Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/11LkwQ-N6VfEoL2UOolTTtwyC0A.roa
File: 11LkwQ-N6VfEoL2UOolTTtwyC0A.roa (raw, json)
Hash identifier: 4IiXXwUiHVJn5G6ZxhwvZ1hIOI9+INkjTA9o1uNtGQ0=
Subject key identifier: D7:52:E4:C1:0F:8D:E9:57:C4:A0:BD:94:3A:89:53:4E:DC:32:0B:40
Certificate issuer: /CN=0c5140282591f9912f9639ee1412b6d1dcff0861
Certificate serial: 01941FFAB0316B2CBF04E7B01A668D9CF8EF
Authority key identifier: 0C:51:40:28:25:91:F9:91:2F:96:39:EE:14:12:B6:D1:DC:FF:08:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DFFAKCWR-ZEvljnuFBK20dz_CGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/11LkwQ-N6VfEoL2UOolTTtwyC0A.roa
Signing time: Wed 01 Jan 2025 03:48:30 +0000
ROA not before: Wed 01 Jan 2025 03:48:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205800
IP address blocks: 188.72.40.0/24 maxlen: 24
188.72.41.0/24 maxlen: 24
188.72.46.0/24 maxlen: 24
188.72.49.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/DFFAKCWR-ZEvljnuFBK20dz_CGE.crl
rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/DFFAKCWR-ZEvljnuFBK20dz_CGE.mft
rsync://rpki.ripe.net/repository/DEFAULT/DFFAKCWR-ZEvljnuFBK20dz_CGE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 15:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:b0:31:6b:2c:bf:04:e7:b0:1a:66:8d:9c:f8:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c5140282591f9912f9639ee1412b6d1dcff0861
Validity
Not Before: Jan 1 03:48:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d752e4c10f8de957c4a0bd943a89534edc320b40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:1d:a5:2b:ec:e1:72:08:66:c0:7e:ba:38:a5:
76:60:93:3a:83:ce:87:04:bd:46:94:05:02:bf:25:
0e:a3:32:8c:e2:2f:af:b3:75:05:14:e8:ce:2e:40:
20:74:7e:57:3e:7c:8c:14:73:86:f4:c5:0f:dd:aa:
19:8e:c9:09:d7:3f:60:11:c9:a0:de:18:e5:08:0b:
f3:4f:a1:59:4d:6d:ed:13:3e:51:80:55:44:5f:5c:
16:de:54:7c:7e:ee:78:af:41:ef:b4:e0:17:db:50:
f1:b3:7f:40:c0:9e:30:4f:ad:11:97:1c:39:bd:a5:
17:d7:b6:79:86:13:1c:e5:bf:d2:33:84:b5:fe:ff:
bc:0b:47:7b:95:86:b8:7a:37:8e:0a:54:ad:1f:5b:
c4:f1:e3:5d:04:21:95:ee:27:6d:76:02:da:70:30:
7e:8c:b6:c5:6e:e5:41:94:91:07:41:50:b7:bb:40:
7e:b0:aa:4d:c8:65:a3:6f:bd:d9:50:f8:b1:f1:6d:
38:09:54:b1:48:6d:a6:27:9b:75:f4:c3:65:94:04:
47:56:72:26:6a:ce:77:d1:34:cf:81:b4:cb:48:4c:
e9:de:a4:ea:20:85:9d:29:1b:cd:43:d0:b1:e9:a5:
7f:01:29:e8:d0:6d:a5:54:06:6e:1a:1e:c1:7d:19:
ef:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:52:E4:C1:0F:8D:E9:57:C4:A0:BD:94:3A:89:53:4E:DC:32:0B:40
X509v3 Authority Key Identifier:
keyid:0C:51:40:28:25:91:F9:91:2F:96:39:EE:14:12:B6:D1:DC:FF:08:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DFFAKCWR-ZEvljnuFBK20dz_CGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/11LkwQ-N6VfEoL2UOolTTtwyC0A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/DFFAKCWR-ZEvljnuFBK20dz_CGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.72.40.0/23
