Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/49195b-2909-46e0-abce-422523c4e68b/1/7MAR8ldskj16F5kzBhniowMVmU4.roa
File: 7MAR8ldskj16F5kzBhniowMVmU4.roa (raw, json)
Hash identifier: mAbacv2iYcdMB2GMEDPPh1FDDClOu0PIdLu6x7Tl3MY=
Subject key identifier: EC:C0:11:F2:57:6C:92:3D:7A:17:99:33:06:19:E2:A3:03:15:99:4E
Certificate issuer: /CN=3d7b9dffaae33ec2cf19b5ad4e49c1e9eb1d9d64
Certificate serial: 0196341D06C7E676026CE1F0E62C50556447
Authority key identifier: 3D:7B:9D:FF:AA:E3:3E:C2:CF:19:B5:AD:4E:49:C1:E9:EB:1D:9D:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PXud_6rjPsLPGbWtTknB6esdnWQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/49195b-2909-46e0-abce-422523c4e68b/1/7MAR8ldskj16F5kzBhniowMVmU4.roa
Signing time: Mon 14 Apr 2025 11:43:59 +0000
ROA not before: Mon 14 Apr 2025 11:43:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 11426
IP address blocks: 86.109.80.0/23 maxlen: 24
86.109.82.0/23 maxlen: 24
86.109.84.0/23 maxlen: 24
86.109.86.0/23 maxlen: 24
86.109.92.0/23 maxlen: 24
86.109.94.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/49195b-2909-46e0-abce-422523c4e68b/1/PXud_6rjPsLPGbWtTknB6esdnWQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/49195b-2909-46e0-abce-422523c4e68b/1/PXud_6rjPsLPGbWtTknB6esdnWQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/PXud_6rjPsLPGbWtTknB6esdnWQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 20 Apr 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:34:1d:06:c7:e6:76:02:6c:e1:f0:e6:2c:50:55:64:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d7b9dffaae33ec2cf19b5ad4e49c1e9eb1d9d64
Validity
Not Before: Apr 14 11:43:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ecc011f2576c923d7a1799330619e2a30315994e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:f7:c6:9b:4f:68:6d:af:25:fb:99:e5:84:b4:
4c:cc:a4:f9:79:9b:8a:64:5f:1a:9b:1c:83:e8:fd:
37:c0:fa:e5:cd:42:3a:93:97:18:08:e9:ce:e7:16:
54:a3:d6:75:29:a2:2d:e2:99:f2:61:9b:e6:92:e5:
75:a3:ce:f8:bb:28:62:75:91:dc:0f:a4:cb:2f:b0:
7b:1f:5c:a3:0c:a8:98:25:bb:a0:09:d1:cb:49:18:
df:50:0d:c8:df:03:c2:33:f2:5e:e3:10:00:d5:1e:
36:b5:be:91:e2:a0:25:4c:84:bc:4f:af:7c:3b:cc:
5b:3b:c3:3c:67:c7:04:b1:98:03:40:c5:82:2d:c2:
ee:0d:22:92:7f:92:3e:be:9c:66:fe:f3:89:74:5a:
c3:64:14:60:54:a0:8b:50:42:3b:78:0f:1e:81:9b:
f5:9a:db:d6:fd:55:d9:0e:fe:56:ce:18:9e:30:71:
54:12:1a:7a:3f:0b:99:0d:3b:cb:b9:e9:de:ee:30:
13:57:ed:46:ff:b5:f4:aa:46:1e:07:96:4d:a7:d8:
0c:04:af:97:39:74:8b:4a:fe:5b:fc:78:67:c0:6d:
a3:66:13:ed:69:22:b9:56:3a:3c:20:cd:8c:76:0b:
9d:2f:2c:11:25:2e:9d:a4:2d:63:ad:91:fa:15:3d:
cb:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:C0:11:F2:57:6C:92:3D:7A:17:99:33:06:19:E2:A3:03:15:99:4E
X509v3 Authority Key Identifier:
