Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/C5s9F3AorcUPdSr2UtNT-TI-ZmU.roa
File: C5s9F3AorcUPdSr2UtNT-TI-ZmU.roa (raw, json)
Hash identifier: HisNOkYAEU1nTElhk+olyRefdNZsv7LpusQIIgQsT7o=
Subject key identifier: 0B:9B:3D:17:70:28:AD:C5:0F:75:2A:F6:52:D3:53:F9:32:3E:66:65
Certificate issuer: /CN=febf30201f12a040d386d2b4eed4484623e4d11b
Certificate serial: 0194258EF8B8198B8FBE0DA48D7ECCE22E8A
Authority key identifier: FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/C5s9F3AorcUPdSr2UtNT-TI-ZmU.roa
Signing time: Thu 02 Jan 2025 05:48:34 +0000
ROA not before: Thu 02 Jan 2025 05:48:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39013
IP address blocks: 77.78.157.0/24 maxlen: 24
77.78.158.0/24 maxlen: 24
85.187.184.0/23 maxlen: 23
85.187.184.0/24 maxlen: 24
85.187.185.0/24 maxlen: 24
85.187.186.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.crl
rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.mft
rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 03:01:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:f8:b8:19:8b:8f:be:0d:a4:8d:7e:cc:e2:2e:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=febf30201f12a040d386d2b4eed4484623e4d11b
Validity
Not Before: Jan 2 05:48:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0b9b3d177028adc50f752af652d353f9323e6665
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:fe:1f:cf:5e:de:17:d8:b2:20:60:92:9c:7d:
b5:99:59:aa:d2:1b:93:99:5c:ba:34:fe:f1:50:04:
02:85:86:cf:a2:13:c7:4a:da:21:04:2d:b6:fe:4e:
fc:d3:84:b0:64:ab:7c:ca:52:82:81:44:3d:03:28:
37:9d:63:17:ab:1c:cf:73:a6:6e:74:d9:5e:7a:f9:
52:8b:dd:0d:f3:11:ef:34:c5:8f:44:11:51:de:0b:
dd:1a:b2:7d:4b:00:e0:ec:d9:48:93:89:76:21:7f:
06:2c:42:22:ba:fe:66:33:a6:2e:87:6f:8a:a6:0c:
71:2f:07:10:54:78:a6:72:fe:87:f8:c4:b8:d9:8f:
cc:36:97:43:75:d0:be:97:fc:11:73:74:47:96:58:
64:86:23:6d:ba:99:a5:62:99:2d:5e:50:c7:3c:53:
33:07:6c:08:7c:78:6f:f6:e0:5b:19:91:21:1c:16:
ed:65:dd:31:37:9c:a2:1b:80:a6:00:5c:c7:e4:c9:
32:19:93:63:ce:82:83:33:ec:4b:1e:91:07:e3:4c:
cd:58:36:1f:7a:a6:5f:61:68:bf:7c:74:be:fb:45:
4f:47:a9:ee:07:b9:e1:8e:7b:fa:29:43:89:fa:59:
49:11:6e:63:7a:e1:43:13:7c:1d:fc:f6:49:c4:64:
83:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:9B:3D:17:70:28:AD:C5:0F:75:2A:F6:52:D3:53:F9:32:3E:66:65
X509v3 Authority Key Identifier:
keyid:FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/C5s9F3AorcUPdSr2UtNT-TI-ZmU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.78.157.0-77.78.158.255
