Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/d8d6ba-ef95-4dc5-be98-671bee2bcc04/1/KfdFKMsjdHv-q7t8wKVB68imJFI.roa
File: KfdFKMsjdHv-q7t8wKVB68imJFI.roa (raw, json)
Hash identifier: /pY/O4QXO7BvEAN+9S1nVpoPg09znAHFBvFlWdPOJZg=
Subject key identifier: 29:F7:45:28:CB:23:74:7B:FE:AB:BB:7C:C0:A5:41:EB:C8:A6:24:52
Certificate issuer: /CN=acc431652cdcf521c55bc4005c0dae32ca0a3ec6
Certificate serial: 0194266BD154F86FC53B71C50DC390A9902C
Authority key identifier: AC:C4:31:65:2C:DC:F5:21:C5:5B:C4:00:5C:0D:AE:32:CA:0A:3E:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rMQxZSzc9SHFW8QAXA2uMsoKPsY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/d8d6ba-ef95-4dc5-be98-671bee2bcc04/1/KfdFKMsjdHv-q7t8wKVB68imJFI.roa
Signing time: Thu 02 Jan 2025 09:49:47 +0000
ROA not before: Thu 02 Jan 2025 09:49:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48299
IP address blocks: 31.25.144.0/21 maxlen: 21
31.25.151.0/24 maxlen: 24
94.126.160.0/21 maxlen: 21
185.36.97.0/24 maxlen: 24
185.36.99.0/24 maxlen: 24
2a02:2600::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/d8d6ba-ef95-4dc5-be98-671bee2bcc04/1/rMQxZSzc9SHFW8QAXA2uMsoKPsY.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/d8d6ba-ef95-4dc5-be98-671bee2bcc04/1/rMQxZSzc9SHFW8QAXA2uMsoKPsY.mft
rsync://rpki.ripe.net/repository/DEFAULT/rMQxZSzc9SHFW8QAXA2uMsoKPsY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:d1:54:f8:6f:c5:3b:71:c5:0d:c3:90:a9:90:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=acc431652cdcf521c55bc4005c0dae32ca0a3ec6
Validity
Not Before: Jan 2 09:49:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=29f74528cb23747bfeabbb7cc0a541ebc8a62452
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:12:ab:a3:21:b1:23:a1:a8:bd:bd:2b:92:62:
36:97:bc:08:bd:e8:7a:59:cd:88:7d:86:1a:4c:92:
fc:4a:50:1b:9c:54:54:ee:47:d4:c4:2e:5f:7e:03:
78:06:53:65:72:72:cc:95:64:59:4f:1d:60:89:ae:
67:c0:1f:f4:a6:d5:81:37:9a:6c:e6:76:89:ca:02:
fa:a4:42:92:63:37:cf:57:60:2f:6d:4e:22:36:73:
a6:7e:49:52:6b:19:c0:fe:09:d1:49:c1:78:c6:bc:
92:e1:da:35:4f:3a:2f:42:d5:d7:4a:f8:b6:6e:17:
94:ea:79:c4:ed:87:a9:09:68:41:75:fd:1c:d2:9c:
49:82:fe:e8:d7:68:b5:75:6d:3f:f4:03:41:b1:7b:
f5:1a:57:35:25:00:82:df:d3:c7:28:93:28:3b:44:
61:3f:4e:92:17:12:a8:f0:7d:b9:fa:3d:b1:11:46:
0b:3c:48:23:82:42:08:1b:65:38:6f:e1:b1:eb:3f:
bc:c5:a9:e3:7d:32:6e:74:23:ef:90:64:ee:45:44:
3f:87:d3:c3:f5:7a:c1:aa:e2:7d:e8:55:29:b0:59:
7f:b3:9a:71:2c:17:24:cb:28:c2:ff:1c:e1:79:d7:
f9:5c:b2:8e:13:b7:22:49:f3:1d:8a:bf:66:1c:15:
84:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:F7:45:28:CB:23:74:7B:FE:AB:BB:7C:C0:A5:41:EB:C8:A6:24:52
X509v3 Authority Key Identifier:
keyid:AC:C4:31:65:2C:DC:F5:21:C5:5B:C4:00:5C:0D:AE:32:CA:0A:3E:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rMQxZSzc9SHFW8QAXA2uMsoKPsY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/d8d6ba-ef95-4dc5-be98-671bee2bcc04/1/KfdFKMsjdHv-q7t8wKVB68imJFI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/d8d6ba-ef95-4dc5-be98-671bee2bcc04/1/rMQxZSzc9SHFW8QAXA2uMsoKPsY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.144.0/21
