Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/703bd6-1b2f-4083-b1e7-7a5f60189c51/1/DIiJmhkGPOYoFSzKU5OJGHxPZv0.roa
File: DIiJmhkGPOYoFSzKU5OJGHxPZv0.roa (raw, json)
Hash identifier: wVFQMX+v03An5N7stfoX0LOfftlraoV2nDd1HWqmadg=
Subject key identifier: 0C:88:89:9A:19:06:3C:E6:28:15:2C:CA:53:93:89:18:7C:4F:66:FD
Certificate issuer: /CN=d742fa4fb28faf28a18e8add4c10c96337c3c4c5
Certificate serial: 01941F8C0D06E7AA4151263D26D7592583A5
Authority key identifier: D7:42:FA:4F:B2:8F:AF:28:A1:8E:8A:DD:4C:10:C9:63:37:C3:C4:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10L6T7KPryihjordTBDJYzfDxMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/703bd6-1b2f-4083-b1e7-7a5f60189c51/1/DIiJmhkGPOYoFSzKU5OJGHxPZv0.roa
Signing time: Wed 01 Jan 2025 01:47:39 +0000
ROA not before: Wed 01 Jan 2025 01:47:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39544
IP address blocks: 109.203.32.0/19 maxlen: 19
178.211.224.0/19 maxlen: 19
185.20.200.0/22 maxlen: 22
185.137.236.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/703bd6-1b2f-4083-b1e7-7a5f60189c51/1/10L6T7KPryihjordTBDJYzfDxMU.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/703bd6-1b2f-4083-b1e7-7a5f60189c51/1/10L6T7KPryihjordTBDJYzfDxMU.mft
rsync://rpki.ripe.net/repository/DEFAULT/10L6T7KPryihjordTBDJYzfDxMU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 13 Mar 2025 22:02:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:0d:06:e7:aa:41:51:26:3d:26:d7:59:25:83:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d742fa4fb28faf28a18e8add4c10c96337c3c4c5
Validity
Not Before: Jan 1 01:47:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0c88899a19063ce628152cca539389187c4f66fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:46:4a:b3:4c:cd:65:db:14:59:3c:6f:d4:0e:
85:43:83:2a:4f:f5:84:db:11:81:6b:d1:df:84:00:
03:34:01:62:57:4f:38:74:7d:a3:14:ab:2b:0b:a0:
1b:4a:58:13:1a:fd:8e:b2:31:a4:3c:42:20:4c:6b:
a2:ee:86:e0:35:a2:61:a2:94:63:87:54:ca:ab:ca:
0a:27:aa:8b:c7:ad:4f:44:80:90:e8:47:c0:f0:56:
c0:83:9e:17:28:6c:da:d2:dc:84:47:66:9d:ce:d7:
39:e5:c5:b7:4c:be:71:b9:10:7b:33:84:24:b2:f3:
d9:6f:69:6e:63:74:5a:02:f1:59:55:8c:e8:a0:65:
2c:e6:e2:6c:8f:f6:00:6d:fe:77:fe:ee:98:03:02:
9e:e3:d6:ed:02:eb:27:43:61:fd:8a:41:9d:02:81:
f9:68:1e:72:d1:63:45:25:9b:5b:74:0f:ac:f3:6d:
f2:37:4c:4f:89:f6:2f:1c:16:e6:39:e5:c8:3a:ba:
57:f2:49:42:11:d9:0d:0d:9f:21:c9:55:13:f0:54:
d9:56:6d:a7:5a:3d:6e:aa:06:aa:1d:86:ec:3b:1e:
84:92:05:8f:f2:f6:f1:b4:4f:23:ab:83:34:07:73:
16:ce:cf:18:5f:c3:af:05:70:ae:46:b1:ff:0f:12:
a0:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:88:89:9A:19:06:3C:E6:28:15:2C:CA:53:93:89:18:7C:4F:66:FD
X509v3 Authority Key Identifier:
keyid:D7:42:FA:4F:B2:8F:AF:28:A1:8E:8A:DD:4C:10:C9:63:37:C3:C4:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10L6T7KPryihjordTBDJYzfDxMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/703bd6-1b2f-4083-b1e7-7a5f60189c51/1/DIiJmhkGPOYoFSzKU5OJGHxPZv0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/703bd6-1b2f-4083-b1e7-7a5f60189c51/1/10L6T7KPryihjordTBDJYzfDxMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.203.32.0/19
178.211.224.0/19
185.20.200.0/22
185.137.236.0/22
Signature Algorithm: sha256WithRSAEncryption
24:20:f5:06:7d:f4:ac:a7:2d:38:c6:40:cc:cb:71:be:61:3c:
fd:af:d5:3e:17:d1:47:61:d2:1b:bf:23:5f:8a:3e:86:fb:cb:
12:f6:0d:64:43:72:bf:ed:ab:b6:b5:84:9b:dc:7a:c2:4c:6a:
f9:de:ab:13:14:47:29:8c:22:b2:ac:57:e0:bb:30:f8:ef:11:
42:b5:47:11:e4:3e:45:9c:b6:1e:02:da:08:43:ca:ef:96:b8:
8e:f3:26:42:a4:41:93:f6:0d:6a:b1:c7:f2:32:f6:2b:94:e7:
3f:c9:0c:3f:be:36:4f:08:97:20:30:3e:2b:0f:88:47:f9:db:
7a:75:f3:4d:a3:b9:5e:4d:c9:1b:3a:b5:f0:32:09:fc:f2:ed:
80:a6:45:80:1b:6c:0c:6d:80:a5:87:d9:e2:33:00:df:8c:dd:
c7:1f:12:94:b7:dd:5d:e7:40:51:e7:3f:3f:f0:48:76:29:83:
3e:9a:1d:9d:9a:b2:56:5e:34:5f:64:79:ec:57:7e:b7:fa:f1:
85:79:c4:0d:2d:0a:ec:12:0c:a9:52:9e:0f:2a:b2:71:3e:57:
3a:dd:c1:52:0f:ad:30:28:ec:a0:8c:19:21:dd:cd:f9:2b:be:
16:d4:0c:de:cf:bd:ab:c9:30:4c:c1:72:e1:03:22:4a:6e:a7:
ee:ce:d8:79
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQfjA0G56pBUSY9JtdZJYOlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NDJmYTRmYjI4ZmFmMjhhMThlOGFkZDRjMTBjOTYzMzdj
M2M0YzUwHhcNMjUwMTAxMDE0NzM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzg4ODk5YTE5MDYzY2U2MjgxNTJjY2E1MzkzODkxODdjNGY2NmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArUZKs0zNZdsUWTxv1A6FQ4MqT/WE
2xGBa9HfhAADNAFiV084dH2jFKsrC6AbSlgTGv2OsjGkPEIgTGui7obgNaJhopRj
h1TKq8oKJ6qLx61PRICQ6EfA8FbAg54XKGza0tyER2adztc55cW3TL5xuRB7M4Qk
svPZb2luY3RaAvFZVYzooGUs5uJsj/YAbf53/u6YAwKe49btAusnQ2H9ikGdAoH5
aB5y0WNFJZtbdA+s823yN0xPifYvHBbmOeXIOrpX8klCEdkNDZ8hyVUT8FTZVm2n
Wj1uqgaqHYbsOx6EkgWP8vbxtE8jq4M0B3MWzs8YX8OvBXCuRrH/DxKgYQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAyIiZoZBjzmKBUsylOTiRh8T2b9MB8GA1UdIwQY
MBaAFNdC+k+yj68ooY6K3UwQyWM3w8TFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTBMNlQ3S1ByeWloam9yZFRCREpZemZEeE1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi83MDNiZDYtMWIyZi00MDgzLWIxZTct
N2E1ZjYwMTg5YzUxLzEvRElpSm1oa0dQT1lvRlN6S1U1T0pHSHhQWnYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi83MDNiZDYtMWIyZi00MDgzLWIxZTctN2E1ZjYwMTg5YzUx
LzEvMTBMNlQ3S1ByeWloam9yZFRCREpZemZEeE1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQFbcsgAwQF
stPgAwQCuRTIAwQCuYnsMA0GCSqGSIb3DQEBCwUAA4IBAQAkIPUGffSspy04xkDM
y3G+YTz9r9U+F9FHYdIbvyNfij6G+8sS9g1kQ3K/7au2tYSb3HrCTGr53qsTFEcp
jCKyrFfguzD47xFCtUcR5D5FnLYeAtoIQ8rvlriO8yZCpEGT9g1qscfyMvYrlOc/
yQw/vjZPCJcgMD4rD4hH+dt6dfNNo7leTckbOrXwMgn88u2ApkWAG2wMbYClh9ni
MwDfjN3HHxKUt91d50BR5z8/8Eh2KYM+mh2dmrJWXjRfZHnsV363+vGFecQNLQrs
EgypUp4PKrJxPlc63cFSD60wKOygjBkh3c35K74W1Azez72ryTBMwXLhAyJKbqfu
zth5
-----END CERTIFICATE-----
Generated at Thu Mar 13 07:12:20 2025 by rpki-client