Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/9f459f-264d-46ce-87b0-cbb7d2bf6fa1/1/40BuKq_ENsetJ0coeTja2uim-XM.roa
File: 40BuKq_ENsetJ0coeTja2uim-XM.roa (raw, json)
Hash identifier: jFKs1Nj/rGuvWwuXC1CAsi/+KiI87gmidC/b6O4pmJ4=
Subject key identifier: E3:40:6E:2A:AF:C4:36:C7:AD:27:47:28:79:38:DA:DA:E8:A6:F9:73
Certificate issuer: /CN=f9356a96e74ea2d72b6545c87c79d212d72a7bde
Certificate serial: 0194228DDA1EEC05C89987554D6163063F35
Authority key identifier: F9:35:6A:96:E7:4E:A2:D7:2B:65:45:C8:7C:79:D2:12:D7:2A:7B:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-TVqludOotcrZUXIfHnSEtcqe94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/9f459f-264d-46ce-87b0-cbb7d2bf6fa1/1/40BuKq_ENsetJ0coeTja2uim-XM.roa
Signing time: Wed 01 Jan 2025 15:48:29 +0000
ROA not before: Wed 01 Jan 2025 15:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15576
IP address blocks: 87.237.168.0/21 maxlen: 21
87.237.172.0/22 maxlen: 22
94.126.248.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e2/9f459f-264d-46ce-87b0-cbb7d2bf6fa1/1/1-TVqludOotcrZUXIfHnSEtcqe94.crl
rsync://rpki.ripe.net/repository/DEFAULT/e2/9f459f-264d-46ce-87b0-cbb7d2bf6fa1/1/1-TVqludOotcrZUXIfHnSEtcqe94.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-TVqludOotcrZUXIfHnSEtcqe94.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 03:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:da:1e:ec:05:c8:99:87:55:4d:61:63:06:3f:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f9356a96e74ea2d72b6545c87c79d212d72a7bde
Validity
Not Before: Jan 1 15:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e3406e2aafc436c7ad2747287938dadae8a6f973
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:cc:33:7f:83:9a:01:c6:fa:ff:8f:0c:ee:53:
06:06:da:ce:41:b0:63:36:f8:60:b5:ff:06:12:35:
b7:a9:48:df:55:d2:e9:87:90:56:95:8b:e8:ff:9d:
ba:73:b9:09:7c:2f:3b:4f:98:89:1f:08:34:28:23:
47:eb:d0:e1:89:8f:30:5e:b9:43:6f:1f:b5:47:30:
b1:07:c8:4e:27:14:0e:8b:e9:2c:c9:46:46:93:02:
f5:3e:81:86:f4:7c:07:d0:56:27:9b:ec:56:f7:25:
c7:e4:7f:76:c9:29:19:28:86:42:72:f7:d8:04:2c:
3c:34:af:44:b9:ad:96:6a:09:8f:27:f8:ba:7d:18:
4a:f9:c5:ab:87:48:e8:a3:ad:a5:6d:84:3e:5d:cf:
78:c9:f2:c4:f4:6c:9e:6b:24:f6:6b:e5:a6:2c:09:
a5:73:0a:95:74:45:59:35:ad:dd:a8:aa:0d:e6:29:
7c:ad:4c:0d:f5:61:fc:f1:c1:a9:34:82:37:93:84:
7e:aa:73:80:91:c3:ba:e8:be:6b:47:15:99:55:7a:
70:96:cd:93:c5:8c:ce:13:c2:7f:c1:ee:cf:c6:1a:
7f:9a:e8:e1:22:74:f2:74:fb:e6:91:9e:04:eb:60:
bb:60:e7:71:e4:a5:8d:84:b4:b7:3e:bd:e1:64:07:
94:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:40:6E:2A:AF:C4:36:C7:AD:27:47:28:79:38:DA:DA:E8:A6:F9:73
X509v3 Authority Key Identifier:
keyid:F9:35:6A:96:E7:4E:A2:D7:2B:65:45:C8:7C:79:D2:12:D7:2A:7B:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-TVqludOotcrZUXIfHnSEtcqe94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/9f459f-264d-46ce-87b0-cbb7d2bf6fa1/1/40BuKq_ENsetJ0coeTja2uim-XM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/9f459f-264d-46ce-87b0-cbb7d2bf6fa1/1/1-TVqludOotcrZUXIfHnSEtcqe94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.237.168.0/21
94.126.248.0/21
Signature Algorithm: sha256WithRSAEncryption
8e:22:05:38:47:9e:4d:f6:1d:e9:ee:66:08:6a:59:fc:71:9e:
c5:48:a2:e9:55:92:4d:0f:91:34:89:0a:45:80:f9:61:d7:1b:
6c:b2:2e:2c:aa:a4:1b:95:d5:e3:16:5b:7c:ff:f9:90:d2:c4:
01:b9:0a:d7:e1:76:60:ff:7d:43:0a:3a:a9:88:07:36:b1:8d:
11:25:79:aa:2a:17:25:e3:f7:38:17:58:2b:cf:cd:cf:ec:9b:
fb:2c:1a:9a:e3:ba:e0:35:70:51:37:67:f9:8d:52:50:0b:7e:
c9:65:f0:9b:00:08:65:39:66:60:87:a4:ea:f4:30:5d:4b:4f:
9b:cf:8b:83:22:a8:1b:ac:c4:b2:2a:d1:a9:b7:a8:0f:54:42:
9d:da:3c:97:1b:8d:c1:dd:93:f4:31:2c:55:ee:f7:6a:c8:94:
0b:a3:03:eb:bd:79:de:98:74:fa:39:0c:95:bf:e3:a7:71:75:
df:04:c7:cc:31:12:d1:e4:73:6b:c1:98:64:7f:c9:71:be:17:
e7:28:b5:58:ab:d9:09:db:eb:6a:7c:5e:cc:1f:68:16:58:35:
2e:bf:0d:da:fe:39:f9:4d:8c:65:39:ff:e2:d0:6c:f7:92:13:
1e:a7:cf:dd:bb:33:30:7e:c9:58:7f:ca:4e:32:2c:b8:cf:f9:
4e:35:52:2c
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQijdoe7AXImYdVTWFjBj81MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5MzU2YTk2ZTc0ZWEyZDcyYjY1NDVjODdjNzlkMjEyZDcy
YTdiZGUwHhcNMjUwMTAxMTU0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzQwNmUyYWFmYzQzNmM3YWQyNzQ3Mjg3OTM4ZGFkYWU4YTZmOTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzcwzf4OaAcb6/48M7lMGBtrOQbBj
Nvhgtf8GEjW3qUjfVdLph5BWlYvo/526c7kJfC87T5iJHwg0KCNH69DhiY8wXrlD
bx+1RzCxB8hOJxQOi+ksyUZGkwL1PoGG9HwH0FYnm+xW9yXH5H92ySkZKIZCcvfY
BCw8NK9Eua2WagmPJ/i6fRhK+cWrh0joo62lbYQ+Xc94yfLE9GyeayT2a+WmLAml
cwqVdEVZNa3dqKoN5il8rUwN9WH88cGpNII3k4R+qnOAkcO66L5rRxWZVXpwls2T
xYzOE8J/we7Pxhp/mujhInTydPvmkZ4E62C7YOdx5KWNhLS3Pr3hZAeURwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFONAbiqvxDbHrSdHKHk42tropvlzMB8GA1UdIwQY
MBaAFPk1apbnTqLXK2VFyHx50hLXKnveMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1UVnFsdWRPb3RjclpVWElmSG5TRXRjcWU5NC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTIvOWY0NTlmLTI2NGQtNDZjZS04N2Iw
LWNiYjdkMmJmNmZhMS8xLzQwQnVLcV9FTnNldEowY29lVGphMnVpbS1YTS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTIvOWY0NTlmLTI2NGQtNDZjZS04N2IwLWNiYjdkMmJmNmZh
MS8xLzEtVFZxbHVkT290Y3JaVVhJZkhuU0V0Y3FlOTQuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBANX7agD
BANefvgwDQYJKoZIhvcNAQELBQADggEBAI4iBThHnk32HenuZghqWfxxnsVIoulV
kk0PkTSJCkWA+WHXG2yyLiyqpBuV1eMWW3z/+ZDSxAG5CtfhdmD/fUMKOqmIBzax
jREleaoqFyXj9zgXWCvPzc/sm/ssGprjuuA1cFE3Z/mNUlALfsll8JsACGU5ZmCH
pOr0MF1LT5vPi4MiqBusxLIq0am3qA9UQp3aPJcbjcHdk/QxLFXu92rIlAujA+u9
ed6YdPo5DJW/46dxdd8Ex8wxEtHkc2vBmGR/yXG+F+cotVir2Qnb62p8XswfaBZY
NS6/Ddr+OflNjGU5/+LQbPeSEx6nz927MzB+yVh/yk4yLLjP+U41Uiw=
-----END CERTIFICATE-----
Generated at Tue Apr 15 09:35:21 2025 by rpki-client