Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/c7ee9e-b5bf-4c2d-a983-dee3ed497aee/1/fETfH_XiNbseiVsjZA2HM6Af2jI.roa
File: fETfH_XiNbseiVsjZA2HM6Af2jI.roa (raw, json)
Hash identifier: uyRqpIalZYJdXa3YW/3/Z8wVH+1oAHTZduFpskFWKhg=
Subject key identifier: 7C:44:DF:1F:F5:E2:35:BB:1E:89:5B:23:64:0D:87:33:A0:1F:DA:32
Certificate issuer: /CN=05e9fca0a8584feb1c12319071423061b08fe456
Certificate serial: 0194221F859ECA4ADF55166E3B742ABD23EA
Authority key identifier: 05:E9:FC:A0:A8:58:4F:EB:1C:12:31:90:71:42:30:61:B0:8F:E4:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ben8oKhYT-scEjGQcUIwYbCP5FY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/c7ee9e-b5bf-4c2d-a983-dee3ed497aee/1/fETfH_XiNbseiVsjZA2HM6Af2jI.roa
Signing time: Wed 01 Jan 2025 13:47:58 +0000
ROA not before: Wed 01 Jan 2025 13:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61960
IP address blocks: 91.243.120.0/23 maxlen: 24
185.54.48.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/c7ee9e-b5bf-4c2d-a983-dee3ed497aee/1/Ben8oKhYT-scEjGQcUIwYbCP5FY.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/c7ee9e-b5bf-4c2d-a983-dee3ed497aee/1/Ben8oKhYT-scEjGQcUIwYbCP5FY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ben8oKhYT-scEjGQcUIwYbCP5FY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 13:43:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:85:9e:ca:4a:df:55:16:6e:3b:74:2a:bd:23:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05e9fca0a8584feb1c12319071423061b08fe456
Validity
Not Before: Jan 1 13:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7c44df1ff5e235bb1e895b23640d8733a01fda32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:7e:ee:4c:6d:73:19:05:d4:4c:60:63:b8:d5:
ce:99:be:f7:24:4b:38:fc:d7:b4:eb:7a:41:3e:00:
3d:be:43:b1:12:7d:8a:56:40:d4:40:e9:ab:0e:99:
54:8c:8f:d0:3a:83:8a:05:31:f6:be:9a:ac:73:5e:
c9:03:88:50:36:36:e3:8c:75:ce:52:7b:17:52:83:
6c:a8:e5:ce:24:7a:cc:af:0e:62:90:75:95:95:75:
27:e1:2b:95:84:76:5c:d8:bd:9a:89:fe:31:f9:a8:
9d:10:9e:ee:72:45:a7:ca:46:11:16:ac:51:45:7e:
d1:d3:0a:dc:a8:6e:79:ec:8a:b9:28:53:bf:09:e5:
f3:cb:93:14:f2:2d:66:18:b5:ad:e3:52:db:ce:13:
8c:14:0b:26:80:dc:8d:8a:7a:91:6e:5f:a7:86:23:
7a:bf:4f:63:19:fc:de:02:a6:5f:3b:62:47:90:12:
4d:b5:81:38:03:f5:24:d6:40:d9:fa:01:85:f8:18:
17:ef:b1:aa:3e:40:3d:79:97:45:15:28:99:cd:b9:
85:60:9c:70:6d:b6:27:ad:21:0b:76:a4:f3:ca:e9:
0c:3e:da:c4:8a:cb:28:05:44:03:84:6c:98:a9:b9:
11:f3:f1:36:c0:70:28:0a:f6:65:10:67:fc:fc:65:
5a:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:44:DF:1F:F5:E2:35:BB:1E:89:5B:23:64:0D:87:33:A0:1F:DA:32
X509v3 Authority Key Identifier:
keyid:05:E9:FC:A0:A8:58:4F:EB:1C:12:31:90:71:42:30:61:B0:8F:E4:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ben8oKhYT-scEjGQcUIwYbCP5FY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c7ee9e-b5bf-4c2d-a983-dee3ed497aee/1/fETfH_XiNbseiVsjZA2HM6Af2jI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c7ee9e-b5bf-4c2d-a983-dee3ed497aee/1/Ben8oKhYT-scEjGQcUIwYbCP5FY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.243.120.0/23
185.54.48.0/22
Signature Algorithm: sha256WithRSAEncryption
85:05:0b:64:c5:43:9f:0a:6d:2e:b2:bb:28:27:07:12:93:ac:
7b:53:27:6a:cd:68:5b:1f:38:23:1c:48:56:e1:c1:fe:47:54:
f7:b0:c5:75:51:3a:28:d3:35:9c:bd:33:8b:2d:e1:de:7d:99:
ae:a5:8d:96:84:12:27:5f:d2:03:5e:dc:95:8e:1d:b7:08:41:
70:34:d9:fe:36:4c:7c:bb:6a:86:99:9a:06:49:c1:ec:3b:d2:
a9:4c:5f:4f:cd:96:82:97:53:70:13:93:92:7f:93:e0:42:d0:
f5:b5:56:1e:bb:67:9b:64:70:bd:f1:dd:c9:22:52:28:fe:6a:
3a:0c:c5:71:0a:fb:75:fc:ca:72:d2:35:9e:97:e7:7d:8e:41:
8d:ce:fa:76:1c:a8:eb:78:97:93:8d:ba:13:dc:95:7c:4e:60:
2b:39:a9:b6:69:64:67:0d:32:7e:11:9e:5f:ea:da:9d:18:fb:
0c:db:e2:31:2c:21:5f:13:bb:f7:4b:3f:6e:bc:26:0f:58:3b:
c3:fd:f5:62:b2:7f:d4:a2:b2:3c:18:7b:02:4b:bd:1b:41:04:
36:e6:01:0a:23:f9:a3:a5:e1:fe:1a:13:88:7d:ed:31:44:8a:
28:2e:57:0a:79:bb:c8:69:0c:03:19:0e:2f:ea:87:48:d8:93:
e6:ea:41:54
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQiH4WeykrfVRZuO3QqvSPqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1ZTlmY2EwYTg1ODRmZWIxYzEyMzE5MDcxNDIzMDYxYjA4
ZmU0NTYwHhcNMjUwMTAxMTM0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzQ0ZGYxZmY1ZTIzNWJiMWU4OTViMjM2NDBkODczM2EwMWZkYTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0n7uTG1zGQXUTGBjuNXOmb73JEs4
/Ne063pBPgA9vkOxEn2KVkDUQOmrDplUjI/QOoOKBTH2vpqsc17JA4hQNjbjjHXO
UnsXUoNsqOXOJHrMrw5ikHWVlXUn4SuVhHZc2L2aif4x+aidEJ7uckWnykYRFqxR
RX7R0wrcqG557Iq5KFO/CeXzy5MU8i1mGLWt41LbzhOMFAsmgNyNinqRbl+nhiN6
v09jGfzeAqZfO2JHkBJNtYE4A/Uk1kDZ+gGF+BgX77GqPkA9eZdFFSiZzbmFYJxw
bbYnrSELdqTzyukMPtrEissoBUQDhGyYqbkR8/E2wHAoCvZlEGf8/GVaxQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHxE3x/14jW7HolbI2QNhzOgH9oyMB8GA1UdIwQY
MBaAFAXp/KCoWE/rHBIxkHFCMGGwj+RWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmVuOG9LaFlULXNjRWpHUWNVSXdZYkNQNUZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9jN2VlOWUtYjViZi00YzJkLWE5ODMt
ZGVlM2VkNDk3YWVlLzEvZkVUZkhfWGlOYnNlaVZzalpBMkhNNkFmMmpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9jN2VlOWUtYjViZi00YzJkLWE5ODMtZGVlM2VkNDk3YWVl
LzEvQmVuOG9LaFlULXNjRWpHUWNVSXdZYkNQNUZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW/N4AwQC
uTYwMA0GCSqGSIb3DQEBCwUAA4IBAQCFBQtkxUOfCm0usrsoJwcSk6x7UydqzWhb
HzgjHEhW4cH+R1T3sMV1UToo0zWcvTOLLeHefZmupY2WhBInX9IDXtyVjh23CEFw
NNn+Nkx8u2qGmZoGScHsO9KpTF9PzZaCl1NwE5OSf5PgQtD1tVYeu2ebZHC98d3J
IlIo/mo6DMVxCvt1/Mpy0jWel+d9jkGNzvp2HKjreJeTjboT3JV8TmArOam2aWRn
DTJ+EZ5f6tqdGPsM2+IxLCFfE7v3Sz9uvCYPWDvD/fVisn/UorI8GHsCS70bQQQ2
5gEKI/mjpeH+GhOIfe0xRIooLlcKebvIaQwDGQ4v6odI2JPm6kFU
-----END CERTIFICATE-----
Generated at Tue Apr 8 18:19:42 2025 by rpki-client