Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/0fkfNJNcgCF0bgtJ9THGzgcqzN8.roa
File: 0fkfNJNcgCF0bgtJ9THGzgcqzN8.roa (raw, json)
Hash identifier: 2OoZu9r1Wd+T9o4nJLv7KklX45JdT1nwjKFtbBsYews=
Subject key identifier: D1:F9:1F:34:93:5C:80:21:74:6E:0B:49:F5:31:C6:CE:07:2A:CC:DF
Certificate issuer: /CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Certificate serial: 01942827F1D20ECD2AF45D3688A9C5CFEDFC
Authority key identifier: 93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/0fkfNJNcgCF0bgtJ9THGzgcqzN8.roa
Signing time: Thu 02 Jan 2025 17:54:53 +0000
ROA not before: Thu 02 Jan 2025 17:54:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211440
IP address blocks: 45.87.44.0/22 maxlen: 24
91.227.184.0/24 maxlen: 24
91.234.192.0/24 maxlen: 24
178.239.28.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.mft
rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 22:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:f1:d2:0e:cd:2a:f4:5d:36:88:a9:c5:cf:ed:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Validity
Not Before: Jan 2 17:54:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d1f91f34935c8021746e0b49f531c6ce072accdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:9d:d7:4a:2c:20:f7:92:31:34:c9:3c:c5:34:
36:56:e7:f0:27:24:e4:f6:f2:45:67:71:e8:17:b8:
2e:f6:17:5f:73:1f:b4:7b:44:23:d0:42:84:c1:19:
6d:9f:7a:a8:f7:3a:ee:e0:27:4b:d2:1a:f8:f5:77:
61:f5:2a:90:39:a8:28:f1:fe:48:f6:4e:29:f9:f5:
e8:71:bd:b5:aa:83:9c:8a:69:3d:9a:1d:1e:46:c7:
28:7a:a1:63:ce:45:0c:56:6a:fe:9d:dd:93:0d:ee:
97:bf:68:8b:ef:0c:70:be:60:29:3a:34:08:a0:da:
81:80:b9:77:78:e3:18:e6:b4:37:d9:54:f6:ca:b7:
80:ee:e7:1c:ab:83:d4:de:7b:14:57:47:34:f5:d9:
8b:8b:7a:e8:6a:18:1d:8a:f8:3e:84:bb:4e:54:fc:
e4:70:63:9d:8a:5a:1c:8d:6f:19:00:f9:d9:7f:5d:
06:38:c6:f4:3e:c5:23:2f:77:ff:b3:d1:87:e4:dd:
85:4d:fd:cf:4f:f2:11:31:a7:d1:52:34:8d:6d:4c:
6c:cb:9c:97:fa:2d:c4:f9:6a:bb:7d:3e:c5:0d:68:
aa:e9:1c:73:30:86:e8:9d:54:26:44:b6:5a:35:eb:
78:fc:11:62:37:30:c2:98:53:ef:df:d5:2c:82:6c:
9f:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:F9:1F:34:93:5C:80:21:74:6E:0B:49:F5:31:C6:CE:07:2A:CC:DF
X509v3 Authority Key Identifier:
keyid:93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/0fkfNJNcgCF0bgtJ9THGzgcqzN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.44.0/22
91.227.184.0/24
91.234.192.0/24
178.239.28.0/23
