Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/d28341-11fa-43f7-8729-4cd81e9f8cba/1/J61Fkm6j7PE3MBvtv4g6n6biSSo.roa
File: J61Fkm6j7PE3MBvtv4g6n6biSSo.roa (raw, json)
Hash identifier: 8K7fCj5TQmFNg/C8KSxNqmWTR8finmCcI4+gE6ORWAo=
Subject key identifier: 27:AD:45:92:6E:A3:EC:F1:37:30:1B:ED:BF:88:3A:9F:A6:E2:49:2A
Certificate issuer: /CN=4a407ca3a6af469a31bb52030fcd911c91e66c1b
Certificate serial: 019420D5D49FAC76EF92F0AC94B26BB35E73
Authority key identifier: 4A:40:7C:A3:A6:AF:46:9A:31:BB:52:03:0F:CD:91:1C:91:E6:6C:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SkB8o6avRpoxu1IDD82RHJHmbBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/d28341-11fa-43f7-8729-4cd81e9f8cba/1/J61Fkm6j7PE3MBvtv4g6n6biSSo.roa
Signing time: Wed 01 Jan 2025 07:47:51 +0000
ROA not before: Wed 01 Jan 2025 07:47:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8803
IP address blocks: 193.5.172.0/22 maxlen: 22
193.8.176.0/24 maxlen: 24
193.8.177.0/24 maxlen: 24
193.8.178.0/24 maxlen: 24
193.8.179.0/24 maxlen: 24
193.8.180.0/24 maxlen: 24
193.8.181.0/24 maxlen: 24
194.124.217.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/d28341-11fa-43f7-8729-4cd81e9f8cba/1/SkB8o6avRpoxu1IDD82RHJHmbBs.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/d28341-11fa-43f7-8729-4cd81e9f8cba/1/SkB8o6avRpoxu1IDD82RHJHmbBs.mft
rsync://rpki.ripe.net/repository/DEFAULT/SkB8o6avRpoxu1IDD82RHJHmbBs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:d4:9f:ac:76:ef:92:f0:ac:94:b2:6b:b3:5e:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a407ca3a6af469a31bb52030fcd911c91e66c1b
Validity
Not Before: Jan 1 07:47:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=27ad45926ea3ecf137301bedbf883a9fa6e2492a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:68:4c:d8:ce:2c:16:9b:ec:50:06:7c:1e:16:
6e:6b:d2:95:ef:bc:16:44:c9:ab:42:fb:26:95:df:
bb:ed:74:91:87:51:95:28:e4:7c:05:ed:f2:d6:41:
8c:6c:3d:39:6b:de:40:33:80:0b:5d:c8:62:72:e6:
93:e6:0d:6a:00:dd:63:c5:0d:a1:67:d9:51:7c:1b:
31:b1:e0:dc:8e:2c:7a:54:94:a6:d2:09:43:aa:31:
82:04:46:c5:82:39:9a:b2:16:55:c9:25:31:d9:e5:
ad:af:66:f3:0e:15:3d:00:2c:00:24:fe:e7:b5:12:
c7:38:a4:03:66:b1:3f:b9:38:38:8a:fe:76:62:c9:
cf:0c:b4:f3:41:a5:54:dc:32:10:bd:d5:4f:ee:31:
55:3f:e4:d7:77:25:df:d8:4f:ee:a2:27:4a:c7:98:
72:17:04:64:85:4e:3e:be:9f:e9:1a:5d:88:6d:6f:
b6:ec:54:35:5b:a3:3d:f3:16:28:7b:27:25:ee:6a:
07:39:8c:fb:ec:f3:15:59:03:6b:42:20:c6:3c:c1:
ff:87:16:f2:61:b9:d6:20:f8:64:6d:5c:27:cb:f3:
0c:fc:2a:09:a8:c0:34:2c:06:50:23:dd:f9:b1:dd:
e3:52:61:6b:32:06:b2:d9:0f:54:9a:b4:5e:f0:d1:
8d:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:AD:45:92:6E:A3:EC:F1:37:30:1B:ED:BF:88:3A:9F:A6:E2:49:2A
X509v3 Authority Key Identifier:
