Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/7bdf52-6ac5-4c24-bfd0-b570907b59eb/1/8pfPZSOu9OxWh0zIohg91aPGe8w.roa
File: 8pfPZSOu9OxWh0zIohg91aPGe8w.roa (raw, json)
Hash identifier: c5LZlJIp5DIk0u0EVUZdwpG29wBKxdLqbOnohSJsuL0=
Subject key identifier: F2:97:CF:65:23:AE:F4:EC:56:87:4C:C8:A2:18:3D:D5:A3:C6:7B:CC
Certificate issuer: /CN=230340d27e4b24f9124977322edb36942e2d160c
Certificate serial: 019427486F208CC2AA536BFC414DFEB5570C
Authority key identifier: 23:03:40:D2:7E:4B:24:F9:12:49:77:32:2E:DB:36:94:2E:2D:16:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IwNA0n5LJPkSSXcyLts2lC4tFgw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/7bdf52-6ac5-4c24-bfd0-b570907b59eb/1/8pfPZSOu9OxWh0zIohg91aPGe8w.roa
Signing time: Thu 02 Jan 2025 13:50:45 +0000
ROA not before: Thu 02 Jan 2025 13:50:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24848
IP address blocks: 81.6.176.0/21 maxlen: 21
81.6.184.0/22 maxlen: 22
81.6.188.0/22 maxlen: 22
81.26.0.0/20 maxlen: 20
81.26.16.0/20 maxlen: 20
2a00:cd80::/33 maxlen: 33
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/7bdf52-6ac5-4c24-bfd0-b570907b59eb/1/IwNA0n5LJPkSSXcyLts2lC4tFgw.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/7bdf52-6ac5-4c24-bfd0-b570907b59eb/1/IwNA0n5LJPkSSXcyLts2lC4tFgw.mft
rsync://rpki.ripe.net/repository/DEFAULT/IwNA0n5LJPkSSXcyLts2lC4tFgw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:6f:20:8c:c2:aa:53:6b:fc:41:4d:fe:b5:57:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=230340d27e4b24f9124977322edb36942e2d160c
Validity
Not Before: Jan 2 13:50:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f297cf6523aef4ec56874cc8a2183dd5a3c67bcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:d3:e9:11:fe:06:01:61:12:53:83:85:df:f0:
11:75:63:7d:49:7d:b4:4e:81:3a:79:0e:65:d5:30:
0b:d6:3c:c9:e0:02:b4:b3:32:31:15:79:91:b0:1f:
fa:8e:f5:21:ab:d7:74:b8:97:05:5d:ec:8b:15:18:
18:30:7c:bc:d5:52:21:bd:29:47:31:d5:59:43:d9:
c9:d1:16:0c:9f:12:b0:aa:b8:99:0f:b8:83:30:25:
c8:d0:63:9b:cb:f1:c0:e6:8a:e3:35:9e:3e:b6:44:
c9:74:11:9e:cb:0a:6f:ce:e1:7a:62:7d:61:07:fb:
07:e3:38:e1:b6:b5:30:75:a7:19:36:d0:a4:96:21:
30:38:d0:60:57:43:41:1d:68:15:4a:e6:57:e7:eb:
5f:3b:5a:6e:f6:09:02:00:50:57:c9:8a:ff:36:74:
b6:f2:76:55:52:7c:61:2a:aa:37:c8:d1:82:74:1e:
86:91:67:73:ea:c5:01:8c:c9:cb:66:61:80:ef:71:
b9:dc:32:18:ee:f5:6b:57:12:30:2d:f9:8e:b4:68:
86:b0:38:78:ac:0a:0d:21:28:27:f4:f9:62:1c:a0:
97:fd:e5:20:69:a7:36:33:2e:cb:4f:31:fb:bf:f0:
b6:3c:bc:e5:d1:1f:67:ad:9f:19:9f:81:70:b4:e8:
7c:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:97:CF:65:23:AE:F4:EC:56:87:4C:C8:A2:18:3D:D5:A3:C6:7B:CC
X509v3 Authority Key Identifier:
keyid:23:03:40:D2:7E:4B:24:F9:12:49:77:32:2E:DB:36:94:2E:2D:16:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IwNA0n5LJPkSSXcyLts2lC4tFgw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/7bdf52-6ac5-4c24-bfd0-b570907b59eb/1/8pfPZSOu9OxWh0zIohg91aPGe8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/7bdf52-6ac5-4c24-bfd0-b570907b59eb/1/IwNA0n5LJPkSSXcyLts2lC4tFgw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.6.176.0/20
81.26.0.0/19
IPv6:
2a00:cd80::/33
Signature Algorithm: sha256WithRSAEncryption
2d:29:37:0c:1b:89:19:08:66:02:3e:af:4d:5f:96:21:23:07:
a8:94:80:dd:7b:41:46:bc:2b:1d:f0:13:3e:fb:83:f9:cd:25:
f4:9d:e9:eb:26:85:d6:79:c9:2a:8e:83:b1:84:79:1f:b7:8b:
2f:6d:33:cf:ef:f6:82:fa:e7:3b:3a:70:90:ef:d3:26:d0:15:
60:f7:ea:7a:88:13:8e:8c:bf:2f:77:32:7f:95:1e:8c:12:e1:
8a:ad:9f:72:95:ce:f8:a2:52:3e:6d:3a:2b:c5:0d:a4:82:a9:
7e:c0:37:1b:b1:16:2a:59:3a:cb:56:9d:4b:c7:ef:ce:57:86:
76:f9:56:f4:b0:e2:b9:12:c6:7a:89:ed:da:64:18:56:f7:b6:
02:07:33:99:fb:79:f7:b6:4e:32:d9:e5:79:81:86:a3:0f:57:
11:5a:40:01:9f:2d:18:48:6b:be:a1:61:04:04:8b:54:da:e6:
6e:8e:8e:93:7d:0c:a8:14:42:d3:da:ae:bf:56:6d:4d:a4:fd:
08:75:ea:b8:04:8a:cc:cf:fb:a7:28:a2:99:64:b3:fa:28:7c:
ab:a2:73:16:6c:38:2e:7e:6f:07:8f:db:cd:af:38:ed:fe:d7:
12:4b:29:b1:15:87:de:d1:1c:be:04:4a:17:73:7a:fb:8e:b9:
bb:27:5d:9a
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZQnSG8gjMKqU2v8QU3+tVcMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzMDM0MGQyN2U0YjI0ZjkxMjQ5NzczMjJlZGIzNjk0MmUy
ZDE2MGMwHhcNMjUwMTAyMTM1MDQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjk3Y2Y2NTIzYWVmNGVjNTY4NzRjYzhhMjE4M2RkNWEzYzY3YmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8tPpEf4GAWESU4OF3/ARdWN9SX20
ToE6eQ5l1TAL1jzJ4AK0szIxFXmRsB/6jvUhq9d0uJcFXeyLFRgYMHy81VIhvSlH
MdVZQ9nJ0RYMnxKwqriZD7iDMCXI0GOby/HA5orjNZ4+tkTJdBGeywpvzuF6Yn1h
B/sH4zjhtrUwdacZNtCkliEwONBgV0NBHWgVSuZX5+tfO1pu9gkCAFBXyYr/NnS2
8nZVUnxhKqo3yNGCdB6GkWdz6sUBjMnLZmGA73G53DIY7vVrVxIwLfmOtGiGsDh4
rAoNISgn9PliHKCX/eUgaac2My7LTzH7v/C2PLzl0R9nrZ8Zn4FwtOh8YwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFPKXz2UjrvTsVodMyKIYPdWjxnvMMB8GA1UdIwQY
MBaAFCMDQNJ+SyT5Ekl3Mi7bNpQuLRYMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXdOQTBuNUxKUGtTU1hjeUx0czJsQzR0Rmd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS83YmRmNTItNmFjNS00YzI0LWJmZDAt
YjU3MDkwN2I1OWViLzEvOHBmUFpTT3U5T3hXaDB6SW9oZzkxYVBHZTh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS83YmRmNTItNmFjNS00YzI0LWJmZDAtYjU3MDkwN2I1OWVi
LzEvSXdOQTBuNUxKUGtTU1hjeUx0czJsQzR0Rmd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQEUQawAwQF
URoAMA4EAgACMAgDBgcqAM2AADANBgkqhkiG9w0BAQsFAAOCAQEALSk3DBuJGQhm
Aj6vTV+WISMHqJSA3XtBRrwrHfATPvuD+c0l9J3p6yaF1nnJKo6DsYR5H7eLL20z
z+/2gvrnOzpwkO/TJtAVYPfqeogTjoy/L3cyf5UejBLhiq2fcpXO+KJSPm06K8UN
pIKpfsA3G7EWKlk6y1adS8fvzleGdvlW9LDiuRLGeont2mQYVve2Agczmft597ZO
MtnleYGGow9XEVpAAZ8tGEhrvqFhBASLVNrmbo6Ok30MqBRC09quv1ZtTaT9CHXq
uASKzM/7pyiimWSz+ih8q6JzFmw4Ln5vB4/bza847f7XEkspsRWH3tEcvgRKF3N6
+465uyddmg==
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:03:18 2025 by rpki-client