Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/Sm7KljT28nCCkzLjXfGLskb7xnI.roa
File: Sm7KljT28nCCkzLjXfGLskb7xnI.roa (raw, json)
Hash identifier: PKXDulVUvF0IFsIfDdOX5/JgTZVweSiGQLFrJDINIfQ=
Subject key identifier: 4A:6E:CA:96:34:F6:F2:70:82:93:32:E3:5D:F1:8B:B2:46:FB:C6:72
Certificate issuer: /CN=24cc6b9c37faa0da3b412007c0b10b2c5bf2cf4e
Certificate serial: 0194228D7CA18523606CE640DE089DE3552B
Authority key identifier: 24:CC:6B:9C:37:FA:A0:DA:3B:41:20:07:C0:B1:0B:2C:5B:F2:CF:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JMxrnDf6oNo7QSAHwLELLFvyz04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/Sm7KljT28nCCkzLjXfGLskb7xnI.roa
Signing time: Wed 01 Jan 2025 15:48:05 +0000
ROA not before: Wed 01 Jan 2025 15:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15854
IP address blocks: 149.250.0.0/16 maxlen: 16
192.109.236.0/24 maxlen: 24
195.203.0.0/17 maxlen: 17
195.203.128.0/17 maxlen: 17
195.203.152.0/23 maxlen: 23
217.27.0.0/23 maxlen: 23
217.27.2.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/JMxrnDf6oNo7QSAHwLELLFvyz04.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/JMxrnDf6oNo7QSAHwLELLFvyz04.mft
rsync://rpki.ripe.net/repository/DEFAULT/JMxrnDf6oNo7QSAHwLELLFvyz04.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 14:13:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:7c:a1:85:23:60:6c:e6:40:de:08:9d:e3:55:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24cc6b9c37faa0da3b412007c0b10b2c5bf2cf4e
Validity
Not Before: Jan 1 15:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4a6eca9634f6f270829332e35df18bb246fbc672
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:90:62:90:b8:05:09:b1:9f:1c:e9:b9:4c:46:
b6:3e:c3:5c:3a:45:b0:b6:a5:dd:8b:43:b5:27:d2:
60:e7:93:1a:2e:ab:cf:46:bc:58:22:b8:0d:f1:4a:
2e:8a:70:c3:d7:93:25:29:88:2a:0e:3f:6c:c0:b8:
d3:86:d8:6d:46:c3:c0:47:ab:7f:9c:a8:c3:4d:f6:
37:70:83:8b:a7:15:9f:51:0f:0e:7b:ed:4d:d0:8c:
a4:76:96:dd:8f:7a:bd:b6:a5:b0:fe:e9:f7:e1:e9:
84:41:75:e2:52:c8:c1:dd:3f:87:71:23:c4:0a:04:
89:97:cc:21:74:9b:34:f5:46:44:d8:af:7d:5d:65:
e6:78:b5:4f:a8:91:e0:d3:c8:78:e5:ce:aa:6b:64:
bf:e2:e2:8e:24:da:46:9f:3d:4a:14:41:9f:f5:35:
9c:66:b4:a5:1e:8c:5e:93:a6:79:54:0f:de:ea:55:
53:d3:38:0b:5a:bb:55:ae:64:ea:14:5e:e0:84:19:
09:62:66:49:b1:e3:82:9f:f5:d1:8e:e0:51:42:a0:
03:b6:49:bf:fc:df:51:a3:37:93:71:7c:9a:0e:7c:
b2:43:d3:2f:c6:e3:eb:8d:c0:d7:c4:db:ef:41:a7:
cb:82:39:a5:1b:c3:25:f1:37:ed:da:7b:a7:a0:7d:
b5:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:6E:CA:96:34:F6:F2:70:82:93:32:E3:5D:F1:8B:B2:46:FB:C6:72
X509v3 Authority Key Identifier:
keyid:24:CC:6B:9C:37:FA:A0:DA:3B:41:20:07:C0:B1:0B:2C:5B:F2:CF:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JMxrnDf6oNo7QSAHwLELLFvyz04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/Sm7KljT28nCCkzLjXfGLskb7xnI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/JMxrnDf6oNo7QSAHwLELLFvyz04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.250.0.0/16
