Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/9778b6-dc2b-4586-91de-53a07368b9ea/1/_Z-p7KxUVg6ghEbeseFL-OOEudI.roa
File: _Z-p7KxUVg6ghEbeseFL-OOEudI.roa (raw, json)
Hash identifier: su5vjqQnoBgVAVEbXkHU+T0GhwXhzdquZDKzgBwrhQ4=
Subject key identifier: FD:9F:A9:EC:AC:54:56:0E:A0:84:46:DE:B1:E1:4B:F8:E3:84:B9:D2
Certificate issuer: /CN=7171d8b4cf6773b59f0732e0e9e8d25a9b773fae
Certificate serial: 019423D6AE3A2CA3DB5901F14F100D63EC9D
Authority key identifier: 71:71:D8:B4:CF:67:73:B5:9F:07:32:E0:E9:E8:D2:5A:9B:77:3F:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cXHYtM9nc7WfBzLg6ejSWpt3P64.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/9778b6-dc2b-4586-91de-53a07368b9ea/1/_Z-p7KxUVg6ghEbeseFL-OOEudI.roa
Signing time: Wed 01 Jan 2025 21:47:39 +0000
ROA not before: Wed 01 Jan 2025 21:47:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42567
IP address blocks: 185.7.96.0/22 maxlen: 24
185.94.236.0/22 maxlen: 24
217.22.16.0/21 maxlen: 24
217.22.24.0/22 maxlen: 24
2a05:22c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/9778b6-dc2b-4586-91de-53a07368b9ea/1/cXHYtM9nc7WfBzLg6ejSWpt3P64.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/9778b6-dc2b-4586-91de-53a07368b9ea/1/cXHYtM9nc7WfBzLg6ejSWpt3P64.mft
rsync://rpki.ripe.net/repository/DEFAULT/cXHYtM9nc7WfBzLg6ejSWpt3P64.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 12:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:ae:3a:2c:a3:db:59:01:f1:4f:10:0d:63:ec:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7171d8b4cf6773b59f0732e0e9e8d25a9b773fae
Validity
Not Before: Jan 1 21:47:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fd9fa9ecac54560ea08446deb1e14bf8e384b9d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:eb:59:a1:d6:6c:c7:43:83:4d:41:92:39:37:
a9:fc:2e:33:70:10:6a:41:1e:19:d4:97:18:e6:12:
23:ac:14:92:a4:c2:09:96:d0:35:99:ea:63:44:e3:
d2:18:bb:ff:81:29:0e:b0:2d:b8:19:8b:8b:dc:8e:
85:34:97:ac:16:1d:03:c3:e5:2b:53:c1:9b:91:bb:
41:51:49:31:73:31:49:10:5c:be:df:89:ca:02:69:
81:63:ea:63:89:f7:3d:5a:f0:ee:b1:55:7b:b6:62:
d0:dd:ff:7b:ac:a0:b0:cb:7c:cd:0b:e3:46:32:65:
dc:e6:d0:7f:99:be:a0:3d:af:cf:f3:83:be:8b:ae:
0e:5a:ee:81:94:04:91:90:b1:7a:02:26:e7:59:68:
d1:64:4d:ab:d5:4d:ef:d6:3c:6b:bd:f8:5e:1d:6c:
a2:e9:f0:c8:a4:be:aa:14:00:58:68:e7:60:84:43:
d7:06:c7:90:a5:6d:ed:8d:d4:df:5e:a2:cd:60:d3:
13:45:32:54:2d:93:7c:54:38:58:b7:46:3e:8a:ed:
03:23:81:26:16:36:3b:b8:b0:58:26:ab:23:f0:d4:
cd:51:f1:80:26:0f:72:26:e5:3c:d0:f0:70:fd:2d:
aa:4e:a7:84:bc:6d:9d:50:c2:11:58:36:00:71:6f:
10:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:9F:A9:EC:AC:54:56:0E:A0:84:46:DE:B1:E1:4B:F8:E3:84:B9:D2
X509v3 Authority Key Identifier:
keyid:71:71:D8:B4:CF:67:73:B5:9F:07:32:E0:E9:E8:D2:5A:9B:77:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cXHYtM9nc7WfBzLg6ejSWpt3P64.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/9778b6-dc2b-4586-91de-53a07368b9ea/1/_Z-p7KxUVg6ghEbeseFL-OOEudI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/9778b6-dc2b-4586-91de-53a07368b9ea/1/cXHYtM9nc7WfBzLg6ejSWpt3P64.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.7.96.0/22
185.94.236.0/22
217.22.16.0-217.22.27.255
IPv6:
2a05:22c0::/29
Signature Algorithm: sha256WithRSAEncryption
e0:00:6e:32:91:b2:38:25:72:bf:cf:7a:f9:f9:f2:1e:d6:49:
58:b1:8b:7a:29:4d:e3:20:f3:5b:ca:34:40:c0:ea:95:72:b7:
a8:3d:80:fc:cd:1b:fb:25:b1:ba:2a:db:49:05:f1:8a:13:bb:
63:12:ee:14:30:10:5f:b9:56:dc:cf:7a:08:3a:95:67:3b:96:
5b:37:6f:cd:b9:8c:ce:14:46:d0:5a:ed:6c:00:7e:61:d1:ab:
f8:43:94:30:0c:a0:94:fa:21:f1:fc:58:fd:8a:11:cf:02:55:
b1:5d:29:d3:ea:f3:be:1b:34:ad:40:33:41:82:f9:d3:7e:55:
b2:4d:d5:9d:03:47:a9:4b:cb:74:06:f1:b6:f6:60:73:35:95:
fb:97:82:12:26:dd:37:a2:b8:fd:06:46:98:84:95:67:b0:f5:
84:2e:63:7e:d4:87:b6:ff:5b:d5:88:88:88:d2:b4:55:13:ca:
5a:b3:4f:10:39:7c:b3:43:2f:97:e4:26:31:98:8c:7f:fb:16:
e3:e9:34:9b:77:88:f2:e1:09:bf:5a:22:f6:83:83:61:3f:48:
9d:75:61:33:dc:0b:01:aa:b9:eb:68:72:38:de:89:fd:21:f0:
b2:5d:9f:6d:86:c1:7b:94:58:f0:21:bc:e6:cb:c7:ee:89:d8:
fb:52:be:2c
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZQj1q46LKPbWQHxTxANY+ydMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxNzFkOGI0Y2Y2NzczYjU5ZjA3MzJlMGU5ZThkMjVhOWI3
NzNmYWUwHhcNMjUwMTAxMjE0NzM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDlmYTllY2FjNTQ1NjBlYTA4NDQ2ZGViMWUxNGJmOGUzODRiOWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxOtZodZsx0ODTUGSOTep/C4zcBBq
QR4Z1JcY5hIjrBSSpMIJltA1mepjROPSGLv/gSkOsC24GYuL3I6FNJesFh0Dw+Ur
U8GbkbtBUUkxczFJEFy+34nKAmmBY+pjifc9WvDusVV7tmLQ3f97rKCwy3zNC+NG
MmXc5tB/mb6gPa/P84O+i64OWu6BlASRkLF6AibnWWjRZE2r1U3v1jxrvfheHWyi
6fDIpL6qFABYaOdghEPXBseQpW3tjdTfXqLNYNMTRTJULZN8VDhYt0Y+iu0DI4Em
FjY7uLBYJqsj8NTNUfGAJg9yJuU80PBw/S2qTqeEvG2dUMIRWDYAcW8QUQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFP2fqeysVFYOoIRG3rHhS/jjhLnSMB8GA1UdIwQY
MBaAFHFx2LTPZ3O1nwcy4Ono0lqbdz+uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1hIWXRNOW5jN1dmQnpMZzZlalNXcHQzUDY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy85Nzc4YjYtZGMyYi00NTg2LTkxZGUt
NTNhMDczNjhiOWVhLzEvX1otcDdLeFVWZzZnaEViZXNlRkwtT09FdWRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy85Nzc4YjYtZGMyYi00NTg2LTkxZGUtNTNhMDczNjhiOWVh
LzEvY1hIWXRNOW5jN1dmQnpMZzZlalNXcHQzUDY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQCuQdgAwQC
uV7sMAwDBATZFhADBALZFhgwDQQCAAIwBwMFAyoFIsAwDQYJKoZIhvcNAQELBQAD
ggEBAOAAbjKRsjglcr/Pevn58h7WSVixi3opTeMg81vKNEDA6pVyt6g9gPzNG/sl
sboq20kF8YoTu2MS7hQwEF+5VtzPegg6lWc7lls3b825jM4URtBa7WwAfmHRq/hD
lDAMoJT6IfH8WP2KEc8CVbFdKdPq874bNK1AM0GC+dN+VbJN1Z0DR6lLy3QG8bb2
YHM1lfuXghIm3TeiuP0GRpiElWew9YQuY37Uh7b/W9WIiIjStFUTylqzTxA5fLND
L5fkJjGYjH/7FuPpNJt3iPLhCb9aIvaDg2E/SJ11YTPcCwGquetocjjeif0h8LJd
n22GwXuUWPAhvObLx+6J2PtSviw=
-----END CERTIFICATE-----
Generated at Wed Apr 16 16:23:13 2025 by rpki-client