Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/6ef23e-99ba-4c69-92e3-6bb7080409b4/1/f56823CiqLOMuTriNLS3PUZ78yU.roa
File: f56823CiqLOMuTriNLS3PUZ78yU.roa (raw, json)
Hash identifier: jqCq9kSPvKsgvdkfpEOf8qz0/6Off+XucTySJaLEm7M=
Subject key identifier: 7F:9E:BC:DB:70:A2:A8:B3:8C:B9:3A:E2:34:B4:B7:3D:46:7B:F3:25
Certificate issuer: /CN=4fb3a8a4a0d8c5ae01a9695b041ed2c6d0296a9e
Certificate serial: 01942521C7FBA0BD48EF9601A8E7F1CC31F2
Authority key identifier: 4F:B3:A8:A4:A0:D8:C5:AE:01:A9:69:5B:04:1E:D2:C6:D0:29:6A:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T7OopKDYxa4BqWlbBB7SxtApap4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/6ef23e-99ba-4c69-92e3-6bb7080409b4/1/f56823CiqLOMuTriNLS3PUZ78yU.roa
Signing time: Thu 02 Jan 2025 03:49:18 +0000
ROA not before: Thu 02 Jan 2025 03:49:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56970
IP address blocks: 176.124.56.0/24 maxlen: 24
176.124.57.0/24 maxlen: 24
2a0e:fa40::/48 maxlen: 48
2a0e:fa40:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/6ef23e-99ba-4c69-92e3-6bb7080409b4/1/T7OopKDYxa4BqWlbBB7SxtApap4.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/6ef23e-99ba-4c69-92e3-6bb7080409b4/1/T7OopKDYxa4BqWlbBB7SxtApap4.mft
rsync://rpki.ripe.net/repository/DEFAULT/T7OopKDYxa4BqWlbBB7SxtApap4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 09:01:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:c7:fb:a0:bd:48:ef:96:01:a8:e7:f1:cc:31:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fb3a8a4a0d8c5ae01a9695b041ed2c6d0296a9e
Validity
Not Before: Jan 2 03:49:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7f9ebcdb70a2a8b38cb93ae234b4b73d467bf325
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:5d:65:f9:5d:b6:13:f8:f1:ba:6c:27:59:92:
3d:89:3d:85:02:52:fb:f7:cb:63:3a:2c:29:69:41:
1e:aa:5d:76:cc:b4:39:4c:61:5a:87:79:55:f7:cb:
ea:11:75:cf:f0:06:0e:04:99:42:a1:64:ac:3c:0a:
cf:0c:30:5b:d5:80:62:64:01:70:2e:70:77:bd:b1:
93:b1:4a:47:c6:62:81:91:a4:70:74:ef:f2:16:a4:
1a:8b:48:c2:84:19:57:5a:47:21:66:de:fd:ff:ff:
98:41:f1:4d:8e:98:c8:35:d9:a2:56:39:bf:e5:f7:
a7:7f:62:2f:ff:cf:0d:f9:b2:65:90:96:f6:4f:ca:
05:fe:10:67:c3:ed:40:cc:3a:a2:74:7f:b8:77:1a:
72:4e:fb:34:8a:07:8c:d3:b2:38:cd:a5:5d:20:7e:
a1:3e:1b:4a:36:4c:90:07:42:fc:1e:48:6c:2f:cd:
ea:94:7a:1b:71:e7:fc:d5:42:86:4f:0e:5d:92:18:
90:37:39:77:f7:cb:e7:b4:1a:39:92:b9:72:cd:69:
3d:f8:3e:99:11:1a:77:71:cb:fb:71:89:be:94:2e:
9a:bd:f7:9d:da:cd:d7:4c:0e:02:40:f6:5e:f5:0c:
e5:a0:fc:8f:85:3f:7b:94:1a:7e:80:9f:60:84:f1:
f6:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:9E:BC:DB:70:A2:A8:B3:8C:B9:3A:E2:34:B4:B7:3D:46:7B:F3:25
X509v3 Authority Key Identifier:
keyid:4F:B3:A8:A4:A0:D8:C5:AE:01:A9:69:5B:04:1E:D2:C6:D0:29:6A:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T7OopKDYxa4BqWlbBB7SxtApap4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/6ef23e-99ba-4c69-92e3-6bb7080409b4/1/f56823CiqLOMuTriNLS3PUZ78yU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/6ef23e-99ba-4c69-92e3-6bb7080409b4/1/T7OopKDYxa4BqWlbBB7SxtApap4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.124.56.0/23
IPv6:
2a0e:fa40::/47
Signature Algorithm: sha256WithRSAEncryption
b4:43:66:0b:4c:41:aa:01:48:86:dc:8e:dd:11:57:89:ef:fa:
99:6d:b9:81:f1:1c:80:51:cd:a9:bc:6c:a6:fe:34:c8:49:36:
02:33:c5:d8:76:56:7d:98:1f:12:60:f3:fd:72:52:a7:90:dc:
94:7d:ab:b6:6e:ee:0f:c3:64:2c:a3:3f:51:cb:08:6f:95:16:
48:d1:70:fb:d2:29:41:84:eb:2d:b9:c9:fb:2f:8b:67:f9:e5:
62:56:f8:cf:ae:1b:b5:de:44:7f:eb:96:8c:c3:15:3f:96:4b:
f4:73:b7:1b:80:59:05:0c:93:57:c7:71:45:87:97:d8:fb:2f:
bf:0a:1f:6b:f2:3e:16:fc:64:11:44:22:5c:d5:69:2e:ed:eb:
ca:0b:e3:54:f0:5f:d7:78:9d:73:bb:23:bb:7d:2e:7b:8e:a2:
55:29:c9:10:d8:24:c4:aa:b5:66:c0:9b:c5:a4:2d:71:31:ad:
47:24:5f:8f:36:56:26:ad:18:ba:b2:8e:02:40:10:34:19:be:
fd:69:90:8b:94:e4:54:73:df:8f:c8:66:ec:5f:93:2e:8d:44:
58:51:7d:6f:49:fa:76:d6:7d:a2:25:19:ab:ca:fb:3b:fe:68:
a9:41:86:ac:72:8b:94:6a:a5:fa:09:2b:85:74:3c:6b:ac:0e:
b2:5b:ce:45
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQlIcf7oL1I75YBqOfxzDHyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYjNhOGE0YTBkOGM1YWUwMWE5Njk1YjA0MWVkMmM2ZDAy
OTZhOWUwHhcNMjUwMTAyMDM0OTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjllYmNkYjcwYTJhOGIzOGNiOTNhZTIzNGI0YjczZDQ2N2JmMzI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5F1l+V22E/jxumwnWZI9iT2FAlL7
98tjOiwpaUEeql12zLQ5TGFah3lV98vqEXXP8AYOBJlCoWSsPArPDDBb1YBiZAFw
LnB3vbGTsUpHxmKBkaRwdO/yFqQai0jChBlXWkchZt79//+YQfFNjpjINdmiVjm/
5fenf2Iv/88N+bJlkJb2T8oF/hBnw+1AzDqidH+4dxpyTvs0igeM07I4zaVdIH6h
PhtKNkyQB0L8HkhsL83qlHobcef81UKGTw5dkhiQNzl398vntBo5krlyzWk9+D6Z
ERp3ccv7cYm+lC6avfed2s3XTA4CQPZe9QzloPyPhT97lBp+gJ9ghPH2vwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFH+evNtwoqizjLk64jS0tz1Ge/MlMB8GA1UdIwQY
MBaAFE+zqKSg2MWuAalpWwQe0sbQKWqeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDdPb3BLRFl4YTRCcVdsYkJCN1N4dEFwYXA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi82ZWYyM2UtOTliYS00YzY5LTkyZTMt
NmJiNzA4MDQwOWI0LzEvZjU2ODIzQ2lxTE9NdVRyaU5MUzNQVVo3OHlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi82ZWYyM2UtOTliYS00YzY5LTkyZTMtNmJiNzA4MDQwOWI0
LzEvVDdPb3BLRFl4YTRCcVdsYkJCN1N4dEFwYXA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBsHw4MA8E
AgACMAkDBwEqDvpAAAAwDQYJKoZIhvcNAQELBQADggEBALRDZgtMQaoBSIbcjt0R
V4nv+pltuYHxHIBRzam8bKb+NMhJNgIzxdh2Vn2YHxJg8/1yUqeQ3JR9q7Zu7g/D
ZCyjP1HLCG+VFkjRcPvSKUGE6y25yfsvi2f55WJW+M+uG7XeRH/rlozDFT+WS/Rz
txuAWQUMk1fHcUWHl9j7L78KH2vyPhb8ZBFEIlzVaS7t68oL41TwX9d4nXO7I7t9
LnuOolUpyRDYJMSqtWbAm8WkLXExrUckX482ViatGLqyjgJAEDQZvv1pkIuU5FRz
34/IZuxfky6NRFhRfW9J+nbWfaIlGavK+zv+aKlBhqxyi5RqpfoJK4V0PGusDrJb
zkU=
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:07:46 2025 by rpki-client