Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/92ea9f-b12e-4dd5-9bd3-b77dc8dc1c7e/1/fDTEunNvzlH5X-k5xdeAmWjVRig.roa
File: fDTEunNvzlH5X-k5xdeAmWjVRig.roa (raw, json)
Hash identifier: kSsYzCwppDZTwjMBzSM9jNvsq5Yv3fwitPhSPp+j0to=
Subject key identifier: 7C:34:C4:BA:73:6F:CE:51:F9:5F:E9:39:C5:D7:80:99:68:D5:46:28
Certificate issuer: /CN=3eb903284a1d15dc158ad7182ea0bce786ceb2ad
Certificate serial: 019420682C0622BCE46EB017726D2FEF2075
Authority key identifier: 3E:B9:03:28:4A:1D:15:DC:15:8A:D7:18:2E:A0:BC:E7:86:CE:B2:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PrkDKEodFdwVitcYLqC854bOsq0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/92ea9f-b12e-4dd5-9bd3-b77dc8dc1c7e/1/fDTEunNvzlH5X-k5xdeAmWjVRig.roa
Signing time: Wed 01 Jan 2025 05:48:05 +0000
ROA not before: Wed 01 Jan 2025 05:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29414
IP address blocks: 82.139.146.0/23 maxlen: 23
82.139.160.0/21 maxlen: 21
82.139.166.0/24 maxlen: 24
82.139.184.0/21 maxlen: 21
130.180.192.0/21 maxlen: 21
185.61.4.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/92ea9f-b12e-4dd5-9bd3-b77dc8dc1c7e/1/PrkDKEodFdwVitcYLqC854bOsq0.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/92ea9f-b12e-4dd5-9bd3-b77dc8dc1c7e/1/PrkDKEodFdwVitcYLqC854bOsq0.mft
rsync://rpki.ripe.net/repository/DEFAULT/PrkDKEodFdwVitcYLqC854bOsq0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:2c:06:22:bc:e4:6e:b0:17:72:6d:2f:ef:20:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3eb903284a1d15dc158ad7182ea0bce786ceb2ad
Validity
Not Before: Jan 1 05:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7c34c4ba736fce51f95fe939c5d7809968d54628
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:f6:de:5e:d1:db:8e:27:56:6e:6e:dc:7f:5d:
8d:39:53:f5:50:35:49:b1:66:12:b8:13:cd:0b:93:
6d:96:7d:c2:81:9b:3e:f9:bc:50:bd:b2:14:fd:ff:
5e:4f:9d:d6:24:0f:cc:8e:2d:89:a4:12:f7:ee:d1:
b0:c2:0f:fb:0d:44:d8:04:38:f0:94:bb:e8:15:20:
1a:b9:92:ba:9c:44:7c:44:28:99:73:d6:8f:20:ae:
6f:a3:3f:61:24:fe:88:4b:c8:9d:a7:c3:c6:80:1c:
8d:08:5a:be:54:50:e0:9b:7d:62:af:23:3e:26:ee:
5d:e8:6b:00:d2:dc:80:01:17:81:9e:14:66:1b:98:
7d:56:2f:f8:bf:2f:fa:4f:25:cd:4e:fa:71:c0:1c:
32:2b:94:ce:14:97:35:06:bc:bd:7d:64:46:92:3f:
76:52:d6:5d:42:bb:fd:91:4c:4f:78:0b:fa:99:9b:
2b:7c:49:50:4b:df:b7:a4:97:77:02:be:c8:e7:7f:
22:8d:8e:48:a6:e2:68:a6:5c:08:42:49:9c:b3:12:
f6:17:db:aa:3f:c1:d1:62:8f:44:0f:4b:db:94:53:
85:8e:41:82:71:3d:63:da:b2:2a:dd:f5:86:b6:b2:
86:19:14:35:e7:08:1d:29:7b:b5:b1:c2:62:44:28:
99:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:34:C4:BA:73:6F:CE:51:F9:5F:E9:39:C5:D7:80:99:68:D5:46:28
X509v3 Authority Key Identifier:
