Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/063e59-9e94-4e91-8b7e-6f4de020aae6/1/loFt9UkmmZ1FwU6GuBvE7wOCBXI.roa
File: loFt9UkmmZ1FwU6GuBvE7wOCBXI.roa (raw, json)
Hash identifier: EBLJxo6VHYAxrO4XWEk670Ig6ARB7G0deWDK0JqRpRk=
Subject key identifier: 96:81:6D:F5:49:26:99:9D:45:C1:4E:86:B8:1B:C4:EF:03:82:05:72
Certificate issuer: /CN=d547cf9f27767477120b1d3b26cc57a61099a724
Certificate serial: 01942521621C4A7632B982FB6F6E6BDC3D74
Authority key identifier: D5:47:CF:9F:27:76:74:77:12:0B:1D:3B:26:CC:57:A6:10:99:A7:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1UfPnyd2dHcSCx07JsxXphCZpyQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/063e59-9e94-4e91-8b7e-6f4de020aae6/1/loFt9UkmmZ1FwU6GuBvE7wOCBXI.roa
Signing time: Thu 02 Jan 2025 03:48:52 +0000
ROA not before: Thu 02 Jan 2025 03:48:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47705
IP address blocks: 109.197.166.0/23 maxlen: 23
176.97.56.0/21 maxlen: 21
192.162.208.0/22 maxlen: 22
192.162.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/063e59-9e94-4e91-8b7e-6f4de020aae6/1/1UfPnyd2dHcSCx07JsxXphCZpyQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/063e59-9e94-4e91-8b7e-6f4de020aae6/1/1UfPnyd2dHcSCx07JsxXphCZpyQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1UfPnyd2dHcSCx07JsxXphCZpyQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 15:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:62:1c:4a:76:32:b9:82:fb:6f:6e:6b:dc:3d:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d547cf9f27767477120b1d3b26cc57a61099a724
Validity
Not Before: Jan 2 03:48:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=96816df54926999d45c14e86b81bc4ef03820572
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:3a:40:8d:73:1e:dd:e2:4b:c5:62:2d:46:33:
cc:73:fe:f6:00:27:73:ed:36:78:78:7d:8d:db:2b:
aa:c8:ec:cf:03:b6:ea:82:53:e2:c3:06:69:76:b7:
d1:e3:67:87:2f:11:0e:a0:ca:66:ee:0d:a2:3f:b7:
70:19:46:c8:10:1f:1a:db:7e:e8:1f:11:e7:bb:ec:
36:5e:09:12:83:53:b6:85:35:4c:9e:e5:23:b0:65:
21:2a:d6:53:62:47:6a:9a:81:da:a4:95:76:d0:87:
f5:8d:c5:38:9f:b6:03:15:aa:ad:f0:8f:47:5c:6c:
24:2b:12:ee:7f:84:2b:e5:82:b9:41:de:7b:ff:11:
64:7a:64:26:a8:de:57:55:08:57:34:a1:75:5a:5d:
44:2c:4d:98:2f:7a:ca:1c:3d:1b:56:0a:97:0d:cb:
40:83:72:d8:92:cc:a8:a7:78:09:67:d6:fb:7e:a6:
b2:92:40:71:84:d9:4a:f7:34:9a:8f:2f:1a:83:4f:
10:2c:c0:df:27:ae:0e:4c:37:53:30:43:a6:82:28:
58:fb:4b:d4:8b:f4:05:c1:b9:29:b0:01:7a:86:38:
17:1a:59:6b:16:3b:68:1f:58:9d:83:af:16:5e:3b:
48:2e:19:33:ea:48:ed:4f:be:1e:80:33:20:86:e7:
e1:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:81:6D:F5:49:26:99:9D:45:C1:4E:86:B8:1B:C4:EF:03:82:05:72
X509v3 Authority Key Identifier:
keyid:D5:47:CF:9F:27:76:74:77:12:0B:1D:3B:26:CC:57:A6:10:99:A7:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1UfPnyd2dHcSCx07JsxXphCZpyQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/063e59-9e94-4e91-8b7e-6f4de020aae6/1/loFt9UkmmZ1FwU6GuBvE7wOCBXI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/063e59-9e94-4e91-8b7e-6f4de020aae6/1/1UfPnyd2dHcSCx07JsxXphCZpyQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.197.166.0/23
176.97.56.0/21
192.162.208.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:dc:f9:b8:b1:96:5a:9e:45:f1:5e:28:34:21:03:fb:b3:f4:
96:15:cf:16:50:18:f5:05:8c:a2:70:18:90:4a:47:86:49:33:
6d:0c:ba:29:92:b1:08:88:5a:6f:00:9f:0b:7e:73:0f:3b:e3:
c4:22:77:64:da:65:8d:0e:30:c0:49:14:61:9b:16:fa:32:59:
e8:a3:c6:3f:82:57:d7:18:7e:ec:8b:73:78:88:63:c4:e4:5b:
72:41:61:f5:2e:2d:14:db:2c:a7:ed:c9:59:ce:0a:64:2d:df:
3b:49:4d:35:19:fc:5b:99:69:b0:b6:a4:7d:d8:f8:13:45:ba:
5e:a1:6d:e6:5b:e4:96:3d:25:0b:27:06:c3:0d:93:ea:3c:b0:
5b:fd:62:19:33:c9:7a:85:10:5c:78:f9:72:33:39:73:af:1b:
4a:ab:03:21:a7:ab:c7:57:a2:16:56:66:2d:98:78:2b:5e:a6:
81:ef:49:da:f3:0f:45:48:b0:bf:eb:c4:41:71:98:94:52:e3:
fa:ea:4b:ea:55:89:27:46:c4:8d:e1:31:64:b1:ef:13:e7:93:
e4:38:15:14:36:7e:38:df:e9:81:67:60:36:73:89:cb:09:db:
12:16:4e:73:05:ca:cf:81:26:0e:ae:c2:ae:59:8a:ea:57:a6:
56:b7:c3:6a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQlIWIcSnYyuYL7b25r3D10MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NDdjZjlmMjc3Njc0NzcxMjBiMWQzYjI2Y2M1N2E2MTA5
OWE3MjQwHhcNMjUwMTAyMDM0ODUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjgxNmRmNTQ5MjY5OTlkNDVjMTRlODZiODFiYzRlZjAzODIwNTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTpAjXMe3eJLxWItRjPMc/72ACdz
7TZ4eH2N2yuqyOzPA7bqglPiwwZpdrfR42eHLxEOoMpm7g2iP7dwGUbIEB8a237o
HxHnu+w2XgkSg1O2hTVMnuUjsGUhKtZTYkdqmoHapJV20If1jcU4n7YDFaqt8I9H
XGwkKxLuf4Qr5YK5Qd57/xFkemQmqN5XVQhXNKF1Wl1ELE2YL3rKHD0bVgqXDctA
g3LYksyop3gJZ9b7fqaykkBxhNlK9zSajy8ag08QLMDfJ64OTDdTMEOmgihY+0vU
i/QFwbkpsAF6hjgXGllrFjtoH1idg68WXjtILhkz6kjtT74egDMghufhDQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJaBbfVJJpmdRcFOhrgbxO8DggVyMB8GA1UdIwQY
MBaAFNVHz58ndnR3EgsdOybMV6YQmackMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVVmUG55ZDJkSGNTQ3gwN0pzeFhwaENacHlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8wNjNlNTktOWU5NC00ZTkxLThiN2Ut
NmY0ZGUwMjBhYWU2LzEvbG9GdDlVa21tWjFGd1U2R3VCdkU3d09DQlhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi8wNjNlNTktOWU5NC00ZTkxLThiN2UtNmY0ZGUwMjBhYWU2
LzEvMVVmUG55ZDJkSGNTQ3gwN0pzeFhwaENacHlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBbcWmAwQD
sGE4AwQCwKLQMA0GCSqGSIb3DQEBCwUAA4IBAQBN3Pm4sZZankXxXig0IQP7s/SW
Fc8WUBj1BYyicBiQSkeGSTNtDLopkrEIiFpvAJ8LfnMPO+PEIndk2mWNDjDASRRh
mxb6Mlnoo8Y/glfXGH7si3N4iGPE5FtyQWH1Li0U2yyn7clZzgpkLd87SU01Gfxb
mWmwtqR92PgTRbpeoW3mW+SWPSULJwbDDZPqPLBb/WIZM8l6hRBcePlyMzlzrxtK
qwMhp6vHV6IWVmYtmHgrXqaB70na8w9FSLC/68RBcZiUUuP66kvqVYknRsSN4TFk
se8T55PkOBUUNn443+mBZ2A2c4nLCdsSFk5zBcrPgSYOrsKuWYrqV6ZWt8Nq
-----END CERTIFICATE-----
Generated at Tue Apr 15 20:03:15 2025 by rpki-client