Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/9488d5-a8d3-44b5-92df-58caf4701be3/1/13RmIh6yv-Ml6T8W-vpiSXUZ2gU.roa
File: 13RmIh6yv-Ml6T8W-vpiSXUZ2gU.roa (raw, json)
Hash identifier: K4wrz2vLF42iU9Ok9LM/fxhgKzVbeVXkBRTlsWBsG54=
Subject key identifier: D7:74:66:22:1E:B2:BF:E3:25:E9:3F:16:FA:FA:62:49:75:19:DA:05
Certificate issuer: /CN=7beca4012bf7b5056e2e0a161eb4618876c9112a
Certificate serial: 019422202A2EAD28C3923D3A3B5EFACC45E6
Authority key identifier: 7B:EC:A4:01:2B:F7:B5:05:6E:2E:0A:16:1E:B4:61:88:76:C9:11:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e-ykASv3tQVuLgoWHrRhiHbJESo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/9488d5-a8d3-44b5-92df-58caf4701be3/1/13RmIh6yv-Ml6T8W-vpiSXUZ2gU.roa
Signing time: Wed 01 Jan 2025 13:48:40 +0000
ROA not before: Wed 01 Jan 2025 13:48:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 82.192.96.0/24 maxlen: 24
82.192.97.0/24 maxlen: 24
82.192.100.0/24 maxlen: 24
82.192.101.0/24 maxlen: 24
82.192.102.0/24 maxlen: 24
82.192.103.0/24 maxlen: 24
82.192.108.0/24 maxlen: 24
82.192.109.0/24 maxlen: 24
82.192.110.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/9488d5-a8d3-44b5-92df-58caf4701be3/1/e-ykASv3tQVuLgoWHrRhiHbJESo.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/9488d5-a8d3-44b5-92df-58caf4701be3/1/e-ykASv3tQVuLgoWHrRhiHbJESo.mft
rsync://rpki.ripe.net/repository/DEFAULT/e-ykASv3tQVuLgoWHrRhiHbJESo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:2a:2e:ad:28:c3:92:3d:3a:3b:5e:fa:cc:45:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7beca4012bf7b5056e2e0a161eb4618876c9112a
Validity
Not Before: Jan 1 13:48:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d77466221eb2bfe325e93f16fafa62497519da05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:b1:5f:b4:28:c9:22:f4:c6:da:36:a9:15:cf:
5d:e7:c9:1e:c7:4a:27:45:16:60:3e:55:f3:dc:cc:
70:3c:df:2b:64:23:3c:1f:ed:af:c8:1c:e6:ba:47:
2a:9a:7d:05:45:7b:55:1f:66:b9:41:3c:dd:a0:b2:
5e:1d:38:bb:7f:63:b1:4a:ca:48:3a:21:be:2e:5a:
d4:ec:37:ab:20:0b:a3:51:d8:92:ee:cb:59:0c:04:
ae:e9:2c:f1:4f:f0:f4:36:e4:10:91:75:9d:cd:f8:
af:d2:17:2c:fc:55:54:90:34:f2:48:f5:cc:ab:75:
3f:6f:fa:d0:ed:1d:5a:00:39:c0:cf:c7:b9:14:7a:
b0:7c:85:3a:30:55:1f:25:94:50:a3:bf:e5:9c:b5:
88:20:c3:a8:88:be:63:f9:98:7e:f1:db:a9:7a:e8:
45:04:be:a4:44:26:65:a3:ac:1e:c5:fb:36:99:fa:
b2:ac:e7:e9:c6:46:9e:c8:a3:12:09:f2:7b:89:4c:
7f:98:20:d1:62:55:3b:5f:9a:eb:98:bb:7d:c2:49:
5c:ed:e3:bc:5b:3d:b5:b9:d7:6d:1b:07:61:93:82:
79:6e:d6:90:46:76:b3:47:3d:08:f0:4b:47:81:06:
77:93:a6:28:85:bb:96:41:b5:01:6b:69:16:37:82:
7d:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:74:66:22:1E:B2:BF:E3:25:E9:3F:16:FA:FA:62:49:75:19:DA:05
X509v3 Authority Key Identifier:
keyid:7B:EC:A4:01:2B:F7:B5:05:6E:2E:0A:16:1E:B4:61:88:76:C9:11:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e-ykASv3tQVuLgoWHrRhiHbJESo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/9488d5-a8d3-44b5-92df-58caf4701be3/1/13RmIh6yv-Ml6T8W-vpiSXUZ2gU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/9488d5-a8d3-44b5-92df-58caf4701be3/1/e-ykASv3tQVuLgoWHrRhiHbJESo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.192.96.0/23
82.192.100.0/22
82.192.108.0-82.192.110.255
Signature Algorithm: sha256WithRSAEncryption
a8:51:f7:bf:6e:90:a8:28:7f:eb:95:4e:c1:79:3b:72:94:75:
36:76:9d:f9:69:e6:17:95:d4:5e:ad:3f:4f:9f:32:3d:9e:a9:
fc:63:7f:b4:a3:3b:05:10:4f:e5:c5:04:46:62:a1:21:d2:38:
fe:08:75:1c:77:9d:db:e0:69:dd:d2:8e:e1:99:0d:f9:89:07:
b9:bc:73:02:4b:95:be:74:8b:79:73:95:a6:eb:a8:3b:9b:fb:
5e:ba:2d:fa:e1:d7:63:9c:dc:92:d4:88:4b:e0:ba:8e:c1:1d:
3e:06:6e:e0:c7:8c:d9:48:96:18:e8:0e:70:ec:fc:3c:4a:04:
0e:43:03:fd:75:37:b7:4e:7f:79:9e:b4:aa:70:4e:e0:28:01:
2d:4a:4c:53:a5:16:d5:1f:79:4b:85:53:b4:a4:01:a8:98:75:
84:e9:b0:4c:c2:1b:03:9b:ac:6e:94:5f:95:7e:0f:a4:2e:67:
b0:34:87:18:db:e1:ca:e1:27:82:6b:ab:8b:a8:f5:6a:99:2e:
0d:4b:1f:1b:ef:f1:cf:78:3f:a1:bb:22:74:22:e1:43:f2:f7:
ca:eb:f1:d7:da:07:6e:42:8c:ae:89:37:14:27:61:a0:cd:59:
16:fc:fb:ba:48:57:e7:40:43:6e:79:2b:35:15:12:c2:fc:e1:
08:51:90:6d
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQiICourSjDkj06O176zEXmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiZWNhNDAxMmJmN2I1MDU2ZTJlMGExNjFlYjQ2MTg4NzZj
OTExMmEwHhcNMjUwMTAxMTM0ODQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzc0NjYyMjFlYjJiZmUzMjVlOTNmMTZmYWZhNjI0OTc1MTlkYTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvrFftCjJIvTG2japFc9d58kex0on
RRZgPlXz3MxwPN8rZCM8H+2vyBzmukcqmn0FRXtVH2a5QTzdoLJeHTi7f2OxSspI
OiG+LlrU7DerIAujUdiS7stZDASu6SzxT/D0NuQQkXWdzfiv0hcs/FVUkDTySPXM
q3U/b/rQ7R1aADnAz8e5FHqwfIU6MFUfJZRQo7/lnLWIIMOoiL5j+Zh+8dupeuhF
BL6kRCZlo6wexfs2mfqyrOfpxkaeyKMSCfJ7iUx/mCDRYlU7X5rrmLt9wklc7eO8
Wz21uddtGwdhk4J5btaQRnazRz0I8EtHgQZ3k6YohbuWQbUBa2kWN4J9nQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFNd0ZiIesr/jJek/Fvr6Ykl1GdoFMB8GA1UdIwQY
MBaAFHvspAEr97UFbi4KFh60YYh2yREqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZS15a0FTdjN0UVZ1TGdvV0hyUmhpSGJKRVNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS85NDg4ZDUtYThkMy00NGI1LTkyZGYt
NThjYWY0NzAxYmUzLzEvMTNSbUloNnl2LU1sNlQ4Vy12cGlTWFVaMmdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS85NDg4ZDUtYThkMy00NGI1LTkyZGYtNThjYWY0NzAxYmUz
LzEvZS15a0FTdjN0UVZ1TGdvV0hyUmhpSGJKRVNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBUsBgAwQC
UsBkMAwDBAJSwGwDBABSwG4wDQYJKoZIhvcNAQELBQADggEBAKhR979ukKgof+uV
TsF5O3KUdTZ2nflp5heV1F6tP0+fMj2eqfxjf7SjOwUQT+XFBEZioSHSOP4IdRx3
ndvgad3SjuGZDfmJB7m8cwJLlb50i3lzlabrqDub+166Lfrh12Oc3JLUiEvguo7B
HT4GbuDHjNlIlhjoDnDs/DxKBA5DA/11N7dOf3metKpwTuAoAS1KTFOlFtUfeUuF
U7SkAaiYdYTpsEzCGwObrG6UX5V+D6QuZ7A0hxjb4crhJ4Jrq4uo9WqZLg1LHxvv
8c94P6G7InQi4UPy98rr8dfaB25CjK6JNxQnYaDNWRb8+7pIV+dAQ255KzUVEsL8
4QhRkG0=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:32:47 2025 by rpki-client