Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/cf9cd6-e717-4dda-82ef-6dfe0f7d53bd/1/7dcli4xVMUWvgQbFQeWeKq9zhiU.roa
File: 7dcli4xVMUWvgQbFQeWeKq9zhiU.roa (raw, json)
Hash identifier: QOei2HTvqJoevZqPdJP9SridnGWvSVOTd/8fOeClw9s=
Subject key identifier: ED:D7:25:8B:8C:55:31:45:AF:81:06:C5:41:E5:9E:2A:AF:73:86:25
Certificate issuer: /CN=11125404c6dd472f1001ed9ffdf726762ac7701d
Certificate serial: 0194B7EE2A63AE4144734F25745F53CD24C8
Authority key identifier: 11:12:54:04:C6:DD:47:2F:10:01:ED:9F:FD:F7:26:76:2A:C7:70:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ERJUBMbdRy8QAe2f_fcmdirHcB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/cf9cd6-e717-4dda-82ef-6dfe0f7d53bd/1/7dcli4xVMUWvgQbFQeWeKq9zhiU.roa
Signing time: Thu 30 Jan 2025 15:57:06 +0000
ROA not before: Thu 30 Jan 2025 15:57:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215590
IP address blocks: 92.242.165.0/24 maxlen: 24
164.138.8.0/24 maxlen: 24
164.138.9.0/24 maxlen: 24
164.138.10.0/24 maxlen: 24
164.138.11.0/24 maxlen: 24
164.138.12.0/24 maxlen: 24
164.138.13.0/24 maxlen: 24
164.138.14.0/24 maxlen: 24
164.138.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e2/cf9cd6-e717-4dda-82ef-6dfe0f7d53bd/1/ERJUBMbdRy8QAe2f_fcmdirHcB0.crl
rsync://rpki.ripe.net/repository/DEFAULT/e2/cf9cd6-e717-4dda-82ef-6dfe0f7d53bd/1/ERJUBMbdRy8QAe2f_fcmdirHcB0.mft
rsync://rpki.ripe.net/repository/DEFAULT/ERJUBMbdRy8QAe2f_fcmdirHcB0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:b7:ee:2a:63:ae:41:44:73:4f:25:74:5f:53:cd:24:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11125404c6dd472f1001ed9ffdf726762ac7701d
Validity
Not Before: Jan 30 15:57:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=edd7258b8c553145af8106c541e59e2aaf738625
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:83:a3:27:a6:40:44:52:f8:fe:8e:c7:53:ff:
84:e9:e3:78:f9:1f:7f:a9:75:f5:e5:03:c9:ac:ea:
29:90:35:b4:12:7d:ed:59:64:2f:70:fe:fa:6f:2d:
ee:ac:d6:3e:71:e3:e6:0f:b7:d7:75:e3:ae:f3:9e:
4c:da:ae:42:4d:86:a3:6a:7c:50:95:9b:84:20:b4:
28:60:08:4a:7d:a4:2c:46:3f:1b:0d:af:de:94:67:
07:d7:9d:e6:5c:b6:d1:e7:df:69:bc:32:90:7a:4c:
9d:06:b5:e7:83:52:b2:27:39:88:86:dd:0c:d9:c9:
fb:33:e6:35:17:16:d4:2f:ca:e0:4e:f7:f5:88:bd:
3b:9c:79:d8:fc:72:96:e5:a8:3f:28:66:2a:c0:69:
d7:4a:3b:ba:92:70:84:0b:e7:95:54:38:31:da:91:
83:d7:30:e5:5b:a7:53:50:f3:b4:97:0e:86:17:1c:
ea:a3:5f:8a:13:41:a0:fa:07:f0:fc:ee:a6:71:a7:
f9:44:21:ef:5f:2b:4c:b8:c1:65:8d:e3:e2:86:49:
dc:17:99:77:b3:fb:52:19:07:b5:d1:8a:24:fa:e5:
75:45:d9:56:e6:f0:f8:18:b1:5d:50:0a:1a:fd:99:
61:e3:cd:9e:8f:95:ee:6c:6d:48:a6:4c:35:60:9c:
55:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:D7:25:8B:8C:55:31:45:AF:81:06:C5:41:E5:9E:2A:AF:73:86:25
X509v3 Authority Key Identifier:
keyid:11:12:54:04:C6:DD:47:2F:10:01:ED:9F:FD:F7:26:76:2A:C7:70:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ERJUBMbdRy8QAe2f_fcmdirHcB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/cf9cd6-e717-4dda-82ef-6dfe0f7d53bd/1/7dcli4xVMUWvgQbFQeWeKq9zhiU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/cf9cd6-e717-4dda-82ef-6dfe0f7d53bd/1/ERJUBMbdRy8QAe2f_fcmdirHcB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.242.165.0/24
164.138.8.0/21
Signature Algorithm: sha256WithRSAEncryption
3a:7a:be:7c:70:69:6b:57:46:fb:79:f1:25:f0:d8:d0:6f:cf:
c9:43:62:bf:24:73:85:79:2f:f0:8c:cb:41:89:5a:a4:e9:4c:
6e:e6:22:92:42:eb:aa:08:8a:1a:80:8c:e3:61:5f:bd:95:ab:
b6:7e:ee:7f:bc:d0:bd:8f:02:5d:21:11:22:df:08:ae:d3:a8:
a5:ba:3a:a6:7e:18:cf:63:bc:56:68:89:e3:8b:c4:3c:29:44:
08:10:bc:81:f2:f6:ae:88:24:31:04:41:bc:bf:8a:0d:3a:63:
8f:94:a9:5c:d5:f4:ac:c6:ba:8e:a2:0f:44:2a:ac:e7:0a:f4:
43:9a:6b:0a:42:30:82:89:eb:14:a2:56:f5:f1:e8:a1:35:1c:
de:b9:34:d9:50:1e:a2:d5:6a:45:bc:ac:06:f0:e9:55:95:ae:
16:62:6e:14:4c:2a:54:6e:4d:b4:8f:59:77:f8:6d:d5:a4:b9:
cf:e0:d3:b4:0a:58:d5:81:70:57:df:20:78:f5:08:71:9f:8e:
c0:50:ec:c7:89:25:3c:53:96:4c:b7:94:bc:55:04:64:92:80:
9c:e7:9c:04:44:c5:e7:2c:32:c6:0f:82:1b:fa:4a:90:a3:21:
4a:fe:dd:51:bb:2c:4f:32:45:eb:67:01:b0:bc:88:c7:9b:de:
a0:56:2f:a7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZS37ipjrkFEc08ldF9TzSTIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMTI1NDA0YzZkZDQ3MmYxMDAxZWQ5ZmZkZjcyNjc2MmFj
NzcwMWQwHhcNMjUwMTMwMTU1NzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZGQ3MjU4YjhjNTUzMTQ1YWY4MTA2YzU0MWU1OWUyYWFmNzM4NjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAroOjJ6ZARFL4/o7HU/+E6eN4+R9/
qXX15QPJrOopkDW0En3tWWQvcP76by3urNY+cePmD7fXdeOu855M2q5CTYajanxQ
lZuEILQoYAhKfaQsRj8bDa/elGcH153mXLbR599pvDKQekydBrXng1KyJzmIht0M
2cn7M+Y1FxbUL8rgTvf1iL07nHnY/HKW5ag/KGYqwGnXSju6knCEC+eVVDgx2pGD
1zDlW6dTUPO0lw6GFxzqo1+KE0Gg+gfw/O6mcaf5RCHvXytMuMFljePihkncF5l3
s/tSGQe10Yok+uV1RdlW5vD4GLFdUAoa/Zlh482ej5XubG1Ipkw1YJxVjQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFO3XJYuMVTFFr4EGxUHlniqvc4YlMB8GA1UdIwQY
MBaAFBESVATG3UcvEAHtn/33JnYqx3AdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVJKVUJNYmRSeThRQWUyZl9mY21kaXJIY0IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jZjljZDYtZTcxNy00ZGRhLTgyZWYt
NmRmZTBmN2Q1M2JkLzEvN2RjbGk0eFZNVVd2Z1FiRlFlV2VLcTl6aGlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jZjljZDYtZTcxNy00ZGRhLTgyZWYtNmRmZTBmN2Q1M2Jk
LzEvRVJKVUJNYmRSeThRQWUyZl9mY21kaXJIY0IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXPKlAwQD
pIoIMA0GCSqGSIb3DQEBCwUAA4IBAQA6er58cGlrV0b7efEl8NjQb8/JQ2K/JHOF
eS/wjMtBiVqk6Uxu5iKSQuuqCIoagIzjYV+9lau2fu5/vNC9jwJdIREi3wiu06il
ujqmfhjPY7xWaInji8Q8KUQIELyB8vauiCQxBEG8v4oNOmOPlKlc1fSsxrqOog9E
KqznCvRDmmsKQjCCiesUolb18eihNRzeuTTZUB6i1WpFvKwG8OlVla4WYm4UTCpU
bk20j1l3+G3VpLnP4NO0CljVgXBX3yB49Qhxn47AUOzHiSU8U5ZMt5S8VQRkkoCc
55wERMXnLDLGD4Ib+kqQoyFK/t1RuyxPMkXrZwGwvIjHm96gVi+n
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:56:17 2025 by rpki-client