Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/28f8ec-e577-4752-8685-1573ef6271eb/1/m0jbiHxRktR_kE-i3D3woRX2ZsI.roa
File: m0jbiHxRktR_kE-i3D3woRX2ZsI.roa (raw, json)
Hash identifier: fSOohTJ+oYWg/YD/VykP7b8U7lIYd4B0MDv4mOCNuT8=
Subject key identifier: 9B:48:DB:88:7C:51:92:D4:7F:90:4F:A2:DC:3D:F0:A1:15:F6:66:C2
Certificate issuer: /CN=f27a6d4d32832831725c48db518a2400f1a924bd
Certificate serial: 019427B4F8DA87393BE4B28CD7253E10A703
Authority key identifier: F2:7A:6D:4D:32:83:28:31:72:5C:48:DB:51:8A:24:00:F1:A9:24:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8nptTTKDKDFyXEjbUYokAPGpJL0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/28f8ec-e577-4752-8685-1573ef6271eb/1/m0jbiHxRktR_kE-i3D3woRX2ZsI.roa
Signing time: Thu 02 Jan 2025 15:49:19 +0000
ROA not before: Thu 02 Jan 2025 15:49:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39232
IP address blocks: 78.109.48.0/21 maxlen: 21
78.109.48.0/22 maxlen: 22
78.109.52.0/22 maxlen: 22
185.18.244.0/22 maxlen: 22
185.18.244.0/23 maxlen: 23
185.18.246.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/28f8ec-e577-4752-8685-1573ef6271eb/1/8nptTTKDKDFyXEjbUYokAPGpJL0.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/28f8ec-e577-4752-8685-1573ef6271eb/1/8nptTTKDKDFyXEjbUYokAPGpJL0.mft
rsync://rpki.ripe.net/repository/DEFAULT/8nptTTKDKDFyXEjbUYokAPGpJL0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b4:f8:da:87:39:3b:e4:b2:8c:d7:25:3e:10:a7:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f27a6d4d32832831725c48db518a2400f1a924bd
Validity
Not Before: Jan 2 15:49:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9b48db887c5192d47f904fa2dc3df0a115f666c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:d4:a3:79:a5:e5:ca:ed:5a:71:3c:0f:d6:e8:
cb:2b:9f:dc:ef:7a:37:9e:96:82:15:2f:0e:ee:e9:
82:6c:a1:85:8d:e4:5d:87:7c:6f:b0:35:d6:35:02:
37:0c:7d:18:33:31:30:cd:df:e6:9f:b2:0e:10:5b:
78:9d:96:39:b8:5a:57:92:20:0d:0e:ec:b0:44:88:
2a:85:d6:ce:1f:c9:06:cc:90:08:13:8f:8d:f7:a7:
ae:87:fd:bd:10:0f:59:c5:f6:ef:83:2f:8e:d2:5b:
f0:d2:28:52:ff:eb:bc:93:5c:cd:51:87:0b:44:c3:
63:7a:2e:d1:13:f1:f4:01:e2:a7:b1:b4:58:9e:53:
5f:e3:fc:41:7e:22:86:d2:f8:1c:08:11:b6:bc:ab:
ba:34:5e:7c:ef:8c:bc:35:f4:62:2b:e8:84:58:07:
dd:64:52:4c:7f:7a:86:28:1f:92:1b:50:84:05:a2:
d7:be:17:3d:e2:d2:a4:d5:7c:18:45:6a:4c:91:ea:
d5:c9:d8:e8:7b:02:21:e9:dc:18:06:2a:ff:5b:62:
39:e6:c7:57:1e:c9:f5:ed:7e:55:73:b8:ba:62:2e:
e2:41:3a:93:f5:96:16:d4:91:b7:7e:36:23:51:67:
a7:2e:d1:58:60:15:96:fe:97:a5:f5:05:7d:f0:50:
aa:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:48:DB:88:7C:51:92:D4:7F:90:4F:A2:DC:3D:F0:A1:15:F6:66:C2
X509v3 Authority Key Identifier:
keyid:F2:7A:6D:4D:32:83:28:31:72:5C:48:DB:51:8A:24:00:F1:A9:24:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8nptTTKDKDFyXEjbUYokAPGpJL0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/28f8ec-e577-4752-8685-1573ef6271eb/1/m0jbiHxRktR_kE-i3D3woRX2ZsI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/28f8ec-e577-4752-8685-1573ef6271eb/1/8nptTTKDKDFyXEjbUYokAPGpJL0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.109.48.0/21
185.18.244.0/22
Signature Algorithm: sha256WithRSAEncryption
7b:78:a7:1c:92:49:dc:06:dc:21:97:eb:f3:35:ab:98:5e:3f:
93:25:c9:41:42:d0:c7:45:f9:26:6c:6b:81:a4:41:e2:59:ad:
52:de:63:a3:e6:a2:de:09:e4:e7:eb:cb:f0:dd:6e:b3:2a:42:
0e:b6:f4:ab:c3:b7:28:f5:42:07:c2:c8:4c:d1:d8:4b:18:47:
06:cf:a7:86:6a:fa:0b:4e:84:b7:7c:22:02:85:0a:ca:d0:73:
0f:a4:84:13:04:ee:57:17:43:aa:b9:f1:24:d1:fc:d1:f2:1b:
9b:21:e3:e9:5d:26:5c:55:bb:89:0c:b6:96:c8:23:fe:65:56:
11:58:20:6a:8d:c4:ba:4e:3c:f5:7f:4e:44:d0:a4:67:8c:06:
9c:ba:96:ba:0d:50:e3:aa:f5:d7:9e:b8:41:fd:56:59:59:1d:
55:4c:d8:83:55:72:e0:b7:95:14:21:9d:5f:48:0e:36:fa:b7:
d8:c4:8a:0c:2b:75:ad:fd:50:dc:3c:b8:53:94:0c:dd:5f:3c:
43:5f:39:03:6b:40:87:64:07:c7:2e:c0:35:78:48:6f:b6:01:
a9:48:bc:ea:0d:ee:f4:dd:07:7d:36:09:60:16:ca:f5:a1:b0:
a4:61:cc:3e:f5:41:71:ab:f9:51:5d:c6:cb:68:56:70:f9:2a:
44:1c:c6:95
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQntPjahzk75LKM1yU+EKcDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyN2E2ZDRkMzI4MzI4MzE3MjVjNDhkYjUxOGEyNDAwZjFh
OTI0YmQwHhcNMjUwMTAyMTU0OTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjQ4ZGI4ODdjNTE5MmQ0N2Y5MDRmYTJkYzNkZjBhMTE1ZjY2NmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh9SjeaXlyu1acTwP1ujLK5/c73o3
npaCFS8O7umCbKGFjeRdh3xvsDXWNQI3DH0YMzEwzd/mn7IOEFt4nZY5uFpXkiAN
DuywRIgqhdbOH8kGzJAIE4+N96euh/29EA9Zxfbvgy+O0lvw0ihS/+u8k1zNUYcL
RMNjei7RE/H0AeKnsbRYnlNf4/xBfiKG0vgcCBG2vKu6NF5874y8NfRiK+iEWAfd
ZFJMf3qGKB+SG1CEBaLXvhc94tKk1XwYRWpMkerVydjoewIh6dwYBir/W2I55sdX
Hsn17X5Vc7i6Yi7iQTqT9ZYW1JG3fjYjUWenLtFYYBWW/pel9QV98FCqoQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJtI24h8UZLUf5BPotw98KEV9mbCMB8GA1UdIwQY
MBaAFPJ6bU0ygygxclxI21GKJADxqSS9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOG5wdFRUS0RLREZ5WEVqYlVZb2tBUEdwSkwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8yOGY4ZWMtZTU3Ny00NzUyLTg2ODUt
MTU3M2VmNjI3MWViLzEvbTBqYmlIeFJrdFJfa0UtaTNEM3dvUlgyWnNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8yOGY4ZWMtZTU3Ny00NzUyLTg2ODUtMTU3M2VmNjI3MWVi
LzEvOG5wdFRUS0RLREZ5WEVqYlVZb2tBUEdwSkwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDTm0wAwQC
uRL0MA0GCSqGSIb3DQEBCwUAA4IBAQB7eKcckkncBtwhl+vzNauYXj+TJclBQtDH
RfkmbGuBpEHiWa1S3mOj5qLeCeTn68vw3W6zKkIOtvSrw7co9UIHwshM0dhLGEcG
z6eGavoLToS3fCIChQrK0HMPpIQTBO5XF0OqufEk0fzR8hubIePpXSZcVbuJDLaW
yCP+ZVYRWCBqjcS6Tjz1f05E0KRnjAacupa6DVDjqvXXnrhB/VZZWR1VTNiDVXLg
t5UUIZ1fSA42+rfYxIoMK3Wt/VDcPLhTlAzdXzxDXzkDa0CHZAfHLsA1eEhvtgGp
SLzqDe703Qd9NglgFsr1obCkYcw+9UFxq/lRXcbLaFZw+SpEHMaV
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:05:43 2025 by rpki-client