Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/48e1e8-328d-4f82-9398-3910a59a1121/1/F-e0yheo2RviKbK6HPx7_eTqhA4.roa
File: F-e0yheo2RviKbK6HPx7_eTqhA4.roa (raw, json)
Hash identifier: KEJO7y7WsDfC5FsDfSaCJ3hpxQXSnjViDnFGvytgGQY=
Subject key identifier: 17:E7:B4:CA:17:A8:D9:1B:E2:29:B2:BA:1C:FC:7B:FD:E4:EA:84:0E
Certificate issuer: /CN=297ae7592ca52491dc166a30fe1477d712bd465d
Certificate serial: 0194228DC8E88790D99A0266491C969CFF58
Authority key identifier: 29:7A:E7:59:2C:A5:24:91:DC:16:6A:30:FE:14:77:D7:12:BD:46:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KXrnWSylJJHcFmow_hR31xK9Rl0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/48e1e8-328d-4f82-9398-3910a59a1121/1/F-e0yheo2RviKbK6HPx7_eTqhA4.roa
Signing time: Wed 01 Jan 2025 15:48:24 +0000
ROA not before: Wed 01 Jan 2025 15:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216300
IP address blocks: 94.159.112.0/24 maxlen: 24
94.159.114.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/48e1e8-328d-4f82-9398-3910a59a1121/1/KXrnWSylJJHcFmow_hR31xK9Rl0.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/48e1e8-328d-4f82-9398-3910a59a1121/1/KXrnWSylJJHcFmow_hR31xK9Rl0.mft
rsync://rpki.ripe.net/repository/DEFAULT/KXrnWSylJJHcFmow_hR31xK9Rl0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 17:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:c8:e8:87:90:d9:9a:02:66:49:1c:96:9c:ff:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297ae7592ca52491dc166a30fe1477d712bd465d
Validity
Not Before: Jan 1 15:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=17e7b4ca17a8d91be229b2ba1cfc7bfde4ea840e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:e8:7d:b0:49:d0:47:67:39:88:db:6f:0a:46:
66:dc:0b:83:de:54:6a:e4:3e:f9:3c:94:1c:e9:17:
02:73:a9:87:31:1a:f2:56:16:81:e6:52:5e:0d:b2:
76:51:df:6b:2e:dc:af:f0:4b:eb:f3:72:bc:53:8f:
8a:f2:77:90:e3:e7:9c:45:e7:7f:43:86:ab:70:0f:
0a:aa:14:90:76:1a:5a:7e:ab:e5:6e:ea:a3:f9:5d:
d1:f0:85:fe:64:02:5a:6a:8e:0e:8f:96:e3:d5:a3:
e7:27:c4:7f:cf:ad:63:ed:93:d1:be:b0:97:8e:31:
52:70:1d:e3:da:11:a2:83:e1:9d:f0:ef:93:4d:bc:
2e:91:d4:62:ce:00:04:75:99:01:67:cf:64:68:4e:
ef:59:90:f9:07:e9:7e:51:02:b7:b0:c5:5d:6e:58:
54:cb:e0:5f:79:10:69:50:28:94:6c:a8:99:76:9e:
03:84:a9:1c:d3:94:25:d4:67:bd:8e:c8:75:90:95:
3a:18:ab:aa:98:c2:13:dd:95:e3:a5:fc:4b:29:6e:
14:ef:85:36:c2:e7:89:0a:1a:ae:41:af:d5:d3:6b:
44:d0:64:2f:ab:b1:25:ff:6a:58:01:0b:90:41:d2:
6e:52:ab:0a:c2:b1:04:b5:45:36:57:a7:52:eb:de:
21:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:E7:B4:CA:17:A8:D9:1B:E2:29:B2:BA:1C:FC:7B:FD:E4:EA:84:0E
X509v3 Authority Key Identifier:
