Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/e5O39jLwx-J5_GwekaRwgr2d2RE.roa
File: e5O39jLwx-J5_GwekaRwgr2d2RE.roa (raw, json)
Hash identifier: HUk8Z3Nkmb3qkmakGlU4y4u1qV2j7sm1wiYlhVDlC1I=
Subject key identifier: 7B:93:B7:F6:32:F0:C7:E2:79:FC:6C:1E:91:A4:70:82:BD:9D:D9:11
Certificate issuer: /CN=bdfad23e11cf0d24a477594eba09f99acc6f1fff
Certificate serial: 0194236A2B6544FD4204AA795C2AAA373C1E
Authority key identifier: BD:FA:D2:3E:11:CF:0D:24:A4:77:59:4E:BA:09:F9:9A:CC:6F:1F:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/e5O39jLwx-J5_GwekaRwgr2d2RE.roa
Signing time: Wed 01 Jan 2025 19:49:08 +0000
ROA not before: Wed 01 Jan 2025 19:49:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43489
IP address blocks: 31.177.70.0/24 maxlen: 24
89.104.93.0/24 maxlen: 24
89.104.95.0/24 maxlen: 24
89.111.135.0/24 maxlen: 24
2a01:d8:8::/48 maxlen: 48
2a02:2090:6800::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/vfrSPhHPDSSkd1lOugn5msxvH_8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/vfrSPhHPDSSkd1lOugn5msxvH_8.mft
rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:2b:65:44:fd:42:04:aa:79:5c:2a:aa:37:3c:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdfad23e11cf0d24a477594eba09f99acc6f1fff
Validity
Not Before: Jan 1 19:49:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7b93b7f632f0c7e279fc6c1e91a47082bd9dd911
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:e1:1c:53:dd:fb:5f:95:26:62:69:84:2e:ac:
d5:f3:3c:40:b4:d8:52:a0:43:c4:18:54:8a:75:61:
8b:2d:b8:4b:e3:7d:c0:2a:db:09:6a:a7:5e:b5:de:
b3:3e:2b:4d:e0:2e:2a:07:ee:56:ad:ff:01:94:ae:
45:56:e5:4a:d2:8f:b9:3f:a8:d0:f5:1e:9f:2c:1c:
01:06:2a:a0:1e:73:b4:e6:06:2c:af:3e:a1:96:ff:
a4:10:8f:d5:66:ab:bc:47:0d:a6:b6:43:01:ee:b3:
18:4d:0a:8b:61:09:76:89:4b:98:70:bf:fc:49:fb:
0f:d1:83:1b:25:fa:87:b7:08:23:de:d3:73:d4:ca:
79:dc:9a:69:fa:90:30:ac:1d:52:ce:50:24:31:f4:
62:32:32:55:36:ba:a6:b1:d6:61:43:62:76:e9:d5:
cd:0b:5a:6f:a4:3e:29:0f:54:a9:f3:5a:39:b2:06:
fa:f0:81:1f:13:7e:f9:57:5a:ac:a4:9c:2f:7d:e0:
3e:ac:d3:58:2d:d3:d4:ef:bc:00:82:4f:04:3d:9e:
18:00:b3:04:de:10:a4:0a:33:19:ac:d8:b7:ca:9c:
46:e1:25:b2:3a:ae:04:ad:b7:75:28:f9:b6:bd:0e:
42:c4:51:ae:b0:28:73:4c:e2:06:d1:e0:98:76:74:
76:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:93:B7:F6:32:F0:C7:E2:79:FC:6C:1E:91:A4:70:82:BD:9D:D9:11
X509v3 Authority Key Identifier:
keyid:BD:FA:D2:3E:11:CF:0D:24:A4:77:59:4E:BA:09:F9:9A:CC:6F:1F:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/e5O39jLwx-J5_GwekaRwgr2d2RE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/vfrSPhHPDSSkd1lOugn5msxvH_8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.177.70.0/24
89.104.93.0/24
89.104.95.0/24