keyid:3E:B9:03:28:4A:1D:15:DC:15:8A:D7:18:2E:A0:BC:E7:86:CE:B2:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PrkDKEodFdwVitcYLqC854bOsq0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/92ea9f-b12e-4dd5-9bd3-b77dc8dc1c7e/1/fDTEunNvzlH5X-k5xdeAmWjVRig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/92ea9f-b12e-4dd5-9bd3-b77dc8dc1c7e/1/PrkDKEodFdwVitcYLqC854bOsq0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.139.146.0/23
82.139.160.0/21
82.139.184.0/21
130.180.192.0/21
185.61.4.0/23
Signature Algorithm: sha256WithRSAEncryption
75:67:10:eb:9b:84:0b:9c:02:9e:10:db:94:f9:26:51:f8:c7:
60:d7:a2:23:47:c5:8f:ba:c3:d6:ba:e9:ba:62:8d:fd:c8:d6:
ed:6d:3f:2e:c6:ef:9b:17:ea:c3:41:20:6b:fc:12:e2:81:c3:
1c:9a:63:bb:5d:46:1e:ac:88:fc:b3:93:20:b8:db:d3:ad:17:
d4:50:6c:e2:e4:50:3e:b3:a1:a8:49:42:39:4a:9a:fd:20:a5:
5e:2c:05:12:9c:91:fa:e2:48:a6:15:ea:e2:e3:90:cc:5e:9d:
5d:5b:48:31:c4:ed:d2:1e:dc:10:44:af:c5:a0:72:7e:75:2b:
21:39:b0:d3:d1:54:ae:71:8b:20:d4:83:b6:0e:4e:57:da:e6:
b4:57:c0:08:29:a6:70:2c:6e:e8:76:51:bc:e7:88:80:b8:36:
46:0c:2c:42:2f:b7:1d:b3:5d:90:5f:32:4f:70:fa:00:ad:71:
43:ea:fe:01:93:c6:c6:6d:9b:2d:b9:e4:7b:76:3a:e7:4a:a4:
3e:70:b3:53:23:b5:6b:69:0a:1f:00:ed:73:ba:bb:21:a6:16:
b2:82:2a:24:8c:f5:32:4c:e2:6f:f0:a6:b2:69:63:e1:fa:91:
54:2b:9b:df:24:25:53:93:c5:12:88:40:d6:71:64:75:d0:dd:
89:d9:78:75
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQgaCwGIrzkbrAXcm0v7yB1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYjkwMzI4NGExZDE1ZGMxNThhZDcxODJlYTBiY2U3ODZj
ZWIyYWQwHhcNMjUwMTAxMDU0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzM0YzRiYTczNmZjZTUxZjk1ZmU5MzljNWQ3ODA5OTY4ZDU0NjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApPbeXtHbjidWbm7cf12NOVP1UDVJ
sWYSuBPNC5Ntln3CgZs++bxQvbIU/f9eT53WJA/Mji2JpBL37tGwwg/7DUTYBDjw
lLvoFSAauZK6nER8RCiZc9aPIK5voz9hJP6IS8idp8PGgByNCFq+VFDgm31iryM+
Ju5d6GsA0tyAAReBnhRmG5h9Vi/4vy/6TyXNTvpxwBwyK5TOFJc1Bry9fWRGkj92
UtZdQrv9kUxPeAv6mZsrfElQS9+3pJd3Ar7I538ijY5IpuJoplwIQkmcsxL2F9uq
P8HRYo9ED0vblFOFjkGCcT1j2rIq3fWGtrKGGRQ15wgdKXu1scJiRCiZmwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHw0xLpzb85R+V/pOcXXgJlo1UYoMB8GA1UdIwQY
MBaAFD65AyhKHRXcFYrXGC6gvOeGzrKtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHJrREtFb2RGZHdWaXRjWUxxQzg1NGJPc3EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi85MmVhOWYtYjEyZS00ZGQ1LTliZDMt
Yjc3ZGM4ZGMxYzdlLzEvZkRURXVuTnZ6bEg1WC1rNXhkZUFtV2pWUmlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi85MmVhOWYtYjEyZS00ZGQ1LTliZDMtYjc3ZGM4ZGMxYzdl
LzEvUHJrREtFb2RGZHdWaXRjWUxxQzg1NGJPc3EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBUouSAwQD
UougAwQDUou4AwQDgrTAAwQBuT0EMA0GCSqGSIb3DQEBCwUAA4IBAQB1ZxDrm4QL
nAKeENuU+SZR+Mdg16IjR8WPusPWuum6Yo39yNbtbT8uxu+bF+rDQSBr/BLigcMc
mmO7XUYerIj8s5MguNvTrRfUUGzi5FA+s6GoSUI5Spr9IKVeLAUSnJH64kimFeri
45DMXp1dW0gxxO3SHtwQRK/FoHJ+dSshObDT0VSucYsg1IO2Dk5X2ua0V8AIKaZw
LG7odlG854iAuDZGDCxCL7cds12QXzJPcPoArXFD6v4Bk8bGbZstueR7djrnSqQ+
cLNTI7VraQofAO1zurshphaygiokjPUyTOJv8KayaWPh+pFUK5vfJCVTk8USiEDW
cWR10N2J2Xh1
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:07:31 2025 by rpki-client