Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ESVrWrjx7uQrIu0OVLySmaVBfAA.roa
File: ESVrWrjx7uQrIu0OVLySmaVBfAA.roa (raw, json)
Hash identifier: 3It2cHEioDdRd+vQFpeUNpMQgEGw5qFoe8Q/XwN8mJY=
Subject key identifier: 11:25:6B:5A:B8:F1:EE:E4:2B:22:ED:0E:54:BC:92:99:A5:41:7C:00
Certificate issuer: /CN=722a8c1d311895016108ffbd14575c77cc28773a
Certificate serial: 0194266B642C0B27B6AEBFB1BDE3E01BF835
Authority key identifier: 72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ESVrWrjx7uQrIu0OVLySmaVBfAA.roa
Signing time: Thu 02 Jan 2025 09:49:19 +0000
ROA not before: Thu 02 Jan 2025 09:49:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207388
IP address blocks: 109.160.38.0/24 maxlen: 24
109.160.39.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.mft
rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 12:01:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:64:2c:0b:27:b6:ae:bf:b1:bd:e3:e0:1b:f8:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=722a8c1d311895016108ffbd14575c77cc28773a
Validity
Not Before: Jan 2 09:49:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=11256b5ab8f1eee42b22ed0e54bc9299a5417c00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:b7:74:8c:62:80:76:a1:15:eb:73:aa:71:0e:
6b:40:c9:d8:f8:db:78:15:fa:17:68:ec:a8:0c:02:
db:77:72:c1:99:0e:18:58:75:28:cd:9b:1d:08:87:
6f:f3:c0:54:0f:c9:9d:8d:f1:82:5f:7a:a3:65:b9:
e8:d1:56:ef:0f:e0:29:ab:12:63:48:fc:a5:e4:36:
ba:d4:e8:9d:0e:38:6f:87:0d:db:cd:b5:bb:a0:2c:
04:cf:cd:18:0b:3c:22:94:31:90:da:72:02:b5:b2:
f3:76:a1:bf:fc:ed:67:b4:f2:31:f7:1c:05:ca:e7:
e0:c7:12:18:61:e0:b5:6e:f2:7f:02:ad:45:1e:89:
03:92:04:4d:11:21:5f:8e:b9:18:cf:89:10:4a:53:
a7:1f:76:30:6f:bc:8c:b8:24:75:50:69:d5:f0:2f:
62:05:af:be:3a:3a:4b:2f:09:09:eb:c9:47:d5:31:
64:b6:85:e0:09:05:a1:57:f0:de:4f:45:0c:2b:3f:
39:4e:6d:62:7e:11:c4:4e:d9:2c:c9:22:ab:b2:b2:
08:c0:0b:9c:ac:90:7d:94:da:2f:7d:1f:e7:8c:a1:
bc:55:c2:84:d3:6f:32:96:a9:9b:a8:89:7d:b5:bd:
df:55:a5:6a:95:17:4b:67:10:13:26:9c:5b:9a:45:
e1:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:25:6B:5A:B8:F1:EE:E4:2B:22:ED:0E:54:BC:92:99:A5:41:7C:00
X509v3 Authority Key Identifier:
keyid:72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ESVrWrjx7uQrIu0OVLySmaVBfAA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.160.38.0/23
Signature Algorithm: sha256WithRSAEncryption
66:ef:3c:a8:f4:96:93:dc:57:de:76:84:7a:29:4c:21:ec:7a:
d5:d3:35:09:4a:4a:be:69:20:60:cf:ba:22:05:c5:9c:b4:a2:
69:9e:9a:3d:1f:28:8c:0f:37:45:4e:cc:ae:8e:1a:01:a6:96:
53:8e:3a:c1:2d:99:89:ed:22:0f:1f:30:67:98:9c:a2:ab:aa:
66:f5:6e:24:65:3a:d4:e2:74:18:f6:64:57:d8:b0:1b:b2:d7:
d4:ad:35:10:3e:f9:09:a9:ac:ba:47:eb:40:21:4a:5c:9d:6f:
a4:9a:d4:a0:e9:40:0e:a8:99:e6:cf:85:3c:ee:24:42:bc:41:
5c:ec:54:96:cd:c4:4e:e1:a7:44:03:99:1b:08:b5:05:dc:61:
fa:66:a1:42:26:4e:2e:c8:23:8d:63:c1:f8:9e:16:f2:47:04:
73:3b:3f:6c:9d:33:f2:bd:09:d1:0a:72:cf:10:ee:dc:8c:b0:
12:b3:f2:e5:40:c6:61:9d:60:81:cf:8c:61:08:45:9b:fb:1a:
0c:83:7c:9f:40:df:d6:eb:dc:a9:70:ad:93:cc:77:83:cc:f2:
88:d1:29:4c:7a:a6:78:e5:aa:15:15:6c:82:62:8c:f3:13:14:
2e:56:b3:3b:58:62:ed:8c:02:02:44:3b:a6:54:6c:9b:77:7b:
0b:c3:68:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQma2QsCye2rr+xvePgG/g1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMmE4YzFkMzExODk1MDE2MTA4ZmZiZDE0NTc1Yzc3Y2My
ODc3M2EwHhcNMjUwMTAyMDk0OTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTI1NmI1YWI4ZjFlZWU0MmIyMmVkMGU1NGJjOTI5OWE1NDE3YzAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Ld0jGKAdqEV63OqcQ5rQMnY+Nt4
FfoXaOyoDALbd3LBmQ4YWHUozZsdCIdv88BUD8mdjfGCX3qjZbno0VbvD+ApqxJj
SPyl5Da61OidDjhvhw3bzbW7oCwEz80YCzwilDGQ2nICtbLzdqG//O1ntPIx9xwF
yufgxxIYYeC1bvJ/Aq1FHokDkgRNESFfjrkYz4kQSlOnH3Ywb7yMuCR1UGnV8C9i
Ba++OjpLLwkJ68lH1TFktoXgCQWhV/DeT0UMKz85Tm1ifhHETtksySKrsrIIwAuc
rJB9lNovfR/njKG8VcKE028ylqmbqIl9tb3fVaVqlRdLZxATJpxbmkXhvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBEla1q48e7kKyLtDlS8kpmlQXwAMB8GA1UdIwQY
MBaAFHIqjB0xGJUBYQj/vRRXXHfMKHc6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYt
YTU1OGVlNjU0MzFmLzEvRVNWcldyang3dVFySXUwT1ZMeVNtYVZCZkFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYtYTU1OGVlNjU0MzFm
LzEvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBbaAmMA0G
CSqGSIb3DQEBCwUAA4IBAQBm7zyo9JaT3FfedoR6KUwh7HrV0zUJSkq+aSBgz7oi
BcWctKJpnpo9HyiMDzdFTsyujhoBppZTjjrBLZmJ7SIPHzBnmJyiq6pm9W4kZTrU
4nQY9mRX2LAbstfUrTUQPvkJqay6R+tAIUpcnW+kmtSg6UAOqJnmz4U87iRCvEFc
7FSWzcRO4adEA5kbCLUF3GH6ZqFCJk4uyCONY8H4nhbyRwRzOz9snTPyvQnRCnLP
EO7cjLASs/LlQMZhnWCBz4xhCEWb+xoMg3yfQN/W69ypcK2TzHeDzPKI0SlMeqZ4
5aoVFWyCYozzExQuVrM7WGLtjAICRDumVGybd3sLw2j+
-----END CERTIFICATE-----
Generated at Sat Apr 12 21:55:25 2025 by rpki-client