Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/5Bcqek2zb5mhN1W3BeCEWMW9f3o.roa
File: 5Bcqek2zb5mhN1W3BeCEWMW9f3o.roa (raw, json)
Hash identifier: OGmkgibG4mEUB4cgvxDaE05uYKVF3Q55EIw+3ZlUtTg=
Subject key identifier: E4:17:2A:7A:4D:B3:6F:99:A1:37:55:B7:05:E0:84:58:C5:BD:7F:7A
Certificate issuer: /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial: 01941FFA3B3224EAF332E4B1D2676C24DF21
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/5Bcqek2zb5mhN1W3BeCEWMW9f3o.roa
Signing time: Wed 01 Jan 2025 03:48:00 +0000
ROA not before: Wed 01 Jan 2025 03:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57142
IP address blocks: 86.107.30.0/24 maxlen: 24
86.107.54.0/24 maxlen: 24
86.107.181.0/24 maxlen: 24
86.107.182.0/24 maxlen: 24
89.32.185.0/24 maxlen: 24
89.32.191.0/24 maxlen: 24
89.43.38.0/24 maxlen: 24
89.44.236.0/24 maxlen: 24
89.47.3.0/24 maxlen: 24
89.47.10.0/24 maxlen: 24
176.126.175.0/24 maxlen: 24
188.240.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.mft
rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 12:01:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:3b:32:24:ea:f3:32:e4:b1:d2:67:6c:24:df:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
Validity
Not Before: Jan 1 03:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e4172a7a4db36f99a13755b705e08458c5bd7f7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:cb:7d:fa:18:bc:1b:c2:1a:37:c2:7d:98:3c:
9d:b7:6d:01:f9:6f:5d:48:8f:cc:7c:62:18:47:3b:
3a:de:21:7a:e7:3b:c5:a3:82:07:ff:02:be:0e:dc:
00:eb:a3:e2:19:28:ec:04:3c:82:c9:e4:65:54:30:
e1:6c:26:68:05:08:3a:10:6c:f7:9f:7e:0c:68:aa:
0d:2d:e2:94:60:ba:87:86:38:cf:0d:ff:55:b9:76:
da:7d:15:1b:95:b6:4d:09:98:c2:3e:de:90:6e:e8:
b7:f6:b3:be:4d:c5:23:8a:90:80:c3:67:12:ae:ba:
e8:03:90:1b:6e:eb:64:e4:27:36:8e:b6:26:69:87:
74:18:33:dd:27:d3:79:12:92:1e:6a:63:db:28:ff:
9e:ec:f2:79:61:09:46:e7:a1:d8:fa:ed:92:35:62:
b7:31:1a:80:a9:39:35:f9:0e:ec:0b:7f:ef:79:25:
14:1c:7f:00:f6:1a:8c:74:c6:2d:0d:02:db:13:8d:
61:26:12:39:91:92:7e:26:e8:a3:f6:42:8c:69:de:
d2:15:b4:33:ba:7c:2a:f0:44:bc:56:cf:22:46:07:
bf:34:64:4c:b9:e8:ec:60:1e:b1:e3:6d:15:64:4d:
43:19:47:ec:d4:8b:d6:3b:03:dc:a2:35:c1:28:2c:
93:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:17:2A:7A:4D:B3:6F:99:A1:37:55:B7:05:E0:84:58:C5:BD:7F:7A
X509v3 Authority Key Identifier:
keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/5Bcqek2zb5mhN1W3BeCEWMW9f3o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.107.30.0/24
86.107.54.0/24
86.107.181.0-86.107.182.255
89.32.185.0/24
89.32.191.0/24
