Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/9ea68f-743d-47da-b71c-709fbe84cdfb/1/O_fqEW14QhPRGqjQoVa9vmGmVmM.roa
File: O_fqEW14QhPRGqjQoVa9vmGmVmM.roa (raw, json)
Hash identifier: V1ztdeLVNvewuDYhom6BXL6CS05sk8OmHCsK+DDqUrE=
Subject key identifier: 3B:F7:EA:11:6D:78:42:13:D1:1A:A8:D0:A1:56:BD:BE:61:A6:56:63
Certificate issuer: /CN=9c8a1876fddc2b63748b457b770b79a7e66e793c
Certificate serial: 019424451229B00E911739D00728860D59CD
Authority key identifier: 9C:8A:18:76:FD:DC:2B:63:74:8B:45:7B:77:0B:79:A7:E6:6E:79:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nIoYdv3cK2N0i0V7dwt5p-ZueTw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/9ea68f-743d-47da-b71c-709fbe84cdfb/1/O_fqEW14QhPRGqjQoVa9vmGmVmM.roa
Signing time: Wed 01 Jan 2025 23:48:13 +0000
ROA not before: Wed 01 Jan 2025 23:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204053
IP address blocks: 45.143.16.0/22 maxlen: 32
45.152.152.0/22 maxlen: 32
91.198.78.0/24 maxlen: 32
185.115.172.0/22 maxlen: 32
185.203.92.0/22 maxlen: 32
193.16.97.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/9ea68f-743d-47da-b71c-709fbe84cdfb/1/nIoYdv3cK2N0i0V7dwt5p-ZueTw.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/9ea68f-743d-47da-b71c-709fbe84cdfb/1/nIoYdv3cK2N0i0V7dwt5p-ZueTw.mft
rsync://rpki.ripe.net/repository/DEFAULT/nIoYdv3cK2N0i0V7dwt5p-ZueTw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:12:29:b0:0e:91:17:39:d0:07:28:86:0d:59:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c8a1876fddc2b63748b457b770b79a7e66e793c
Validity
Not Before: Jan 1 23:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3bf7ea116d784213d11aa8d0a156bdbe61a65663
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:63:4e:e6:e8:8b:b7:5c:d3:61:6c:38:04:cc:
4a:ac:ea:66:33:2b:a1:a3:04:3a:fa:9d:d4:b4:8e:
e6:5f:9e:5f:a9:e8:f5:c8:a6:f7:81:73:09:9c:a8:
ae:d7:4f:f1:21:3e:bd:dd:60:a4:3a:dc:04:61:4b:
d0:52:b0:b7:26:48:d9:cd:c0:15:3e:89:86:29:12:
b9:a2:b6:57:e9:b3:c3:51:b3:84:99:6d:fa:80:9d:
53:12:a8:2c:97:36:8e:b4:5b:1e:8a:b0:81:be:aa:
ac:22:00:e0:bd:0b:7d:b6:b5:c9:fa:a3:6e:23:03:
f5:d1:e4:54:03:7e:ff:a3:f2:ba:cc:84:58:c3:b7:
cd:10:40:2e:1a:30:8b:85:72:8e:35:e5:8e:b1:ad:
7d:0c:ae:19:ba:99:e6:41:f3:f2:9d:df:4e:f4:8a:
80:60:7d:51:b4:46:5c:13:2d:93:fc:93:38:2d:17:
b5:70:43:db:10:32:50:af:1b:eb:7e:a3:c8:c4:56:
75:89:99:d3:e8:5c:96:94:4d:74:b3:e7:4d:1e:e3:
54:a8:a2:40:ea:93:e1:d2:e6:74:53:5c:7f:e0:1b:
89:35:ec:45:f1:5f:cb:8a:4d:2b:a7:b7:b7:1d:3d:
3a:3f:55:46:57:8d:27:8a:b0:14:19:3e:23:ab:dd:
5f:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:F7:EA:11:6D:78:42:13:D1:1A:A8:D0:A1:56:BD:BE:61:A6:56:63
X509v3 Authority Key Identifier:
keyid:9C:8A:18:76:FD:DC:2B:63:74:8B:45:7B:77:0B:79:A7:E6:6E:79:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nIoYdv3cK2N0i0V7dwt5p-ZueTw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/9ea68f-743d-47da-b71c-709fbe84cdfb/1/O_fqEW14QhPRGqjQoVa9vmGmVmM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/9ea68f-743d-47da-b71c-709fbe84cdfb/1/nIoYdv3cK2N0i0V7dwt5p-ZueTw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.16.0/22
