Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/29176b-1038-4417-bdad-f3e052bab144/1/8CQhFFzhVCUSs-Acf3oCW5Ht1O4.roa
File: 8CQhFFzhVCUSs-Acf3oCW5Ht1O4.roa (raw, json)
Hash identifier: 4QjA0b3TlO69hSmmKrV3SWr74V598K76v+qHTSKJ/xE=
Subject key identifier: F0:24:21:14:5C:E1:54:25:12:B3:E0:1C:7F:7A:02:5B:91:ED:D4:EE
Certificate issuer: /CN=e6c2e0d3fdc215a389c7043ca5a1a06be2c558ef
Certificate serial: 01958F614BC6DEB9BB59922C5DCAD69A974C
Authority key identifier: E6:C2:E0:D3:FD:C2:15:A3:89:C7:04:3C:A5:A1:A0:6B:E2:C5:58:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5sLg0_3CFaOJxwQ8paGga-LFWO8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/29176b-1038-4417-bdad-f3e052bab144/1/8CQhFFzhVCUSs-Acf3oCW5Ht1O4.roa
Signing time: Thu 13 Mar 2025 12:01:13 +0000
ROA not before: Thu 13 Mar 2025 12:01:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16276
IP address blocks: 86.54.24.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/29176b-1038-4417-bdad-f3e052bab144/1/5sLg0_3CFaOJxwQ8paGga-LFWO8.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/29176b-1038-4417-bdad-f3e052bab144/1/5sLg0_3CFaOJxwQ8paGga-LFWO8.mft
rsync://rpki.ripe.net/repository/DEFAULT/5sLg0_3CFaOJxwQ8paGga-LFWO8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 03:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8f:61:4b:c6:de:b9:bb:59:92:2c:5d:ca:d6:9a:97:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e6c2e0d3fdc215a389c7043ca5a1a06be2c558ef
Validity
Not Before: Mar 13 12:01:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f02421145ce1542512b3e01c7f7a025b91edd4ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:a7:f2:cf:34:0a:8f:56:60:f1:a2:a7:44:b2:
88:d8:fa:f7:9a:09:36:73:41:34:6e:8c:29:c6:24:
e3:d8:c1:2e:72:76:d1:6f:f9:d1:93:3a:15:a5:d5:
91:dc:1b:79:32:d2:64:a8:74:35:cb:7d:76:65:c4:
44:18:0c:1a:3c:a6:8f:6b:7d:44:d3:c4:02:79:55:
f4:3d:1b:c2:f3:d5:8e:92:45:17:21:e5:a2:48:2c:
93:15:15:f5:91:cf:42:be:83:41:59:b1:d3:ac:92:
f2:3e:2e:19:8b:e6:1f:e7:69:88:a2:ce:63:2d:43:
69:1a:fe:c4:78:f0:f3:81:5a:c0:a1:45:dd:d9:41:
3b:f8:94:25:84:99:b8:46:e6:0a:7d:c5:a6:e9:ab:
13:f8:6d:83:0d:4d:4a:d9:cd:76:95:23:46:99:47:
85:d0:96:99:ef:70:1b:1f:24:a1:4c:6c:af:71:46:
fa:95:02:b0:c1:55:bb:d6:f3:a2:ec:18:32:16:44:
f0:1a:11:b7:2a:1a:8c:6d:b8:68:3e:80:51:d9:8a:
ba:5b:18:4b:de:d8:f2:78:3e:ed:ed:65:43:88:98:
20:93:3a:7a:94:28:da:45:35:40:32:33:42:61:b7:
eb:50:dd:7a:c2:9c:af:f4:b7:e2:5a:75:8b:50:28:
d1:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:24:21:14:5C:E1:54:25:12:B3:E0:1C:7F:7A:02:5B:91:ED:D4:EE
X509v3 Authority Key Identifier:
keyid:E6:C2:E0:D3:FD:C2:15:A3:89:C7:04:3C:A5:A1:A0:6B:E2:C5:58:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5sLg0_3CFaOJxwQ8paGga-LFWO8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/29176b-1038-4417-bdad-f3e052bab144/1/8CQhFFzhVCUSs-Acf3oCW5Ht1O4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/29176b-1038-4417-bdad-f3e052bab144/1/5sLg0_3CFaOJxwQ8paGga-LFWO8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.54.24.0/24
Signature Algorithm: sha256WithRSAEncryption
19:69:df:65:f1:d4:78:07:52:b7:b5:de:eb:6c:6c:4e:be:01:
32:8d:b9:ad:87:0d:ac:8b:ed:b3:2b:a6:21:4b:50:a0:ce:8a:
9d:bf:a2:c0:40:4a:ef:96:54:46:16:f5:32:54:b7:a6:4a:19:
da:fa:41:9a:15:55:9e:98:9a:e6:77:33:a9:1d:35:46:3a:16:
83:57:13:c6:4c:7d:4a:cb:31:d3:6f:ad:93:82:e2:3c:00:08:
92:3d:72:68:20:78:1f:b1:d5:cf:07:ed:f6:fb:c4:d0:59:f1:
67:89:1f:03:87:b5:e7:61:f9:af:04:a4:87:92:9b:af:b5:25:
75:fe:60:fe:17:b4:30:23:af:1c:49:12:aa:36:dc:b5:e2:52:
cb:89:bf:2f:d5:b8:c5:08:3e:59:0c:95:75:83:1e:6d:bb:5c:
93:4f:e3:dc:79:c4:e6:ef:17:13:4f:c8:ac:c9:db:27:89:37:
3f:92:fd:cf:af:95:bb:f0:5e:5b:4d:11:a0:bc:6e:bc:80:8e:
86:04:51:26:36:ca:3b:b1:3a:19:27:a1:1c:24:a1:18:6b:44:
7b:dd:17:ec:e5:7f:95:49:20:fb:dd:f9:2e:3c:a8:b8:43:fd:
a1:c9:5d:dc:4e:f1:90:23:e2:84:c4:77:5d:37:fc:59:7d:5f:
50:4b:2b:71
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZWPYUvG3rm7WZIsXcrWmpdMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2YzJlMGQzZmRjMjE1YTM4OWM3MDQzY2E1YTFhMDZiZTJj
NTU4ZWYwHhcNMjUwMzEzMTIwMTEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDI0MjExNDVjZTE1NDI1MTJiM2UwMWM3ZjdhMDI1YjkxZWRkNGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwKfyzzQKj1Zg8aKnRLKI2Pr3mgk2
c0E0bowpxiTj2MEucnbRb/nRkzoVpdWR3Bt5MtJkqHQ1y312ZcREGAwaPKaPa31E
08QCeVX0PRvC89WOkkUXIeWiSCyTFRX1kc9CvoNBWbHTrJLyPi4Zi+Yf52mIos5j
LUNpGv7EePDzgVrAoUXd2UE7+JQlhJm4RuYKfcWm6asT+G2DDU1K2c12lSNGmUeF
0JaZ73AbHyShTGyvcUb6lQKwwVW71vOi7BgyFkTwGhG3KhqMbbhoPoBR2Yq6WxhL
3tjyeD7t7WVDiJggkzp6lCjaRTVAMjNCYbfrUN16wpyv9LfiWnWLUCjR8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPAkIRRc4VQlErPgHH96AluR7dTuMB8GA1UdIwQY
MBaAFObC4NP9whWjiccEPKWhoGvixVjvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXNMZzBfM0NGYU9KeHdROHBhR2dhLUxGV084LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8yOTE3NmItMTAzOC00NDE3LWJkYWQt
ZjNlMDUyYmFiMTQ0LzEvOENRaEZGemhWQ1VTcy1BY2Yzb0NXNUh0MU80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8yOTE3NmItMTAzOC00NDE3LWJkYWQtZjNlMDUyYmFiMTQ0
LzEvNXNMZzBfM0NGYU9KeHdROHBhR2dhLUxGV084LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVjYYMA0G
CSqGSIb3DQEBCwUAA4IBAQAZad9l8dR4B1K3td7rbGxOvgEyjbmthw2si+2zK6Yh
S1Cgzoqdv6LAQErvllRGFvUyVLemShna+kGaFVWemJrmdzOpHTVGOhaDVxPGTH1K
yzHTb62TguI8AAiSPXJoIHgfsdXPB+32+8TQWfFniR8Dh7XnYfmvBKSHkpuvtSV1
/mD+F7QwI68cSRKqNty14lLLib8v1bjFCD5ZDJV1gx5tu1yTT+PcecTm7xcTT8is
ydsniTc/kv3Pr5W78F5bTRGgvG68gI6GBFEmNso7sToZJ6EcJKEYa0R73Rfs5X+V
SSD73fkuPKi4Q/2hyV3cTvGQI+KExHddN/xZfV9QSytx
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:50:08 2025 by rpki-client