Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/f19060-3782-4bdf-83c0-0ce9813d4925/1/vXuEkJ-9mpU1nfQBFK_5iOp0K3I.roa
File: vXuEkJ-9mpU1nfQBFK_5iOp0K3I.roa (raw, json)
Hash identifier: lDQFg6jP9zzKp8GOQZTtX7RG+jBwgGpPUV7sKS2JAPw=
Subject key identifier: BD:7B:84:90:9F:BD:9A:95:35:9D:F4:01:14:AF:F9:88:EA:74:2B:72
Certificate issuer: /CN=7de0d23a11470e2430f52e1be2e03014e2b84ee1
Certificate serial: 0195485EB0B9827D4731607428CB07157BC5
Authority key identifier: 7D:E0:D2:3A:11:47:0E:24:30:F5:2E:1B:E2:E0:30:14:E2:B8:4E:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/feDSOhFHDiQw9S4b4uAwFOK4TuE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/f19060-3782-4bdf-83c0-0ce9813d4925/1/vXuEkJ-9mpU1nfQBFK_5iOp0K3I.roa
Signing time: Thu 27 Feb 2025 17:05:19 +0000
ROA not before: Thu 27 Feb 2025 17:05:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213777
IP address blocks: 109.70.79.0/24 maxlen: 24
2a14:e800::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/f19060-3782-4bdf-83c0-0ce9813d4925/1/feDSOhFHDiQw9S4b4uAwFOK4TuE.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/f19060-3782-4bdf-83c0-0ce9813d4925/1/feDSOhFHDiQw9S4b4uAwFOK4TuE.mft
rsync://rpki.ripe.net/repository/DEFAULT/feDSOhFHDiQw9S4b4uAwFOK4TuE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 23:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:48:5e:b0:b9:82:7d:47:31:60:74:28:cb:07:15:7b:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7de0d23a11470e2430f52e1be2e03014e2b84ee1
Validity
Not Before: Feb 27 17:05:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bd7b84909fbd9a95359df40114aff988ea742b72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:2d:35:fd:3e:9e:e8:a1:17:13:34:a8:fc:71:
32:bd:c3:93:8a:71:80:99:91:9e:16:7f:04:8d:22:
46:29:92:91:07:cd:79:c0:87:d3:e9:d8:c6:4e:5c:
f4:b5:16:bf:7a:45:b2:33:82:39:89:4f:14:d4:7f:
fb:2b:97:27:81:24:e3:51:9b:d3:41:44:22:ed:a5:
99:29:fb:aa:71:14:f5:d6:7e:15:5f:31:24:36:32:
e3:e2:2c:5e:15:01:ab:b3:90:2e:ac:88:61:ed:d7:
3a:2c:b9:6a:6e:4a:eb:ea:44:e8:28:f3:41:f2:20:
21:53:35:c5:aa:01:a5:1d:c0:0c:45:27:f9:b2:f6:
c9:04:ee:ca:2b:33:8c:99:ae:68:30:fe:3b:49:44:
76:1b:64:ad:ed:4d:c5:2d:4a:71:69:0a:cb:3c:d9:
45:be:7d:3d:6b:f0:2c:40:36:2d:29:96:4e:84:ab:
ae:50:9f:67:35:cd:86:00:55:63:74:f7:0f:f1:b7:
bc:ec:af:86:0e:c4:82:e8:55:6b:c8:64:7b:51:e4:
e7:f1:7c:70:22:de:1e:62:29:eb:f6:19:22:88:6a:
3b:fd:36:2b:a3:2a:2c:ba:09:e1:d6:c0:31:c3:ba:
b4:df:6c:e4:fd:64:a5:8c:54:78:4a:f9:62:09:b8:
27:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:7B:84:90:9F:BD:9A:95:35:9D:F4:01:14:AF:F9:88:EA:74:2B:72
X509v3 Authority Key Identifier:
keyid:7D:E0:D2:3A:11:47:0E:24:30:F5:2E:1B:E2:E0:30:14:E2:B8:4E:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/feDSOhFHDiQw9S4b4uAwFOK4TuE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/f19060-3782-4bdf-83c0-0ce9813d4925/1/vXuEkJ-9mpU1nfQBFK_5iOp0K3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/f19060-3782-4bdf-83c0-0ce9813d4925/1/feDSOhFHDiQw9S4b4uAwFOK4TuE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.70.79.0/24
IPv6:
2a14:e800::/29
Signature Algorithm: sha256WithRSAEncryption
09:ed:a5:cf:9e:c9:06:d8:96:62:2b:28:6e:a2:fc:ca:09:66:
3a:98:5f:0a:8d:2d:5e:96:3d:b9:78:a2:a0:11:14:58:5e:71:
1e:a7:a0:47:15:a6:dc:54:b7:01:a8:c0:c4:d9:83:4c:56:5b:
27:56:51:b4:80:d8:93:b9:57:b6:ca:7a:da:d8:5c:17:ff:72:
3b:6e:a3:69:44:8d:72:f2:c0:b3:c5:65:a1:35:77:6e:7c:bf:
0b:92:c8:5c:e4:0d:f9:8d:c9:12:b2:28:d0:4c:cc:11:4f:13:
b1:ff:47:ec:e6:9a:aa:aa:29:dc:a4:04:b0:e4:f2:ec:ee:66:
d3:65:51:2e:52:7d:bf:7f:aa:4b:76:8a:f2:07:8c:5f:49:3e:
07:ed:34:41:ba:ea:7a:7d:7c:d9:90:bc:7c:93:c0:85:05:31:
39:3e:26:7d:e6:aa:30:4b:d5:96:db:e1:ed:fd:94:21:57:72:
e9:cf:0a:22:cd:e6:cc:07:a8:3a:7e:39:96:3e:8b:c3:5d:f7:
f5:09:fa:e0:a6:e6:c1:0b:1c:06:35:87:93:e4:8f:83:d7:ee:
ac:3f:18:ac:64:2e:4d:ee:ef:96:c1:9d:18:e2:1e:45:19:f2:
56:f6:64:7e:4f:14:1b:52:15:a2:51:b0:1c:18:d4:32:fd:e8:
3a:34:a4:f5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZVIXrC5gn1HMWB0KMsHFXvFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZTBkMjNhMTE0NzBlMjQzMGY1MmUxYmUyZTAzMDE0ZTJi
ODRlZTEwHhcNMjUwMjI3MTcwNTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDdiODQ5MDlmYmQ5YTk1MzU5ZGY0MDExNGFmZjk4OGVhNzQyYjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAti01/T6e6KEXEzSo/HEyvcOTinGA
mZGeFn8EjSJGKZKRB815wIfT6djGTlz0tRa/ekWyM4I5iU8U1H/7K5cngSTjUZvT
QUQi7aWZKfuqcRT11n4VXzEkNjLj4ixeFQGrs5AurIhh7dc6LLlqbkrr6kToKPNB
8iAhUzXFqgGlHcAMRSf5svbJBO7KKzOMma5oMP47SUR2G2St7U3FLUpxaQrLPNlF
vn09a/AsQDYtKZZOhKuuUJ9nNc2GAFVjdPcP8be87K+GDsSC6FVryGR7UeTn8Xxw
It4eYinr9hkiiGo7/TYroyosugnh1sAxw7q032zk/WSljFR4SvliCbgn6wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFL17hJCfvZqVNZ30ARSv+YjqdCtyMB8GA1UdIwQY
MBaAFH3g0joRRw4kMPUuG+LgMBTiuE7hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmVEU09oRkhEaVF3OVM0YjR1QXdGT0s0VHVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9mMTkwNjAtMzc4Mi00YmRmLTgzYzAt
MGNlOTgxM2Q0OTI1LzEvdlh1RWtKLTltcFUxbmZRQkZLXzVpT3AwSzNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9mMTkwNjAtMzc4Mi00YmRmLTgzYzAtMGNlOTgxM2Q0OTI1
LzEvZmVEU09oRkhEaVF3OVM0YjR1QXdGT0s0VHVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAbUZPMA0E
AgACMAcDBQMqFOgAMA0GCSqGSIb3DQEBCwUAA4IBAQAJ7aXPnskG2JZiKyhuovzK
CWY6mF8KjS1elj25eKKgERRYXnEep6BHFabcVLcBqMDE2YNMVlsnVlG0gNiTuVe2
ynra2FwX/3I7bqNpRI1y8sCzxWWhNXdufL8Lkshc5A35jckSsijQTMwRTxOx/0fs
5pqqqincpASw5PLs7mbTZVEuUn2/f6pLdoryB4xfST4H7TRBuup6fXzZkLx8k8CF
BTE5PiZ95qowS9WW2+Ht/ZQhV3LpzwoizebMB6g6fjmWPovDXff1CfrgpubBCxwG
NYeT5I+D1+6sPxisZC5N7u+WwZ0Y4h5FGfJW9mR+TxQbUhWiUbAcGNQy/eg6NKT1
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:18:55 2025 by rpki-client