:5d:0e:e2:ff:da:46:36:0d:f6:ab:3e:4e:14:6a:2d:97:1d:
4f:25:d8:18:11:a7:7f:d6:b6:d0:a0:76:35:df:85:92:5d:b0:
59:fe:3c:f3:92:55:ba:7c:8d:5a:d3:0a:29:b4:68:18:3f:71:
65:06:fa:a0:5f:ef:18:fd:d3:9a:dd:4b:c5:6f:87:68:50:72:
b7:bb:8b:b5:b9:96:2f:2c:91:cc:b2:74:99:e3:06:0c:9f:1b:
bf:71:62:5d:5d:fd:67:67:f3:ad:60:12:e0:a1:65:c5:91:13:
6e:7d:c7:87:e3:87:1c:a6:4d:49:cd:f2:d1:1b:11:1f:f0:ce:
0e:62:45:20:28:41:d3:80:04:7b:18:d3:7b:84:67:9e:01:c9:
a6:78:f0:fc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQma8/P6HuSBtu08FhTtORSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MGM1ODlhNGYyMmE5Y2EyZmY5OWI0YzQ4ZjhiZGY0OTI4
NzE3MjUwHhcNMjUwMTAyMDk0OTQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWQwNDZmNDliOTEwZDNiYmEzZGVjZWI4Yjk1ZmRhYTMxYTA5NWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+7yxLkX1m57RJ1hQ+m00QRcfMCE
SAXMV0lArbTiBU8IDPgxXL6fxTtRAGz3oWOEXoCpa3oKwsMEX3GJRhnlj8LvInJA
p0H2sIvxFCXacZUtpW+DELISqScsTA4bnOwqc2uP4o6HYNWSQoZkkHkN5UlGZNzP
WL2kdo4pOidn9a1Nmw1jmVH4+dON8I11TeTHO3OTHw7ITN0ZDAOK3h13iRNGVAgk
j2nmSWHQmq4cc5eyr/qvYlAHBeI9+xg16GKr3gl+suWMQ5qYJfRffWj7uXGK5/tW
DPX2fJwvvZqI2HgnpnC8lDYcs/jk4xB9XI4o/eav2Xph3dfgbZPzEXN1CQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPXQRvSbkQ07uj3s64uV/aoxoJW1MB8GA1UdIwQY
MBaAFIcMWJpPIqnKL/mbTEj4vfSShxclMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWIt
ODQ5ZDNhNmI5YzJkLzEvOWRCRzlKdVJEVHU2UGV6cmk1WDlxakdnbGJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWItODQ5ZDNhNmI5YzJk
LzEvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1SEIMA0G
CSqGSIb3DQEBCwUAA4IBAQB5QDr42oEjqYGwnLcaPmhsLryOFG211DcYdzA1iLaZ
cndaLFpZjtRBdMwDqKUL5IoygAmEe+VEf/Ccm/GUD6+dwVJ0SSEl9ylKhJ+DtpTF
dDtL3ecBEv6aNlSQ63Om05xnj7QZmj2Rk4zq+u+CXQ7i/9pGNg32qz5OFGotlx1P
JdgYEad/1rbQoHY134WSXbBZ/jzzklW6fI1a0woptGgYP3FlBvqgX+8Y/dOa3UvF
b4doUHK3u4u1uZYvLJHMsnSZ4wYMnxu/cWJdXf1nZ/OtYBLgoWXFkRNufceH44cc
pk1JzfLRGxEf8M4OYkUgKEHTgAR7GNN7hGeeAcmmePD8
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:58:13 2025 by rpki-client