Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/4elc8NOxkc2XEusqBnPIhsvMNiA.roa
File: 4elc8NOxkc2XEusqBnPIhsvMNiA.roa (raw, json)
Hash identifier: 3Iun8NRROJldOwT0PivbmGJaw4HiYelJRIVP9Aj8z4k=
Subject key identifier: E1:E9:5C:F0:D3:B1:91:CD:97:12:EB:2A:06:73:C8:86:CB:CC:36:20
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 0194266C7B012B7FFEE28DDE8C17258DA9E2
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/4elc8NOxkc2XEusqBnPIhsvMNiA.roa
Signing time: Thu 02 Jan 2025 09:50:31 +0000
ROA not before: Thu 02 Jan 2025 09:50:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43574
IP address blocks: 78.156.224.0/19 maxlen: 19
109.172.56.0/24 maxlen: 24
109.172.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 00:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:7b:01:2b:7f:fe:e2:8d:de:8c:17:25:8d:a9:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jan 2 09:50:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e1e95cf0d3b191cd9712eb2a0673c886cbcc3620
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:60:48:eb:77:e6:2e:50:57:a6:b2:2f:9d:a8:
fa:69:6d:b3:cd:7b:de:05:22:e8:53:be:eb:d4:6f:
b3:88:43:d8:e9:8b:9f:f5:b2:6b:d3:ed:39:6b:fc:
01:94:5e:13:42:43:cd:1e:5e:ca:31:89:76:30:de:
e9:e9:92:70:00:ed:da:4c:48:d6:2a:e0:0b:08:a8:
6b:15:99:42:6b:c9:2e:e0:89:d0:95:3d:fb:0c:8a:
a5:97:57:2d:1e:a2:48:3e:f3:52:3e:c7:06:93:8a:
28:9a:53:ef:cd:7f:bf:2f:2d:77:2f:38:ae:8f:98:
ae:55:6c:93:df:83:f1:74:01:c1:91:dd:83:72:88:
07:74:b6:93:b6:25:e6:ce:4e:40:24:93:22:d1:ae:
2e:85:f4:43:5f:25:9a:19:fd:2e:27:9a:ed:2e:3c:
b1:91:dd:06:d4:4b:dd:1a:e3:ef:f8:f7:69:ba:78:
0d:1a:2c:60:81:c5:70:b5:80:73:b2:4a:93:48:8f:
91:8d:cd:68:ec:79:bc:4d:dd:98:7b:dc:48:b7:27:
1b:bd:1e:30:af:95:20:d9:a3:35:0d:6c:50:38:94:
b8:c9:20:11:d4:81:54:a9:39:bf:87:20:c9:93:b9:
37:05:78:55:a9:0c:0f:b0:38:3d:59:7a:55:fb:8d:
16:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:E9:5C:F0:D3:B1:91:CD:97:12:EB:2A:06:73:C8:86:CB:CC:36:20
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/4elc8NOxkc2XEusqBnPIhsvMNiA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.156.224.0/19
109.172.56.0/24
109.172.63.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:6e:e3:d3:90:2d:e6:1b:db:78:aa:9a:3f:b4:01:bd:2e:e0:
51:38:73:19:81:27:ac:a1:49:ca:93:19:20:a7:a5:fc:6f:9a:
62:f5:df:11:4d:64:b6:07:55:8b:c9:79:d7:45:c9:97:e0:26:
79:7b:7c:4e:6a:12:3a:62:cf:e8:ab:39:78:12:7c:c9:3a:8b:
30:94:18:da:ee:e8:f1:db:8b:d1:09:c7:d5:e9:72:7b:ec:3f:
fe:50:5a:d3:3c:c1:4f:56:d6:63:61:66:7b:3b:83:4f:37:52:
fe:2e:e4:0c:67:12:04:d3:3a:95:55:44:7b:e9:61:f3:34:cc:
6f:6e:b8:f5:8c:66:b9:13:d5:f6:5c:3f:35:f6:4b:97:91:5b:
c7:1f:36:e9:20:f9:04:ce:79:42:3a:fe:44:e0:6b:8d:8f:c5:
df:9e:9b:8c:ad:27:ec:0f:a2:4f:8e:8c:71:7b:65:0e:63:d1:
29:25:67:22:32:b1:fa:31:fc:88:ef:cd:4d:0e:24:44:d7:d8:
a1:e3:1a:79:d4:65:46:4a:c3:af:d1:84:63:7a:97:73:65:2a:
25:45:f3:6c:27:5e:3c:b3:bb:2a:a7:b3:b0:df:55:94:c2:35:
5c:9a:4d:95:0e:12:b4:aa:52:a4:ba:cb:04:b5:e6:60:f4:86:
1f:8c:a0:be
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQmbHsBK3/+4o3ejBcljaniMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjUwMTAyMDk1MDMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWU5NWNmMGQzYjE5MWNkOTcxMmViMmEwNjczYzg4NmNiY2MzNjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomBI63fmLlBXprIvnaj6aW2zzXve
BSLoU77r1G+ziEPY6Yuf9bJr0+05a/wBlF4TQkPNHl7KMYl2MN7p6ZJwAO3aTEjW
KuALCKhrFZlCa8ku4InQlT37DIqll1ctHqJIPvNSPscGk4oomlPvzX+/Ly13Lziu
j5iuVWyT34PxdAHBkd2DcogHdLaTtiXmzk5AJJMi0a4uhfRDXyWaGf0uJ5rtLjyx
kd0G1EvdGuPv+PdpungNGixggcVwtYBzskqTSI+Rjc1o7Hm8Td2Ye9xItycbvR4w
r5Ug2aM1DWxQOJS4ySAR1IFUqTm/hyDJk7k3BXhVqQwPsDg9WXpV+40WQwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOHpXPDTsZHNlxLrKgZzyIbLzDYgMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvNGVsYzhOT3hrYzJYRXVzcUJuUEloc3ZNTmlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQFTpzgAwQA
baw4AwQAbaw/MA0GCSqGSIb3DQEBCwUAA4IBAQCcbuPTkC3mG9t4qpo/tAG9LuBR
OHMZgSesoUnKkxkgp6X8b5pi9d8RTWS2B1WLyXnXRcmX4CZ5e3xOahI6Ys/oqzl4
EnzJOoswlBja7ujx24vRCcfV6XJ77D/+UFrTPMFPVtZjYWZ7O4NPN1L+LuQMZxIE
0zqVVUR76WHzNMxvbrj1jGa5E9X2XD819kuXkVvHHzbpIPkEznlCOv5E4GuNj8Xf
npuMrSfsD6JPjoxxe2UOY9EpJWciMrH6MfyI781NDiRE19ih4xp51GVGSsOv0YRj
epdzZSolRfNsJ148s7sqp7Ow31WUwjVcmk2VDhK0qlKkussEteZg9IYfjKC+
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:30:01 2025 by rpki-client