Signature Algorithm: sha256WithRSAEncryption
3e:22:f9:14:ff:8b:b8:55:ee:c7:03:18:72:40:d1:02:f1:fa:
75:51:79:01:3a:5e:35:02:43:26:25:12:f4:3c:50:35:52:ab:
8f:73:dd:e3:0a:c2:1d:8f:19:0c:d8:9f:13:2a:cd:02:1c:43:
7f:7d:ce:90:74:10:3d:db:c1:38:98:0f:d2:e0:30:3c:47:da:
70:ad:26:ef:30:54:a6:6e:f0:b3:a1:b1:1e:c8:d1:13:bb:1c:
c8:6a:87:81:c1:c3:d1:6c:1e:44:93:39:96:b8:1d:54:6c:23:
b1:65:b5:95:39:d4:41:99:00:e3:73:c2:05:94:02:83:ef:1c:
aa:ef:5e:59:f1:45:34:59:36:23:f1:33:49:34:f8:66:3a:f4:
10:cb:7c:45:d3:89:76:13:b4:ab:14:a3:df:fd:f2:cc:ce:05:
71:4c:df:bd:8a:5e:94:7a:4e:6d:84:6e:4a:1d:1f:28:4a:f8:
87:ad:24:be:4f:9a:85:8b:84:bd:29:c7:ec:ef:5c:36:7e:cd:
d7:62:d6:e9:7c:d0:a8:31:3d:f1:67:4e:c8:32:31:9f:ce:87:
3b:4a:e2:1d:10:29:3a:33:fb:b0:95:48:69:ab:4d:9c:0d:93:
4e:84:65:91:b1:90:ba:62:da:e2:33:c0:88:43:fb:af:8e:e2:
f0:ec:32:9e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQoJ/HSDs0q9F02iKnFz+38MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjc3ZDdjYjkyNzFjZTM2MTI1NmU5ODMzY2M3YjE0ZmQw
MjNlYmUwHhcNMjUwMTAyMTc1NDUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWY5MWYzNDkzNWM4MDIxNzQ2ZTBiNDlmNTMxYzZjZTA3MmFjY2RmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZ3XSiwg95IxNMk8xTQ2VufwJyTk
9vJFZ3HoF7gu9hdfcx+0e0Qj0EKEwRltn3qo9zru4CdL0hr49Xdh9SqQOago8f5I
9k4p+fXocb21qoOcimk9mh0eRscoeqFjzkUMVmr+nd2TDe6Xv2iL7wxwvmApOjQI
oNqBgLl3eOMY5rQ32VT2yreA7uccq4PU3nsUV0c09dmLi3roahgdivg+hLtOVPzk
cGOdilocjW8ZAPnZf10GOMb0PsUjL3f/s9GH5N2FTf3PT/IRMafRUjSNbUxsy5yX
+i3E+Wq7fT7FDWiq6RxzMIbonVQmRLZaNet4/BFiNzDCmFPv39UsgmyfFQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNH5HzSTXIAhdG4LSfUxxs4HKszfMB8GA1UdIwQY
MBaAFJNnfXy5JxzjYSVumDPMexT9Aj6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYt
OTlhY2I5OWNlNzU0LzEvMGZrZk5KTmNnQ0YwYmd0SjlUSEd6Z2Nxek44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYtOTlhY2I5OWNlNzU0
LzEvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCLVcsAwQA
W+O4AwQAW+rAAwQBsu8cMA0GCSqGSIb3DQEBCwUAA4IBAQA+IvkU/4u4Ve7HAxhy
QNEC8fp1UXkBOl41AkMmJRL0PFA1UquPc93jCsIdjxkM2J8TKs0CHEN/fc6QdBA9
28E4mA/S4DA8R9pwrSbvMFSmbvCzobEeyNETuxzIaoeBwcPRbB5EkzmWuB1UbCOx
ZbWVOdRBmQDjc8IFlAKD7xyq715Z8UU0WTYj8TNJNPhmOvQQy3xF04l2E7SrFKPf
/fLMzgVxTN+9il6Uek5thG5KHR8oSviHrSS+T5qFi4S9Kcfs71w2fs3XYtbpfNCo
MT3xZ07IMjGfzoc7SuIdECk6M/uwlUhpq02cDZNOhGWRsZC6YtriM8CIQ/uvjuLw
7DKe
-----END CERTIFICATE-----
Generated at Sun Apr 6 01:05:21 2025 by rpki-client