keyid:29:7A:E7:59:2C:A5:24:91:DC:16:6A:30:FE:14:77:D7:12:BD:46:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXrnWSylJJHcFmow_hR31xK9Rl0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/48e1e8-328d-4f82-9398-3910a59a1121/1/F-e0yheo2RviKbK6HPx7_eTqhA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/48e1e8-328d-4f82-9398-3910a59a1121/1/KXrnWSylJJHcFmow_hR31xK9Rl0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.159.112.0/24
94.159.114.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:04:55:49:bf:d0:99:93:4d:4c:93:31:c6:4c:48:e5:69:d3:
af:f7:34:17:91:fd:01:bf:2d:d0:38:e7:1d:41:bd:66:80:cd:
d6:5e:fd:29:e9:21:82:4c:10:4b:55:16:56:1d:df:60:d8:e6:
25:7a:51:e9:54:62:9e:59:93:8a:63:0a:e2:b8:7a:12:2e:32:
fa:44:b7:d1:fd:d4:cc:75:ce:45:2c:fb:fb:8d:c9:af:de:52:
7d:df:6c:9b:ad:2c:86:05:c5:1a:1b:24:1c:76:ce:1d:bd:f1:
05:0f:7c:ec:58:dc:25:4e:3e:f9:97:69:46:27:08:ae:80:9c:
22:0a:61:ae:69:68:40:f0:13:57:73:0e:76:25:9b:5f:ad:78:
a1:65:ba:81:0f:d0:32:b6:bc:15:0f:4e:5c:22:4a:3e:0a:9e:
59:85:39:2d:e1:95:0b:73:91:73:fb:fb:2f:49:df:e4:c4:aa:
84:84:b4:75:94:af:f7:31:80:6f:5e:88:b6:fa:f3:56:d7:b6:
94:c7:d6:ef:d9:d5:bd:a7:d0:1b:f4:99:c1:64:2f:f8:2b:b2:
59:07:69:ab:76:db:54:ef:d7:94:af:b9:67:20:e7:8d:52:af:
8d:4e:68:9b:bd:9d:84:71:c8:a3:08:a0:64:27:7b:90:d8:49:
ad:da:15:00
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQijcjoh5DZmgJmSRyWnP9YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2FlNzU5MmNhNTI0OTFkYzE2NmEzMGZlMTQ3N2Q3MTJi
ZDQ2NWQwHhcNMjUwMTAxMTU0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2U3YjRjYTE3YThkOTFiZTIyOWIyYmExY2ZjN2JmZGU0ZWE4NDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+h9sEnQR2c5iNtvCkZm3AuD3lRq
5D75PJQc6RcCc6mHMRryVhaB5lJeDbJ2Ud9rLtyv8Evr83K8U4+K8neQ4+ecRed/
Q4arcA8KqhSQdhpafqvlbuqj+V3R8IX+ZAJaao4Oj5bj1aPnJ8R/z61j7ZPRvrCX
jjFScB3j2hGig+Gd8O+TTbwukdRizgAEdZkBZ89kaE7vWZD5B+l+UQK3sMVdblhU
y+BfeRBpUCiUbKiZdp4DhKkc05Ql1Ge9jsh1kJU6GKuqmMIT3ZXjpfxLKW4U74U2
wueJChquQa/V02tE0GQvq7El/2pYAQuQQdJuUqsKwrEEtUU2V6dS694hHwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBfntMoXqNkb4imyuhz8e/3k6oQOMB8GA1UdIwQY
MBaAFCl651kspSSR3BZqMP4Ud9cSvUZdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1hybldTeWxKSkhjRm1vd19oUjMxeEs5UmwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS80OGUxZTgtMzI4ZC00ZjgyLTkzOTgt
MzkxMGE1OWExMTIxLzEvRi1lMHloZW8yUnZpS2JLNkhQeDdfZVRxaEE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS80OGUxZTgtMzI4ZC00ZjgyLTkzOTgtMzkxMGE1OWExMTIx
LzEvS1hybldTeWxKSkhjRm1vd19oUjMxeEs5UmwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXp9wAwQA
Xp9yMA0GCSqGSIb3DQEBCwUAA4IBAQAqBFVJv9CZk01MkzHGTEjladOv9zQXkf0B
vy3QOOcdQb1mgM3WXv0p6SGCTBBLVRZWHd9g2OYlelHpVGKeWZOKYwriuHoSLjL6
RLfR/dTMdc5FLPv7jcmv3lJ932ybrSyGBcUaGyQcds4dvfEFD3zsWNwlTj75l2lG
JwiugJwiCmGuaWhA8BNXcw52JZtfrXihZbqBD9AytrwVD05cIko+Cp5ZhTkt4ZUL
c5Fz+/svSd/kxKqEhLR1lK/3MYBvXoi2+vNW17aUx9bv2dW9p9Ab9JnBZC/4K7JZ
B2mrdttU79eUr7lnIOeNUq+NTmibvZ2EccijCKBkJ3uQ2Emt2hUA
-----END CERTIFICATE-----
Generated at Wed Apr 9 01:51:16 2025 by rpki-client