Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/e0e829-1284-4db1-ba48-785ac191b31a/1/7ZfxbTG5XE7d3U698g7DhphadTg.roa
File: 7ZfxbTG5XE7d3U698g7DhphadTg.roa (raw, json)
Hash identifier: Pr0+WF0lvDtFnCz/0c70Eot8c7E9jRvKLuNSr3PuDSs=
Subject key identifier: ED:97:F1:6D:31:B9:5C:4E:DD:DD:4E:BD:F2:0E:C3:86:98:5A:75:38
Certificate issuer: /CN=d07dff547eacbe81dc3465598446d3b027dcb76d
Certificate serial: 0194206819799F93D50D79CBA7B77D523E99
Authority key identifier: D0:7D:FF:54:7E:AC:BE:81:DC:34:65:59:84:46:D3:B0:27:DC:B7:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0H3_VH6svoHcNGVZhEbTsCfct20.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/e0e829-1284-4db1-ba48-785ac191b31a/1/7ZfxbTG5XE7d3U698g7DhphadTg.roa
Signing time: Wed 01 Jan 2025 05:48:00 +0000
ROA not before: Wed 01 Jan 2025 05:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5517
IP address blocks: 159.25.0.0/16 maxlen: 24
194.176.0.0/19 maxlen: 19
194.245.0.0/16 maxlen: 16
2a01:4fc0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/e0e829-1284-4db1-ba48-785ac191b31a/1/0H3_VH6svoHcNGVZhEbTsCfct20.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/e0e829-1284-4db1-ba48-785ac191b31a/1/0H3_VH6svoHcNGVZhEbTsCfct20.mft
rsync://rpki.ripe.net/repository/DEFAULT/0H3_VH6svoHcNGVZhEbTsCfct20.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 23:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:19:79:9f:93:d5:0d:79:cb:a7:b7:7d:52:3e:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d07dff547eacbe81dc3465598446d3b027dcb76d
Validity
Not Before: Jan 1 05:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ed97f16d31b95c4edddd4ebdf20ec386985a7538
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:39:95:83:19:f4:13:0e:b6:80:a9:55:82:32:
2c:eb:6e:b3:b8:17:d1:f7:87:41:42:28:e0:52:a7:
a7:57:4d:71:e1:8b:37:0b:72:48:4d:b1:25:21:84:
5d:93:96:38:a5:d1:4a:93:af:2b:55:73:43:fe:ec:
fa:eb:08:f9:2a:82:62:b8:49:b1:4e:4d:0e:88:2a:
6f:8f:b2:df:92:8b:c4:79:09:85:7b:7a:29:7b:e1:
f2:52:c7:45:30:91:4b:d3:e1:d7:54:8f:65:0e:5f:
0a:e3:34:62:33:9b:37:8a:a3:88:02:00:20:30:bb:
71:dc:6b:98:77:3f:d3:60:f5:a3:91:9a:28:a7:35:
f0:aa:4d:82:ea:77:f8:44:ae:34:fd:44:b0:e6:1f:
fd:79:11:15:f9:0e:0e:24:2e:65:13:84:b4:a1:50:
c8:b4:e0:ae:b0:03:13:c2:ac:d2:1c:ee:03:58:7c:
49:2a:31:87:f7:e6:77:31:af:74:19:fa:c5:a5:45:
ad:c6:a6:4c:93:87:dd:e5:88:9b:41:ce:50:f2:54:
ae:ed:94:33:5c:f1:92:57:a8:d4:88:7f:2f:62:44:
ca:bd:8c:40:ad:d1:3b:39:08:c7:36:e9:96:8d:fc:
91:b1:cb:5a:9f:eb:ed:39:e7:fb:ae:01:ae:d4:98:
09:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:97:F1:6D:31:B9:5C:4E:DD:DD:4E:BD:F2:0E:C3:86:98:5A:75:38
X509v3 Authority Key Identifier:
