Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/b9cea0-6928-4584-b321-7d7f4b634849/1/7BO8TZ7ATCsCuTGlJnm0y-khSyU.roa
File: 7BO8TZ7ATCsCuTGlJnm0y-khSyU.roa (raw, json)
Hash identifier: x6i25XfL4F0gRp6H2u4+rOMQs65WiJ45VD9+0G2z3+I=
Subject key identifier: EC:13:BC:4D:9E:C0:4C:2B:02:B9:31:A5:26:79:B4:CB:E9:21:4B:25
Certificate issuer: /CN=797a48cc13e200e2d3f38af83318d1bcaf6f6331
Certificate serial: 0194266B99E93F9F772ED0AA2DD7B6BCB99F
Authority key identifier: 79:7A:48:CC:13:E2:00:E2:D3:F3:8A:F8:33:18:D1:BC:AF:6F:63:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eXpIzBPiAOLT84r4MxjRvK9vYzE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/b9cea0-6928-4584-b321-7d7f4b634849/1/7BO8TZ7ATCsCuTGlJnm0y-khSyU.roa
Signing time: Thu 02 Jan 2025 09:49:33 +0000
ROA not before: Thu 02 Jan 2025 09:49:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16032
IP address blocks: 194.46.126.0/23 maxlen: 23
194.46.128.0/22 maxlen: 22
194.46.136.0/21 maxlen: 21
194.46.144.0/22 maxlen: 22
194.46.148.0/22 maxlen: 22
194.46.156.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/b9cea0-6928-4584-b321-7d7f4b634849/1/eXpIzBPiAOLT84r4MxjRvK9vYzE.crl
rsync://rpki.ripe.net/repository/DEFAULT/cc/b9cea0-6928-4584-b321-7d7f4b634849/1/eXpIzBPiAOLT84r4MxjRvK9vYzE.mft
rsync://rpki.ripe.net/repository/DEFAULT/eXpIzBPiAOLT84r4MxjRvK9vYzE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 14:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:99:e9:3f:9f:77:2e:d0:aa:2d:d7:b6:bc:b9:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=797a48cc13e200e2d3f38af83318d1bcaf6f6331
Validity
Not Before: Jan 2 09:49:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ec13bc4d9ec04c2b02b931a52679b4cbe9214b25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:53:88:20:bb:31:d2:e2:5a:bf:3d:dd:1e:17:
89:27:33:55:4d:7b:e2:f3:77:36:c8:c1:9a:bd:42:
01:a6:3d:f3:fd:7d:74:b4:52:ee:0c:0c:64:b9:fa:
69:c9:4c:3d:89:ba:bb:4b:00:fd:79:f0:0c:99:42:
f3:c2:63:dd:12:58:12:dd:f4:24:c7:12:8f:0c:12:
26:c8:fd:36:1f:0a:58:ac:18:02:9d:08:69:da:03:
cb:7e:4c:4f:46:5c:70:6b:52:ee:d5:c2:c0:70:ff:
b7:ab:52:6d:f1:b7:5d:9f:8c:c9:94:df:b8:58:d4:
d2:92:41:f0:62:2f:5b:e8:9d:64:87:13:27:e2:2b:
53:c4:59:45:0c:d3:9b:93:7a:4c:37:2d:63:85:bb:
1a:77:d3:a7:aa:c0:d5:41:d2:46:6a:7f:f8:21:4a:
bf:c2:be:1b:bc:1f:bf:96:9f:ad:1c:6a:aa:9d:48:
39:94:b9:d3:8b:d5:4c:67:71:8e:21:09:ba:08:54:
19:e1:6f:97:cb:4b:e6:9c:45:ad:1d:38:7a:8e:e8:
1e:6d:33:df:ea:81:5e:71:8b:f2:53:78:dc:b1:66:
17:4f:bf:45:28:c0:7f:79:cd:c9:57:03:ce:aa:57:
80:5a:8f:d7:6d:7c:38:c7:e6:99:c6:f1:c6:9b:d6:
a1:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:13:BC:4D:9E:C0:4C:2B:02:B9:31:A5:26:79:B4:CB:E9:21:4B:25
X509v3 Authority Key Identifier:
