Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/1-cC_8sf2Sjlcbm7-DZh4XuYIArQ.roa
File: 1-cC_8sf2Sjlcbm7-DZh4XuYIArQ.roa (raw, json)
Hash identifier: 0N5yH6BWqUs7tPNNDSMGPx2mfE/ZRDiPQfeLQl52Wgo=
Subject key identifier: F9:C0:BF:F2:C7:F6:4A:39:5C:6E:6E:FE:0D:98:78:5E:E6:08:02:B4
Certificate issuer: /CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Certificate serial: 01941FFA7238A75BB52795911E0212059A54
Authority key identifier: 81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/1-cC_8sf2Sjlcbm7-DZh4XuYIArQ.roa
Signing time: Wed 01 Jan 2025 03:48:14 +0000
ROA not before: Wed 01 Jan 2025 03:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8737
IP address blocks: 195.121.0.0/16 maxlen: 16
195.121.0.0/17 maxlen: 17
195.121.64.0/18 maxlen: 18
195.121.128.0/17 maxlen: 17
213.75.0.0/16 maxlen: 16
213.75.0.0/17 maxlen: 17
213.75.128.0/17 maxlen: 17
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.mft
rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 20 Apr 2025 13:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:72:38:a7:5b:b5:27:95:91:1e:02:12:05:9a:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Validity
Not Before: Jan 1 03:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f9c0bff2c7f64a395c6e6efe0d98785ee60802b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:72:41:f5:05:a0:27:c8:b5:62:e0:f2:34:6c:
1b:8a:6a:f3:3c:b7:7e:35:48:2d:68:b6:be:36:43:
7d:93:4b:53:34:81:dc:ba:25:07:fb:76:a1:e4:58:
87:79:bb:15:83:44:20:f9:1c:3b:29:71:1c:16:0d:
0a:12:44:0a:e1:57:3d:3a:8f:fd:48:a1:f6:25:a7:
2c:0e:a4:bb:c8:f3:57:33:16:ed:ad:97:20:f0:bb:
2f:a1:9c:62:f3:36:a7:1f:e4:3c:22:71:73:50:85:
d2:a5:2c:76:4d:bd:0b:3f:5a:3f:01:1c:24:0f:2f:
1e:2b:5d:4a:a1:b4:81:b2:16:21:93:aa:16:90:45:
81:08:9d:8a:31:05:22:2d:2f:a2:66:b5:33:10:3a:
40:c0:2c:99:b6:fb:b6:3c:74:49:40:9c:9b:79:ad:
99:a0:dd:ec:5a:00:b8:78:b9:a8:9d:52:a4:03:b1:
fe:14:0b:89:79:88:e7:b7:d7:aa:52:37:65:0a:72:
64:ea:c3:c4:97:b7:53:eb:a1:a6:23:c5:b8:83:8e:
77:55:7b:a5:63:c8:1f:ce:63:dc:62:a2:dc:29:4d:
d1:a7:5b:d6:66:e5:ed:88:b1:01:8f:6c:62:96:fe:
24:d1:19:ff:98:a1:3d:7a:a7:3d:fc:18:b6:64:76:
da:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:C0:BF:F2:C7:F6:4A:39:5C:6E:6E:FE:0D:98:78:5E:E6:08:02:B4
X509v3 Authority Key Identifier:
keyid:81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/1-cC_8sf2Sjlcbm7-DZh4XuYIArQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.121.0.0/16
213.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