keyid:3D:7B:9D:FF:AA:E3:3E:C2:CF:19:B5:AD:4E:49:C1:E9:EB:1D:9D:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PXud_6rjPsLPGbWtTknB6esdnWQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/49195b-2909-46e0-abce-422523c4e68b/1/7MAR8ldskj16F5kzBhniowMVmU4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/49195b-2909-46e0-abce-422523c4e68b/1/PXud_6rjPsLPGbWtTknB6esdnWQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.109.80.0/21
86.109.92.0/22
Signature Algorithm: sha256WithRSAEncryption
04:45:94:3e:2c:60:36:ad:65:0b:5e:14:4b:a8:b4:2d:90:8d:
5c:d4:21:61:8e:5b:d5:76:05:5a:eb:57:64:62:e2:48:e2:c5:
3b:10:84:45:33:45:7b:b4:f6:64:4a:37:7b:4f:66:59:ec:4a:
39:b9:f8:51:c8:51:17:5c:8c:1b:d6:48:4f:65:d0:a3:d1:af:
df:14:9a:5f:41:f9:fa:fb:3f:a7:e8:a1:41:07:11:fc:ac:d4:
93:15:2e:67:be:b6:02:f7:e8:fd:a3:8e:3c:05:98:64:92:30:
6b:89:b2:0c:1a:0e:d0:19:d1:25:cd:fd:12:62:72:85:3d:3d:
31:25:19:f8:e4:fa:b1:a1:c2:0b:b7:24:dd:0b:9b:90:69:f8:
99:87:b6:6e:30:a8:e6:f6:7a:26:9d:16:f7:17:7a:5e:c3:88:
85:b1:32:d2:13:6d:02:d3:69:29:1e:0c:41:1b:00:a8:73:e9:
c7:b2:b7:67:00:a2:ad:9a:72:65:e6:45:5d:b0:a5:df:73:56:
a1:b3:3a:7f:f1:ee:3e:fb:40:a7:83:dd:fc:0d:32:c7:a0:68:
14:25:32:dc:15:b1:53:13:97:3f:ff:ba:77:f6:63:31:6c:65:
89:f1:a2:4f:e1:36:82:f1:2f:f2:23:f8:0d:2d:fa:05:e6:24:
88:a0:2b:b2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZY0HQbH5nYCbOHw5ixQVWRHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkN2I5ZGZmYWFlMzNlYzJjZjE5YjVhZDRlNDljMWU5ZWIx
ZDlkNjQwHhcNMjUwNDE0MTE0MzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2MwMTFmMjU3NmM5MjNkN2ExNzk5MzMwNjE5ZTJhMzAzMTU5OTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/fGm09oba8l+5nlhLRMzKT5eZuK
ZF8amxyD6P03wPrlzUI6k5cYCOnO5xZUo9Z1KaIt4pnyYZvmkuV1o874uyhidZHc
D6TLL7B7H1yjDKiYJbugCdHLSRjfUA3I3wPCM/Je4xAA1R42tb6R4qAlTIS8T698
O8xbO8M8Z8cEsZgDQMWCLcLuDSKSf5I+vpxm/vOJdFrDZBRgVKCLUEI7eA8egZv1
mtvW/VXZDv5WzhieMHFUEhp6PwuZDTvLuene7jATV+1G/7X0qkYeB5ZNp9gMBK+X
OXSLSv5b/HhnwG2jZhPtaSK5Vjo8IM2MdgudLywRJS6dpC1jrZH6FT3LUQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOzAEfJXbJI9eheZMwYZ4qMDFZlOMB8GA1UdIwQY
MBaAFD17nf+q4z7Czxm1rU5JwenrHZ1kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFh1ZF82cmpQc0xQR2JXdFRrbkI2ZXNkbldRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS80OTE5NWItMjkwOS00NmUwLWFiY2Ut
NDIyNTIzYzRlNjhiLzEvN01BUjhsZHNrajE2RjVrekJobmlvd01WbVU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS80OTE5NWItMjkwOS00NmUwLWFiY2UtNDIyNTIzYzRlNjhi
LzEvUFh1ZF82cmpQc0xQR2JXdFRrbkI2ZXNkbldRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDVm1QAwQC
Vm1cMA0GCSqGSIb3DQEBCwUAA4IBAQAERZQ+LGA2rWULXhRLqLQtkI1c1CFhjlvV
dgVa61dkYuJI4sU7EIRFM0V7tPZkSjd7T2ZZ7Eo5ufhRyFEXXIwb1khPZdCj0a/f
FJpfQfn6+z+n6KFBBxH8rNSTFS5nvrYC9+j9o448BZhkkjBribIMGg7QGdElzf0S
YnKFPT0xJRn45PqxocILtyTdC5uQafiZh7ZuMKjm9nomnRb3F3pew4iFsTLSE20C
02kpHgxBGwCoc+nHsrdnAKKtmnJl5kVdsKXfc1ahszp/8e4++0Cng938DTLHoGgU
JTLcFbFTE5c//7p39mMxbGWJ8aJP4TaC8S/yI/gNLfoF5iSIoCuy
-----END CERTIFICATE-----
Generated at Sat Apr 19 10:52:55 2025 by rpki-client