Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/ff4a67-59fc-4f00-a3ad-b3754afe9529/1/dTo5MoNVsE0W9FJTdWp7ZS1bD3g.roa
File: dTo5MoNVsE0W9FJTdWp7ZS1bD3g.roa (raw, json)
Hash identifier: Z3fu+O29y6RvbdMkr8dGUL1zLYUpPwmelay18m8y6vs=
Subject key identifier: 75:3A:39:32:83:55:B0:4D:16:F4:52:53:75:6A:7B:65:2D:5B:0F:78
Certificate issuer: /CN=08d0bc8c58902c8ca7bb869ec2e28302fa4515e9
Certificate serial: 019425FC80628CD98689608A451C9BD2DD91
Authority key identifier: 08:D0:BC:8C:58:90:2C:8C:A7:BB:86:9E:C2:E2:83:02:FA:45:15:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CNC8jFiQLIynu4aewuKDAvpFFek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/ff4a67-59fc-4f00-a3ad-b3754afe9529/1/dTo5MoNVsE0W9FJTdWp7ZS1bD3g.roa
Signing time: Thu 02 Jan 2025 07:48:12 +0000
ROA not before: Thu 02 Jan 2025 07:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 680
IP address blocks: 134.96.0.0/16 maxlen: 16
192.76.145.0/24 maxlen: 24
192.109.115.0/24 maxlen: 24
192.109.116.0/24 maxlen: 24
193.17.22.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/ff4a67-59fc-4f00-a3ad-b3754afe9529/1/CNC8jFiQLIynu4aewuKDAvpFFek.crl
rsync://rpki.ripe.net/repository/DEFAULT/c4/ff4a67-59fc-4f00-a3ad-b3754afe9529/1/CNC8jFiQLIynu4aewuKDAvpFFek.mft
rsync://rpki.ripe.net/repository/DEFAULT/CNC8jFiQLIynu4aewuKDAvpFFek.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 05:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:80:62:8c:d9:86:89:60:8a:45:1c:9b:d2:dd:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08d0bc8c58902c8ca7bb869ec2e28302fa4515e9
Validity
Not Before: Jan 2 07:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=753a39328355b04d16f45253756a7b652d5b0f78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ac:df:5b:56:56:6d:b2:f9:94:7c:15:47:ff:
1d:50:ed:f2:9d:13:b3:e4:09:90:7f:ee:b8:af:6c:
28:bf:3c:34:ad:20:25:65:8d:37:6c:4a:53:de:e5:
3e:17:a7:39:bf:1d:54:6c:ac:41:17:2d:0e:35:07:
b1:fb:36:e8:97:5e:a4:48:5b:2e:f4:32:b9:58:ba:
2f:88:12:7e:3c:43:ba:f8:c5:9f:db:a4:40:9a:58:
f9:1e:3e:8e:3b:15:62:3c:c6:ab:8c:2d:8f:d7:3e:
c4:13:92:c5:d6:c3:00:c8:8f:04:27:d1:2c:de:0a:
92:41:9a:51:35:df:8c:1f:38:7b:e2:98:a8:a8:6d:
b6:6b:54:fc:da:23:4a:93:90:36:bd:a0:d1:6f:d2:
a2:2f:37:ee:33:46:f6:23:1f:24:b3:89:11:f4:53:
b4:31:03:de:e2:8a:b2:61:4a:3b:2c:a0:4b:e6:25:
de:21:33:65:c4:89:d9:bb:89:e2:33:80:8c:af:d5:
3a:2c:24:a2:1c:11:7c:28:29:f7:66:42:71:d4:bd:
4d:d4:df:3b:89:94:26:0a:f7:fa:90:87:e1:ad:14:
96:56:a9:3f:17:95:4e:21:6b:67:cc:33:12:9b:bd:
6d:6c:64:52:7f:75:32:1d:7b:e7:f8:0e:9a:b6:96:
0c:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:3A:39:32:83:55:B0:4D:16:F4:52:53:75:6A:7B:65:2D:5B:0F:78
X509v3 Authority Key Identifier:
