Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/95de21-0fbc-4d13-b6e0-cb9e1ed779ac/1/T00AB9xipsEuuuK1wmFSrgJa6EQ.roa
File: T00AB9xipsEuuuK1wmFSrgJa6EQ.roa (raw, json)
Hash identifier: h2lLCAhcvRlcJCiD1oieS2PrcXQxs+tKUD+48vFOxxo=
Subject key identifier: 4F:4D:00:07:DC:62:A6:C1:2E:BA:E2:B5:C2:61:52:AE:02:5A:E8:44
Certificate issuer: /CN=c4df0bd04aa843e68082f6dece0798732b6f8832
Certificate serial: 019422204167D72A93B9D9BA9D54D074E65F
Authority key identifier: C4:DF:0B:D0:4A:A8:43:E6:80:82:F6:DE:CE:07:98:73:2B:6F:88:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xN8L0EqoQ-aAgvbezgeYcytviDI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/95de21-0fbc-4d13-b6e0-cb9e1ed779ac/1/T00AB9xipsEuuuK1wmFSrgJa6EQ.roa
Signing time: Wed 01 Jan 2025 13:48:46 +0000
ROA not before: Wed 01 Jan 2025 13:48:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47796
IP address blocks: 176.122.210.0/24 maxlen: 24
176.122.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/95de21-0fbc-4d13-b6e0-cb9e1ed779ac/1/xN8L0EqoQ-aAgvbezgeYcytviDI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/95de21-0fbc-4d13-b6e0-cb9e1ed779ac/1/xN8L0EqoQ-aAgvbezgeYcytviDI.mft
rsync://rpki.ripe.net/repository/DEFAULT/xN8L0EqoQ-aAgvbezgeYcytviDI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 22:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:41:67:d7:2a:93:b9:d9:ba:9d:54:d0:74:e6:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4df0bd04aa843e68082f6dece0798732b6f8832
Validity
Not Before: Jan 1 13:48:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4f4d0007dc62a6c12ebae2b5c26152ae025ae844
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:1e:79:df:c3:e4:ba:f9:d7:fe:4d:4c:13:2f:
9d:ff:df:f4:fc:ee:14:a0:23:26:a9:1f:f8:2b:5f:
43:fb:6c:90:c9:36:8e:53:04:60:8d:fc:b8:4f:86:
c0:aa:f3:d8:e2:67:4c:47:eb:7d:cb:43:61:e0:a5:
36:f7:fd:8a:dc:22:72:12:b2:85:d4:c6:1f:78:91:
4a:28:ce:6a:96:91:2b:53:ff:2c:96:d4:73:2e:53:
71:0b:46:b5:da:d1:30:65:79:4c:ac:aa:81:da:47:
2e:cd:bd:59:06:0e:a3:87:13:02:ad:8b:be:04:22:
81:3d:9f:9c:b1:34:7a:4d:4d:07:b4:cc:26:28:82:
99:48:ac:14:11:1e:77:73:37:0b:9d:13:65:25:a8:
19:51:08:80:6e:3f:f2:05:2b:5c:fa:7c:12:6e:bb:
4f:04:4f:b5:3b:5f:21:52:da:47:35:70:31:ff:42:
d3:a8:f2:0e:0f:a4:ca:46:8f:ea:0d:c3:a1:fd:59:
89:72:96:13:93:3b:71:70:c8:78:7c:dd:f2:85:63:
c5:fd:99:82:12:ba:d7:18:5a:1a:36:3f:1c:f0:15:
d9:7c:51:f0:f9:0b:e9:cb:d8:31:15:b3:8a:9a:f3:
69:d9:9f:36:b8:8c:14:30:13:d2:6d:a2:36:d2:a9:
8e:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:4D:00:07:DC:62:A6:C1:2E:BA:E2:B5:C2:61:52:AE:02:5A:E8:44
X509v3 Authority Key Identifier:
keyid:C4:DF:0B:D0:4A:A8:43:E6:80:82:F6:DE:CE:07:98:73:2B:6F:88:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xN8L0EqoQ-aAgvbezgeYcytviDI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/95de21-0fbc-4d13-b6e0-cb9e1ed779ac/1/T00AB9xipsEuuuK1wmFSrgJa6EQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/95de21-0fbc-4d13-b6e0-cb9e1ed779ac/1/xN8L0EqoQ-aAgvbezgeYcytviDI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.122.210.0/23
Signature Algorithm: sha256WithRSAEncryption
6d:44:41:02:ab:b7:e2:a1:1b:aa:82:91:ce:9e:b0:45:e3:ab:
4c:c9:16:42:ad:4e:e2:49:17:66:e4:33:41:87:76:d6:a7:e6:
01:e2:81:00:cb:99:e6:59:ce:85:32:17:32:39:9a:bb:7e:eb:
24:b4:9b:f4:f8:0f:81:09:37:9e:6c:c7:25:fe:30:da:94:3d:
69:dc:4e:b7:0b:43:11:bb:fe:05:2f:2c:17:85:56:68:27:db:
48:3f:94:44:9f:5a:f7:e6:b0:04:37:08:95:4a:58:bb:a0:5c:
da:34:8b:97:f4:1d:31:25:42:c8:34:1a:87:19:e1:93:99:b0:
95:ad:c7:6d:bd:94:61:1f:dd:c9:47:f8:7d:94:2d:d2:1e:62:
1b:3a:7b:ec:23:93:1f:22:cd:de:6a:9a:34:69:82:c9:87:83:
2b:f1:44:eb:29:a6:0b:36:aa:0e:fe:d0:71:ce:97:b1:c4:b8:
a4:18:87:68:10:8f:db:eb:7c:41:3d:0b:1a:48:fd:e9:34:4e:
04:de:10:8e:e6:21:a5:44:aa:1d:b9:6f:4c:8c:1f:ee:e7:2d:
59:ba:9b:31:d5:2d:f1:ef:8f:01:f0:ed:08:7f:aa:07:78:d0:
5d:44:58:1c:bd:0f:84:1f:f8:a7:b7:b7:a1:78:6f:37:d9:73:
88:31:70:b2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiIEFn1yqTudm6nVTQdOZfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0ZGYwYmQwNGFhODQzZTY4MDgyZjZkZWNlMDc5ODczMmI2
Zjg4MzIwHhcNMjUwMTAxMTM0ODQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjRkMDAwN2RjNjJhNmMxMmViYWUyYjVjMjYxNTJhZTAyNWFlODQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0R5538PkuvnX/k1MEy+d/9/0/O4U
oCMmqR/4K19D+2yQyTaOUwRgjfy4T4bAqvPY4mdMR+t9y0Nh4KU29/2K3CJyErKF
1MYfeJFKKM5qlpErU/8sltRzLlNxC0a12tEwZXlMrKqB2kcuzb1ZBg6jhxMCrYu+
BCKBPZ+csTR6TU0HtMwmKIKZSKwUER53czcLnRNlJagZUQiAbj/yBStc+nwSbrtP
BE+1O18hUtpHNXAx/0LTqPIOD6TKRo/qDcOh/VmJcpYTkztxcMh4fN3yhWPF/ZmC
ErrXGFoaNj8c8BXZfFHw+Qvpy9gxFbOKmvNp2Z82uIwUMBPSbaI20qmOcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE9NAAfcYqbBLrritcJhUq4CWuhEMB8GA1UdIwQY
MBaAFMTfC9BKqEPmgIL23s4HmHMrb4gyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveE44TDBFcW9RLWFBZ3ZiZXpnZVljeXR2aURJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi85NWRlMjEtMGZiYy00ZDEzLWI2ZTAt
Y2I5ZTFlZDc3OWFjLzEvVDAwQUI5eGlwc0V1dXVLMXdtRlNyZ0phNkVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi85NWRlMjEtMGZiYy00ZDEzLWI2ZTAtY2I5ZTFlZDc3OWFj
LzEveE44TDBFcW9RLWFBZ3ZiZXpnZVljeXR2aURJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBsHrSMA0G
CSqGSIb3DQEBCwUAA4IBAQBtREECq7fioRuqgpHOnrBF46tMyRZCrU7iSRdm5DNB
h3bWp+YB4oEAy5nmWc6FMhcyOZq7fusktJv0+A+BCTeebMcl/jDalD1p3E63C0MR
u/4FLywXhVZoJ9tIP5REn1r35rAENwiVSli7oFzaNIuX9B0xJULINBqHGeGTmbCV
rcdtvZRhH93JR/h9lC3SHmIbOnvsI5MfIs3eapo0aYLJh4Mr8UTrKaYLNqoO/tBx
zpexxLikGIdoEI/b63xBPQsaSP3pNE4E3hCO5iGlRKoduW9MjB/u5y1Zupsx1S3x
748B8O0If6oHeNBdRFgcvQ+EH/int7eheG832XOIMXCy
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:46:21 2025 by rpki-client