keyid:4A:40:7C:A3:A6:AF:46:9A:31:BB:52:03:0F:CD:91:1C:91:E6:6C:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SkB8o6avRpoxu1IDD82RHJHmbBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/d28341-11fa-43f7-8729-4cd81e9f8cba/1/J61Fkm6j7PE3MBvtv4g6n6biSSo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/d28341-11fa-43f7-8729-4cd81e9f8cba/1/SkB8o6avRpoxu1IDD82RHJHmbBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.5.172.0/22
193.8.176.0-193.8.181.255
194.124.217.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:c2:da:9d:81:b0:ea:26:8d:ac:e0:ec:9e:26:fc:d9:3c:a4:
08:04:d6:c8:f6:39:c2:08:e4:f4:43:15:87:dd:84:48:a8:2d:
00:76:5a:9f:dd:ec:a0:cb:57:9e:75:dd:d3:57:26:e4:82:9b:
34:58:00:42:19:a1:63:b4:a0:98:1c:c7:ed:9b:80:3f:8f:9d:
f0:5f:70:cb:58:80:0a:a7:dc:da:d2:b7:89:b0:3c:30:b3:27:
14:32:08:4f:09:bc:7d:2c:99:9a:37:1b:17:bb:f0:f9:b2:b6:
25:60:3b:e7:04:fd:bc:6a:24:a7:e9:e1:dd:f2:ae:69:19:91:
5d:c1:52:b4:97:07:19:28:6c:ed:b7:27:8c:73:09:40:d9:9b:
a3:18:8f:5e:2c:8a:70:fb:2e:85:d3:50:1e:f7:fe:9c:3a:45:
f9:1c:72:2f:3b:18:66:b6:10:ba:e4:72:66:23:f2:d7:ca:0f:
d3:e4:19:d7:25:8b:11:76:ea:03:bc:fc:d6:d9:c7:5f:b1:08:
a8:a8:f1:38:bc:a8:f2:f2:8b:fd:18:98:07:a9:f8:cf:e5:bc:
c0:82:76:2c:6e:79:e6:a2:55:1b:76:96:49:f1:dc:fc:3a:1b:
0a:cf:87:50:45:55:3e:cf:d7:06:ee:4e:78:27:e2:fd:26:5b:
ca:a3:44:1c
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQg1dSfrHbvkvCslLJrs15zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNDA3Y2EzYTZhZjQ2OWEzMWJiNTIwMzBmY2Q5MTFjOTFl
NjZjMWIwHhcNMjUwMTAxMDc0NzUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2FkNDU5MjZlYTNlY2YxMzczMDFiZWRiZjg4M2E5ZmE2ZTI0OTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8mhM2M4sFpvsUAZ8HhZua9KV77wW
RMmrQvsmld+77XSRh1GVKOR8Be3y1kGMbD05a95AM4ALXchicuaT5g1qAN1jxQ2h
Z9lRfBsxseDcjix6VJSm0glDqjGCBEbFgjmashZVySUx2eWtr2bzDhU9ACwAJP7n
tRLHOKQDZrE/uTg4iv52YsnPDLTzQaVU3DIQvdVP7jFVP+TXdyXf2E/uoidKx5hy
FwRkhU4+vp/pGl2IbW+27FQ1W6M98xYoeycl7moHOYz77PMVWQNrQiDGPMH/hxby
YbnWIPhkbVwny/MM/CoJqMA0LAZQI935sd3jUmFrMgay2Q9UmrRe8NGN5QIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFCetRZJuo+zxNzAb7b+IOp+m4kkqMB8GA1UdIwQY
MBaAFEpAfKOmr0aaMbtSAw/NkRyR5mwbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2tCOG82YXZScG94dTFJREQ4MlJISkhtYkJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9kMjgzNDEtMTFmYS00M2Y3LTg3Mjkt
NGNkODFlOWY4Y2JhLzEvSjYxRmttNmo3UEUzTUJ2dHY0ZzZuNmJpU1NvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9kMjgzNDEtMTFmYS00M2Y3LTg3MjktNGNkODFlOWY4Y2Jh
LzEvU2tCOG82YXZScG94dTFJREQ4MlJISkhtYkJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCwQWsMAwD
BATBCLADBAHBCLQDBADCfNkwDQYJKoZIhvcNAQELBQADggEBAGvC2p2BsOomjazg
7J4m/Nk8pAgE1sj2OcII5PRDFYfdhEioLQB2Wp/d7KDLV5513dNXJuSCmzRYAEIZ
oWO0oJgcx+2bgD+PnfBfcMtYgAqn3NrSt4mwPDCzJxQyCE8JvH0smZo3Gxe78Pmy
tiVgO+cE/bxqJKfp4d3yrmkZkV3BUrSXBxkobO23J4xzCUDZm6MYj14sinD7LoXT
UB73/pw6Rfkcci87GGa2ELrkcmYj8tfKD9PkGdclixF26gO8/NbZx1+xCKio8Ti8
qPLyi/0YmAep+M/lvMCCdixueeaiVRt2lknx3Pw6GwrPh1BFVT7P1wbuTngn4v0m
W8qjRBw=
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:46:17 2025 by rpki-client