keyid:08:D0:BC:8C:58:90:2C:8C:A7:BB:86:9E:C2:E2:83:02:FA:45:15:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CNC8jFiQLIynu4aewuKDAvpFFek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ff4a67-59fc-4f00-a3ad-b3754afe9529/1/dTo5MoNVsE0W9FJTdWp7ZS1bD3g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ff4a67-59fc-4f00-a3ad-b3754afe9529/1/CNC8jFiQLIynu4aewuKDAvpFFek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
134.96.0.0/16
192.76.145.0/24
192.109.115.0-192.109.116.255
193.17.22.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:ff:5a:18:8b:7b:f8:43:9e:28:5c:ae:8f:ac:49:4b:37:92:
3b:bf:25:c0:20:07:20:98:76:22:4b:fc:1b:ba:bb:4b:6e:6d:
23:c7:32:7d:08:12:37:7a:15:e0:6a:73:7b:3a:4c:2b:0b:aa:
8c:c7:f0:d0:f6:76:a2:08:11:82:c3:37:78:87:0f:66:3f:e5:
40:14:33:b3:6e:69:9b:de:f4:23:e1:52:c1:71:1c:87:db:e7:
bd:86:ec:9c:7d:00:50:02:40:92:bc:1c:1a:1b:21:21:5a:ed:
35:2e:a7:75:5d:47:c1:03:56:d7:22:85:d1:8f:23:e9:77:14:
27:56:58:b9:37:92:e4:36:df:4d:bd:2e:74:3f:32:1f:87:7a:
55:24:41:18:89:2a:e7:a1:a7:7d:2d:36:28:a6:10:b6:23:4a:
e1:a0:2a:6b:da:7e:1f:90:cb:7a:5f:cc:db:7e:94:33:0e:0c:
a3:b9:73:d7:61:a3:9a:b3:4c:86:27:de:36:3c:35:99:02:65:
3e:a7:bb:54:73:4e:46:fa:99:5a:d0:91:8a:05:99:f6:cd:05:
42:1c:29:97:d8:58:0a:29:1f:82:31:c1:93:88:a8:fb:fd:ff:
af:b1:c2:1c:38:70:78:d0:13:d8:c8:02:e8:e7:d6:f4:81:5a:
b8:d0:9e:a7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZQl/IBijNmGiWCKRRyb0t2RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ZDBiYzhjNTg5MDJjOGNhN2JiODY5ZWMyZTI4MzAyZmE0
NTE1ZTkwHhcNMjUwMTAyMDc0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTNhMzkzMjgzNTViMDRkMTZmNDUyNTM3NTZhN2I2NTJkNWIwZjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqzfW1ZWbbL5lHwVR/8dUO3ynROz
5AmQf+64r2wovzw0rSAlZY03bEpT3uU+F6c5vx1UbKxBFy0ONQex+zbol16kSFsu
9DK5WLoviBJ+PEO6+MWf26RAmlj5Hj6OOxViPMarjC2P1z7EE5LF1sMAyI8EJ9Es
3gqSQZpRNd+MHzh74pioqG22a1T82iNKk5A2vaDRb9KiLzfuM0b2Ix8ks4kR9FO0
MQPe4oqyYUo7LKBL5iXeITNlxInZu4niM4CMr9U6LCSiHBF8KCn3ZkJx1L1N1N87
iZQmCvf6kIfhrRSWVqk/F5VOIWtnzDMSm71tbGRSf3UyHXvn+A6atpYMHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHU6OTKDVbBNFvRSU3Vqe2UtWw94MB8GA1UdIwQY
MBaAFAjQvIxYkCyMp7uGnsLigwL6RRXpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ05DOGpGaVFMSXludTRhZXd1S0RBdnBGRmVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9mZjRhNjctNTlmYy00ZjAwLWEzYWQt
YjM3NTRhZmU5NTI5LzEvZFRvNU1vTlZzRTBXOUZKVGRXcDdaUzFiRDNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9mZjRhNjctNTlmYy00ZjAwLWEzYWQtYjM3NTRhZmU5NTI5
LzEvQ05DOGpGaVFMSXludTRhZXd1S0RBdnBGRmVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAlBAIAATAfAwMAhmADBADA
TJEwDAMEAMBtcwMEAMBtdAMEAMERFjANBgkqhkiG9w0BAQsFAAOCAQEAS/9aGIt7
+EOeKFyuj6xJSzeSO78lwCAHIJh2Ikv8G7q7S25tI8cyfQgSN3oV4GpzezpMKwuq
jMfw0PZ2oggRgsM3eIcPZj/lQBQzs25pm970I+FSwXEch9vnvYbsnH0AUAJAkrwc
GhshIVrtNS6ndV1HwQNW1yKF0Y8j6XcUJ1ZYuTeS5DbfTb0udD8yH4d6VSRBGIkq
56GnfS02KKYQtiNK4aAqa9p+H5DLel/M236UMw4Mo7lz12GjmrNMhifeNjw1mQJl
Pqe7VHNORvqZWtCRigWZ9s0FQhwpl9hYCikfgjHBk4io+/3/r7HCHDhweNAT2MgC
6OfW9IFauNCepw==
-----END CERTIFICATE-----
Generated at Sat Apr 12 13:17:23 2025 by rpki-client