Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/a08520-7f06-4f12-8640-49785fcdd9c4/1/0_n0dJGdGPC54n6Su3XhjRpEGaE.roa
File: 0_n0dJGdGPC54n6Su3XhjRpEGaE.roa (raw, json)
Hash identifier: ecsdCD7tgZtKRsUvKu336lhnysfVM1v2m6QNHH0P3gg=
Subject key identifier: D3:F9:F4:74:91:9D:18:F0:B9:E2:7E:92:BB:75:E1:8D:1A:44:19:A1
Certificate issuer: /CN=ad7d8de8ca061ea164e671c34eb3377f5736bbc3
Certificate serial: 0194266AC13348C74A47E166C8415249A18B
Authority key identifier: AD:7D:8D:E8:CA:06:1E:A1:64:E6:71:C3:4E:B3:37:7F:57:36:BB:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rX2N6MoGHqFk5nHDTrM3f1c2u8M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/a08520-7f06-4f12-8640-49785fcdd9c4/1/0_n0dJGdGPC54n6Su3XhjRpEGaE.roa
Signing time: Thu 02 Jan 2025 09:48:38 +0000
ROA not before: Thu 02 Jan 2025 09:48:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 33796
IP address blocks: 84.238.0.0/17 maxlen: 17
185.197.168.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/a08520-7f06-4f12-8640-49785fcdd9c4/1/rX2N6MoGHqFk5nHDTrM3f1c2u8M.crl
rsync://rpki.ripe.net/repository/DEFAULT/c4/a08520-7f06-4f12-8640-49785fcdd9c4/1/rX2N6MoGHqFk5nHDTrM3f1c2u8M.mft
rsync://rpki.ripe.net/repository/DEFAULT/rX2N6MoGHqFk5nHDTrM3f1c2u8M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6a:c1:33:48:c7:4a:47:e1:66:c8:41:52:49:a1:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad7d8de8ca061ea164e671c34eb3377f5736bbc3
Validity
Not Before: Jan 2 09:48:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d3f9f474919d18f0b9e27e92bb75e18d1a4419a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:26:25:5c:4f:97:82:cd:16:0f:b3:99:b1:3c:
df:13:a4:52:1b:0e:0e:de:47:e6:40:cd:1a:69:4b:
4b:11:7b:0d:49:6c:e5:02:8a:ee:c1:a9:91:0a:08:
12:86:1d:e9:9e:c4:5f:50:ae:1b:5e:fc:79:89:29:
63:17:7d:c1:3c:bb:ed:06:d2:a9:a1:0b:8b:2f:83:
96:9b:b7:cc:77:46:94:7f:93:09:67:9f:e2:8d:fe:
fc:4b:c7:ec:9f:90:fd:e0:b5:39:11:06:61:7d:db:
a6:c8:52:7b:b5:6d:e5:bc:12:67:6a:d3:0b:44:4b:
83:5b:bc:01:5b:0c:ce:1e:1b:92:62:df:85:dd:49:
73:45:b7:dd:06:77:a3:5e:b9:bd:c9:2e:c1:ef:dc:
15:0d:69:6b:8a:e6:7b:16:c8:dd:83:f7:9c:18:31:
cc:c1:42:4b:28:47:fe:aa:fc:58:3a:de:9c:41:da:
0b:2c:5f:86:4d:55:dc:7c:b7:14:22:71:4a:12:65:
7f:87:78:42:60:9b:d3:bd:fe:86:75:bf:2c:06:d3:
7f:48:e5:7f:e3:fc:b2:15:23:49:25:82:5a:d3:a7:
58:b3:69:a1:32:43:38:dd:e7:c3:26:ad:22:a4:64:
95:f0:29:b8:5b:b2:45:22:c0:2d:13:fb:5b:68:f8:
90:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:F9:F4:74:91:9D:18:F0:B9:E2:7E:92:BB:75:E1:8D:1A:44:19:A1
X509v3 Authority Key Identifier:
keyid:AD:7D:8D:E8:CA:06:1E:A1:64:E6:71:C3:4E:B3:37:7F:57:36:BB:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rX2N6MoGHqFk5nHDTrM3f1c2u8M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/a08520-7f06-4f12-8640-49785fcdd9c4/1/0_n0dJGdGPC54n6Su3XhjRpEGaE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/a08520-7f06-4f12-8640-49785fcdd9c4/1/rX2N6MoGHqFk5nHDTrM3f1c2u8M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.238.0.0/17
