Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/d79c98-c27d-45b3-86d9-dad3bb13c0a2/1/D6tQMtTrcrX-gfAb6Oldi--cuH0.roa
File: D6tQMtTrcrX-gfAb6Oldi--cuH0.roa (raw, json)
Hash identifier: hSrHBvCFCmXDyAQnKcTo97bjwp9R955PaX/sDtrTv8s=
Subject key identifier: 0F:AB:50:32:D4:EB:72:B5:FE:81:F0:1B:E8:E9:5D:8B:EF:9C:B8:7D
Certificate issuer: /CN=d79da465615c60094370833892da84c886e1c4ef
Certificate serial: 019424B26F21479F97BE6D713036C99E5646
Authority key identifier: D7:9D:A4:65:61:5C:60:09:43:70:83:38:92:DA:84:C8:86:E1:C4:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/152kZWFcYAlDcIM4ktqEyIbhxO8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/d79c98-c27d-45b3-86d9-dad3bb13c0a2/1/D6tQMtTrcrX-gfAb6Oldi--cuH0.roa
Signing time: Thu 02 Jan 2025 01:47:41 +0000
ROA not before: Thu 02 Jan 2025 01:47:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16004
IP address blocks: 217.29.72.0/21 maxlen: 21
217.29.72.0/24 maxlen: 24
217.29.76.0/24 maxlen: 24
217.29.77.0/24 maxlen: 24
2001:1ac0::/32 maxlen: 32
2001:1ac0::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e0/d79c98-c27d-45b3-86d9-dad3bb13c0a2/1/152kZWFcYAlDcIM4ktqEyIbhxO8.crl
rsync://rpki.ripe.net/repository/DEFAULT/e0/d79c98-c27d-45b3-86d9-dad3bb13c0a2/1/152kZWFcYAlDcIM4ktqEyIbhxO8.mft
rsync://rpki.ripe.net/repository/DEFAULT/152kZWFcYAlDcIM4ktqEyIbhxO8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 20 Apr 2025 13:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:6f:21:47:9f:97:be:6d:71:30:36:c9:9e:56:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d79da465615c60094370833892da84c886e1c4ef
Validity
Not Before: Jan 2 01:47:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0fab5032d4eb72b5fe81f01be8e95d8bef9cb87d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:65:c3:5c:3e:b8:6b:7e:fe:64:74:af:80:57:
ad:d9:6e:02:24:cd:a8:92:be:73:52:91:3d:0a:c9:
e6:65:ec:91:09:7a:1b:f8:b5:7e:d4:ee:32:f3:e1:
1a:48:0f:ef:5d:56:40:0d:18:9d:47:33:88:1b:a5:
2a:54:d9:27:a6:35:d7:fa:23:d8:3d:66:91:b5:74:
03:9a:eb:f8:e3:67:8d:ef:e1:c0:52:e4:5c:d5:ed:
ef:f5:61:e4:6f:2a:f1:e0:f7:53:02:71:76:be:59:
d1:64:6a:b0:96:31:b5:03:ef:67:f0:f6:69:8c:9e:
36:44:dd:5f:f5:ea:38:d7:82:90:ba:f5:e8:28:26:
65:95:db:14:66:9a:0c:f7:e5:47:06:6f:ff:3f:64:
2a:eb:85:58:6a:22:2f:94:6f:3f:98:b6:6f:69:8c:
19:ac:ca:27:d6:ad:b2:7a:a2:82:10:5f:91:1e:ad:
ed:7b:a8:07:d2:6a:b0:96:ec:29:bb:6b:1c:51:88:
09:09:eb:a9:60:0c:c0:c2:fc:c1:8c:2a:09:f3:5c:
ac:53:ed:20:a6:4b:8c:f7:0b:12:67:05:ef:51:56:
73:d2:f2:82:2e:e4:88:b5:93:9f:c9:81:83:2e:83:
62:c3:9a:3a:51:05:04:a9:30:e1:cf:91:fd:2f:ff:
69:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:AB:50:32:D4:EB:72:B5:FE:81:F0:1B:E8:E9:5D:8B:EF:9C:B8:7D
X509v3 Authority Key Identifier:
