Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/bf4a44-bb8a-4651-a0aa-38d292d0f7ec/1/Di1VRxBiq_rnTNsIoHimbynr7Dc.roa
File: Di1VRxBiq_rnTNsIoHimbynr7Dc.roa (raw, json)
Hash identifier: 5B+lIpr/HovgOIMesHvI3rv+n0CtV3K27Lr276Y0YVE=
Subject key identifier: 0E:2D:55:47:10:62:AB:FA:E7:4C:DB:08:A0:78:A6:6F:29:EB:EC:37
Certificate issuer: /CN=c1e3a44ae8cf0243f1dffe2684e3dd5a8fc85d79
Certificate serial: 019638CE5CE75EEF4109013EFFEDC9DCCAEC
Authority key identifier: C1:E3:A4:4A:E8:CF:02:43:F1:DF:FE:26:84:E3:DD:5A:8F:C8:5D:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/weOkSujPAkPx3_4mhOPdWo_IXXk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/bf4a44-bb8a-4651-a0aa-38d292d0f7ec/1/Di1VRxBiq_rnTNsIoHimbynr7Dc.roa
Signing time: Tue 15 Apr 2025 09:36:10 +0000
ROA not before: Tue 15 Apr 2025 09:36:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202240
IP address blocks: 79.98.188.0/22 maxlen: 22
79.98.188.0/24 maxlen: 24
79.98.189.0/24 maxlen: 24
79.98.190.0/24 maxlen: 24
79.98.191.0/24 maxlen: 24
2a05:bc40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/bf4a44-bb8a-4651-a0aa-38d292d0f7ec/1/weOkSujPAkPx3_4mhOPdWo_IXXk.crl
rsync://rpki.ripe.net/repository/DEFAULT/cc/bf4a44-bb8a-4651-a0aa-38d292d0f7ec/1/weOkSujPAkPx3_4mhOPdWo_IXXk.mft
rsync://rpki.ripe.net/repository/DEFAULT/weOkSujPAkPx3_4mhOPdWo_IXXk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:38:ce:5c:e7:5e:ef:41:09:01:3e:ff:ed:c9:dc:ca:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1e3a44ae8cf0243f1dffe2684e3dd5a8fc85d79
Validity
Not Before: Apr 15 09:36:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0e2d55471062abfae74cdb08a078a66f29ebec37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:a6:b8:df:1a:c6:b3:8a:a2:5a:8e:87:fd:1b:
0b:37:1b:1c:0f:e8:dd:d6:0a:83:4b:30:5a:50:10:
ec:69:72:1c:3a:53:0e:b5:d1:e6:1c:8e:0a:62:f5:
c6:e6:cc:fb:52:27:2d:96:2b:7f:4e:f1:6a:5b:3f:
16:11:13:4d:49:4c:da:cb:9b:30:ec:20:f9:26:a7:
6c:df:2d:a0:11:6e:4a:7c:c6:b0:6a:12:4b:13:2d:
fd:d7:af:ae:6a:97:90:09:da:10:d6:fc:d8:55:ba:
7d:73:89:a9:0d:b0:e3:e8:9a:94:a9:b8:81:3c:58:
8d:1a:80:69:4b:5c:5e:30:5d:e1:3d:c0:ca:06:32:
6d:da:89:28:95:5a:be:19:c1:e8:0e:00:14:a2:26:
f0:4e:c7:b8:65:17:06:39:23:4a:d6:f1:4e:4b:66:
17:bd:de:a3:c7:b6:f3:f8:1d:ce:8b:00:e3:91:ab:
d3:67:2d:80:e3:36:6c:88:ba:04:74:0f:36:f9:2d:
63:91:78:c2:25:8e:06:d9:dc:b2:22:19:fa:19:1d:
82:78:6d:01:1a:a1:01:d6:e9:43:43:89:9e:16:fb:
36:09:01:3d:ae:f5:d4:13:51:1d:c6:b2:06:b0:74:
7c:ac:e9:31:fd:34:31:27:5c:2c:96:6a:ff:91:4b:
08:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:2D:55:47:10:62:AB:FA:E7:4C:DB:08:A0:78:A6:6F:29:EB:EC:37
X509v3 Authority Key Identifier:
keyid:C1:E3:A4:4A:E8:CF:02:43:F1:DF:FE:26:84:E3:DD:5A:8F:C8:5D:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/weOkSujPAkPx3_4mhOPdWo_IXXk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/bf4a44-bb8a-4651-a0aa-38d292d0f7ec/1/Di1VRxBiq_rnTNsIoHimbynr7Dc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/bf4a44-bb8a-4651-a0aa-38d292d0f7ec/1/weOkSujPAkPx3_4mhOPdWo_IXXk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.98.188.0/22
IPv6:
2a05:bc40::/29
Signature Algorithm: sha256WithRSAEncryption
4b:01:26:8f:1e:40:84:fe:68:b1:af:15:f4:47:6b:b6:b4:17:
0b:9d:f1:a4:87:b0:e0:c5:a0:a7:2a:82:17:e3:19:36:ed:b3:
56:18:59:56:fb:33:3f:a8:65:ca:63:bf:67:25:1a:03:0a:91:
7f:ba:ad:1c:22:ed:d9:02:a1:d2:15:a6:2a:83:2c:d8:6a:47:
c0:6b:91:74:a5:54:39:e3:fc:56:bc:f1:0d:7f:54:a6:83:40:
20:2a:f8:02:c1:4c:03:a9:de:3d:a6:2b:9b:78:80:c2:d5:7f:
e5:45:1f:85:8a:5f:07:14:66:5e:ef:39:51:dc:81:14:40:26:
cf:53:7d:2a:ba:67:b4:66:11:a8:61:86:88:3f:5f:4d:44:31:
ba:dd:8d:db:f7:42:22:df:c5:f6:3d:78:bd:30:65:b8:6f:49:
1b:f4:2d:2e:05:b7:d8:75:16:2e:01:4d:18:ab:cc:06:f3:64:
8f:75:b6:c3:0b:39:5b:b3:aa:ec:13:a7:c5:01:8b:8b:e8:1b:
f1:8a:1b:13:2c:83:a6:97:0e:1b:12:c6:66:64:41:83:ea:16:
28:11:b5:22:e5:ce:cc:ee:07:9f:45:f7:81:2c:b9:4f:6c:59:
a2:71:a0:2a:c3:ec:7c:ea:a2:b8:53:f7:f6:fe:4c:97:1a:11:
11:f4:52:61
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZY4zlznXu9BCQE+/+3J3MrsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxZTNhNDRhZThjZjAyNDNmMWRmZmUyNjg0ZTNkZDVhOGZj
ODVkNzkwHhcNMjUwNDE1MDkzNjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTJkNTU0NzEwNjJhYmZhZTc0Y2RiMDhhMDc4YTY2ZjI5ZWJlYzM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApaa43xrGs4qiWo6H/RsLNxscD+jd
1gqDSzBaUBDsaXIcOlMOtdHmHI4KYvXG5sz7Uictlit/TvFqWz8WERNNSUzay5sw
7CD5Jqds3y2gEW5KfMawahJLEy3916+uapeQCdoQ1vzYVbp9c4mpDbDj6JqUqbiB
PFiNGoBpS1xeMF3hPcDKBjJt2okolVq+GcHoDgAUoibwTse4ZRcGOSNK1vFOS2YX
vd6jx7bz+B3OiwDjkavTZy2A4zZsiLoEdA82+S1jkXjCJY4G2dyyIhn6GR2CeG0B
GqEB1ulDQ4meFvs2CQE9rvXUE1EdxrIGsHR8rOkx/TQxJ1wslmr/kUsI0wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFA4tVUcQYqv650zbCKB4pm8p6+w3MB8GA1UdIwQY
MBaAFMHjpErozwJD8d/+JoTj3VqPyF15MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2VPa1N1alBBa1B4M180bWhPUGRXb19JWFhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9iZjRhNDQtYmI4YS00NjUxLWEwYWEt
MzhkMjkyZDBmN2VjLzEvRGkxVlJ4QmlxX3JuVE5zSW9IaW1ieW5yN0RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9iZjRhNDQtYmI4YS00NjUxLWEwYWEtMzhkMjkyZDBmN2Vj
LzEvd2VPa1N1alBBa1B4M180bWhPUGRXb19JWFhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCT2K8MA0E
AgACMAcDBQMqBbxAMA0GCSqGSIb3DQEBCwUAA4IBAQBLASaPHkCE/mixrxX0R2u2
tBcLnfGkh7DgxaCnKoIX4xk27bNWGFlW+zM/qGXKY79nJRoDCpF/uq0cIu3ZAqHS
FaYqgyzYakfAa5F0pVQ54/xWvPENf1Smg0AgKvgCwUwDqd49piubeIDC1X/lRR+F
il8HFGZe7zlR3IEUQCbPU30qume0ZhGoYYaIP19NRDG63Y3b90Ii38X2PXi9MGW4
b0kb9C0uBbfYdRYuAU0Yq8wG82SPdbbDCzlbs6rsE6fFAYuL6BvxihsTLIOmlw4b
EsZmZEGD6hYoEbUi5c7M7gefRfeBLLlPbFmicaAqw+x86qK4U/f2/kyXGhER9FJh
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:04:37 2025 by rpki-client