Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/p8p4IasSsOcmC2NN7hRg8Ik3mG0.roa
File: p8p4IasSsOcmC2NN7hRg8Ik3mG0.roa (raw, json)
Hash identifier: pRTYjmIqU4/LFRZ0KGUc546vhtpdWflCEZbCrhhuVZQ=
Subject key identifier: A7:CA:78:21:AB:12:B0:E7:26:0B:63:4D:EE:14:60:F0:89:37:98:6D
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 0194266C718313D254F173F3CAAD3621CD37
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/p8p4IasSsOcmC2NN7hRg8Ik3mG0.roa
Signing time: Thu 02 Jan 2025 09:50:28 +0000
ROA not before: Thu 02 Jan 2025 09:50:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35154
IP address blocks: 31.192.160.0/19 maxlen: 19
87.224.128.0/17 maxlen: 17
90.157.0.0/17 maxlen: 17
92.54.64.0/18 maxlen: 18
94.31.128.0/17 maxlen: 17
188.73.128.0/18 maxlen: 18
213.142.32.0/19 maxlen: 19
2a00:8b00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:71:83:13:d2:54:f1:73:f3:ca:ad:36:21:cd:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jan 2 09:50:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a7ca7821ab12b0e7260b634dee1460f08937986d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:54:81:37:97:ee:82:0a:b5:1b:76:91:6a:6a:
2a:ba:6b:db:51:4d:7f:cb:5b:87:f6:92:c9:01:3e:
6b:52:a4:ec:6b:f8:f8:34:a9:23:e6:8f:30:ed:86:
f6:29:4f:64:57:f9:b6:72:02:71:62:06:42:81:85:
0e:b8:d6:2c:d4:45:07:fb:27:ba:a5:8a:93:76:0d:
4a:e4:93:d4:ad:30:29:76:d5:88:f8:58:2f:30:f5:
86:c2:1f:bc:ed:92:b2:91:09:9d:e0:45:d2:bb:48:
ff:d4:1b:5f:5b:cf:69:35:1c:2c:14:da:c7:2d:8f:
08:37:40:84:fb:43:d5:17:47:af:37:7f:9a:3f:d7:
49:4e:07:41:4a:96:17:02:bd:9c:40:91:6c:4f:8e:
02:47:58:96:ef:3d:52:b3:76:96:2c:d4:d1:77:f7:
bf:7b:24:81:de:49:12:77:0b:97:51:3a:3c:a2:35:
94:37:75:38:0d:a3:7b:49:40:8a:53:b6:fd:ab:74:
04:b3:dc:5a:5e:5e:20:9e:78:3f:84:de:ea:cf:28:
ba:70:f9:a7:ed:68:ab:4c:9d:32:b4:28:7b:02:a6:
5e:91:42:44:c4:f5:21:5a:ea:eb:d4:a3:1b:01:23:
cd:a1:9c:76:69:67:7e:24:96:17:f3:fb:ae:3f:b0:
ac:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:CA:78:21:AB:12:B0:E7:26:0B:63:4D:EE:14:60:F0:89:37:98:6D
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/p8p4IasSsOcmC2NN7hRg8Ik3mG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.192.160.0/19
87.224.128.0/17
90.157.0.0/17
92.54.64.0/18
94.31.128.0/17
188.73.128.0/18
213.142.32.0/19
IPv6:
2a00:8b00::/32
Signature Algorithm: sha256WithRSAEncryption
09:a1:47:94:77:52:bc:7c:d1:82:57:aa:54:74:d1:fa:da:57:
c3:ae:5d:18:9a:78:d5:16:c6:c4:aa:1c:53:94:60:f7:df:30:
fb:1e:40:7c:1d:2e:46:7e:e9:e6:af:44:28:d2:96:e6:79:b9:
3f:8c:e9:8e:e0:05:07:f1:d1:58:c7:70:ad:36:c9:f4:be:bf:
15:38:8b:b3:6e:ca:db:fd:3a:02:ec:03:1e:8c:14:9a:20:a3:
75:33:e2:4c:1e:7f:17:9b:54:88:7c:c8:63:8b:50:00:a7:e5:
19:13:e8:0a:8d:a0:13:31:97:3d:93:17:31:b4:c3:f4:69:80:
6a:e7:d6:4c:ba:25:41:e0:0b:df:67:b6:17:58:3f:db:60:33:
45:14:99:a9:f9:a3:f6:4c:64:e1:41:64:22:0c:27:e7:3d:f4:
ed:66:9f:b2:44:0a:f4:af:fd:ef:70:4b:0a:1e:93:80:98:04:
f0:26:ca:e1:bd:ef:ab:61:6f:3c:13:7a:f4:97:5d:f4:2c:33:
7f:06:a8:49:1c:42:5f:a3:d0:69:e0:17:da:28:8e:eb:dc:9e:
9e:f4:54:3c:50:3e:fd:54:0e:7f:aa:44:05:e2:75:9c:66:c2:
e9:4c:12:70:f1:4b:51:98:25:96:35:5e:11:4c:99:70:cf:c0:
dd:2f:01:c6
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZQmbHGDE9JU8XPzyq02Ic03MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjUwMTAyMDk1MDI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2NhNzgyMWFiMTJiMGU3MjYwYjYzNGRlZTE0NjBmMDg5Mzc5ODZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVSBN5fuggq1G3aRamoqumvbUU1/
y1uH9pLJAT5rUqTsa/j4NKkj5o8w7Yb2KU9kV/m2cgJxYgZCgYUOuNYs1EUH+ye6
pYqTdg1K5JPUrTApdtWI+FgvMPWGwh+87ZKykQmd4EXSu0j/1BtfW89pNRwsFNrH
LY8IN0CE+0PVF0evN3+aP9dJTgdBSpYXAr2cQJFsT44CR1iW7z1Ss3aWLNTRd/e/
eySB3kkSdwuXUTo8ojWUN3U4DaN7SUCKU7b9q3QEs9xaXl4gnng/hN7qzyi6cPmn
7WirTJ0ytCh7AqZekUJExPUhWurr1KMbASPNoZx2aWd+JJYX8/uuP7CsSwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFKfKeCGrErDnJgtjTe4UYPCJN5htMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvcDhwNElhc1NzT2NtQzJOTjdoUmc4SWszbUcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQFH8CgAwQH
V+CAAwQHWp0AAwQGXDZAAwQHXh+AAwQGvEmAAwQF1Y4gMA0EAgACMAcDBQAqAIsA
MA0GCSqGSIb3DQEBCwUAA4IBAQAJoUeUd1K8fNGCV6pUdNH62lfDrl0YmnjVFsbE
qhxTlGD33zD7HkB8HS5Gfunmr0Qo0pbmebk/jOmO4AUH8dFYx3CtNsn0vr8VOIuz
bsrb/ToC7AMejBSaIKN1M+JMHn8Xm1SIfMhji1AAp+UZE+gKjaATMZc9kxcxtMP0
aYBq59ZMuiVB4AvfZ7YXWD/bYDNFFJmp+aP2TGThQWQiDCfnPfTtZp+yRAr0r/3v
cEsKHpOAmATwJsrhve+rYW88E3r0l130LDN/BqhJHEJfo9Bp4BfaKI7r3J6e9FQ8
UD79VA5/qkQF4nWcZsLpTBJw8UtRmCWWNV4RTJlwz8DdLwHG
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:41:08 2025 by rpki-client