Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/31081a-8b5a-49ec-9036-862e99973fc3/1/97KmMU-io56QACTp1Zd1_FHTqgw.roa
File: 97KmMU-io56QACTp1Zd1_FHTqgw.roa (raw, json)
Hash identifier: uCAMfglxmwOpuKBmRAadF3cN1VLfWXLJnP20OsEzzUE=
Subject key identifier: F7:B2:A6:31:4F:A2:A3:9E:90:00:24:E9:D5:97:75:FC:51:D3:AA:0C
Certificate issuer: /CN=f7822d4597e5493d15178bfb10e6841dd17e5897
Certificate serial: 019638959B47707B7D9BEB9F10D0C0E330F4
Authority key identifier: F7:82:2D:45:97:E5:49:3D:15:17:8B:FB:10:E6:84:1D:D1:7E:58:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/94ItRZflST0VF4v7EOaEHdF-WJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/31081a-8b5a-49ec-9036-862e99973fc3/1/97KmMU-io56QACTp1Zd1_FHTqgw.roa
Signing time: Tue 15 Apr 2025 08:34:10 +0000
ROA not before: Tue 15 Apr 2025 08:34:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202098
IP address blocks: 158.47.10.0/23 maxlen: 24
158.47.12.0/23 maxlen: 24
158.47.200.0/21 maxlen: 21
158.47.208.0/21 maxlen: 24
158.47.216.0/21 maxlen: 24
158.47.224.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/31081a-8b5a-49ec-9036-862e99973fc3/1/94ItRZflST0VF4v7EOaEHdF-WJc.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/31081a-8b5a-49ec-9036-862e99973fc3/1/94ItRZflST0VF4v7EOaEHdF-WJc.mft
rsync://rpki.ripe.net/repository/DEFAULT/94ItRZflST0VF4v7EOaEHdF-WJc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:38:95:9b:47:70:7b:7d:9b:eb:9f:10:d0:c0:e3:30:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f7822d4597e5493d15178bfb10e6841dd17e5897
Validity
Not Before: Apr 15 08:34:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f7b2a6314fa2a39e900024e9d59775fc51d3aa0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:9b:18:be:26:dc:f7:75:77:4a:5d:3d:0b:0a:
e4:d4:03:ce:46:63:7a:08:97:d6:da:43:fd:4a:1b:
ec:83:3b:16:44:1b:f8:d3:41:ee:eb:75:fa:21:97:
12:8b:59:20:ce:c3:be:bb:9b:70:b4:1c:22:e5:af:
76:95:31:d7:c8:61:d9:22:cd:dd:f7:dc:68:f5:14:
9a:6c:45:5a:e6:76:dc:e6:e0:c7:88:cc:37:57:39:
68:c4:ce:2e:3f:42:15:0c:73:cb:88:03:6d:4d:4d:
a5:68:bc:d1:87:4c:a7:27:f9:90:20:b2:8c:bb:25:
36:b9:1c:58:dc:92:fe:d0:4b:16:1f:84:ca:ca:07:
7a:f9:2c:02:07:ba:b4:9b:7d:74:e9:aa:80:07:9d:
20:6a:c9:34:34:90:f6:28:01:95:18:c3:a5:b4:e4:
dc:35:62:fb:5e:a2:0d:72:8e:65:f3:29:0c:5f:43:
aa:6d:b1:0c:f6:66:7a:20:32:50:20:9d:e1:c2:4f:
d4:ab:ec:70:6f:60:b6:a3:91:36:06:15:30:68:24:
d5:57:70:57:c5:ae:b6:66:48:dc:51:87:c7:28:0e:
92:e1:83:18:ba:8d:f8:eb:8f:12:22:70:95:9f:08:
d5:54:b1:99:62:45:52:1f:b6:5f:7a:67:dd:96:52:
00:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:B2:A6:31:4F:A2:A3:9E:90:00:24:E9:D5:97:75:FC:51:D3:AA:0C
X509v3 Authority Key Identifier:
keyid:F7:82:2D:45:97:E5:49:3D:15:17:8B:FB:10:E6:84:1D:D1:7E:58:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/94ItRZflST0VF4v7EOaEHdF-WJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/31081a-8b5a-49ec-9036-862e99973fc3/1/97KmMU-io56QACTp1Zd1_FHTqgw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/31081a-8b5a-49ec-9036-862e99973fc3/1/94ItRZflST0VF4v7EOaEHdF-WJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.47.10.0-158.47.13.255
158.47.200.0-158.47.255.255
Signature Algorithm: sha256WithRSAEncryption
2b:96:55:b7:fe:91:ab:dc:56:1c:1e:fa:ab:66:e0:13:5a:ac:
4f:ec:68:3e:f5:21:50:50:5f:f7:7c:e7:88:93:f5:3a:cf:c1:
57:4e:29:7d:55:8e:22:5c:8f:ed:b4:ae:24:2a:6e:b5:ba:ad:
72:f9:f5:9e:a8:86:ab:6d:29:36:5e:bc:20:c1:85:1e:7f:ff:
a1:29:9d:2e:cd:cb:63:c0:aa:e7:0d:8b:b4:94:c7:cc:04:a2:
70:56:34:33:1f:e8:f2:84:e0:ee:4a:80:a3:ec:22:32:ae:38:
37:c9:70:ca:c0:86:e2:1a:e0:58:31:a6:77:88:e9:19:a1:83:
15:67:90:45:12:b5:df:6a:77:ca:5b:3c:a6:34:8e:d7:0b:ce:
74:d1:95:59:cd:c8:91:71:97:be:a2:6b:48:62:d0:fa:77:d7:
ea:aa:d4:ef:b9:4c:0b:9d:52:75:8b:c9:60:14:fa:49:38:65:
0b:a1:e2:a4:77:62:43:88:84:0a:1f:53:cc:bb:e8:d2:2d:c8:
64:88:c7:59:7c:23:c3:b9:4a:60:e8:6b:fc:8e:af:b0:d1:3c:
a2:4e:d0:ac:00:00:35:d0:63:f3:14:81:27:77:9f:76:3e:b0:
65:fb:c3:5d:0b:49:b8:69:66:31:cd:a8:7a:2e:3f:7a:93:f4:
f0:33:85:be
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZY4lZtHcHt9m+ufENDA4zD0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3ODIyZDQ1OTdlNTQ5M2QxNTE3OGJmYjEwZTY4NDFkZDE3
ZTU4OTcwHhcNMjUwNDE1MDgzNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2IyYTYzMTRmYTJhMzllOTAwMDI0ZTlkNTk3NzVmYzUxZDNhYTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgpsYvibc93V3Sl09Cwrk1APORmN6
CJfW2kP9ShvsgzsWRBv400Hu63X6IZcSi1kgzsO+u5twtBwi5a92lTHXyGHZIs3d
99xo9RSabEVa5nbc5uDHiMw3VzloxM4uP0IVDHPLiANtTU2laLzRh0ynJ/mQILKM
uyU2uRxY3JL+0EsWH4TKygd6+SwCB7q0m3106aqAB50gask0NJD2KAGVGMOltOTc
NWL7XqINco5l8ykMX0OqbbEM9mZ6IDJQIJ3hwk/Uq+xwb2C2o5E2BhUwaCTVV3BX
xa62ZkjcUYfHKA6S4YMYuo34648SInCVnwjVVLGZYkVSH7ZfemfdllIAMQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPeypjFPoqOekAAk6dWXdfxR06oMMB8GA1UdIwQY
MBaAFPeCLUWX5Uk9FReL+xDmhB3RfliXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTRJdFJaZmxTVDBWRjR2N0VPYUVIZEYtV0pjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy8zMTA4MWEtOGI1YS00OWVjLTkwMzYt
ODYyZTk5OTczZmMzLzEvOTdLbU1VLWlvNTZRQUNUcDFaZDFfRkhUcWd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy8zMTA4MWEtOGI1YS00OWVjLTkwMzYtODYyZTk5OTczZmMz
LzEvOTRJdFJaZmxTVDBWRjR2N0VPYUVIZEYtV0pjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAATAbMAwDBAGeLwoD
BAGeLwwwCwMEA54vyAMDBJ4gMA0GCSqGSIb3DQEBCwUAA4IBAQArllW3/pGr3FYc
HvqrZuATWqxP7Gg+9SFQUF/3fOeIk/U6z8FXTil9VY4iXI/ttK4kKm61uq1y+fWe
qIarbSk2XrwgwYUef/+hKZ0uzctjwKrnDYu0lMfMBKJwVjQzH+jyhODuSoCj7CIy
rjg3yXDKwIbiGuBYMaZ3iOkZoYMVZ5BFErXfanfKWzymNI7XC8500ZVZzciRcZe+
omtIYtD6d9fqqtTvuUwLnVJ1i8lgFPpJOGULoeKkd2JDiIQKH1PMu+jSLchkiMdZ
fCPDuUpg6Gv8jq+w0TyiTtCsAAA10GPzFIEnd592PrBl+8NdC0m4aWYxzah6Lj96
k/TwM4W+
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:52:51 2025 by rpki-client