Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/cb9d7f-afdf-4487-9e08-bd5043c0d1fb/1/J7kB6ievmPFEqZTmicl8rRo6FjY.roa
File: J7kB6ievmPFEqZTmicl8rRo6FjY.roa (raw, json)
Hash identifier: W4zMo+qbtPWsiXhZkqF+6a7KynDxQ8ZCboXDljVbc+4=
Subject key identifier: 27:B9:01:EA:27:AF:98:F1:44:A9:94:E6:89:C9:7C:AD:1A:3A:16:36
Certificate issuer: /CN=4b01b0851b7f89ea4bb132a7f5395b9d2aca1c02
Certificate serial: 0194CCB560DB889325374E82B4093467B30F
Authority key identifier: 4B:01:B0:85:1B:7F:89:EA:4B:B1:32:A7:F5:39:5B:9D:2A:CA:1C:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SwGwhRt_iepLsTKn9TlbnSrKHAI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/cb9d7f-afdf-4487-9e08-bd5043c0d1fb/1/J7kB6ievmPFEqZTmicl8rRo6FjY.roa
Signing time: Mon 03 Feb 2025 16:47:06 +0000
ROA not before: Mon 03 Feb 2025 16:47:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207605
IP address blocks: 62.164.170.0/24 maxlen: 24
109.237.76.0/24 maxlen: 24
109.237.77.0/24 maxlen: 24
176.119.205.0/24 maxlen: 24
193.143.68.0/24 maxlen: 24
195.189.140.0/24 maxlen: 24
195.189.141.0/24 maxlen: 24
2a05:4500::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/cb9d7f-afdf-4487-9e08-bd5043c0d1fb/1/SwGwhRt_iepLsTKn9TlbnSrKHAI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/cb9d7f-afdf-4487-9e08-bd5043c0d1fb/1/SwGwhRt_iepLsTKn9TlbnSrKHAI.mft
rsync://rpki.ripe.net/repository/DEFAULT/SwGwhRt_iepLsTKn9TlbnSrKHAI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 22:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:cc:b5:60:db:88:93:25:37:4e:82:b4:09:34:67:b3:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b01b0851b7f89ea4bb132a7f5395b9d2aca1c02
Validity
Not Before: Feb 3 16:47:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=27b901ea27af98f144a994e689c97cad1a3a1636
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:ca:fc:0f:0c:91:d5:4b:57:5b:de:6e:26:70:
ac:89:7e:6f:bc:68:52:65:34:90:3f:dd:97:a8:c3:
ee:0c:63:d1:ee:bb:d8:8a:98:7b:b3:70:44:9a:98:
e5:63:3a:76:55:31:2b:34:df:23:30:87:29:c8:89:
f3:01:15:5c:f7:7e:8f:08:9f:bf:0f:cd:4e:82:9f:
a0:92:d9:be:4c:37:33:ce:3f:85:b2:02:b1:a8:83:
1c:32:93:1b:35:2c:68:f8:4f:f4:92:f5:34:36:d1:
e3:74:8a:5e:dc:92:87:db:81:af:b8:c0:a3:5a:63:
38:bd:6c:02:d5:f9:d7:a6:4f:17:25:f4:c4:7a:84:
d4:f2:dd:67:3b:53:6f:76:46:ce:a9:50:c4:86:65:
db:22:cd:fc:18:78:45:ce:e7:2a:3a:6f:85:72:9b:
79:11:71:40:b4:9a:44:3f:78:cc:e3:0d:16:c9:55:
d7:91:52:69:90:30:c5:7a:96:a3:f9:14:57:f1:de:
12:80:6a:13:4f:13:0a:33:bb:ca:1e:3a:95:76:8f:
0e:ca:9f:eb:53:2c:9d:0b:ce:d9:34:5e:c8:8d:99:
80:aa:c9:2a:92:9c:43:a1:1c:3c:04:03:40:c6:2e:
a7:7f:55:c8:23:47:66:95:08:9d:77:67:b0:fa:ad:
e1:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:B9:01:EA:27:AF:98:F1:44:A9:94:E6:89:C9:7C:AD:1A:3A:16:36
X509v3 Authority Key Identifier:
keyid:4B:01:B0:85:1B:7F:89:EA:4B:B1:32:A7:F5:39:5B:9D:2A:CA:1C:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SwGwhRt_iepLsTKn9TlbnSrKHAI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/cb9d7f-afdf-4487-9e08-bd5043c0d1fb/1/J7kB6ievmPFEqZTmicl8rRo6FjY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/cb9d7f-afdf-4487-9e08-bd5043c0d1fb/1/SwGwhRt_iepLsTKn9TlbnSrKHAI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.164.170.0/24
109.237.76.0/23
176.119.205.0/24
193.143.68.0/24
195.189.140.0/23
IPv6:
2a05:4500::/29
Signature Algorithm: sha256WithRSAEncryption
b0:d2:9d:87:cd:d9:b8:17:96:86:9e:c7:a4:42:be:46:4b:bb:
f8:95:8e:5f:55:fa:ee:c4:42:7f:ba:9e:00:12:16:d4:a9:b9:
39:c0:15:bb:9c:73:25:84:93:a7:70:6f:2c:39:af:71:11:b2:
a3:cb:4e:24:cc:8a:cd:23:cb:86:f2:58:59:66:82:17:a0:51:
1f:2a:c9:6c:ed:22:ab:ee:e0:92:88:a7:f3:99:63:4a:8e:92:
84:c7:3c:cd:14:77:c8:6c:ce:20:39:d7:8c:7e:05:e2:28:0a:
c0:47:d7:bc:3b:c4:5d:81:f2:2a:26:6a:1e:64:91:65:f3:29:
a7:f7:eb:2b:7e:1e:00:cf:16:ad:06:af:6e:1d:d0:7d:7a:59:
3d:72:fd:0a:4a:ce:68:b8:ae:6f:33:65:e7:9e:08:5b:aa:4f:
13:cc:f2:7e:88:ee:8e:bc:bd:d6:1c:71:29:44:9e:22:0c:9d:
40:e0:ed:53:51:9f:3c:b5:61:ed:46:dd:41:0b:dc:e2:99:a3:
32:89:e7:6f:fd:77:cc:50:1a:88:09:3a:02:90:15:20:8a:1e:
c9:26:26:0a:0a:0f:81:ff:12:e3:d2:eb:d9:4a:7d:90:10:23:
8d:b4:2e:e0:e6:d2:10:ab:21:c3:26:b3:51:61:b0:6a:9f:6b:
74:78:9e:f1
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZTMtWDbiJMlN06CtAk0Z7MPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiMDFiMDg1MWI3Zjg5ZWE0YmIxMzJhN2Y1Mzk1YjlkMmFj
YTFjMDIwHhcNMjUwMjAzMTY0NzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2I5MDFlYTI3YWY5OGYxNDRhOTk0ZTY4OWM5N2NhZDFhM2ExNjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3sr8DwyR1UtXW95uJnCsiX5vvGhS
ZTSQP92XqMPuDGPR7rvYiph7s3BEmpjlYzp2VTErNN8jMIcpyInzARVc936PCJ+/
D81Ogp+gktm+TDczzj+FsgKxqIMcMpMbNSxo+E/0kvU0NtHjdIpe3JKH24GvuMCj
WmM4vWwC1fnXpk8XJfTEeoTU8t1nO1NvdkbOqVDEhmXbIs38GHhFzucqOm+Fcpt5
EXFAtJpEP3jM4w0WyVXXkVJpkDDFepaj+RRX8d4SgGoTTxMKM7vKHjqVdo8Oyp/r
UyydC87ZNF7IjZmAqskqkpxDoRw8BANAxi6nf1XII0dmlQidd2ew+q3hZwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFCe5Aeonr5jxRKmU5onJfK0aOhY2MB8GA1UdIwQY
MBaAFEsBsIUbf4nqS7Eyp/U5W50qyhwCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3dHd2hSdF9pZXBMc1RLbjlUbGJuU3JLSEFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9jYjlkN2YtYWZkZi00NDg3LTllMDgt
YmQ1MDQzYzBkMWZiLzEvSjdrQjZpZXZtUEZFcVpUbWljbDhyUm82RmpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9jYjlkN2YtYWZkZi00NDg3LTllMDgtYmQ1MDQzYzBkMWZi
LzEvU3dHd2hSdF9pZXBMc1RLbjlUbGJuU3JLSEFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAPqSqAwQB
be1MAwQAsHfNAwQAwY9EAwQBw72MMA0EAgACMAcDBQMqBUUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCw0p2Hzdm4F5aGnsekQr5GS7v4lY5fVfruxEJ/up4AEhbUqbk5wBW7
nHMlhJOncG8sOa9xEbKjy04kzIrNI8uG8lhZZoIXoFEfKsls7SKr7uCSiKfzmWNK
jpKExzzNFHfIbM4gOdeMfgXiKArAR9e8O8RdgfIqJmoeZJFl8ymn9+srfh4Azxat
Bq9uHdB9elk9cv0KSs5ouK5vM2Xnnghbqk8TzPJ+iO6OvL3WHHEpRJ4iDJ1A4O1T
UZ88tWHtRt1BC9zimaMyiedv/XfMUBqICToCkBUgih7JJiYKCg+B/xLj0uvZSn2Q
ECONtC7g5tIQqyHDJrNRYbBqn2t0eJ7x
-----END CERTIFICATE-----
Generated at Wed Apr 16 05:36:09 2025 by rpki-client