Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/1FmAMzQLb3mLZVGeJTAY2eEJJFk.roa
File: 1FmAMzQLb3mLZVGeJTAY2eEJJFk.roa (raw, json)
Hash identifier: UUuSBt4OdzrBgISERpqSrnk6ha5b0vTb3pmBgVy4gWE=
Subject key identifier: D4:59:80:33:34:0B:6F:79:8B:65:51:9E:25:30:18:D9:E1:09:24:59
Certificate issuer: /CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Certificate serial: 01942747FD3CF095EF2612A70B18347033E5
Authority key identifier: 81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/1FmAMzQLb3mLZVGeJTAY2eEJJFk.roa
Signing time: Thu 02 Jan 2025 13:50:16 +0000
ROA not before: Thu 02 Jan 2025 13:50:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211373
IP address blocks: 83.147.25.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.crl
rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.mft
rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 07:01:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:fd:3c:f0:95:ef:26:12:a7:0b:18:34:70:33:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Validity
Not Before: Jan 2 13:50:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d4598033340b6f798b65519e253018d9e1092459
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:2c:b4:9a:d6:79:08:cd:09:af:4c:7a:02:11:
9c:31:59:28:b6:f7:9d:b6:47:d6:a8:dd:16:dc:ea:
ea:9a:60:79:d2:48:67:d0:b6:65:d6:52:0d:e0:7c:
bd:b2:aa:d5:df:f0:0e:bd:4a:d5:62:02:1e:6a:09:
55:73:91:46:58:aa:0f:8f:9e:7a:70:9a:ba:cc:7b:
ab:d9:9b:0c:b8:b0:24:15:5e:c2:1a:fa:ef:06:1a:
f6:62:c8:52:83:cc:3f:0d:fb:95:23:51:e7:54:80:
03:c3:ec:d6:36:4d:de:35:6d:4e:c7:c4:10:c9:9c:
61:f2:3f:c0:1c:3a:80:8b:3b:fe:16:cd:00:e9:87:
94:91:b5:68:e6:eb:39:bd:ab:b3:95:bc:04:3c:68:
d3:ac:da:c7:f1:9e:0a:b7:c1:0e:0c:72:98:38:c3:
38:df:32:0d:cc:ec:0c:88:aa:18:90:68:7e:d9:44:
72:03:53:56:8b:0a:89:73:1c:a4:5c:a7:1e:4b:7d:
cc:de:73:7b:1b:7e:d9:74:aa:c5:9c:50:c6:1b:9d:
8a:01:2c:a7:d1:b8:2a:4d:41:07:cc:a7:99:c3:77:
b2:6c:ad:b4:91:b9:a2:a7:59:f3:11:74:71:27:5a:
cc:49:54:04:82:dd:57:51:91:26:b4:f5:ea:d8:67:
c4:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:59:80:33:34:0B:6F:79:8B:65:51:9E:25:30:18:D9:E1:09:24:59
X509v3 Authority Key Identifier:
keyid:81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/1FmAMzQLb3mLZVGeJTAY2eEJJFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.25.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:11:44:06:94:46:82:72:be:c7:28:a3:df:4f:a0:c5:8c:c7:
eb:7e:eb:10:40:4a:dd:28:14:5b:a0:58:fc:29:2b:31:f4:de:
e0:fb:93:b1:d5:35:36:9c:eb:39:6b:19:65:69:6c:25:ba:f3:
3c:40:c3:c1:a3:98:13:ff:2c:12:c1:a6:13:6d:f3:33:a9:3e:
1a:66:43:54:1d:c5:28:66:46:0c:71:f3:46:04:df:70:81:14:
23:13:d1:39:ac:02:a0:8c:0f:b1:87:f4:79:99:73:8a:3c:d9:
74:09:89:52:49:d2:37:f4:ee:e6:7f:f5:b0:ec:92:b6:09:3e:
14:9a:e4:82:0a:bd:c6:02:34:06:9b:dc:be:44:66:8b:ef:0a:
6d:3b:a8:5f:c8:6b:46:1c:62:7e:57:8e:95:0e:e6:54:3c:01:
f8:b1:ad:b3:de:c4:23:4e:e8:c6:1b:bc:21:f3:a1:35:c1:54:
cc:2e:30:46:d0:27:a3:f5:30:06:64:56:0a:c5:3f:3a:47:a8:
0d:78:88:2a:88:d6:65:ea:32:86:ea:62:18:0e:1d:1e:62:e3:
db:01:b5:ce:32:c3:60:ca:03:13:49:df:bd:fe:97:2c:1c:6a:
05:8b:0d:a4:0e:0d:a2:1b:de:bc:5e:26:df:ed:47:ed:56:5e:
dc:30:0f:cc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnR/088JXvJhKnCxg0cDPlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOTNmZmU5ZGIzNzYyNmIxM2Y4NWQ3Y2M0NTdhYWQ1YzFm
MzBjOWYwHhcNMjUwMTAyMTM1MDE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDU5ODAzMzM0MGI2Zjc5OGI2NTUxOWUyNTMwMThkOWUxMDkyNDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAziy0mtZ5CM0Jr0x6AhGcMVkotved
tkfWqN0W3OrqmmB50khn0LZl1lIN4Hy9sqrV3/AOvUrVYgIeaglVc5FGWKoPj556
cJq6zHur2ZsMuLAkFV7CGvrvBhr2YshSg8w/DfuVI1HnVIADw+zWNk3eNW1Ox8QQ
yZxh8j/AHDqAizv+Fs0A6YeUkbVo5us5vauzlbwEPGjTrNrH8Z4Kt8EODHKYOMM4
3zINzOwMiKoYkGh+2URyA1NWiwqJcxykXKceS33M3nN7G37ZdKrFnFDGG52KASyn
0bgqTUEHzKeZw3eybK20kbmip1nzEXRxJ1rMSVQEgt1XUZEmtPXq2GfEJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNRZgDM0C295i2VRniUwGNnhCSRZMB8GA1UdIwQY
MBaAFIGT/+nbN2JrE/hdfMRXqtXB8wyfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODkt
MDhkMTI3MGMyZTcxLzEvMUZtQU16UUxiM21MWlZHZUpUQVkyZUVKSkZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODktMDhkMTI3MGMyZTcx
LzEvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAU5MZMA0G
CSqGSIb3DQEBCwUAA4IBAQA8EUQGlEaCcr7HKKPfT6DFjMfrfusQQErdKBRboFj8
KSsx9N7g+5Ox1TU2nOs5axllaWwluvM8QMPBo5gT/ywSwaYTbfMzqT4aZkNUHcUo
ZkYMcfNGBN9wgRQjE9E5rAKgjA+xh/R5mXOKPNl0CYlSSdI39O7mf/Ww7JK2CT4U
muSCCr3GAjQGm9y+RGaL7wptO6hfyGtGHGJ+V46VDuZUPAH4sa2z3sQjTujGG7wh
86E1wVTMLjBG0Cej9TAGZFYKxT86R6gNeIgqiNZl6jKG6mIYDh0eYuPbAbXOMsNg
ygMTSd+9/pcsHGoFiw2kDg2iG968Xibf7UftVl7cMA/M
-----END CERTIFICATE-----
Generated at Wed Feb 5 17:04:12 2025 by rpki-client