192.109.236.0/24
195.203.0.0/16
217.27.0.0/22
Signature Algorithm: sha256WithRSAEncryption
70:9e:08:57:ef:57:98:75:3b:b3:c5:e3:f0:b3:9b:5b:4b:92:
5d:0e:f9:21:6b:0e:cd:3a:1d:93:be:2e:a7:66:85:ce:eb:07:
a7:b7:76:d2:69:03:ac:d1:8d:00:da:0d:b9:ed:bd:3b:f9:3d:
dc:ee:c3:f5:ec:f9:5c:bf:9e:28:8b:0f:79:62:ae:41:d0:11:
8c:39:fe:a6:f4:39:39:7e:74:08:bd:62:cd:41:70:3b:69:e7:
40:0a:13:74:13:b2:57:31:9b:a7:1a:76:6e:49:24:d1:26:e8:
49:8e:dc:aa:da:e8:07:ee:7f:e5:5e:45:29:ec:f3:c4:54:ae:
57:17:1d:57:86:f2:fa:42:b7:b3:0b:4e:a3:e2:3f:ab:5a:23:
0d:3f:b2:ba:13:d6:05:6a:0a:65:26:68:69:f5:af:6d:cf:98:
5b:c7:6f:f4:e9:66:88:bd:57:c0:8c:26:61:85:70:6d:c7:ce:
49:03:25:75:fc:31:bd:0f:50:14:3b:e8:69:bf:11:9b:a2:c6:
1d:12:fa:cb:17:da:2f:2f:d9:d8:18:bf:70:2b:ee:f5:bc:da:
55:2a:47:0c:eb:1f:b4:a6:bf:32:bc:01:e8:0c:4e:84:44:7e:
ef:17:b6:ab:65:46:6e:ac:16:0f:f5:29:c2:d4:68:a0:d9:dc:
cd:88:13:a5
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZQijXyhhSNgbOZA3gid41UrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0Y2M2YjljMzdmYWEwZGEzYjQxMjAwN2MwYjEwYjJjNWJm
MmNmNGUwHhcNMjUwMTAxMTU0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTZlY2E5NjM0ZjZmMjcwODI5MzMyZTM1ZGYxOGJiMjQ2ZmJjNjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAypBikLgFCbGfHOm5TEa2PsNcOkWw
tqXdi0O1J9Jg55MaLqvPRrxYIrgN8UouinDD15MlKYgqDj9swLjThthtRsPAR6t/
nKjDTfY3cIOLpxWfUQ8Oe+1N0Iykdpbdj3q9tqWw/un34emEQXXiUsjB3T+HcSPE
CgSJl8whdJs09UZE2K99XWXmeLVPqJHg08h45c6qa2S/4uKOJNpGnz1KFEGf9TWc
ZrSlHoxek6Z5VA/e6lVT0zgLWrtVrmTqFF7ghBkJYmZJseOCn/XRjuBRQqADtkm/
/N9RozeTcXyaDnyyQ9MvxuPrjcDXxNvvQafLgjmlG8Ml8Tft2nunoH21nQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFEpuypY09vJwgpMy413xi7JG+8ZyMB8GA1UdIwQY
MBaAFCTMa5w3+qDaO0EgB8CxCyxb8s9OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSk14cm5EZjZvTm83UVNBSHdMRUxMRnZ5ejA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8wZmY0NDktYWQ5OC00ODJkLWFjNzUt
ODY0MjM4YmMwNDliLzEvU203S2xqVDI4bkNDa3pMalhmR0xza2I3eG5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC8wZmY0NDktYWQ5OC00ODJkLWFjNzUtODY0MjM4YmMwNDli
LzEvSk14cm5EZjZvTm83UVNBSHdMRUxMRnZ5ejA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAcBAIAATAWAwMAlfoDBADA
bewDAwDDywMEAtkbADANBgkqhkiG9w0BAQsFAAOCAQEAcJ4IV+9XmHU7s8Xj8LOb
W0uSXQ75IWsOzTodk74up2aFzusHp7d20mkDrNGNANoNue29O/k93O7D9ez5XL+e
KIsPeWKuQdARjDn+pvQ5OX50CL1izUFwO2nnQAoTdBOyVzGbpxp2bkkk0SboSY7c
qtroB+5/5V5FKezzxFSuVxcdV4by+kK3swtOo+I/q1ojDT+yuhPWBWoKZSZoafWv
bc+YW8dv9OlmiL1XwIwmYYVwbcfOSQMldfwxvQ9QFDvoab8Rm6LGHRL6yxfaLy/Z
2Bi/cCvu9bzaVSpHDOsftKa/MrwB6AxOhER+7xe2q2VGbqwWD/UpwtRooNnczYgT
pQ==
-----END CERTIFICATE-----
Generated at Wed Apr 9 21:54:56 2025 by rpki-client