89.111.135.0/24
IPv6:
2a01:d8:8::/48
2a02:2090:6800::/48
Signature Algorithm: sha256WithRSAEncryption
18:08:fe:15:8e:db:ee:64:56:00:cd:47:d7:c3:df:ff:c2:07:
13:a5:e5:84:0e:f2:8a:11:0c:f8:6c:70:ef:e7:54:bb:45:48:
d3:e9:0a:5d:8e:f2:3e:db:c6:51:f3:b2:42:8d:bc:0e:7b:97:
a1:93:a8:ea:96:a2:0b:64:4c:e0:ef:68:f6:0e:a0:53:e4:fc:
1a:e4:13:da:e9:fb:1d:b5:a0:57:45:fc:82:d3:39:a6:a3:09:
d3:49:66:01:3b:10:b9:d6:9a:d3:44:82:09:a4:1b:d7:ca:af:
a9:5b:7a:ff:44:92:41:df:b2:d5:a7:06:8b:7a:a3:b8:54:52:
ba:af:59:08:e8:5a:07:7a:a3:45:1d:14:5b:5c:00:e5:b0:76:
ea:cf:2b:c2:2c:c7:b1:e6:9c:54:b1:ed:44:7c:0b:f3:e1:da:
90:78:60:3f:6c:f9:ba:38:1c:35:73:2b:47:a9:80:45:82:25:
53:51:e7:1a:f3:e3:64:22:ce:a8:4e:78:e1:ef:f7:0c:9f:70:
0c:8d:f5:98:bd:38:5c:b9:99:10:9e:38:9a:26:a8:14:84:85:
00:ad:8c:b8:74:b0:86:c6:14:da:af:22:15:95:83:e3:18:85:
51:1f:17:e6:a6:45:01:5f:66:57:67:c2:cd:a0:f6:e6:34:57:
6e:7a:4f:4e
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZQjaitlRP1CBKp5XCqqNzweMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZmFkMjNlMTFjZjBkMjRhNDc3NTk0ZWJhMDlmOTlhY2M2
ZjFmZmYwHhcNMjUwMTAxMTk0OTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjkzYjdmNjMyZjBjN2UyNzlmYzZjMWU5MWE0NzA4MmJkOWRkOTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+eEcU937X5UmYmmELqzV8zxAtNhS
oEPEGFSKdWGLLbhL433AKtsJaqdetd6zPitN4C4qB+5Wrf8BlK5FVuVK0o+5P6jQ
9R6fLBwBBiqgHnO05gYsrz6hlv+kEI/VZqu8Rw2mtkMB7rMYTQqLYQl2iUuYcL/8
SfsP0YMbJfqHtwgj3tNz1Mp53Jpp+pAwrB1SzlAkMfRiMjJVNrqmsdZhQ2J26dXN
C1pvpD4pD1Sp81o5sgb68IEfE375V1qspJwvfeA+rNNYLdPU77wAgk8EPZ4YALME
3hCkCjMZrNi3ypxG4SWyOq4Erbd1KPm2vQ5CxFGusChzTOIG0eCYdnR2/wIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFHuTt/Yy8MfiefxsHpGkcIK9ndkRMB8GA1UdIwQY
MBaAFL360j4Rzw0kpHdZTroJ+ZrMbx//MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmZyU1BoSFBEU1NrZDFsT3VnbjVtc3h2SF84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9lMjUyMzktNmFiMC00OTE5LWE3NmEt
NGY0ZTcxZTMyMDg0LzEvZTVPMzlqTHd4LUo1X0d3ZWthUndncjJkMlJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9lMjUyMzktNmFiMC00OTE5LWE3NmEtNGY0ZTcxZTMyMDg0
LzEvdmZyU1BoSFBEU1NrZDFsT3VnbjVtc3h2SF84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjAeBAIAATAYAwQAH7FGAwQA
WWhdAwQAWWhfAwQAWW+HMBgEAgACMBIDBwAqAQDYAAgDBwAqAiCQaAAwDQYJKoZI
hvcNAQELBQADggEBABgI/hWO2+5kVgDNR9fD3//CBxOl5YQO8ooRDPhscO/nVLtF
SNPpCl2O8j7bxlHzskKNvA57l6GTqOqWogtkTODvaPYOoFPk/BrkE9rp+x21oFdF
/ILTOaajCdNJZgE7ELnWmtNEggmkG9fKr6lbev9EkkHfstWnBot6o7hUUrqvWQjo
Wgd6o0UdFFtcAOWwdurPK8Isx7HmnFSx7UR8C/Ph2pB4YD9s+bo4HDVzK0epgEWC
JVNR5xrz42QizqhOeOHv9wyfcAyN9Zi9OFy5mRCeOJomqBSEhQCtjLh0sIbGFNqv
IhWVg+MYhVEfF+amRQFfZldnws2g9uY0V256T04=
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:01:08 2025 by rpki-client