Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/298898-7454-402b-81e9-ee1bd344f015/1/7K1si_9dd4NW2kOEEYd3jcTL2DE.roa
File: 7K1si_9dd4NW2kOEEYd3jcTL2DE.roa (raw, json)
Hash identifier: 5y47FaoSaQN1HkqgBFsqDMSr1pkbokL6IdEnmswLvS8=
Subject key identifier: EC:AD:6C:8B:FF:5D:77:83:56:DA:43:84:11:87:77:8D:C4:CB:D8:31
Certificate issuer: /CN=1e8d205c798ed78f3c44ca0c8f2852e8bec8eaa2
Certificate serial: 01942521765BFBE1A70175BD997116BB3FE3
Authority key identifier: 1E:8D:20:5C:79:8E:D7:8F:3C:44:CA:0C:8F:28:52:E8:BE:C8:EA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ho0gXHmO1488RMoMjyhS6L7I6qI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/298898-7454-402b-81e9-ee1bd344f015/1/7K1si_9dd4NW2kOEEYd3jcTL2DE.roa
Signing time: Thu 02 Jan 2025 03:48:57 +0000
ROA not before: Thu 02 Jan 2025 03:48:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48204
IP address blocks: 46.143.172.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/298898-7454-402b-81e9-ee1bd344f015/1/Ho0gXHmO1488RMoMjyhS6L7I6qI.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/298898-7454-402b-81e9-ee1bd344f015/1/Ho0gXHmO1488RMoMjyhS6L7I6qI.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ho0gXHmO1488RMoMjyhS6L7I6qI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 08:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:76:5b:fb:e1:a7:01:75:bd:99:71:16:bb:3f:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e8d205c798ed78f3c44ca0c8f2852e8bec8eaa2
Validity
Not Before: Jan 2 03:48:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ecad6c8bff5d778356da43841187778dc4cbd831
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:73:49:f8:54:6d:cc:78:da:18:d6:06:34:31:
f6:78:f9:bd:b4:ce:f9:17:fc:03:7e:88:8e:8c:64:
f9:3e:5f:ca:c8:85:58:05:42:58:be:55:a3:47:27:
ac:35:a1:48:b2:c6:ed:a9:21:a4:e9:29:84:2f:6a:
5f:5e:f9:2f:7f:e8:11:85:53:07:d9:42:31:f2:56:
51:87:74:ba:53:a5:1d:44:6b:18:7f:c8:cb:56:73:
6e:17:cf:da:f3:57:85:af:08:e9:f4:5e:3d:3b:c8:
36:a5:96:9b:b7:32:66:99:4e:a4:a5:f0:ce:2d:df:
6d:1d:9d:7b:31:69:cb:35:8a:14:48:ed:50:05:f9:
f4:b9:47:40:be:9a:e8:5c:e0:fa:63:31:c2:4d:32:
6a:27:6a:b9:17:85:dd:50:30:2f:47:af:bf:25:43:
d3:00:01:9d:c1:3c:0e:d5:2c:d8:25:bd:81:49:98:
c3:f9:22:8f:cf:70:7f:aa:df:72:14:45:95:bd:75:
0e:fb:62:08:ca:26:f8:1a:4e:2b:df:88:30:0b:79:
84:16:02:5c:86:39:22:b9:6c:e0:e5:b6:b4:ac:ef:
17:a9:00:ba:68:03:74:72:a2:a2:fe:11:0a:97:e9:
1a:35:29:23:32:1f:4c:13:d3:19:46:0b:41:32:aa:
ed:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:AD:6C:8B:FF:5D:77:83:56:DA:43:84:11:87:77:8D:C4:CB:D8:31
X509v3 Authority Key Identifier:
keyid:1E:8D:20:5C:79:8E:D7:8F:3C:44:CA:0C:8F:28:52:E8:BE:C8:EA:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ho0gXHmO1488RMoMjyhS6L7I6qI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/298898-7454-402b-81e9-ee1bd344f015/1/7K1si_9dd4NW2kOEEYd3jcTL2DE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/298898-7454-402b-81e9-ee1bd344f015/1/Ho0gXHmO1488RMoMjyhS6L7I6qI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.143.172.0/24
Signature Algorithm: sha256WithRSAEncryption
c4:2c:06:b7:7a:ee:40:fc:35:78:00:4b:dd:e2:16:c2:69:c5:
94:2c:15:73:bc:b5:c4:9b:60:23:f0:07:db:6d:95:61:84:5a:
71:eb:1e:81:9c:25:be:3f:72:cd:5f:f4:c8:23:c5:19:42:7d:
f5:ac:8e:08:e3:64:cc:ce:60:75:1b:ac:e7:44:2d:0e:d7:52:
3e:f8:ed:91:38:d5:25:30:ab:b9:47:10:25:cc:0b:b2:51:78:
fc:0b:46:4c:11:ae:4c:06:bb:4e:65:67:7c:a9:ee:39:2d:69:
47:3a:9d:35:ae:07:7b:4c:15:3e:a7:f1:48:a1:6b:d9:7a:9b:
90:5b:9b:ae:e9:4f:93:f7:a7:48:a0:2f:58:d8:1d:2e:05:3e:
dc:cf:f8:35:f9:50:46:7e:10:60:a7:58:0f:ef:38:fa:99:cf:
e9:33:42:68:f3:bf:ac:11:f2:cf:64:23:76:1b:dd:f5:bc:db:
6d:01:05:81:da:fa:88:dd:36:e6:18:f9:35:d8:65:a9:e7:13:
64:c5:2a:e0:50:c9:e1:53:3b:81:67:f4:53:5a:63:39:cf:87:
74:95:e4:fa:d0:d7:af:45:c2:2a:58:2e:c2:6c:45:1b:ae:db:
34:1d:c4:27:50:6f:32:2c:22:c1:71:8c:67:51:2d:62:20:81:
71:53:30:7c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIXZb++GnAXW9mXEWuz/jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlOGQyMDVjNzk4ZWQ3OGYzYzQ0Y2EwYzhmMjg1MmU4YmVj
OGVhYTIwHhcNMjUwMTAyMDM0ODU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2FkNmM4YmZmNWQ3NzgzNTZkYTQzODQxMTg3Nzc4ZGM0Y2JkODMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXNJ+FRtzHjaGNYGNDH2ePm9tM75
F/wDfoiOjGT5Pl/KyIVYBUJYvlWjRyesNaFIssbtqSGk6SmEL2pfXvkvf+gRhVMH
2UIx8lZRh3S6U6UdRGsYf8jLVnNuF8/a81eFrwjp9F49O8g2pZabtzJmmU6kpfDO
Ld9tHZ17MWnLNYoUSO1QBfn0uUdAvproXOD6YzHCTTJqJ2q5F4XdUDAvR6+/JUPT
AAGdwTwO1SzYJb2BSZjD+SKPz3B/qt9yFEWVvXUO+2IIyib4Gk4r34gwC3mEFgJc
hjkiuWzg5ba0rO8XqQC6aAN0cqKi/hEKl+kaNSkjMh9ME9MZRgtBMqrtcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOytbIv/XXeDVtpDhBGHd43Ey9gxMB8GA1UdIwQY
MBaAFB6NIFx5jtePPETKDI8oUui+yOqiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSG8wZ1hIbU8xNDg4Uk1vTWp5aFM2TDdJNnFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yOTg4OTgtNzQ1NC00MDJiLTgxZTkt
ZWUxYmQzNDRmMDE1LzEvN0sxc2lfOWRkNE5XMmtPRUVZZDNqY1RMMkRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yOTg4OTgtNzQ1NC00MDJiLTgxZTktZWUxYmQzNDRmMDE1
LzEvSG8wZ1hIbU8xNDg4Uk1vTWp5aFM2TDdJNnFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALo+sMA0G
CSqGSIb3DQEBCwUAA4IBAQDELAa3eu5A/DV4AEvd4hbCacWULBVzvLXEm2Aj8Afb
bZVhhFpx6x6BnCW+P3LNX/TII8UZQn31rI4I42TMzmB1G6znRC0O11I++O2RONUl
MKu5RxAlzAuyUXj8C0ZMEa5MBrtOZWd8qe45LWlHOp01rgd7TBU+p/FIoWvZepuQ
W5uu6U+T96dIoC9Y2B0uBT7cz/g1+VBGfhBgp1gP7zj6mc/pM0Jo87+sEfLPZCN2
G931vNttAQWB2vqI3TbmGPk12GWp5xNkxSrgUMnhUzuBZ/RTWmM5z4d0leT60Nev
RcIqWC7CbEUbrts0HcQnUG8yLCLBcYxnUS1iIIFxUzB8
-----END CERTIFICATE-----
Generated at Sun Apr 13 16:59:29 2025 by rpki-client