Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/16SMeLltwXhNSYjuzdiu77wNRWE.roa
File: 16SMeLltwXhNSYjuzdiu77wNRWE.roa (raw, json)
Hash identifier: Fxk7+sTOldPhSU2EjsLhSv1bp+MJOI8/UZDcHNnm1Yk=
Subject key identifier: D7:A4:8C:78:B9:6D:C1:78:4D:49:88:EE:CD:D8:AE:EF:BC:0D:45:61
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 0194266C742F9C76F2A7E4C6F36310C2F23C
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/16SMeLltwXhNSYjuzdiu77wNRWE.roa
Signing time: Thu 02 Jan 2025 09:50:29 +0000
ROA not before: Thu 02 Jan 2025 09:50:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39407
IP address blocks: 87.103.232.0/24 maxlen: 24
87.103.234.0/24 maxlen: 24
95.189.113.0/24 maxlen: 24
95.189.114.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:74:2f:9c:76:f2:a7:e4:c6:f3:63:10:c2:f2:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jan 2 09:50:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d7a48c78b96dc1784d4988eecdd8aeefbc0d4561
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:0c:4f:69:1e:35:3a:d5:28:64:50:79:e3:f2:
b3:51:f9:ec:43:1b:7b:6b:ec:ad:41:3b:d9:8e:da:
b7:1d:cd:eb:53:8d:ea:35:32:84:f8:77:c7:f6:53:
2f:16:97:eb:e3:7f:1e:bc:2c:b3:fd:b4:03:7f:74:
0a:36:da:37:8a:24:02:3c:b9:ee:c5:e9:9a:79:74:
45:c0:de:65:b4:3a:90:9e:d7:d3:2f:bc:70:1a:eb:
48:3b:04:c6:46:c3:cc:bb:1f:99:48:07:68:06:ee:
b6:5c:be:b9:40:5f:09:34:0f:ba:02:4b:32:09:9d:
27:cb:90:1d:93:b1:91:32:09:f1:2c:e9:f4:17:2e:
a4:08:e6:54:30:19:7a:81:42:a8:92:13:a7:c7:46:
9f:4b:9b:a6:26:89:68:14:86:91:0f:cb:5d:b9:cd:
a5:f2:97:c3:f7:15:40:ce:58:db:7c:cd:f6:bb:d7:
52:f5:5c:26:4e:5f:2d:18:db:b8:da:bc:c4:78:f6:
84:fd:f1:b2:c6:b8:21:cf:30:dc:d9:0b:99:2c:08:
3c:3f:54:65:22:32:c5:08:df:99:97:19:4e:c6:48:
f8:db:07:46:72:5c:1b:76:07:37:f9:c7:75:66:b8:
09:60:9a:0e:f9:b7:4e:d0:80:06:56:bd:04:57:fc:
d5:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:A4:8C:78:B9:6D:C1:78:4D:49:88:EE:CD:D8:AE:EF:BC:0D:45:61
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/16SMeLltwXhNSYjuzdiu77wNRWE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.103.232.0/24
87.103.234.0/24
95.189.113.0-95.189.114.255
Signature Algorithm: sha256WithRSAEncryption
0a:93:30:3a:16:da:71:73:8f:de:ea:b2:7a:04:df:1d:f9:8a:
80:9d:1a:00:3a:ab:07:69:c3:30:e7:9b:62:10:69:6d:d1:ef:
00:14:1a:1c:df:1f:68:a8:8e:ea:4b:74:5f:bf:5b:aa:13:bb:
47:ff:5d:70:0b:ff:77:34:3e:ca:7a:c9:e1:62:f2:c5:51:87:
bd:08:8b:85:3b:75:e2:f5:99:14:79:e9:52:ff:e3:1c:b5:16:
58:a0:58:84:85:39:4c:74:8d:00:5f:36:80:1b:bc:ea:62:d4:
c5:72:cd:cc:ef:94:91:9a:9a:32:92:2c:1d:b9:d0:cd:3a:2f:
ef:67:c2:0f:d1:64:09:c4:41:79:12:5c:c8:32:eb:3a:37:28:
04:d7:0f:1e:96:cc:6d:20:97:58:03:12:5e:33:91:9e:e0:47:
fe:7e:66:fb:da:b0:74:a8:78:d4:7b:5e:59:8c:94:2d:e9:05:
1d:82:81:de:d1:b6:fd:f7:5e:bb:42:7a:21:d5:21:69:14:06:
66:fd:bb:66:9c:a3:78:24:54:24:66:d5:99:6c:88:ce:85:40:
6e:83:aa:9b:ac:7e:db:d6:6b:ba:3c:f8:df:91:79:9a:82:a3:
18:52:4d:71:80:49:3b:14:13:8f:fc:27:d7:8f:37:87:d1:8f:
40:ec:09:19
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQmbHQvnHbyp+TG82MQwvI8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjUwMTAyMDk1MDI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2E0OGM3OGI5NmRjMTc4NGQ0OTg4ZWVjZGQ4YWVlZmJjMGQ0NTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9wxPaR41OtUoZFB54/KzUfnsQxt7
a+ytQTvZjtq3Hc3rU43qNTKE+HfH9lMvFpfr438evCyz/bQDf3QKNto3iiQCPLnu
xemaeXRFwN5ltDqQntfTL7xwGutIOwTGRsPMux+ZSAdoBu62XL65QF8JNA+6Aksy
CZ0ny5Adk7GRMgnxLOn0Fy6kCOZUMBl6gUKokhOnx0afS5umJoloFIaRD8tduc2l
8pfD9xVAzljbfM32u9dS9VwmTl8tGNu42rzEePaE/fGyxrghzzDc2QuZLAg8P1Rl
IjLFCN+ZlxlOxkj42wdGclwbdgc3+cd1ZrgJYJoO+bdO0IAGVr0EV/zVrwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFNekjHi5bcF4TUmI7s3Yru+8DUVhMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvMTZTTWVMbHR3WGhOU1lqdXpkaXU3N3dOUldFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAV2foAwQA
V2fqMAwDBABfvXEDBABfvXIwDQYJKoZIhvcNAQELBQADggEBAAqTMDoW2nFzj97q
snoE3x35ioCdGgA6qwdpwzDnm2IQaW3R7wAUGhzfH2iojupLdF+/W6oTu0f/XXAL
/3c0Psp6yeFi8sVRh70Ii4U7deL1mRR56VL/4xy1FligWISFOUx0jQBfNoAbvOpi
1MVyzczvlJGamjKSLB250M06L+9nwg/RZAnEQXkSXMgy6zo3KATXDx6WzG0gl1gD
El4zkZ7gR/5+ZvvasHSoeNR7XlmMlC3pBR2Cgd7Rtv33XrtCeiHVIWkUBmb9u2ac
o3gkVCRm1ZlsiM6FQG6DqpusftvWa7o8+N+ReZqCoxhSTXGASTsUE4/8J9ePN4fR
j0DsCRk=
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:55:10 2025 by rpki-client