Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/63b8aa-722f-4009-ada7-f9b60711453c/1/kO8QB2zrXRxl2N43GaWd_Repq5M.roa
File: kO8QB2zrXRxl2N43GaWd_Repq5M.roa (raw, json)
Hash identifier: IUmtRjKzI10q9uvO/9zEmrcKLU0qcJf4Uhid1F3g4yw=
Subject key identifier: 90:EF:10:07:6C:EB:5D:1C:65:D8:DE:37:19:A5:9D:FD:17:A9:AB:93
Certificate issuer: /CN=7a49eeaf24342c3b2c632c9e48463138de2dc00b
Certificate serial: 019424455FE1EB4456382115274C38E91D8E
Authority key identifier: 7A:49:EE:AF:24:34:2C:3B:2C:63:2C:9E:48:46:31:38:DE:2D:C0:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eknuryQ0LDssYyyeSEYxON4twAs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/63b8aa-722f-4009-ada7-f9b60711453c/1/kO8QB2zrXRxl2N43GaWd_Repq5M.roa
Signing time: Wed 01 Jan 2025 23:48:33 +0000
ROA not before: Wed 01 Jan 2025 23:48:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15757
IP address blocks: 82.114.128.0/19 maxlen: 19
94.124.224.0/21 maxlen: 23
185.165.200.0/22 maxlen: 24
217.17.160.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/63b8aa-722f-4009-ada7-f9b60711453c/1/eknuryQ0LDssYyyeSEYxON4twAs.crl
rsync://rpki.ripe.net/repository/DEFAULT/fc/63b8aa-722f-4009-ada7-f9b60711453c/1/eknuryQ0LDssYyyeSEYxON4twAs.mft
rsync://rpki.ripe.net/repository/DEFAULT/eknuryQ0LDssYyyeSEYxON4twAs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 17:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:5f:e1:eb:44:56:38:21:15:27:4c:38:e9:1d:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a49eeaf24342c3b2c632c9e48463138de2dc00b
Validity
Not Before: Jan 1 23:48:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=90ef10076ceb5d1c65d8de3719a59dfd17a9ab93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:31:54:aa:b7:07:af:68:25:e1:a3:29:36:41:
5f:b2:03:55:87:8c:15:99:ce:6e:70:1e:3e:32:36:
e5:90:6f:b9:b6:1f:18:8c:cc:59:8a:1f:54:30:2e:
e8:f7:17:1b:b3:2c:09:87:76:bd:fc:32:81:82:a3:
b9:c4:cf:64:ea:35:ab:b8:87:1e:e3:df:80:38:14:
c2:27:90:0f:15:73:e2:ac:6f:9a:cb:3d:69:de:af:
f5:96:ec:24:91:43:dd:f0:82:49:d0:fd:6f:7a:d5:
82:5b:8c:32:31:4e:66:5e:07:35:10:b2:67:6e:5a:
a0:9f:bf:d3:56:56:7a:c1:f9:37:56:05:34:9b:4d:
f7:4c:73:b4:7b:b1:e1:9a:49:3c:ed:f5:7c:0b:43:
e1:23:4a:bf:fb:a0:c5:1d:69:b8:62:06:97:fd:7f:
cc:06:69:04:21:91:6b:b8:13:dd:84:95:f6:e2:d7:
b9:75:10:c8:3e:49:c6:bd:10:78:3e:4c:2b:21:4a:
05:32:d5:59:6d:1c:53:80:b3:5d:7f:16:e8:e7:9e:
92:fa:fe:0f:54:cf:6e:dc:d4:5e:f0:3b:ae:21:a9:
79:ab:b5:9e:c5:07:11:69:0c:47:aa:a1:04:06:5f:
a6:9a:4d:77:77:fc:08:b5:9f:8c:4d:16:a6:f8:ad:
ec:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:EF:10:07:6C:EB:5D:1C:65:D8:DE:37:19:A5:9D:FD:17:A9:AB:93
X509v3 Authority Key Identifier:
keyid:7A:49:EE:AF:24:34:2C:3B:2C:63:2C:9E:48:46:31:38:DE:2D:C0:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eknuryQ0LDssYyyeSEYxON4twAs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/63b8aa-722f-4009-ada7-f9b60711453c/1/kO8QB2zrXRxl2N43GaWd_Repq5M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/63b8aa-722f-4009-ada7-f9b60711453c/1/eknuryQ0LDssYyyeSEYxON4twAs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.114.128.0/19
94.124.224.0/21
185.165.200.0/22
217.17.160.0/19
Signature Algorithm: sha256WithRSAEncryption
6e:df:be:7e:b9:91:49:42:fc:41:d5:5c:9a:1e:1c:e9:4a:c3:
f3:82:6f:ec:f1:d0:c0:01:c0:53:61:2f:0a:20:bf:3d:b1:fe:
e8:89:a5:65:f4:a1:5f:fe:e1:ec:a0:1f:df:04:6a:7d:15:d9:
0d:cc:ca:03:4f:21:7d:36:0f:98:1c:14:74:e0:9c:72:8d:13:
ba:84:62:48:5e:80:59:a8:e0:d7:af:cf:3c:7a:5f:53:0d:f6:
cc:18:9b:03:ef:bc:29:d6:57:99:51:89:df:4d:e1:8b:91:3b:
cd:f6:c2:2c:85:fb:44:f5:12:ab:cc:6e:59:18:ce:40:fd:c2:
7d:5b:42:0d:c0:80:a3:90:a5:72:fa:e4:4d:6c:6c:7a:88:47:
fa:eb:c7:84:12:d7:19:71:44:e2:fa:cc:f7:77:20:c1:ab:1b:
07:2f:71:fc:43:f2:a0:11:ce:35:f9:91:25:45:4c:2c:a0:37:
ad:30:2c:ab:7c:0a:db:6a:1f:4c:2f:36:43:ce:34:5d:10:20:
e0:ca:8e:0d:b0:dc:54:40:48:a4:63:72:33:2f:9e:0b:0a:2f:
61:3e:63:42:9d:b3:8c:03:07:02:12:03:d5:47:58:55:7d:a1:
9a:fd:01:dc:65:22:a1:a2:5c:9d:b8:55:9f:d1:d1:31:aa:3a:
90:0f:48:b5
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQkRV/h60RWOCEVJ0w46R2OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhNDllZWFmMjQzNDJjM2IyYzYzMmM5ZTQ4NDYzMTM4ZGUy
ZGMwMGIwHhcNMjUwMTAxMjM0ODMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGVmMTAwNzZjZWI1ZDFjNjVkOGRlMzcxOWE1OWRmZDE3YTlhYjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDFUqrcHr2gl4aMpNkFfsgNVh4wV
mc5ucB4+MjblkG+5th8YjMxZih9UMC7o9xcbsywJh3a9/DKBgqO5xM9k6jWruIce
49+AOBTCJ5APFXPirG+ayz1p3q/1luwkkUPd8IJJ0P1vetWCW4wyMU5mXgc1ELJn
blqgn7/TVlZ6wfk3VgU0m033THO0e7Hhmkk87fV8C0PhI0q/+6DFHWm4YgaX/X/M
BmkEIZFruBPdhJX24te5dRDIPknGvRB4PkwrIUoFMtVZbRxTgLNdfxbo556S+v4P
VM9u3NRe8DuuIal5q7WexQcRaQxHqqEEBl+mmk13d/wItZ+MTRam+K3siQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJDvEAds610cZdjeNxmlnf0XqauTMB8GA1UdIwQY
MBaAFHpJ7q8kNCw7LGMsnkhGMTjeLcALMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWtudXJ5UTBMRHNzWXl5ZVNFWXhPTjR0d0FzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy82M2I4YWEtNzIyZi00MDA5LWFkYTct
ZjliNjA3MTE0NTNjLzEva084UUIyenJYUnhsMk40M0dhV2RfUmVwcTVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy82M2I4YWEtNzIyZi00MDA5LWFkYTctZjliNjA3MTE0NTNj
LzEvZWtudXJ5UTBMRHNzWXl5ZVNFWXhPTjR0d0FzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQFUnKAAwQD
XnzgAwQCuaXIAwQF2RGgMA0GCSqGSIb3DQEBCwUAA4IBAQBu375+uZFJQvxB1Vya
HhzpSsPzgm/s8dDAAcBTYS8KIL89sf7oiaVl9KFf/uHsoB/fBGp9FdkNzMoDTyF9
Ng+YHBR04JxyjRO6hGJIXoBZqODXr888el9TDfbMGJsD77wp1leZUYnfTeGLkTvN
9sIshftE9RKrzG5ZGM5A/cJ9W0INwICjkKVy+uRNbGx6iEf668eEEtcZcUTi+sz3
dyDBqxsHL3H8Q/KgEc41+ZElRUwsoDetMCyrfArbah9MLzZDzjRdECDgyo4NsNxU
QEikY3IzL54LCi9hPmNCnbOMAwcCEgPVR1hVfaGa/QHcZSKholyduFWf0dExqjqQ
D0i1
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:58:01 2025 by rpki-client