keyid:D0:7D:FF:54:7E:AC:BE:81:DC:34:65:59:84:46:D3:B0:27:DC:B7:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0H3_VH6svoHcNGVZhEbTsCfct20.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/e0e829-1284-4db1-ba48-785ac191b31a/1/7ZfxbTG5XE7d3U698g7DhphadTg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/e0e829-1284-4db1-ba48-785ac191b31a/1/0H3_VH6svoHcNGVZhEbTsCfct20.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.25.0.0/16
194.176.0.0/19
194.245.0.0/16
IPv6:
2a01:4fc0::/32
Signature Algorithm: sha256WithRSAEncryption
53:56:61:77:3f:c7:f2:f7:18:be:e8:a2:66:80:d2:98:80:55:
c6:8b:8a:46:a1:ff:10:8c:6e:7d:f6:7e:70:eb:2d:4c:3e:d5:
70:31:06:2b:6b:74:5b:6e:1b:21:5c:28:78:99:25:54:47:84:
ba:48:0f:4c:15:53:86:e0:8c:83:c4:e4:2f:0d:a1:6d:8d:1f:
67:41:55:3c:07:1e:15:91:dc:53:ad:09:9d:52:45:65:22:48:
e3:e6:2d:a5:c8:e1:e5:6c:fa:1f:42:21:7d:f1:9c:8e:66:e2:
20:33:20:fb:62:da:8c:68:37:22:b8:b8:63:67:d8:f9:63:43:
44:5f:91:4d:ff:fc:49:5b:0d:b8:ac:81:71:25:9d:f2:e9:63:
5d:07:e8:5a:97:d1:26:18:67:b1:00:3d:57:0f:57:68:b0:56:
76:a9:4e:e9:48:55:23:6e:ab:bd:5d:8f:ea:71:44:e5:4e:b9:
96:63:55:8d:f0:33:64:d5:18:af:d3:cf:4c:ee:bc:e8:aa:84:
92:04:8f:41:47:53:1c:9f:34:66:59:5c:58:2f:3b:a4:5f:19:
5a:89:d1:b9:96:60:05:6f:ee:32:32:e7:8d:24:e6:17:10:58:
c0:24:83:a7:eb:d8:7f:ec:d8:1c:3a:68:95:51:ab:67:f5:96:
fb:7d:ee:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZQgaBl5n5PVDXnLp7d9Uj6ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwN2RmZjU0N2VhY2JlODFkYzM0NjU1OTg0NDZkM2IwMjdk
Y2I3NmQwHhcNMjUwMTAxMDU0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDk3ZjE2ZDMxYjk1YzRlZGRkZDRlYmRmMjBlYzM4Njk4NWE3NTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1jmVgxn0Ew62gKlVgjIs626zuBfR
94dBQijgUqenV01x4Ys3C3JITbElIYRdk5Y4pdFKk68rVXND/uz66wj5KoJiuEmx
Tk0OiCpvj7LfkovEeQmFe3ope+HyUsdFMJFL0+HXVI9lDl8K4zRiM5s3iqOIAgAg
MLtx3GuYdz/TYPWjkZoopzXwqk2C6nf4RK40/USw5h/9eREV+Q4OJC5lE4S0oVDI
tOCusAMTwqzSHO4DWHxJKjGH9+Z3Ma90GfrFpUWtxqZMk4fd5YibQc5Q8lSu7ZQz
XPGSV6jUiH8vYkTKvYxArdE7OQjHNumWjfyRsctan+vtOef7rgGu1JgJ9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO2X8W0xuVxO3d1OvfIOw4aYWnU4MB8GA1UdIwQY
MBaAFNB9/1R+rL6B3DRlWYRG07An3LdtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEgzX1ZINnN2b0hjTkdWWmhFYlRzQ2ZjdDIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9lMGU4MjktMTI4NC00ZGIxLWJhNDgt
Nzg1YWMxOTFiMzFhLzEvN1pmeGJURzVYRTdkM1U2OThnN0RocGhhZFRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9lMGU4MjktMTI4NC00ZGIxLWJhNDgtNzg1YWMxOTFiMzFh
LzEvMEgzX1ZINnN2b0hjTkdWWmhFYlRzQ2ZjdDIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAWBAIAATAQAwMAnxkDBAXC
sAADAwDC9TANBAIAAjAHAwUAKgFPwDANBgkqhkiG9w0BAQsFAAOCAQEAU1Zhdz/H
8vcYvuiiZoDSmIBVxouKRqH/EIxuffZ+cOstTD7VcDEGK2t0W24bIVwoeJklVEeE
ukgPTBVThuCMg8TkLw2hbY0fZ0FVPAceFZHcU60JnVJFZSJI4+Ytpcjh5Wz6H0Ih
ffGcjmbiIDMg+2LajGg3Iri4Y2fY+WNDRF+RTf/8SVsNuKyBcSWd8uljXQfoWpfR
JhhnsQA9Vw9XaLBWdqlO6UhVI26rvV2P6nFE5U65lmNVjfAzZNUYr9PPTO686KqE
kgSPQUdTHJ80ZllcWC87pF8ZWonRuZZgBW/uMjLnjSTmFxBYwCSDp+vYf+zYHDpo
lVGrZ/WW+33uhQ==
-----END CERTIFICATE-----
Generated at Sun Apr 13 10:22:58 2025 by rpki-client