45.152.152.0/22
91.198.78.0/24
185.115.172.0/22
185.203.92.0/22
193.16.97.0/24
Signature Algorithm: sha256WithRSAEncryption
89:fa:32:48:ae:ce:2e:71:37:50:8a:f6:7a:02:52:3f:c1:d2:
a9:2c:f4:4d:ad:e9:77:51:c9:35:9e:01:39:93:79:1e:ca:40:
17:1e:91:29:86:ac:83:db:d8:a1:c7:73:d0:eb:95:70:d4:c1:
71:d9:41:89:91:5e:6b:49:07:a6:ed:f7:14:af:5a:51:98:94:
98:fe:68:1c:77:22:68:18:76:f6:66:97:7d:12:fa:a7:32:da:
65:d7:69:da:a0:9b:c6:89:5f:e8:be:22:e6:9e:04:70:ec:d5:
75:ff:1d:c2:46:68:25:62:96:49:92:10:d7:18:8a:a9:e0:65:
52:a3:d6:a8:ce:19:a6:94:05:fd:5e:22:65:ae:4e:eb:01:41:
66:5f:4c:69:2b:6e:b9:5b:46:79:45:3f:e6:b8:bf:ec:aa:cd:
d3:ca:9e:05:94:19:c3:f2:42:49:5c:1e:44:22:68:ea:0e:f7:
32:f3:4e:f7:8c:e8:81:4e:4a:76:af:b6:a0:f2:75:a1:ab:54:
da:86:bf:bc:7a:c0:8b:68:00:ee:9e:ae:1b:96:b5:4a:c5:ad:
e9:1b:23:7d:49:b4:21:4a:75:6e:bf:f6:7e:f5:8b:3e:dc:f9:
4f:1b:32:7d:c0:d5:59:28:11:7b:fe:8d:30:5d:93:5a:b3:c4:
8d:16:8f:c5
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQkRRIpsA6RFznQByiGDVnNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljOGExODc2ZmRkYzJiNjM3NDhiNDU3Yjc3MGI3OWE3ZTY2
ZTc5M2MwHhcNMjUwMTAxMjM0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmY3ZWExMTZkNzg0MjEzZDExYWE4ZDBhMTU2YmRiZTYxYTY1NjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxGNO5uiLt1zTYWw4BMxKrOpmMyuh
owQ6+p3UtI7mX55fqej1yKb3gXMJnKiu10/xIT693WCkOtwEYUvQUrC3JkjZzcAV
PomGKRK5orZX6bPDUbOEmW36gJ1TEqgslzaOtFseirCBvqqsIgDgvQt9trXJ+qNu
IwP10eRUA37/o/K6zIRYw7fNEEAuGjCLhXKONeWOsa19DK4ZupnmQfPynd9O9IqA
YH1RtEZcEy2T/JM4LRe1cEPbEDJQrxvrfqPIxFZ1iZnT6FyWlE10s+dNHuNUqKJA
6pPh0uZ0U1x/4BuJNexF8V/Lik0rp7e3HT06P1VGV40nirAUGT4jq91f/wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFDv36hFteEIT0Rqo0KFWvb5hplZjMB8GA1UdIwQY
MBaAFJyKGHb93CtjdItFe3cLeafmbnk8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbklvWWR2M2NLMk4waTBWN2R3dDVwLVp1ZVR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy85ZWE2OGYtNzQzZC00N2RhLWI3MWMt
NzA5ZmJlODRjZGZiLzEvT19mcUVXMTRRaFBSR3FqUW9WYTl2bUdtVm1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy85ZWE2OGYtNzQzZC00N2RhLWI3MWMtNzA5ZmJlODRjZGZi
LzEvbklvWWR2M2NLMk4waTBWN2R3dDVwLVp1ZVR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCLY8QAwQC
LZiYAwQAW8ZOAwQCuXOsAwQCuctcAwQAwRBhMA0GCSqGSIb3DQEBCwUAA4IBAQCJ
+jJIrs4ucTdQivZ6AlI/wdKpLPRNrel3Uck1ngE5k3keykAXHpEphqyD29ihx3PQ
65Vw1MFx2UGJkV5rSQem7fcUr1pRmJSY/mgcdyJoGHb2Zpd9EvqnMtpl12naoJvG
iV/oviLmngRw7NV1/x3CRmglYpZJkhDXGIqp4GVSo9aozhmmlAX9XiJlrk7rAUFm
X0xpK265W0Z5RT/muL/sqs3Typ4FlBnD8kJJXB5EImjqDvcy8073jOiBTkp2r7ag
8nWhq1Tahr+8esCLaADunq4blrVKxa3pGyN9SbQhSnVuv/Z+9Ys+3PlPGzJ9wNVZ
KBF7/o0wXZNas8SNFo/F
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:31:45 2025 by rpki-client