29:28:9d:74:2f:f0:b8:6d:2c:57:40:f4:48:c9:93:7a:3f:df:
5b:22:a1:68:92:ec:41:09:2f:86:ea:7a:11:26:fd:a3:e3:ae:
56:18:40:8a:39:46:9b:05:6d:a4:81:59:6d:b6:8d:5d:b5:ea:
bf:4e:52:e1:31:a9:4e:7c:39:c8:92:a3:5d:ea:21:7f:41:6a:
ca:91:21:6d:37:a1:7c:e0:4c:22:2e:07:8c:0b:63:78:cc:4d:
06:88:a9:0b:bf:48:ab:01:5a:10:45:a8:9c:87:cc:fe:87:a5:
64:27:22:be:a4:0b:78:a1:42:1f:96:53:fd:df:88:6a:e1:96:
f6:23:1c:66:48:bb:e1:33:df:31:13:93:da:0d:0b:51:1b:cf:
33:28:3b:72:2c:1e:e0:89:ac:26:6a:d0:1d:51:ea:ae:b2:f2:
62:21:03:62:9b:09:18:af:67:6d:b2:81:21:44:54:2e:df:c2:
55:71:37:18:7a:f5:e1:ab:9e:a0:04:b6:f2:f9:50:e3:51:45:
74:6e:95:48:a9:97:ad:b9:d0:83:9e:4c:43:51:cd:16:c0:a8:
21:37:a4:7d:ef:d4:b3:91:ce:c6:01:a8:f1:d3:8e:12:97:ed:
8e:f9:a2:e0:e4:0f:b4:d1:cb:1c:d5:a1:6a:2c:26:d4:27:e8:
39:e5:6a:15
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgISAZQf+nI4p1u1J5WRHgISBZpUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxZWVkNDA5MTM4M2Q5ZWQ0MDU2ZDlmNGVmZjdkMjYyMmRk
Y2UyMDUwHhcNMjUwMTAxMDM0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWMwYmZmMmM3ZjY0YTM5NWM2ZTZlZmUwZDk4Nzg1ZWU2MDgwMmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA33JB9QWgJ8i1YuDyNGwbimrzPLd+
NUgtaLa+NkN9k0tTNIHcuiUH+3ah5FiHebsVg0Qg+Rw7KXEcFg0KEkQK4Vc9Oo/9
SKH2JacsDqS7yPNXMxbtrZcg8LsvoZxi8zanH+Q8InFzUIXSpSx2Tb0LP1o/ARwk
Dy8eK11KobSBshYhk6oWkEWBCJ2KMQUiLS+iZrUzEDpAwCyZtvu2PHRJQJybea2Z
oN3sWgC4eLmonVKkA7H+FAuJeYjnt9eqUjdlCnJk6sPEl7dT66GmI8W4g453VXul
Y8gfzmPcYqLcKU3Rp1vWZuXtiLEBj2xilv4k0Rn/mKE9eqc9/Bi2ZHbagwIDAQAB
o4ICDjCCAgowHQYDVR0OBBYEFPnAv/LH9ko5XG5u/g2YeF7mCAK0MB8GA1UdIwQY
MBaAFIHu1AkTg9ntQFbZ9O/30mIt3OIFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2Et
ODcyYjM3MTBjMmExLzEvMS1jQ184c2YyU2psY2JtNy1EWmg0WHVZSUFyUS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvY2EvNGE5Y2M0LTJiOWEtNGVmMi1hMzNhLTg3MmIzNzEwYzJh
MS8xL2dlN1VDUk9EMmUxQVZ0bjA3X2ZTWWkzYzRnVS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAjBggrBgEFBQcBBwEB/wQUMBIwEAQCAAEwCgMDAMN5AwMA
1UswDQYJKoZIhvcNAQELBQADggEBACkonXQv8LhtLFdA9EjJk3o/31sioWiS7EEJ
L4bqehEm/aPjrlYYQIo5RpsFbaSBWW22jV216r9OUuExqU58OciSo13qIX9BasqR
IW03oXzgTCIuB4wLY3jMTQaIqQu/SKsBWhBFqJyHzP6HpWQnIr6kC3ihQh+WU/3f
iGrhlvYjHGZIu+Ez3zETk9oNC1EbzzMoO3IsHuCJrCZq0B1R6q6y8mIhA2KbCRiv
Z22ygSFEVC7fwlVxNxh69eGrnqAEtvL5UONRRXRulUipl6250IOeTENRzRbAqCE3
pH3v1LORzsYBqPHTjhKX7Y75ouDkD7TRyxzVoWosJtQn6DnlahU=
-----END CERTIFICATE-----
Generated at Sat Apr 19 18:04:15 2025 by rpki-client