89.43.38.0/24
89.44.236.0/24
89.47.3.0/24
89.47.10.0/24
176.126.175.0/24
188.240.208.0/24
Signature Algorithm: sha256WithRSAEncryption
59:76:89:c8:91:92:40:46:e6:8c:e5:ac:a1:7f:37:e3:7f:c0:
83:c4:8c:8f:a4:da:09:4e:ca:3a:20:ed:f3:54:00:26:fe:a3:
85:db:5a:44:8e:42:1d:9d:67:ca:ff:33:46:1a:a3:ff:ae:d7:
b8:fc:0c:7c:8e:75:77:c7:e9:14:15:d1:2b:e8:9b:a1:3a:c1:
f0:d8:ce:be:04:fb:af:a6:93:bc:e6:9d:d7:e5:45:08:84:8a:
0e:0d:b3:06:e6:8d:45:3a:35:a6:cf:65:ea:f1:cb:7f:74:69:
d4:2e:05:40:ec:1d:26:f1:56:d9:1e:16:d6:a1:40:5b:4d:db:
66:f5:0b:ff:8a:ca:a8:c7:b0:00:9e:50:9b:15:c2:80:c7:74:
cc:97:9d:4b:63:28:ca:ae:c3:b3:a5:f2:71:6a:9e:60:fb:cb:
fc:39:fc:37:75:ba:c9:74:a9:e3:4f:6f:bc:02:04:6b:e0:b7:
d3:3e:fb:77:ee:f2:c4:ca:a4:44:10:4a:47:4f:4e:02:5d:d7:
a8:4e:14:3b:12:27:7b:08:d5:4e:8f:d9:59:92:49:54:31:1b:
0d:e6:e3:60:42:3a:d1:08:6a:1a:da:5a:34:f4:4a:9a:27:17:
4f:65:5b:6c:0a:78:8c:a7:83:6a:7c:c0:eb:3a:0d:a0:83:9d:
3f:53:46:50
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAZQf+jsyJOrzMuSx0mdsJN8hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjEzMmRmMTNlNGJlNTNkODI1MGM4YzQ4NDIwMjY0ZWVm
NmMxNGMwHhcNMjUwMTAxMDM0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDE3MmE3YTRkYjM2Zjk5YTEzNzU1YjcwNWUwODQ1OGM1YmQ3ZjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtst9+hi8G8IaN8J9mDydt20B+W9d
SI/MfGIYRzs63iF65zvFo4IH/wK+DtwA66PiGSjsBDyCyeRlVDDhbCZoBQg6EGz3
n34MaKoNLeKUYLqHhjjPDf9VuXbafRUblbZNCZjCPt6Qbui39rO+TcUjipCAw2cS
rrroA5Abbutk5Cc2jrYmaYd0GDPdJ9N5EpIeamPbKP+e7PJ5YQlG56HY+u2SNWK3
MRqAqTk1+Q7sC3/veSUUHH8A9hqMdMYtDQLbE41hJhI5kZJ+Juij9kKMad7SFbQz
unwq8ES8Vs8iRge/NGRMuejsYB6x420VZE1DGUfs1IvWOwPcojXBKCyTvwIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFOQXKnpNs2+ZoTdVtwXghFjFvX96MB8GA1UdIwQY
MBaAFH3xMt8T5L5T2CUMjEhCAmTu9sFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYt
OTc3ODY3NGVkYzk3LzEvNUJjcWVrMnpiNW1oTjFXM0JlQ0VXTVc5ZjNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYtOTc3ODY3NGVkYzk3
LzEvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQAVmseAwQA
Vms2MAwDBABWa7UDBABWa7YDBABZILkDBABZIL8DBABZKyYDBABZLOwDBABZLwMD
BABZLwoDBACwfq8DBAC88NAwDQYJKoZIhvcNAQELBQADggEBAFl2iciRkkBG5ozl
rKF/N+N/wIPEjI+k2glOyjog7fNUACb+o4XbWkSOQh2dZ8r/M0Yao/+u17j8DHyO
dXfH6RQV0Svom6E6wfDYzr4E+6+mk7zmndflRQiEig4NswbmjUU6NabPZerxy390
adQuBUDsHSbxVtkeFtahQFtN22b1C/+KyqjHsACeUJsVwoDHdMyXnUtjKMquw7Ol
8nFqnmD7y/w5/Dd1usl0qeNPb7wCBGvgt9M++3fu8sTKpEQQSkdPTgJd16hOFDsS
J3sI1U6P2VmSSVQxGw3m42BCOtEIahraWjT0SponF09lW2wKeIyng2p8wOs6DaCD
nT9TRlA=
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:20:19 2025 by rpki-client