keyid:79:7A:48:CC:13:E2:00:E2:D3:F3:8A:F8:33:18:D1:BC:AF:6F:63:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eXpIzBPiAOLT84r4MxjRvK9vYzE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/b9cea0-6928-4584-b321-7d7f4b634849/1/7BO8TZ7ATCsCuTGlJnm0y-khSyU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/b9cea0-6928-4584-b321-7d7f4b634849/1/eXpIzBPiAOLT84r4MxjRvK9vYzE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.46.126.0-194.46.131.255
194.46.136.0-194.46.151.255
194.46.156.0/22
Signature Algorithm: sha256WithRSAEncryption
7e:74:82:a9:83:20:78:a9:64:42:b6:70:37:b5:e9:6e:f6:48:
43:63:94:b2:e3:1b:76:57:d3:04:21:bd:1a:6c:94:11:6b:4a:
c3:15:fb:4d:31:06:91:37:02:94:43:c0:1b:3f:fe:98:33:bb:
bc:74:55:db:a4:bf:af:e5:64:ee:77:67:21:14:2a:c4:22:15:
36:ed:68:8c:a8:bd:59:6f:16:21:43:2a:e8:2b:75:88:43:b8:
9f:74:78:a1:5b:78:cc:67:a0:01:7c:b1:c8:f3:3a:ed:aa:7e:
b2:1c:4a:4d:08:53:cc:15:99:43:a4:69:64:19:c1:25:6e:b1:
43:02:07:6b:33:ae:21:55:2f:a2:4d:03:e7:2d:e5:a6:91:12:
8a:1b:b5:96:12:04:5c:ac:4a:19:ad:9c:76:22:da:57:d0:b7:
a1:60:4d:76:f1:59:0d:60:4e:d8:fd:62:ab:69:0a:67:9b:a9:
62:b3:10:93:39:5c:6b:23:09:e2:3f:fd:08:4e:11:cb:58:ef:
b2:1b:d8:05:61:c2:c6:de:a0:73:ac:72:08:af:73:1b:7f:19:
6c:76:44:43:e7:45:a6:d7:52:79:33:22:48:30:49:f1:fd:17:
65:3f:18:d8:e3:27:bf:84:06:cc:4d:ca:80:74:7b:b8:13:85:
a3:01:c0:39
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQma5npP593LtCqLde2vLmfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5N2E0OGNjMTNlMjAwZTJkM2YzOGFmODMzMThkMWJjYWY2
ZjYzMzEwHhcNMjUwMTAyMDk0OTMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzEzYmM0ZDllYzA0YzJiMDJiOTMxYTUyNjc5YjRjYmU5MjE0YjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVOIILsx0uJavz3dHheJJzNVTXvi
83c2yMGavUIBpj3z/X10tFLuDAxkufppyUw9ibq7SwD9efAMmULzwmPdElgS3fQk
xxKPDBImyP02HwpYrBgCnQhp2gPLfkxPRlxwa1Lu1cLAcP+3q1Jt8bddn4zJlN+4
WNTSkkHwYi9b6J1khxMn4itTxFlFDNObk3pMNy1jhbsad9OnqsDVQdJGan/4IUq/
wr4bvB+/lp+tHGqqnUg5lLnTi9VMZ3GOIQm6CFQZ4W+Xy0vmnEWtHTh6jugebTPf
6oFecYvyU3jcsWYXT79FKMB/ec3JVwPOqleAWo/XbXw4x+aZxvHGm9ah1QIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFOwTvE2ewEwrArkxpSZ5tMvpIUslMB8GA1UdIwQY
MBaAFHl6SMwT4gDi0/OK+DMY0byvb2MxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVhwSXpCUGlBT0xUODRyNE14alJ2Szl2WXpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9iOWNlYTAtNjkyOC00NTg0LWIzMjEt
N2Q3ZjRiNjM0ODQ5LzEvN0JPOFRaN0FUQ3NDdVRHbEpubTB5LWtoU3lVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9iOWNlYTAtNjkyOC00NTg0LWIzMjEtN2Q3ZjRiNjM0ODQ5
LzEvZVhwSXpCUGlBT0xUODRyNE14alJ2Szl2WXpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBAHCLn4D
BALCLoAwDAMEA8IuiAMEA8IukAMEAsIunDANBgkqhkiG9w0BAQsFAAOCAQEAfnSC
qYMgeKlkQrZwN7XpbvZIQ2OUsuMbdlfTBCG9GmyUEWtKwxX7TTEGkTcClEPAGz/+
mDO7vHRV26S/r+Vk7ndnIRQqxCIVNu1ojKi9WW8WIUMq6Ct1iEO4n3R4oVt4zGeg
AXyxyPM67ap+shxKTQhTzBWZQ6RpZBnBJW6xQwIHazOuIVUvok0D5y3lppESihu1
lhIEXKxKGa2cdiLaV9C3oWBNdvFZDWBO2P1iq2kKZ5upYrMQkzlcayMJ4j/9CE4R
y1jvshvYBWHCxt6gc6xyCK9zG38ZbHZEQ+dFptdSeTMiSDBJ8f0XZT8Y2OMnv4QG
zE3KgHR7uBOFowHAOQ==
-----END CERTIFICATE-----
Generated at Tue Apr 22 22:23:46 2025 by rpki-client