Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/F8MEhD4tXo3PI0nh3pFZ32FiNOc.roa
File: F8MEhD4tXo3PI0nh3pFZ32FiNOc.roa (raw, json)
Hash identifier: cbdD8VUh0AcAWL5l8thTZlt0IygArZERFf29HvJc/Ik=
Subject key identifier: 17:C3:04:84:3E:2D:5E:8D:CF:23:49:E1:DE:91:59:DF:61:62:34:E7
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 01942747EA8BB79791C814829487E2F56DFC
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/F8MEhD4tXo3PI0nh3pFZ32FiNOc.roa
Signing time: Thu 02 Jan 2025 13:50:11 +0000
ROA not before: Thu 02 Jan 2025 13:50:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39177
IP address blocks: 213.91.196.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:ea:8b:b7:97:91:c8:14:82:94:87:e2:f5:6d:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Jan 2 13:50:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=17c304843e2d5e8dcf2349e1de9159df616234e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:2c:20:a8:2f:88:62:74:ba:cf:84:1e:ce:7d:
44:47:9f:83:8e:42:3c:04:2e:01:73:80:fb:5d:53:
eb:41:5d:1d:8b:90:fc:4d:47:68:a4:d5:aa:31:0d:
d0:27:82:65:25:f5:63:a1:12:13:6c:2c:bf:f8:8f:
99:d7:7c:f4:f2:d1:90:e3:d9:cc:3d:a8:81:d8:6c:
34:9a:55:50:e1:e5:a0:ad:64:63:49:48:e3:87:03:
e3:dd:8d:f2:08:d2:48:12:b1:40:e9:dd:25:84:65:
67:23:4a:60:30:87:a0:fc:8e:b6:4d:f1:f8:6f:48:
12:da:95:f7:65:58:d3:51:fa:bf:27:4d:8d:13:d8:
15:03:ad:73:c1:31:b3:be:b2:d3:42:f8:29:7b:df:
0c:6c:ca:01:36:aa:5e:c3:ce:24:70:5f:95:0e:02:
b1:e7:1a:37:8e:f0:19:97:51:cd:c0:6b:36:6b:59:
38:fc:46:55:09:cb:05:77:0e:dc:db:ba:84:d5:c7:
3b:e7:ab:af:f0:81:4e:34:fd:68:6c:4c:3d:7b:95:
66:d8:9d:cc:3d:7a:2b:ac:f6:03:75:85:16:f9:cb:
c6:d1:5a:19:47:99:0b:e4:97:ab:c7:be:74:41:24:
d7:38:fc:e4:2b:85:ee:13:54:13:16:a3:5f:a1:5c:
b2:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:C3:04:84:3E:2D:5E:8D:CF:23:49:E1:DE:91:59:DF:61:62:34:E7
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/F8MEhD4tXo3PI0nh3pFZ32FiNOc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.91.196.0/24
Signature Algorithm: sha256WithRSAEncryption
76:f0:d0:8c:1b:5f:39:1c:99:65:77:fc:11:ca:18:92:d9:0b:
e4:e1:65:de:65:2e:61:28:5b:2e:85:01:85:c1:aa:33:b7:c0:
79:05:84:89:de:5e:8e:8b:d4:d7:b1:3e:dc:a7:6c:09:74:69:
65:64:3d:16:cb:29:bd:a5:27:6c:a3:de:4c:e8:20:4d:25:57:
db:6b:b0:b8:d9:47:9d:37:18:e7:26:54:d8:4c:fe:ad:c9:62:
2a:18:39:d2:1d:20:56:8e:2c:1d:61:b2:81:33:fa:e6:47:21:
d0:ae:ef:13:63:77:ee:5d:9b:3f:f4:d4:be:ee:e8:ee:2b:94:
ff:ae:4a:3c:3c:9d:9a:2f:be:71:98:33:63:8d:61:6c:26:b5:
21:4a:02:33:71:70:ae:88:64:f3:88:95:56:d6:2c:4f:7d:40:
b2:1b:8f:64:f0:ae:4a:16:65:5d:2a:aa:a0:d3:d7:f1:56:03:
e5:de:81:59:dc:2c:3e:4f:88:ad:ab:a3:6c:42:22:80:e6:ec:
c9:6c:34:27:17:83:53:6a:e1:7a:b9:7b:7b:87:4d:d1:15:39:
7b:08:4e:76:de:2b:66:21:17:e9:ea:09:85:96:1a:33:56:13:
45:33:bb:e7:5d:68:9e:dc:bd:76:d5:98:9f:68:62:e5:cc:b4:
df:46:e9:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnR+qLt5eRyBSClIfi9W38MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjUwMTAyMTM1MDExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2MzMDQ4NDNlMmQ1ZThkY2YyMzQ5ZTFkZTkxNTlkZjYxNjIzNGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoSwgqC+IYnS6z4Qezn1ER5+DjkI8
BC4Bc4D7XVPrQV0di5D8TUdopNWqMQ3QJ4JlJfVjoRITbCy/+I+Z13z08tGQ49nM
PaiB2Gw0mlVQ4eWgrWRjSUjjhwPj3Y3yCNJIErFA6d0lhGVnI0pgMIeg/I62TfH4
b0gS2pX3ZVjTUfq/J02NE9gVA61zwTGzvrLTQvgpe98MbMoBNqpew84kcF+VDgKx
5xo3jvAZl1HNwGs2a1k4/EZVCcsFdw7c27qE1cc756uv8IFONP1obEw9e5Vm2J3M
PXorrPYDdYUW+cvG0VoZR5kL5Jerx750QSTXOPzkK4XuE1QTFqNfoVyySwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBfDBIQ+LV6NzyNJ4d6RWd9hYjTnMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvRjhNRWhENHRYbzNQSTBuaDNwRlozMkZpTk9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1VvEMA0G
CSqGSIb3DQEBCwUAA4IBAQB28NCMG185HJlld/wRyhiS2Qvk4WXeZS5hKFsuhQGF
waozt8B5BYSJ3l6Oi9TXsT7cp2wJdGllZD0Wyym9pSdso95M6CBNJVfba7C42Ued
NxjnJlTYTP6tyWIqGDnSHSBWjiwdYbKBM/rmRyHQru8TY3fuXZs/9NS+7ujuK5T/
rko8PJ2aL75xmDNjjWFsJrUhSgIzcXCuiGTziJVW1ixPfUCyG49k8K5KFmVdKqqg
09fxVgPl3oFZ3Cw+T4itq6NsQiKA5uzJbDQnF4NTauF6uXt7h03RFTl7CE523itm
IRfp6gmFlhozVhNFM7vnXWie3L121ZifaGLlzLTfRukb
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:01:36 2025 by rpki-client