94.126.160.0/21
185.36.97.0/24
185.36.99.0/24
IPv6:
2a02:2600::/32
Signature Algorithm: sha256WithRSAEncryption
82:3f:48:91:54:e1:3c:67:ad:89:eb:ec:df:a8:59:24:41:62:
ab:de:52:68:b6:22:14:76:c2:36:53:8d:cf:f3:d5:bb:25:b6:
a4:1f:55:fd:eb:1c:5a:6f:9d:57:a0:7d:d0:3c:f3:10:c5:45:
ef:be:32:b2:a3:6f:9a:11:36:04:6a:50:7b:15:2c:b1:d9:4d:
40:e1:12:bb:6c:e8:fd:73:61:b5:6f:ba:21:01:d9:47:b1:02:
fc:20:9c:9c:1d:08:c3:55:ad:45:39:a1:9b:be:bb:e1:06:26:
7e:9f:e3:fb:27:96:b8:fa:c2:0b:96:da:7f:e3:45:c7:7e:9e:
b5:7b:8a:e0:f9:ce:70:f3:da:18:ae:96:9e:96:e6:53:c1:44:
8d:9d:4f:28:98:b9:63:c6:7b:9a:d5:35:51:e7:7d:0f:f0:ba:
f3:cb:f6:ca:bd:0a:8d:5c:4f:98:e1:19:70:f3:47:7f:c1:77:
8d:3e:81:f5:82:c3:47:2b:71:12:6d:d9:d5:1f:3a:7d:eb:7f:
5a:37:75:b4:ce:7b:cd:41:b0:a4:c0:b3:6f:23:a6:8b:1e:8b:
eb:dc:8f:31:a9:13:fb:ac:ac:3f:6e:ed:70:fe:ed:16:3a:74:
a2:5e:51:b7:66:17:8b:0f:0d:3a:c3:90:37:97:c0:68:ac:8d:
59:fa:28:eb
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQma9FU+G/FO3HFDcOQqZAsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYzQzMTY1MmNkY2Y1MjFjNTViYzQwMDVjMGRhZTMyY2Ew
YTNlYzYwHhcNMjUwMTAyMDk0OTQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWY3NDUyOGNiMjM3NDdiZmVhYmJiN2NjMGE1NDFlYmM4YTYyNDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBKroyGxI6Govb0rkmI2l7wIveh6
Wc2IfYYaTJL8SlAbnFRU7kfUxC5ffgN4BlNlcnLMlWRZTx1gia5nwB/0ptWBN5ps
5naJygL6pEKSYzfPV2AvbU4iNnOmfklSaxnA/gnRScF4xryS4do1TzovQtXXSvi2
bheU6nnE7YepCWhBdf0c0pxJgv7o12i1dW0/9ANBsXv1Glc1JQCC39PHKJMoO0Rh
P06SFxKo8H25+j2xEUYLPEgjgkIIG2U4b+Gx6z+8xanjfTJudCPvkGTuRUQ/h9PD
9XrBquJ96FUpsFl/s5pxLBckyyjC/xzhedf5XLKOE7ciSfMdir9mHBWEYQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFCn3RSjLI3R7/qu7fMClQevIpiRSMB8GA1UdIwQY
MBaAFKzEMWUs3PUhxVvEAFwNrjLKCj7GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvck1ReFpTemM5U0hGVzhRQVhBMnVNc29LUHNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9kOGQ2YmEtZWY5NS00ZGM1LWJlOTgt
NjcxYmVlMmJjYzA0LzEvS2ZkRktNc2pkSHYtcTd0OHdLVkI2OGltSkZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9kOGQ2YmEtZWY5NS00ZGM1LWJlOTgtNjcxYmVlMmJjYzA0
LzEvck1ReFpTemM5U0hGVzhRQVhBMnVNc29LUHNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDHxmQAwQD
Xn6gAwQAuSRhAwQAuSRjMA0EAgACMAcDBQAqAiYAMA0GCSqGSIb3DQEBCwUAA4IB
AQCCP0iRVOE8Z62J6+zfqFkkQWKr3lJotiIUdsI2U43P89W7JbakH1X96xxab51X
oH3QPPMQxUXvvjKyo2+aETYEalB7FSyx2U1A4RK7bOj9c2G1b7ohAdlHsQL8IJyc
HQjDVa1FOaGbvrvhBiZ+n+P7J5a4+sILltp/40XHfp61e4rg+c5w89oYrpaeluZT
wUSNnU8omLljxnua1TVR530P8Lrzy/bKvQqNXE+Y4Rlw80d/wXeNPoH1gsNHK3ES
bdnVHzp9639aN3W0znvNQbCkwLNvI6aLHovr3I8xqRP7rKw/bu1w/u0WOnSiXlG3
ZheLDw06w5A3l8BorI1Z+ijr
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:56:56 2025 by rpki-client