Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/02fde7-d326-43de-8520-6d71fe13d61d/1/x75CgHaNcNlIrskWea67UxRrM1c.roa
File: x75CgHaNcNlIrskWea67UxRrM1c.roa (raw, json)
Hash identifier: xJt3cVolGlaYguNEQZsOwCLANVkSIZwIfqNsviXM16Q=
Subject key identifier: C7:BE:42:80:76:8D:70:D9:48:AE:C9:16:79:AE:BB:53:14:6B:33:57
Certificate issuer: /CN=d5089bce08c55daa57b4f3a3c9070fb391853ccf
Certificate serial: 019426D9ED6079A3B4F633E74666C1699048
Authority key identifier: D5:08:9B:CE:08:C5:5D:AA:57:B4:F3:A3:C9:07:0F:B3:91:85:3C:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1QibzgjFXapXtPOjyQcPs5GFPM8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/02fde7-d326-43de-8520-6d71fe13d61d/1/x75CgHaNcNlIrskWea67UxRrM1c.roa
Signing time: Thu 02 Jan 2025 11:50:03 +0000
ROA not before: Thu 02 Jan 2025 11:50:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213306
IP address blocks: 109.94.102.0/23 maxlen: 23
109.94.102.0/24 maxlen: 24
109.94.103.0/24 maxlen: 24
185.56.223.0/24 maxlen: 24
193.201.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/02fde7-d326-43de-8520-6d71fe13d61d/1/1QibzgjFXapXtPOjyQcPs5GFPM8.crl
rsync://rpki.ripe.net/repository/DEFAULT/e7/02fde7-d326-43de-8520-6d71fe13d61d/1/1QibzgjFXapXtPOjyQcPs5GFPM8.mft
rsync://rpki.ripe.net/repository/DEFAULT/1QibzgjFXapXtPOjyQcPs5GFPM8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 23:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:ed:60:79:a3:b4:f6:33:e7:46:66:c1:69:90:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5089bce08c55daa57b4f3a3c9070fb391853ccf
Validity
Not Before: Jan 2 11:50:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c7be4280768d70d948aec91679aebb53146b3357
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:2e:40:9d:6b:a4:ba:9b:ee:c5:a6:80:fb:75:
a6:64:d5:86:1d:39:0f:ef:fd:65:d3:01:d9:33:d2:
07:ea:a8:bc:82:ce:61:a7:ce:1c:a7:e5:47:24:2b:
b8:b3:99:65:93:ac:0b:71:e8:98:d7:9f:47:8d:b3:
18:1f:6d:7b:37:c6:4c:15:8b:cc:c6:9c:66:9a:ff:
ed:de:eb:ef:cb:32:28:23:79:50:59:48:a8:2d:c4:
78:ba:e2:80:af:6b:20:6f:60:a9:8d:65:25:34:97:
5e:ef:40:51:d1:f2:c3:80:9a:30:ce:ac:01:2c:2a:
0e:7f:1b:eb:ae:a8:79:e2:07:00:eb:56:bc:38:35:
d6:5b:24:38:ac:f7:56:41:e4:ea:93:09:66:76:a6:
da:d7:25:23:90:55:6e:98:bd:66:29:5d:65:1b:11:
63:06:47:a3:81:1c:a4:2c:00:3c:54:01:9f:93:d7:
48:32:04:fc:24:8e:d4:f7:e0:06:a5:ab:c6:64:77:
ed:bd:86:94:4e:4d:19:ee:b3:50:72:46:fd:fc:0a:
e5:62:52:07:50:be:5c:70:43:b4:22:ad:a9:37:38:
cb:b6:f5:c9:fc:dc:39:ed:80:b7:50:78:57:5a:69:
f1:26:8f:c4:18:34:25:06:86:ec:1a:17:17:11:0a:
f6:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:BE:42:80:76:8D:70:D9:48:AE:C9:16:79:AE:BB:53:14:6B:33:57
X509v3 Authority Key Identifier:
keyid:D5:08:9B:CE:08:C5:5D:AA:57:B4:F3:A3:C9:07:0F:B3:91:85:3C:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1QibzgjFXapXtPOjyQcPs5GFPM8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/02fde7-d326-43de-8520-6d71fe13d61d/1/x75CgHaNcNlIrskWea67UxRrM1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/02fde7-d326-43de-8520-6d71fe13d61d/1/1QibzgjFXapXtPOjyQcPs5GFPM8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.94.102.0/23
185.56.223.0/24
193.201.207.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:e1:2e:21:ab:6f:34:26:29:f4:7b:87:d0:35:e8:89:3d:76:
6a:b9:1e:cd:a4:d1:aa:6d:11:49:69:f0:73:43:b4:49:34:68:
03:78:85:d6:31:53:45:d7:bd:15:4f:13:fb:5b:04:02:eb:e1:
9c:45:78:d9:2b:8a:21:67:8b:74:34:e0:03:14:50:3a:78:fb:
33:4f:da:b1:d9:72:c0:ac:9b:c0:2d:99:2b:b1:a0:65:ea:ee:
f6:df:7a:00:33:f1:df:de:49:ef:b2:18:75:de:46:ec:3c:8b:
68:ed:aa:80:1b:92:74:57:cc:40:7a:9b:e7:e5:1c:dc:23:d2:
49:00:05:3a:a4:f0:b4:46:ba:dc:32:20:f6:58:22:17:b8:b3:
67:7f:d8:47:d1:59:c9:17:27:bc:50:c1:1d:96:79:f6:60:50:
12:f9:92:95:57:91:29:15:3e:67:9f:28:d2:ea:a7:cf:af:6f:
12:a9:e8:48:59:ad:f6:30:b9:0c:f1:bf:3f:ad:a7:f9:86:93:
63:ac:5f:e2:5e:f3:90:e8:47:f6:c6:3b:37:15:23:ee:0d:13:
3a:dc:80:be:2e:cc:21:4d:cb:d1:1e:41:9c:00:e2:a8:07:89:
f9:1a:27:38:4d:a9:ba:27:fb:85:f7:da:38:c7:35:91:36:d7:
0a:69:0f:1c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQm2e1geaO09jPnRmbBaZBIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MDg5YmNlMDhjNTVkYWE1N2I0ZjNhM2M5MDcwZmIzOTE4
NTNjY2YwHhcNMjUwMTAyMTE1MDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2JlNDI4MDc2OGQ3MGQ5NDhhZWM5MTY3OWFlYmI1MzE0NmIzMzU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvy5AnWukupvuxaaA+3WmZNWGHTkP
7/1l0wHZM9IH6qi8gs5hp84cp+VHJCu4s5llk6wLceiY159HjbMYH217N8ZMFYvM
xpxmmv/t3uvvyzIoI3lQWUioLcR4uuKAr2sgb2CpjWUlNJde70BR0fLDgJowzqwB
LCoOfxvrrqh54gcA61a8ODXWWyQ4rPdWQeTqkwlmdqba1yUjkFVumL1mKV1lGxFj
BkejgRykLAA8VAGfk9dIMgT8JI7U9+AGpavGZHftvYaUTk0Z7rNQckb9/ArlYlIH
UL5ccEO0Iq2pNzjLtvXJ/Nw57YC3UHhXWmnxJo/EGDQlBobsGhcXEQr26QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMe+QoB2jXDZSK7JFnmuu1MUazNXMB8GA1UdIwQY
MBaAFNUIm84IxV2qV7Tzo8kHD7ORhTzPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVFpYnpnakZYYXBYdFBPanlRY1BzNUdGUE04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy8wMmZkZTctZDMyNi00M2RlLTg1MjAt
NmQ3MWZlMTNkNjFkLzEveDc1Q2dIYU5jTmxJcnNrV2VhNjdVeFJyTTFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy8wMmZkZTctZDMyNi00M2RlLTg1MjAtNmQ3MWZlMTNkNjFk
LzEvMVFpYnpnakZYYXBYdFBPanlRY1BzNUdGUE04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBbV5mAwQA
uTjfAwQAwcnPMA0GCSqGSIb3DQEBCwUAA4IBAQBN4S4hq280Jin0e4fQNeiJPXZq
uR7NpNGqbRFJafBzQ7RJNGgDeIXWMVNF170VTxP7WwQC6+GcRXjZK4ohZ4t0NOAD
FFA6ePszT9qx2XLArJvALZkrsaBl6u7233oAM/Hf3knvshh13kbsPIto7aqAG5J0
V8xAepvn5RzcI9JJAAU6pPC0RrrcMiD2WCIXuLNnf9hH0VnJFye8UMEdlnn2YFAS
+ZKVV5EpFT5nnyjS6qfPr28SqehIWa32MLkM8b8/raf5hpNjrF/iXvOQ6Ef2xjs3
FSPuDRM63IC+LswhTcvRHkGcAOKoB4n5Gic4Tam6J/uF99o4xzWRNtcKaQ8c
-----END CERTIFICATE-----
Generated at Sun Apr 13 08:39:17 2025 by rpki-client