Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/ERe51qclsX1vtlIYSnp9k4CtxTU.roa
File: ERe51qclsX1vtlIYSnp9k4CtxTU.roa (raw, json)
Hash identifier: kRCA0E3LofkB2UCr2ORCJ295mGOQpRVa8ZmBK6mCChQ=
Subject key identifier: 11:17:B9:D6:A7:25:B1:7D:6F:B6:52:18:4A:7A:7D:93:80:AD:C5:35
Certificate issuer: /CN=58ad60da52671e9083cf39864eca2aa23241be9e
Certificate serial: 0194282640191482EF6056F3CB2494684B85
Authority key identifier: 58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/ERe51qclsX1vtlIYSnp9k4CtxTU.roa
Signing time: Thu 02 Jan 2025 17:53:02 +0000
ROA not before: Thu 02 Jan 2025 17:53:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 178.212.230.0/24 maxlen: 24
194.26.234.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.mft
rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:40:19:14:82:ef:60:56:f3:cb:24:94:68:4b:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ad60da52671e9083cf39864eca2aa23241be9e
Validity
Not Before: Jan 2 17:53:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1117b9d6a725b17d6fb652184a7a7d9380adc535
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:f7:24:95:20:b2:d0:dd:cf:79:a9:bc:d7:d3:
33:07:d5:36:29:c8:e8:51:1b:9c:82:96:47:ca:3c:
c1:c8:a9:77:f9:2e:84:e5:29:e9:c4:53:4c:b6:96:
62:f0:0b:33:ca:1e:8d:01:cf:6c:5c:df:ed:2d:13:
e4:dd:71:e6:3f:24:42:69:e3:4b:4d:0c:ef:18:b2:
58:7c:4f:68:b6:1b:c0:13:26:3c:87:f6:94:92:b7:
67:8c:88:df:25:01:5b:3d:b0:b5:d7:a4:46:29:4e:
c9:30:71:7e:3a:2c:8b:fc:13:ca:3f:f0:67:38:98:
91:e9:df:a2:b8:d9:20:70:a0:9b:6a:aa:20:7a:6e:
bb:40:e0:2a:77:0e:98:ca:0c:1c:1c:66:e1:40:e2:
00:d7:b1:25:56:b8:06:a0:c3:98:b2:11:6a:09:23:
fe:e2:b1:9f:5e:7c:9d:1e:de:8b:f6:95:7f:06:90:
47:58:2b:a9:14:e4:8e:8b:9d:78:1b:ee:60:d3:b0:
a3:6c:c2:8c:ff:a2:e9:6f:92:e1:17:a7:fd:ac:f2:
39:9d:8f:05:4b:f9:96:7f:44:4f:63:be:cc:12:30:
b5:d0:70:d5:81:89:62:06:9a:b9:58:fd:0a:9d:e8:
e8:68:dd:03:4a:a6:19:18:c4:50:33:f0:3c:d1:40:
42:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:17:B9:D6:A7:25:B1:7D:6F:B6:52:18:4A:7A:7D:93:80:AD:C5:35
X509v3 Authority Key Identifier:
keyid:58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/ERe51qclsX1vtlIYSnp9k4CtxTU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.212.230.0/24
194.26.234.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:78:a2:0c:61:67:6a:51:39:89:78:1a:4e:39:1d:2c:2e:8a:
5b:bd:19:9f:7a:e0:83:d4:e7:ae:69:ec:99:b3:b5:13:7f:0a:
0a:5c:43:08:a3:e8:7c:2b:2f:15:b2:81:d5:a1:50:90:86:fd:
bd:c3:95:9a:19:8b:e2:58:e0:ad:09:e4:c7:2b:12:94:e6:26:
97:b3:63:37:c6:83:ed:cb:1b:6d:83:ab:39:2e:32:de:1f:6b:
aa:8d:a4:33:d7:11:d9:45:60:4e:98:e0:5f:b8:52:ad:e8:ed:
fb:bd:15:c8:ef:5d:f0:eb:3b:6b:72:e6:4b:16:b5:03:25:aa:
8e:7d:31:fe:64:fb:06:8b:9e:23:98:ea:dc:89:53:58:ff:08:
d6:d8:40:2d:c2:83:8a:2b:cf:64:36:e7:c7:8c:a6:68:07:6d:
22:a0:b3:fd:f1:67:60:93:2a:91:cd:cf:97:c4:28:94:56:1a:
d6:41:39:c9:eb:39:fa:7e:d9:a2:ae:23:6d:c1:6f:ed:d5:6b:
3e:d1:23:78:07:ba:d1:1b:9b:0f:7d:4c:b6:92:22:ef:8b:37:
b1:54:59:49:94:fb:5f:6b:54:db:27:28:17:36:41:94:44:7f:
6c:43:4a:d4:2c:f7:5e:49:bf:d3:dd:1d:ad:09:74:4f:4b:34:
65:99:18:c4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQoJkAZFILvYFbzyySUaEuFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YWQ2MGRhNTI2NzFlOTA4M2NmMzk4NjRlY2EyYWEyMzI0
MWJlOWUwHhcNMjUwMTAyMTc1MzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTE3YjlkNmE3MjViMTdkNmZiNjUyMTg0YTdhN2Q5MzgwYWRjNTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/cklSCy0N3Peam819MzB9U2Kcjo
URucgpZHyjzByKl3+S6E5SnpxFNMtpZi8Aszyh6NAc9sXN/tLRPk3XHmPyRCaeNL
TQzvGLJYfE9othvAEyY8h/aUkrdnjIjfJQFbPbC116RGKU7JMHF+OiyL/BPKP/Bn
OJiR6d+iuNkgcKCbaqogem67QOAqdw6YygwcHGbhQOIA17ElVrgGoMOYshFqCSP+
4rGfXnydHt6L9pV/BpBHWCupFOSOi514G+5g07CjbMKM/6Lpb5LhF6f9rPI5nY8F
S/mWf0RPY77MEjC10HDVgYliBpq5WP0KnejoaN0DSqYZGMRQM/A80UBCZQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBEXudanJbF9b7ZSGEp6fZOArcU1MB8GA1UdIwQY
MBaAFFitYNpSZx6Qg885hk7KKqIyQb6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDct
MTFiM2NmM2ZkNGUxLzEvRVJlNTFxY2xzWDF2dGxJWVNucDlrNEN0eFRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDctMTFiM2NmM2ZkNGUx
LzEvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAstTmAwQA
whrqMA0GCSqGSIb3DQEBCwUAA4IBAQCyeKIMYWdqUTmJeBpOOR0sLopbvRmfeuCD
1OeuaeyZs7UTfwoKXEMIo+h8Ky8VsoHVoVCQhv29w5WaGYviWOCtCeTHKxKU5iaX
s2M3xoPtyxttg6s5LjLeH2uqjaQz1xHZRWBOmOBfuFKt6O37vRXI713w6ztrcuZL
FrUDJaqOfTH+ZPsGi54jmOrciVNY/wjW2EAtwoOKK89kNufHjKZoB20ioLP98Wdg
kyqRzc+XxCiUVhrWQTnJ6zn6ftmiriNtwW/t1Ws+0SN4B7rRG5sPfUy2kiLvizex
VFlJlPtfa1TbJygXNkGURH9sQ0rULPdeSb/T3R2tCXRPSzRlmRjE
-----END CERTIFICATE-----
Generated at Sat Apr 12 05:27:27 2025 by rpki-client