Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/9Du2tHlplI8cqKMhQkDQrma7ABw.roa
File: 9Du2tHlplI8cqKMhQkDQrma7ABw.roa (raw, json)
Hash identifier: tHZwo/QnwGrZt6X37EyHYtZuWfqyTSrPiMBPcRX5QtA=
Subject key identifier: F4:3B:B6:B4:79:69:94:8F:1C:A8:A3:21:42:40:D0:AE:66:BB:00:1C
Certificate issuer: /CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Certificate serial: 019423D755048D0AA18E3A13DC4F138DF1B7
Authority key identifier: D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/9Du2tHlplI8cqKMhQkDQrma7ABw.roa
Signing time: Wed 01 Jan 2025 21:48:22 +0000
ROA not before: Wed 01 Jan 2025 21:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202676
IP address blocks: 5.40.150.0/24 maxlen: 24
82.159.143.0/24 maxlen: 24
82.159.163.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.mft
rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 08:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:55:04:8d:0a:a1:8e:3a:13:dc:4f:13:8d:f1:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Validity
Not Before: Jan 1 21:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f43bb6b47969948f1ca8a3214240d0ae66bb001c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:53:0e:08:28:5c:88:c8:6f:db:23:db:a8:98:
15:f4:c6:55:3d:ed:82:63:02:f9:a5:8b:8b:84:a0:
b4:55:65:95:32:b3:58:30:e3:e0:1f:ed:87:24:60:
0e:e2:09:6b:34:a8:0c:a8:6b:0c:a9:b3:11:15:e0:
14:8c:be:7f:97:1a:fc:d3:4d:46:ae:5b:a1:52:eb:
bb:4d:58:a0:36:48:f3:6d:cc:bb:1d:37:7a:eb:99:
a7:fc:1c:a4:af:7c:c0:37:3a:48:05:37:b0:b2:85:
85:41:a1:2d:be:a3:ad:c5:cb:7d:72:3e:79:e2:98:
94:97:cc:7e:a7:fe:84:8f:0e:1b:a1:5f:17:24:72:
84:3b:56:d6:30:51:73:a3:78:a9:c6:dd:91:5c:84:
a5:96:76:e7:a0:29:8f:09:c5:dc:70:a9:ad:80:2d:
cd:b6:c3:72:7c:b2:b8:81:16:9b:35:b7:4c:6a:5b:
19:f4:2e:6c:cc:53:36:a2:c9:cd:00:52:4a:82:06:
22:d6:35:90:cf:83:2d:d8:20:d5:19:65:97:9b:78:
28:b7:53:88:b1:ce:bc:4d:3d:d2:eb:74:2c:a3:07:
db:41:ad:d9:22:e7:78:f2:bc:23:8c:e1:ae:7c:99:
46:4c:1f:f8:ee:5f:02:a4:70:7b:2e:67:4b:b9:25:
8d:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:3B:B6:B4:79:69:94:8F:1C:A8:A3:21:42:40:D0:AE:66:BB:00:1C
X509v3 Authority Key Identifier:
keyid:D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/9Du2tHlplI8cqKMhQkDQrma7ABw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.40.150.0/24
82.159.143.0/24
82.159.163.0/24
Signature Algorithm: sha256WithRSAEncryption
77:35:47:fc:2f:9c:cb:f6:db:41:2d:51:a3:15:e1:20:d7:6b:
d8:65:9e:5f:d7:72:d1:ab:15:26:0f:95:f9:ef:3d:45:cf:5e:
89:f2:61:12:ef:d8:b0:df:d7:5a:60:5d:b4:31:6d:08:2f:81:
34:32:13:4c:e6:8a:31:0b:1b:91:e0:5f:3e:dc:e4:a1:07:44:
41:fc:cf:e6:26:cc:fc:20:7d:f6:5e:44:ca:31:72:4b:13:40:
9a:83:ed:72:3f:16:c1:0a:d4:ee:e2:bc:ac:30:e5:79:f2:67:
ac:f2:d2:32:e9:96:6b:69:64:7c:f8:a3:d9:ab:67:54:39:4e:
45:52:6f:50:4b:8e:58:7f:f9:11:30:ab:f6:06:56:d5:86:c7:
17:4d:2b:3b:cf:02:67:c5:f8:2e:0e:1b:84:3d:3c:7d:68:82:
b9:87:8a:04:5d:10:c3:78:2d:f4:78:e5:e8:c7:8d:a2:b6:17:
11:b7:54:b3:05:d6:48:59:7d:61:c3:06:1f:c7:4a:e2:d0:3e:
4d:6b:66:16:e4:a1:2b:31:76:7e:6a:7d:fe:32:17:1d:1d:48:
0e:80:3e:e5:86:7c:90:5b:e4:33:94:13:c6:f2:95:65:27:0c:
13:bf:21:92:50:48:83:ef:88:1f:1b:5d:3e:92:19:83:df:88:
19:76:5c:17
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQj11UEjQqhjjoT3E8TjfG3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MzRmMTY4NjEwMjg3NmM2MjE2YmNlYTI4YTVlNTAyZWMw
ZDdiNmIwHhcNMjUwMTAxMjE0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDNiYjZiNDc5Njk5NDhmMWNhOGEzMjE0MjQwZDBhZTY2YmIwMDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj1MOCChciMhv2yPbqJgV9MZVPe2C
YwL5pYuLhKC0VWWVMrNYMOPgH+2HJGAO4glrNKgMqGsMqbMRFeAUjL5/lxr8001G
rluhUuu7TVigNkjzbcy7HTd665mn/Bykr3zANzpIBTewsoWFQaEtvqOtxct9cj55
4piUl8x+p/6Ejw4boV8XJHKEO1bWMFFzo3ipxt2RXISllnbnoCmPCcXccKmtgC3N
tsNyfLK4gRabNbdMalsZ9C5szFM2osnNAFJKggYi1jWQz4Mt2CDVGWWXm3got1OI
sc68TT3S63QsowfbQa3ZIud48rwjjOGufJlGTB/47l8CpHB7LmdLuSWNkQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPQ7trR5aZSPHKijIUJA0K5muwAcMB8GA1UdIwQY
MBaAFNQ08WhhAodsYha86iil5QLsDXtrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2Ut
NTcxMmQ5NWFlNjM4LzEvOUR1MnRIbHBsSThjcUtNaFFrRFFybWE3QUJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2UtNTcxMmQ5NWFlNjM4
LzEvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABSiWAwQA
Up+PAwQAUp+jMA0GCSqGSIb3DQEBCwUAA4IBAQB3NUf8L5zL9ttBLVGjFeEg12vY
ZZ5f13LRqxUmD5X57z1Fz16J8mES79iw39daYF20MW0IL4E0MhNM5ooxCxuR4F8+
3OShB0RB/M/mJsz8IH32XkTKMXJLE0Cag+1yPxbBCtTu4rysMOV58mes8tIy6ZZr
aWR8+KPZq2dUOU5FUm9QS45Yf/kRMKv2BlbVhscXTSs7zwJnxfguDhuEPTx9aIK5
h4oEXRDDeC30eOXox42ithcRt1SzBdZIWX1hwwYfx0ri0D5Na2YW5KErMXZ+an3+
MhcdHUgOgD7lhnyQW+QzlBPG8pVlJwwTvyGSUEiD74gfG10+khmD34gZdlwX
-----END CERTIFICATE-----
Generated at Tue Apr 15 14:12:20 2025 by rpki-client