Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/7L1vgTgToFKSzrRepv2Szo9xCxg.roa
File: 7L1vgTgToFKSzrRepv2Szo9xCxg.roa (raw, json)
Hash identifier: 9iErhYwDfnu/WC9GuRdoutGn3lcZgKsjzqGhmTaaFvU=
Subject key identifier: EC:BD:6F:81:38:13:A0:52:92:CE:B4:5E:A6:FD:92:CE:8F:71:0B:18
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 0194266C5C353FA223D3A9DD9CFD1F615D82
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/7L1vgTgToFKSzrRepv2Szo9xCxg.roa
Signing time: Thu 02 Jan 2025 09:50:23 +0000
ROA not before: Thu 02 Jan 2025 09:50:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12958
IP address blocks: 46.237.40.0/22 maxlen: 22
109.161.56.0/24 maxlen: 24
217.15.137.0/24 maxlen: 24
217.15.156.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:5c:35:3f:a2:23:d3:a9:dd:9c:fd:1f:61:5d:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jan 2 09:50:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ecbd6f813813a05292ceb45ea6fd92ce8f710b18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:d6:09:d7:4c:a6:40:86:4b:38:37:2a:00:70:
87:28:8d:54:93:c6:6e:00:a1:92:0d:10:d8:b7:ad:
83:c3:b0:f2:d2:95:9a:b6:c3:17:f2:c8:e8:ef:e6:
bc:fc:a0:f1:80:f5:b9:17:86:43:1e:9a:d1:fc:cd:
c5:84:ed:bf:77:62:36:46:4e:da:a8:b6:65:d9:32:
50:0d:73:9f:87:fb:fe:c2:17:8e:f0:04:a3:3b:3d:
b2:85:6a:d5:ec:fa:54:73:c1:7a:3c:40:66:17:4e:
8d:71:68:85:2d:c8:79:df:06:2e:af:bb:26:21:7c:
85:ec:c1:9a:06:60:a6:77:b9:40:bf:56:7a:c6:72:
42:93:a0:dc:73:ed:ac:29:e1:2a:62:df:8a:87:8b:
f7:de:d4:40:3d:13:8c:ee:26:cc:94:d8:27:ab:55:
8a:7b:d7:65:0b:9b:9a:3f:50:1f:d7:9b:7c:5a:e9:
aa:e1:7e:4c:74:0c:0f:6b:65:0e:a5:b5:b1:26:10:
91:0b:43:10:74:23:08:e4:e1:33:cf:a9:3d:69:c3:
a9:8a:f7:f2:af:96:53:10:ba:af:40:a9:bc:d9:c6:
9b:61:ed:0c:97:4c:dd:23:2c:a2:2d:0e:91:0c:95:
92:aa:c4:63:d8:fc:8a:99:07:19:c3:2e:a2:b5:ef:
5f:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:BD:6F:81:38:13:A0:52:92:CE:B4:5E:A6:FD:92:CE:8F:71:0B:18
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/7L1vgTgToFKSzrRepv2Szo9xCxg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.237.40.0/22
109.161.56.0/24
217.15.137.0/24
217.15.156.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:85:56:c9:2b:fb:bd:af:b5:79:d8:55:67:13:e9:5f:6d:ee:
85:f8:d7:9c:cf:81:a3:2b:c3:24:d7:d7:59:b4:b3:39:ca:ef:
9d:13:28:ac:1d:95:31:2c:73:0b:c3:3f:58:d1:6d:b0:82:b6:
d4:45:d8:87:8a:84:c7:16:71:8f:66:06:7f:18:4f:0e:7a:5a:
c7:c1:c8:90:5d:6f:40:9c:cd:fa:49:f5:fc:d5:fb:76:4f:b3:
bb:ef:0c:d1:10:4f:18:be:85:2c:f1:42:06:57:71:fb:27:06:
8e:04:b6:69:c6:c3:cb:bb:be:05:7e:a3:a4:fc:d2:2d:99:02:
67:dd:e5:e3:b5:3d:8c:ff:44:22:3e:09:bb:ea:3d:71:6e:33:
8b:10:2b:c5:66:00:09:ed:b2:66:25:96:da:96:13:d8:d8:d4:
87:e3:7a:b3:4f:8d:b6:1f:0c:a7:e2:69:74:b6:f5:52:db:10:
b2:8a:50:21:19:4b:6b:4d:c4:43:c9:76:45:78:d2:f5:aa:6a:
7e:8e:2b:1c:5c:c7:36:3d:93:39:ed:8e:65:e7:70:ee:cd:29:
e9:40:13:64:47:a1:3b:69:6c:82:af:31:3b:8c:65:8f:f6:98:
6d:77:44:aa:5c:c5:7a:21:54:c7:69:7a:66:35:9b:53:c9:56:
b7:bc:94:a4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQmbFw1P6Ij06ndnP0fYV2CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjUwMTAyMDk1MDIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2JkNmY4MTM4MTNhMDUyOTJjZWI0NWVhNmZkOTJjZThmNzEwYjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAntYJ10ymQIZLODcqAHCHKI1Uk8Zu
AKGSDRDYt62Dw7Dy0pWatsMX8sjo7+a8/KDxgPW5F4ZDHprR/M3FhO2/d2I2Rk7a
qLZl2TJQDXOfh/v+wheO8ASjOz2yhWrV7PpUc8F6PEBmF06NcWiFLch53wYur7sm
IXyF7MGaBmCmd7lAv1Z6xnJCk6Dcc+2sKeEqYt+Kh4v33tRAPROM7ibMlNgnq1WK
e9dlC5uaP1Af15t8Wumq4X5MdAwPa2UOpbWxJhCRC0MQdCMI5OEzz6k9acOpivfy
r5ZTELqvQKm82cabYe0Ml0zdIyyiLQ6RDJWSqsRj2PyKmQcZwy6ite9fcQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOy9b4E4E6BSks60Xqb9ks6PcQsYMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvN0wxdmdUZ1RvRktTenJSZXB2MlN6bzl4Q3hnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCLu0oAwQA
baE4AwQA2Q+JAwQA2Q+cMA0GCSqGSIb3DQEBCwUAA4IBAQB6hVbJK/u9r7V52FVn
E+lfbe6F+Necz4GjK8Mk19dZtLM5yu+dEyisHZUxLHMLwz9Y0W2wgrbURdiHioTH
FnGPZgZ/GE8OelrHwciQXW9AnM36SfX81ft2T7O77wzREE8YvoUs8UIGV3H7JwaO
BLZpxsPLu74FfqOk/NItmQJn3eXjtT2M/0QiPgm76j1xbjOLECvFZgAJ7bJmJZba
lhPY2NSH43qzT422Hwyn4ml0tvVS2xCyilAhGUtrTcRDyXZFeNL1qmp+jiscXMc2
PZM57Y5l53DuzSnpQBNkR6E7aWyCrzE7jGWP9phtd0SqXMV6IVTHaXpmNZtTyVa3
vJSk
-----END CERTIFICATE-----
Generated at Thu Mar 13 07:16:39 2025 by rpki-client