85.187.184.0-85.187.186.255
Signature Algorithm: sha256WithRSAEncryption
14:0d:31:66:2c:90:37:b8:5f:2e:19:35:aa:db:79:83:49:8d:
f4:c5:4d:be:34:8a:5a:88:a1:9b:90:4a:9c:40:2c:81:28:ec:
60:e0:ac:b5:6e:ce:af:68:38:85:a5:da:49:15:d6:46:72:f8:
86:df:3b:66:0b:51:a6:68:d4:97:0c:84:68:84:55:82:bd:45:
0e:8d:56:38:9b:a2:96:c0:b1:c6:db:6f:52:95:92:7f:fa:05:
a7:2f:1c:b1:47:5a:fa:d5:7f:64:48:03:47:08:3a:a9:ab:ad:
16:73:58:71:02:3d:90:99:d2:c6:07:a2:55:5e:6c:93:3d:9c:
96:58:c3:11:9a:20:00:69:90:39:63:b5:cc:d1:a9:b1:b8:57:
88:e2:dc:54:9f:f1:c2:c9:62:5b:d7:ee:df:11:07:32:53:db:
87:35:01:b0:1b:82:af:3f:b5:9a:86:87:95:5c:c0:5b:29:18:
63:34:2c:f8:06:c0:9d:e7:b9:6f:9e:6c:0c:18:03:03:76:d4:
c1:6b:e3:72:ee:43:8e:6a:87:23:d8:ef:f5:64:1a:da:a8:a7:
a2:f1:8c:e2:cd:27:8a:71:d0:fc:85:33:ab:d2:08:d3:ad:9d:
40:1c:eb:c4:e0:99:41:4d:6c:3d:33:38:d3:d1:b6:f1:d7:0c:
87:dd:4b:0c
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZQljvi4GYuPvg2kjX7M4i6KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlYmYzMDIwMWYxMmEwNDBkMzg2ZDJiNGVlZDQ0ODQ2MjNl
NGQxMWIwHhcNMjUwMTAyMDU0ODM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjliM2QxNzcwMjhhZGM1MGY3NTJhZjY1MmQzNTNmOTMyM2U2NjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmv4fz17eF9iyIGCSnH21mVmq0huT
mVy6NP7xUAQChYbPohPHStohBC22/k7804SwZKt8ylKCgUQ9Ayg3nWMXqxzPc6Zu
dNleevlSi90N8xHvNMWPRBFR3gvdGrJ9SwDg7NlIk4l2IX8GLEIiuv5mM6Yuh2+K
pgxxLwcQVHimcv6H+MS42Y/MNpdDddC+l/wRc3RHllhkhiNtupmlYpktXlDHPFMz
B2wIfHhv9uBbGZEhHBbtZd0xN5yiG4CmAFzH5MkyGZNjzoKDM+xLHpEH40zNWDYf
eqZfYWi/fHS++0VPR6nuB7nhjnv6KUOJ+llJEW5jeuFDE3wd/PZJxGSDLQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFAubPRdwKK3FD3Uq9lLTU/kyPmZlMB8GA1UdIwQY
MBaAFP6/MCAfEqBA04bStO7USEYj5NEbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUt
YTk3YzBkYzBhNzQ5LzEvQzVzOUYzQW9yY1VQZFNyMlV0TlQtVEktWm1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUtYTk3YzBkYzBhNzQ5
LzEvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBABNTp0D
BABNTp4wDAMEA1W7uAMEAFW7ujANBgkqhkiG9w0BAQsFAAOCAQEAFA0xZiyQN7hf
Lhk1qtt5g0mN9MVNvjSKWoihm5BKnEAsgSjsYOCstW7Or2g4haXaSRXWRnL4ht87
ZgtRpmjUlwyEaIRVgr1FDo1WOJuilsCxxttvUpWSf/oFpy8csUda+tV/ZEgDRwg6
qautFnNYcQI9kJnSxgeiVV5skz2clljDEZogAGmQOWO1zNGpsbhXiOLcVJ/xwsli
W9fu3xEHMlPbhzUBsBuCrz+1moaHlVzAWykYYzQs+AbAnee5b55sDBgDA3bUwWvj
cu5DjmqHI9jv9WQa2qinovGM4s0ninHQ/IUzq9II062dQBzrxOCZQU1sPTM409G2
8dcMh91LDA==
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:26:47 2025 by rpki-client