Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/v3oDa-WSUoJp1kuV1a6fLuRGHQ0.roa
File: v3oDa-WSUoJp1kuV1a6fLuRGHQ0.roa (raw, json)
Hash identifier: Y4h5O4hQh1m1aEWNf7XMnqa6q5Txb+8pJ/1S7VkKt/4=
Subject key identifier: BF:7A:03:6B:E5:92:52:82:69:D6:4B:95:D5:AE:9F:2E:E4:46:1D:0D
Certificate issuer: /CN=804ae76b1975fb4a8cbab2207189eed20232ff5f
Certificate serial: 019427B5292803E3114D871E6E7C38F83CFD
Authority key identifier: 80:4A:E7:6B:19:75:FB:4A:8C:BA:B2:20:71:89:EE:D2:02:32:FF:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gErnaxl1-0qMurIgcYnu0gIy_18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/v3oDa-WSUoJp1kuV1a6fLuRGHQ0.roa
Signing time: Thu 02 Jan 2025 15:49:31 +0000
ROA not before: Thu 02 Jan 2025 15:49:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49290
IP address blocks: 62.122.232.0/21 maxlen: 21
91.195.92.0/23 maxlen: 23
91.198.89.0/24 maxlen: 24
185.242.252.0/22 maxlen: 22
193.25.248.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.mft
rsync://rpki.ripe.net/repository/DEFAULT/gErnaxl1-0qMurIgcYnu0gIy_18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:29:28:03:e3:11:4d:87:1e:6e:7c:38:f8:3c:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=804ae76b1975fb4a8cbab2207189eed20232ff5f
Validity
Not Before: Jan 2 15:49:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bf7a036be592528269d64b95d5ae9f2ee4461d0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:87:0a:c1:38:33:55:34:fb:72:4f:4e:f5:e2:
3b:22:02:6c:50:ae:5c:85:a9:eb:4a:66:f0:25:ee:
55:6f:18:6e:c2:a6:0d:fe:23:59:03:de:b9:50:76:
22:a3:f2:3d:38:d1:03:44:d2:f8:fb:ef:d4:20:40:
90:7a:04:8b:b0:af:d2:31:1a:4d:5b:17:27:36:7c:
51:e9:37:a7:e7:f9:8c:ae:07:a4:57:af:0d:68:a2:
e8:bb:cb:4c:6f:b4:ea:9a:d9:3e:bd:85:5d:47:49:
dd:e1:3c:61:d0:f5:54:f3:6c:ea:45:1d:9c:18:7c:
e1:27:9f:5e:07:9e:47:80:11:be:1e:de:0c:3a:b6:
2b:d5:1e:f1:52:ba:24:44:60:71:63:36:54:7d:0f:
f7:3e:44:02:55:42:91:95:bd:05:03:09:89:86:d0:
4a:41:de:0f:af:ad:6a:19:2a:bf:c7:54:79:04:b3:
02:54:27:97:fd:16:1e:a3:ef:dd:b9:c3:b1:a6:89:
37:15:0c:e0:b0:d8:6b:10:a1:17:f7:4f:75:2b:34:
b7:12:fa:cf:60:f5:00:1a:68:e3:6b:d7:cc:a1:16:
20:be:34:29:82:1a:63:71:e6:dc:81:fe:3b:b2:a0:
14:eb:39:be:13:57:4e:63:cb:a7:84:6a:c2:83:11:
2a:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:7A:03:6B:E5:92:52:82:69:D6:4B:95:D5:AE:9F:2E:E4:46:1D:0D
X509v3 Authority Key Identifier:
keyid:80:4A:E7:6B:19:75:FB:4A:8C:BA:B2:20:71:89:EE:D2:02:32:FF:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gErnaxl1-0qMurIgcYnu0gIy_18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/v3oDa-WSUoJp1kuV1a6fLuRGHQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.122.232.0/21
