Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/76112c-f17e-4dc1-ba52-6544a2b99817/1/Fq4kg0SRGVzzVSs9_o69LfwOT3A.roa
File: Fq4kg0SRGVzzVSs9_o69LfwOT3A.roa (raw, json)
Hash identifier: 2HbnhpvQtG7vsaYBmi0+gk3Ea1ph0D7Fi3q1e56Ae5s=
Subject key identifier: 16:AE:24:83:44:91:19:5C:F3:55:2B:3D:FE:8E:BD:2D:FC:0E:4F:70
Certificate issuer: /CN=a30ddaa7494d69ba1cacb457ef91b6dcd22e8dd9
Certificate serial: 019426D9605D0EF30183AE0EB89F86978C86
Authority key identifier: A3:0D:DA:A7:49:4D:69:BA:1C:AC:B4:57:EF:91:B6:DC:D2:2E:8D:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ow3ap0lNabocrLRX75G23NIujdk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/76112c-f17e-4dc1-ba52-6544a2b99817/1/Fq4kg0SRGVzzVSs9_o69LfwOT3A.roa
Signing time: Thu 02 Jan 2025 11:49:27 +0000
ROA not before: Thu 02 Jan 2025 11:49:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29484
IP address blocks: 134.147.0.0/16 maxlen: 16
185.73.20.0/22 maxlen: 22
185.73.20.0/23 maxlen: 23
185.73.22.0/24 maxlen: 24
185.73.22.0/25 maxlen: 25
185.73.22.128/25 maxlen: 25
185.73.23.0/24 maxlen: 24
2a05:3e00::/29 maxlen: 29
2a05:3e00::/30 maxlen: 30
2a05:3e04::/32 maxlen: 32
2a05:3e05::/32 maxlen: 32
2a05:3e06::/31 maxlen: 31
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/76112c-f17e-4dc1-ba52-6544a2b99817/1/ow3ap0lNabocrLRX75G23NIujdk.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/76112c-f17e-4dc1-ba52-6544a2b99817/1/ow3ap0lNabocrLRX75G23NIujdk.mft
rsync://rpki.ripe.net/repository/DEFAULT/ow3ap0lNabocrLRX75G23NIujdk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 18:34:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:60:5d:0e:f3:01:83:ae:0e:b8:9f:86:97:8c:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a30ddaa7494d69ba1cacb457ef91b6dcd22e8dd9
Validity
Not Before: Jan 2 11:49:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=16ae24834491195cf3552b3dfe8ebd2dfc0e4f70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:2b:b6:2a:ef:82:e8:e6:83:8a:b7:af:63:fd:
83:cd:7e:38:e1:18:bb:17:8c:13:bf:5c:c3:90:a8:
b4:d6:f7:15:87:7f:5b:a9:51:d2:b0:d1:4c:33:9f:
2c:54:26:12:be:29:1a:b4:c5:aa:a1:4d:48:87:56:
31:c6:6a:02:ca:96:c8:4d:92:38:50:44:4e:8c:6b:
8d:ff:d5:50:28:bb:b0:bc:0e:5c:d9:c6:72:b3:1d:
c0:6b:23:84:0d:58:7a:7e:fd:0a:6a:51:1f:46:b0:
92:3b:0d:3e:23:37:89:e7:9a:4d:6d:31:8a:6a:f6:
7a:3e:78:91:97:14:a2:70:56:db:12:2e:da:e3:af:
ef:fd:d9:1a:cb:8b:f0:ac:55:18:15:ff:8f:ef:ea:
48:e6:42:49:cb:07:d5:05:0b:1d:88:d2:8c:ae:78:
72:e1:27:08:bc:5f:17:09:37:ea:14:bf:af:be:f7:
80:3e:6f:99:96:61:9b:8d:f8:ac:f0:21:20:0f:d0:
21:67:5b:60:8a:09:87:90:3e:8d:a6:90:b1:82:2d:
1a:93:1d:1c:be:6a:d5:d3:c9:99:e5:66:22:a9:80:
fe:0a:82:6b:da:55:32:58:f1:56:96:87:39:95:0c:
27:2f:d9:f4:d4:51:52:40:0a:76:b4:84:ae:86:c7:
05:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:AE:24:83:44:91:19:5C:F3:55:2B:3D:FE:8E:BD:2D:FC:0E:4F:70
X509v3 Authority Key Identifier:
keyid:A3:0D:DA:A7:49:4D:69:BA:1C:AC:B4:57:EF:91:B6:DC:D2:2E:8D:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ow3ap0lNabocrLRX75G23NIujdk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/76112c-f17e-4dc1-ba52-6544a2b99817/1/Fq4kg0SRGVzzVSs9_o69LfwOT3A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/76112c-f17e-4dc1-ba52-6544a2b99817/1/ow3ap0lNabocrLRX75G23NIujdk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
134.147.0.0/16
185.73.20.0/22
IPv6:
2a05:3e00::/29
Signature Algorithm: sha256WithRSAEncryption
38:76:40:41:8a:fb:34:92:8e:ee:ab:0f:d6:dd:cc:b8:1a:46:
ec:c0:4a:61:d7:c8:2f:26:bb:4d:54:8e:b7:3b:68:7a:6f:43:
08:b7:86:83:f8:93:ee:f2:48:a8:dd:38:0c:d6:5b:aa:63:37:
8f:c7:b2:fd:67:ab:de:57:93:fc:3d:31:89:c8:2f:7b:9a:d1:
ed:bd:2e:3a:aa:d2:fa:94:fe:1d:4e:7e:74:0c:67:2e:3c:14:
24:85:30:07:46:df:20:c1:86:cf:cb:d7:06:54:f9:c0:1b:da:
22:be:55:d2:27:72:62:27:1b:af:c2:95:cc:0f:29:8d:d6:2c:
05:8f:f3:e4:06:e5:25:c1:ba:db:1e:87:86:52:90:83:a4:89:
8c:62:80:2f:dc:17:78:e8:12:bb:30:c3:ec:59:07:61:56:ab:
19:1d:a5:00:df:12:23:29:f7:79:58:d8:72:5b:89:bc:50:e5:
fe:de:12:5d:9b:1f:dd:f7:f6:ba:16:93:d9:81:ef:db:a3:cb:
16:1f:ef:8b:63:e0:52:91:82:fc:c3:e3:5e:71:28:2e:e5:1e:
57:ec:67:70:1a:02:89:fd:39:c9:49:7a:cc:f4:d7:03:2b:1e:
1c:a4:9a:9d:5b:31:86:d3:69:9f:65:0d:53:1a:7c:9f:5b:43:
92:7a:0b:3e
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQm2WBdDvMBg64OuJ+Gl4yGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMGRkYWE3NDk0ZDY5YmExY2FjYjQ1N2VmOTFiNmRjZDIy
ZThkZDkwHhcNMjUwMTAyMTE0OTI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmFlMjQ4MzQ0OTExOTVjZjM1NTJiM2RmZThlYmQyZGZjMGU0ZjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnyu2Ku+C6OaDirevY/2DzX444Ri7
F4wTv1zDkKi01vcVh39bqVHSsNFMM58sVCYSvikatMWqoU1Ih1YxxmoCypbITZI4
UEROjGuN/9VQKLuwvA5c2cZysx3AayOEDVh6fv0KalEfRrCSOw0+IzeJ55pNbTGK
avZ6PniRlxSicFbbEi7a46/v/dkay4vwrFUYFf+P7+pI5kJJywfVBQsdiNKMrnhy
4ScIvF8XCTfqFL+vvveAPm+ZlmGbjfis8CEgD9AhZ1tgigmHkD6NppCxgi0akx0c
vmrV08mZ5WYiqYD+CoJr2lUyWPFWloc5lQwnL9n01FFSQAp2tISuhscFKQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFBauJINEkRlc81UrPf6OvS38Dk9wMB8GA1UdIwQY
MBaAFKMN2qdJTWm6HKy0V++RttzSLo3ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3czYXAwbE5hYm9jckxSWDc1RzIzTkl1amRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NjExMmMtZjE3ZS00ZGMxLWJhNTIt
NjU0NGEyYjk5ODE3LzEvRnE0a2cwU1JHVnp6VlNzOV9vNjlMZndPVDNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83NjExMmMtZjE3ZS00ZGMxLWJhNTItNjU0NGEyYjk5ODE3
LzEvb3czYXAwbE5hYm9jckxSWDc1RzIzTkl1amRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjARBAIAATALAwMAhpMDBAK5
SRQwDQQCAAIwBwMFAyoFPgAwDQYJKoZIhvcNAQELBQADggEBADh2QEGK+zSSju6r
D9bdzLgaRuzASmHXyC8mu01Ujrc7aHpvQwi3hoP4k+7ySKjdOAzWW6pjN4/Hsv1n
q95Xk/w9MYnIL3ua0e29Ljqq0vqU/h1OfnQMZy48FCSFMAdG3yDBhs/L1wZU+cAb
2iK+VdIncmInG6/ClcwPKY3WLAWP8+QG5SXButseh4ZSkIOkiYxigC/cF3joErsw
w+xZB2FWqxkdpQDfEiMp93lY2HJbibxQ5f7eEl2bH9339roWk9mB79ujyxYf74tj
4FKRgvzD415xKC7lHlfsZ3AaAon9OclJesz01wMrHhykmp1bMYbTaZ9lDVMafJ9b
Q5J6Cz4=
-----END CERTIFICATE-----
Generated at Sun Apr 13 04:25:07 2025 by rpki-client