keyid:D7:9D:A4:65:61:5C:60:09:43:70:83:38:92:DA:84:C8:86:E1:C4:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/152kZWFcYAlDcIM4ktqEyIbhxO8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/d79c98-c27d-45b3-86d9-dad3bb13c0a2/1/D6tQMtTrcrX-gfAb6Oldi--cuH0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/d79c98-c27d-45b3-86d9-dad3bb13c0a2/1/152kZWFcYAlDcIM4ktqEyIbhxO8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.29.72.0/21
IPv6:
2001:1ac0::/32
Signature Algorithm: sha256WithRSAEncryption
47:39:cf:7e:0e:af:e5:92:7b:bf:85:6d:20:8c:18:73:32:c5:
a3:c2:1c:14:9a:5d:ff:b6:11:f7:9e:a9:3c:ca:ea:bb:5f:fa:
f7:9a:56:73:5b:87:b8:cb:82:4c:22:db:d5:af:e8:ae:49:c5:
92:d4:6f:12:89:ea:06:b7:da:22:d4:b5:73:3d:6d:d0:80:dc:
3b:d4:6a:42:5f:42:be:e6:b3:25:ea:cf:06:e7:14:71:aa:ec:
a9:e2:94:fe:b4:a3:65:b8:69:ef:26:85:0f:68:35:8e:f6:19:
09:5f:89:2b:92:ad:f7:9d:8a:10:4a:74:6f:84:b6:be:92:d4:
21:24:2a:39:c4:95:78:96:f8:7d:f2:19:e4:99:63:3a:4f:e0:
b1:43:ad:b0:62:b5:00:1a:df:4a:16:c3:19:97:84:5a:e2:3c:
df:c4:d0:07:f3:66:80:2c:b4:08:25:20:55:92:00:4f:96:72:
ab:86:b9:28:18:2a:c3:6e:cc:10:ed:8c:ff:d4:61:10:68:73:
da:8b:ad:60:25:f1:ad:60:dc:65:e2:eb:83:91:d7:f4:89:85:
fc:3b:3e:a0:f8:bf:f9:d4:33:77:8c:bc:cb:4e:20:a3:37:94:
e1:0d:0f:b9:59:8c:cd:b6:69:c8:46:c9:fc:02:e5:26:54:83:
04:2b:84:86
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQksm8hR5+Xvm1xMDbJnlZGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3OWRhNDY1NjE1YzYwMDk0MzcwODMzODkyZGE4NGM4ODZl
MWM0ZWYwHhcNMjUwMTAyMDE0NzQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmFiNTAzMmQ0ZWI3MmI1ZmU4MWYwMWJlOGU5NWQ4YmVmOWNiODdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4mXDXD64a37+ZHSvgFet2W4CJM2o
kr5zUpE9CsnmZeyRCXob+LV+1O4y8+EaSA/vXVZADRidRzOIG6UqVNknpjXX+iPY
PWaRtXQDmuv442eN7+HAUuRc1e3v9WHkbyrx4PdTAnF2vlnRZGqwljG1A+9n8PZp
jJ42RN1f9eo414KQuvXoKCZlldsUZpoM9+VHBm//P2Qq64VYaiIvlG8/mLZvaYwZ
rMon1q2yeqKCEF+RHq3te6gH0mqwluwpu2scUYgJCeupYAzAwvzBjCoJ81ysU+0g
pkuM9wsSZwXvUVZz0vKCLuSItZOfyYGDLoNiw5o6UQUEqTDhz5H9L/9pHQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFA+rUDLU63K1/oHwG+jpXYvvnLh9MB8GA1UdIwQY
MBaAFNedpGVhXGAJQ3CDOJLahMiG4cTvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTUya1pXRmNZQWxEY0lNNGt0cUV5SWJoeE84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC9kNzljOTgtYzI3ZC00NWIzLTg2ZDkt
ZGFkM2JiMTNjMGEyLzEvRDZ0UU10VHJjclgtZ2ZBYjZPbGRpLS1jdUgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC9kNzljOTgtYzI3ZC00NWIzLTg2ZDktZGFkM2JiMTNjMGEy
LzEvMTUya1pXRmNZQWxEY0lNNGt0cUV5SWJoeE84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQD2R1IMA0E
AgACMAcDBQAgARrAMA0GCSqGSIb3DQEBCwUAA4IBAQBHOc9+Dq/lknu/hW0gjBhz
MsWjwhwUml3/thH3nqk8yuq7X/r3mlZzW4e4y4JMItvVr+iuScWS1G8SieoGt9oi
1LVzPW3QgNw71GpCX0K+5rMl6s8G5xRxquyp4pT+tKNluGnvJoUPaDWO9hkJX4kr
kq33nYoQSnRvhLa+ktQhJCo5xJV4lvh98hnkmWM6T+CxQ62wYrUAGt9KFsMZl4Ra
4jzfxNAH82aALLQIJSBVkgBPlnKrhrkoGCrDbswQ7Yz/1GEQaHPai61gJfGtYNxl
4uuDkdf0iYX8Oz6g+L/51DN3jLzLTiCjN5ThDQ+5WYzNtmnIRsn8AuUmVIMEK4SG
-----END CERTIFICATE-----
Generated at Sun Apr 20 00:19:21 2025 by rpki-client