91.195.92.0/23
91.198.89.0/24
185.242.252.0/22
193.25.248.0/22
Signature Algorithm: sha256WithRSAEncryption
5e:45:35:27:3c:4f:d3:bc:1f:55:a0:aa:95:94:04:18:8e:87:
e0:65:a4:b0:ad:21:be:62:2e:85:4d:a1:71:db:55:e3:0f:4c:
81:dc:55:86:c7:7d:5c:9b:5a:68:77:f8:c8:67:0a:84:57:01:
db:53:ac:7f:eb:a3:43:5f:61:2e:ef:31:c0:c6:f1:17:94:59:
f4:8c:79:fc:01:7b:15:61:ae:c5:aa:42:52:e6:00:58:1f:3f:
fe:2d:94:89:28:f0:30:d3:9e:ba:ea:36:a0:38:37:0d:82:62:
fd:1e:3c:aa:57:26:40:95:5b:ca:d4:b9:ea:d7:df:6a:7c:31:
e4:91:97:3d:d9:15:84:5c:96:d3:6b:4c:05:d5:01:f5:f3:41:
2e:90:80:85:7e:95:4a:4d:88:29:37:16:aa:71:54:ae:c2:f7:
00:29:d1:2b:68:ce:7f:f3:3c:ff:be:99:e7:38:d4:86:64:fc:
af:dc:b6:b2:8f:1c:8e:62:83:f8:5b:c6:f0:00:50:bb:2a:fd:
7f:71:b8:7b:19:31:c3:78:ee:6c:b6:9b:32:56:1f:d2:a7:d8:
4a:6d:ba:f5:f4:6e:ea:6e:ea:1d:b9:d2:7b:82:38:58:41:93:
b7:cf:dd:ee:7b:03:fc:7a:b4:1a:55:c0:c2:12:ce:72:7b:4e:
fd:e0:fc:ff
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQntSkoA+MRTYcebnw4+Dz9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwNGFlNzZiMTk3NWZiNGE4Y2JhYjIyMDcxODllZWQyMDIz
MmZmNWYwHhcNMjUwMTAyMTU0OTMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjdhMDM2YmU1OTI1MjgyNjlkNjRiOTVkNWFlOWYyZWU0NDYxZDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4ocKwTgzVTT7ck9O9eI7IgJsUK5c
hanrSmbwJe5VbxhuwqYN/iNZA965UHYio/I9ONEDRNL4++/UIECQegSLsK/SMRpN
WxcnNnxR6Ten5/mMrgekV68NaKLou8tMb7Tqmtk+vYVdR0nd4Txh0PVU82zqRR2c
GHzhJ59eB55HgBG+Ht4MOrYr1R7xUrokRGBxYzZUfQ/3PkQCVUKRlb0FAwmJhtBK
Qd4Pr61qGSq/x1R5BLMCVCeX/RYeo+/ducOxpok3FQzgsNhrEKEX9091KzS3EvrP
YPUAGmjja9fMoRYgvjQpghpjcebcgf47sqAU6zm+E1dOY8unhGrCgxEqcQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFL96A2vlklKCadZLldWuny7kRh0NMB8GA1UdIwQY
MBaAFIBK52sZdftKjLqyIHGJ7tICMv9fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0VybmF4bDEtMHFNdXJJZ2NZbnUwZ0l5XzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC82ODA5OTItMzhkYS00OThmLWEzNDkt
OTQyMjcyOTNjODhlLzEvdjNvRGEtV1NVb0pwMWt1VjFhNmZMdVJHSFEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC82ODA5OTItMzhkYS00OThmLWEzNDktOTQyMjcyOTNjODhl
LzEvZ0VybmF4bDEtMHFNdXJJZ2NZbnUwZ0l5XzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDPnroAwQB
W8NcAwQAW8ZZAwQCufL8AwQCwRn4MA0GCSqGSIb3DQEBCwUAA4IBAQBeRTUnPE/T
vB9VoKqVlAQYjofgZaSwrSG+Yi6FTaFx21XjD0yB3FWGx31cm1pod/jIZwqEVwHb
U6x/66NDX2Eu7zHAxvEXlFn0jHn8AXsVYa7FqkJS5gBYHz/+LZSJKPAw05666jag
ODcNgmL9HjyqVyZAlVvK1Lnq199qfDHkkZc92RWEXJbTa0wF1QH180EukICFfpVK
TYgpNxaqcVSuwvcAKdEraM5/8zz/vpnnONSGZPyv3LayjxyOYoP4W8bwAFC7Kv1/
cbh7GTHDeO5stpsyVh/Sp9hKbbr19G7qbuodudJ7gjhYQZO3z93uewP8erQaVcDC
Es5ye0794Pz/
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:00:33 2025 by rpki-client