188.72.46.0/24
188.72.49.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:3e:9a:75:e1:63:24:32:e8:17:fa:91:38:02:e6:cb:17:97:
82:b8:88:cc:42:81:e4:5f:84:b7:ed:ef:06:5d:36:8a:82:0f:
fa:6f:1e:1b:b0:df:3d:18:2e:dc:27:a6:19:49:fc:67:d2:98:
d8:95:da:93:67:59:52:c4:b9:5d:ca:92:ae:87:2e:af:7b:d1:
57:cd:84:b0:6f:2c:a3:60:42:80:b4:53:cd:d2:c6:61:bd:17:
65:8a:cd:8c:41:28:7d:ac:65:a6:45:b9:b4:ed:80:1f:32:eb:
0e:3d:5e:fe:e1:06:d8:b9:bf:97:13:96:d2:2d:2b:b7:82:9e:
56:9d:2c:01:1e:85:ec:96:51:5c:15:fe:ed:d9:ff:4e:86:98:
42:7a:9f:81:b0:ac:ba:7b:20:ba:4e:6b:cf:2b:09:e7:ad:b1:
7d:dd:67:12:ea:62:25:84:32:49:06:6e:fc:61:0d:a3:c1:47:
e5:b4:3d:e9:df:7d:e4:ab:48:e3:49:31:b9:b5:6d:47:35:2d:
9a:6c:8c:1e:cd:12:ac:c0:14:cf:95:58:f8:5c:63:0c:a9:50:
73:cf:02:38:89:7c:65:36:6d:ce:6f:79:b9:de:ba:3e:13:33:
b5:5e:ae:6d:f5:2e:8d:8c:55:ab:c2:84:86:1f:ff:8b:cd:d5:
fc:f9:61:0f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQf+rAxayy/BOewGmaNnPjvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNTE0MDI4MjU5MWY5OTEyZjk2MzllZTE0MTJiNmQxZGNm
ZjA4NjEwHhcNMjUwMTAxMDM0ODMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzUyZTRjMTBmOGRlOTU3YzRhMGJkOTQzYTg5NTM0ZWRjMzIwYjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvx2lK+zhcghmwH66OKV2YJM6g86H
BL1GlAUCvyUOozKM4i+vs3UFFOjOLkAgdH5XPnyMFHOG9MUP3aoZjskJ1z9gEcmg
3hjlCAvzT6FZTW3tEz5RgFVEX1wW3lR8fu54r0HvtOAX21Dxs39AwJ4wT60Rlxw5
vaUX17Z5hhMc5b/SM4S1/v+8C0d7lYa4ejeOClStH1vE8eNdBCGV7idtdgLacDB+
jLbFbuVBlJEHQVC3u0B+sKpNyGWjb73ZUPix8W04CVSxSG2mJ5t19MNllARHVnIm
as530TTPgbTLSEzp3qTqIIWdKRvNQ9Cx6aV/ASno0G2lVAZuGh7BfRnvYQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNdS5MEPjelXxKC9lDqJU07cMgtAMB8GA1UdIwQY
MBaAFAxRQCglkfmRL5Y57hQSttHc/whhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREZGQUtDV1ItWkV2bGpudUZCSzIwZHpfQ0dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8wNTU0YTItZDNkOS00ZmM0LThlZDUt
ZGU5MTQ2OWQzNzcyLzEvMTFMa3dRLU42VmZFb0wyVU9vbFRUdHd5QzBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8wNTU0YTItZDNkOS00ZmM0LThlZDUtZGU5MTQ2OWQzNzcy
LzEvREZGQUtDV1ItWkV2bGpudUZCSzIwZHpfQ0dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBvEgoAwQA
vEguAwQAvEgxMA0GCSqGSIb3DQEBCwUAA4IBAQBuPpp14WMkMugX+pE4AubLF5eC
uIjMQoHkX4S37e8GXTaKgg/6bx4bsN89GC7cJ6YZSfxn0pjYldqTZ1lSxLldypKu
hy6ve9FXzYSwbyyjYEKAtFPN0sZhvRdlis2MQSh9rGWmRbm07YAfMusOPV7+4QbY
ub+XE5bSLSu3gp5WnSwBHoXsllFcFf7t2f9OhphCep+BsKy6eyC6TmvPKwnnrbF9
3WcS6mIlhDJJBm78YQ2jwUfltD3p333kq0jjSTG5tW1HNS2abIwezRKswBTPlVj4
XGMMqVBzzwI4iXxlNm3Ob3m53ro+EzO1Xq5t9S6NjFWrwoSGH/+LzdX8+WEP
-----END CERTIFICATE-----
Generated at Tue Apr 15 19:55:35 2025 by rpki-client