Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/T9fbdgOpfFZoRbnwehMF7qoRmBM.roa
File: T9fbdgOpfFZoRbnwehMF7qoRmBM.roa (raw, json)
Hash identifier: S1t4r8g6FqVdAWtlqGcCS4re28MdtDUt88Nk8JSF2Io=
Subject key identifier: 4F:D7:DB:76:03:A9:7C:56:68:45:B9:F0:7A:13:05:EE:AA:11:98:13
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 0194266C7911A6E82FE349B15F429ACB095E
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/T9fbdgOpfFZoRbnwehMF7qoRmBM.roa
Signing time: Thu 02 Jan 2025 09:50:30 +0000
ROA not before: Thu 02 Jan 2025 09:50:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43053
IP address blocks: 95.131.0.0/21 maxlen: 21
149.255.160.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 13 Mar 2025 20:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:79:11:a6:e8:2f:e3:49:b1:5f:42:9a:cb:09:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jan 2 09:50:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4fd7db7603a97c566845b9f07a1305eeaa119813
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:42:a9:b7:fa:05:2e:fa:8c:cc:ea:f3:46:d7:
b9:4c:bb:f3:d9:c6:da:55:ed:20:9f:56:54:32:02:
35:fe:4b:2d:61:0e:39:a5:91:02:f2:cc:94:3a:84:
f2:a8:ee:46:2a:f1:3d:8f:76:16:4e:34:8f:91:3f:
f6:41:fd:dd:3d:b0:e9:cf:f6:dd:56:0e:76:23:ca:
16:e7:d7:94:33:8a:2c:b1:dd:10:5e:0f:54:94:be:
19:d0:99:0d:d3:6a:2b:10:20:d7:9a:f3:33:d5:7a:
d5:d3:6a:b9:00:f7:db:a3:9e:ff:5b:66:15:77:90:
5a:ca:3e:dc:ba:1f:06:a1:a6:c2:e5:53:ec:3d:51:
92:42:35:b9:0f:88:56:19:e3:2c:db:32:71:5c:4c:
9f:0e:b6:40:23:8a:14:98:f8:29:0e:54:83:1d:18:
2f:22:e2:ad:68:ea:31:7c:32:a4:98:1c:f6:d7:d3:
6f:d0:d7:79:b2:b9:48:e7:44:de:56:06:a3:fc:a1:
15:35:f2:3b:14:f3:c9:fc:6a:e3:57:24:27:12:60:
6b:b5:87:96:9f:6e:35:cd:2c:eb:b8:d7:e4:34:bd:
15:03:4b:55:3b:b5:bf:68:1e:e8:27:89:ea:57:27:
f0:12:81:37:93:f2:76:cb:dd:84:27:83:70:43:81:
4d:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:D7:DB:76:03:A9:7C:56:68:45:B9:F0:7A:13:05:EE:AA:11:98:13
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/T9fbdgOpfFZoRbnwehMF7qoRmBM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.131.0.0/21
149.255.160.0/21
Signature Algorithm: sha256WithRSAEncryption
84:3b:42:42:32:07:3f:16:2f:4b:48:1d:2e:48:e7:ae:fb:01:
4c:b1:40:85:f8:ee:a0:e4:2e:c8:cd:23:6e:73:85:85:af:f7:
93:d2:45:97:28:95:97:d0:c2:8b:2d:7b:b8:2d:af:3d:83:22:
61:3c:24:8e:e1:41:4c:59:b7:be:3a:e5:d1:0e:29:e6:18:86:
ae:4f:02:39:c0:1a:b5:ff:2a:4e:ba:29:b8:ab:41:9b:fa:d1:
de:59:2e:09:21:c9:b3:13:59:11:38:7e:3e:9b:32:34:3f:26:
bb:b1:be:08:2f:bc:30:76:0c:87:7e:70:9a:31:57:a0:0b:b7:
0d:28:26:0e:f6:23:57:4b:db:79:76:6b:44:9e:8c:1e:bc:9e:
9a:e6:ba:89:05:fc:bf:04:66:23:91:c3:88:36:12:9e:08:72:
ab:4c:88:48:53:6e:0a:34:08:f9:98:ac:95:2f:fe:8f:f7:e6:
18:0e:83:da:1a:bd:82:46:b1:d6:25:95:11:99:ca:9b:fe:76:
16:c2:a9:59:3a:ef:1e:c3:31:a7:88:a9:95:8d:6e:9f:89:9d:
ce:49:0a:7b:d4:78:ca:8c:4e:e4:d9:9d:91:34:8e:2a:f7:67:
1b:9c:cc:35:b2:f8:6f:73:ad:f1:13:c0:94:2c:67:d3:38:63:
59:59:e7:21
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQmbHkRpugv40mxX0KaywleMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjUwMTAyMDk1MDMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmQ3ZGI3NjAzYTk3YzU2Njg0NWI5ZjA3YTEzMDVlZWFhMTE5ODEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkKpt/oFLvqMzOrzRte5TLvz2cba
Ve0gn1ZUMgI1/kstYQ45pZEC8syUOoTyqO5GKvE9j3YWTjSPkT/2Qf3dPbDpz/bd
Vg52I8oW59eUM4ossd0QXg9UlL4Z0JkN02orECDXmvMz1XrV02q5APfbo57/W2YV
d5Bayj7cuh8GoabC5VPsPVGSQjW5D4hWGeMs2zJxXEyfDrZAI4oUmPgpDlSDHRgv
IuKtaOoxfDKkmBz219Nv0Nd5srlI50TeVgaj/KEVNfI7FPPJ/GrjVyQnEmBrtYeW
n241zSzruNfkNL0VA0tVO7W/aB7oJ4nqVyfwEoE3k/J2y92EJ4NwQ4FNCQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE/X23YDqXxWaEW58HoTBe6qEZgTMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvVDlmYmRnT3BmRlpvUmJud2VoTUY3cW9SbUJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDX4MAAwQD
lf+gMA0GCSqGSIb3DQEBCwUAA4IBAQCEO0JCMgc/Fi9LSB0uSOeu+wFMsUCF+O6g
5C7IzSNuc4WFr/eT0kWXKJWX0MKLLXu4La89gyJhPCSO4UFMWbe+OuXRDinmGIau
TwI5wBq1/ypOuim4q0Gb+tHeWS4JIcmzE1kROH4+mzI0Pya7sb4IL7wwdgyHfnCa
MVegC7cNKCYO9iNXS9t5dmtEnowevJ6a5rqJBfy/BGYjkcOINhKeCHKrTIhIU24K
NAj5mKyVL/6P9+YYDoPaGr2CRrHWJZURmcqb/nYWwqlZOu8ewzGniKmVjW6fiZ3O
SQp71HjKjE7k2Z2RNI4q92cbnMw1svhvc63xE8CULGfTOGNZWech
-----END CERTIFICATE-----
Generated at Thu Mar 13 06:53:10 2025 by rpki-client