185.197.168.0/22
Signature Algorithm: sha256WithRSAEncryption
67:2f:3b:a6:10:88:4c:6b:29:b9:72:e6:28:b8:a2:49:00:82:
28:23:01:d1:ef:83:05:70:2a:6f:77:16:cf:af:2f:3b:9f:2f:
54:90:7d:cc:cf:05:89:5c:75:2e:ea:5b:28:c2:14:91:31:d5:
66:ac:ab:60:ef:a1:2f:a7:f4:af:1e:28:72:51:eb:fc:16:be:
df:e8:47:96:40:a1:5d:16:a0:76:36:b3:d4:1c:9b:7a:bf:ab:
dd:b0:4a:45:74:b1:57:04:f8:2e:2f:9b:f2:50:d2:0d:34:c7:
b2:57:cf:b4:39:ac:88:8e:ef:52:5d:91:6e:50:b7:9d:be:91:
f3:ee:d5:95:39:95:b9:81:8b:3a:f6:18:7a:f7:1f:0d:a5:10:
2f:38:3b:f2:ca:6b:c8:dc:d4:25:03:a2:b0:8a:61:02:54:0a:
95:a8:2e:7c:e5:12:1d:93:45:20:c3:dd:a8:40:da:dc:94:24:
8a:bf:77:9f:24:a6:58:29:3b:dd:25:9e:79:e9:0b:af:e4:18:
2b:22:c2:50:2f:a3:52:b0:34:8a:93:fa:5d:64:0b:28:9f:ec:
9a:92:3f:94:29:2e:df:b5:c9:0a:9b:24:b7:97:18:44:3a:9c:
98:77:39:0d:19:16:71:8e:46:37:5a:db:8d:27:62:a6:51:ae:
cb:ff:8e:a5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQmasEzSMdKR+FmyEFSSaGLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkN2Q4ZGU4Y2EwNjFlYTE2NGU2NzFjMzRlYjMzNzdmNTcz
NmJiYzMwHhcNMjUwMTAyMDk0ODM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2Y5ZjQ3NDkxOWQxOGYwYjllMjdlOTJiYjc1ZTE4ZDFhNDQxOWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoSYlXE+Xgs0WD7OZsTzfE6RSGw4O
3kfmQM0aaUtLEXsNSWzlAoruwamRCggShh3pnsRfUK4bXvx5iSljF33BPLvtBtKp
oQuLL4OWm7fMd0aUf5MJZ5/ijf78S8fsn5D94LU5EQZhfdumyFJ7tW3lvBJnatML
REuDW7wBWwzOHhuSYt+F3UlzRbfdBnejXrm9yS7B79wVDWlriuZ7Fsjdg/ecGDHM
wUJLKEf+qvxYOt6cQdoLLF+GTVXcfLcUInFKEmV/h3hCYJvTvf6Gdb8sBtN/SOV/
4/yyFSNJJYJa06dYs2mhMkM43efDJq0ipGSV8Cm4W7JFIsAtE/tbaPiQuwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNP59HSRnRjwueJ+krt14Y0aRBmhMB8GA1UdIwQY
MBaAFK19jejKBh6hZOZxw06zN39XNrvDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclgyTjZNb0dIcUZrNW5IRFRyTTNmMWMydThNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9hMDg1MjAtN2YwNi00ZjEyLTg2NDAt
NDk3ODVmY2RkOWM0LzEvMF9uMGRKR2RHUEM1NG42U3UzWGhqUnBFR2FFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9hMDg1MjAtN2YwNi00ZjEyLTg2NDAtNDk3ODVmY2RkOWM0
LzEvclgyTjZNb0dIcUZrNW5IRFRyTTNmMWMydThNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQHVO4AAwQC
ucWoMA0GCSqGSIb3DQEBCwUAA4IBAQBnLzumEIhMaym5cuYouKJJAIIoIwHR74MF
cCpvdxbPry87ny9UkH3MzwWJXHUu6lsowhSRMdVmrKtg76Evp/SvHihyUev8Fr7f
6EeWQKFdFqB2NrPUHJt6v6vdsEpFdLFXBPguL5vyUNINNMeyV8+0OayIju9SXZFu
ULedvpHz7tWVOZW5gYs69hh69x8NpRAvODvyymvI3NQlA6KwimECVAqVqC585RId
k0Ugw92oQNrclCSKv3efJKZYKTvdJZ556Quv5BgrIsJQL6NSsDSKk/pdZAson+ya
kj+UKS7ftckKmyS3lxhEOpyYdzkNGRZxjkY3WtuNJ2KmUa7L/46l
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:47:28 2025 by rpki-client