Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/inKVgfg6tkDW3-Ko2Fj1q9U9rjM.roa
File: inKVgfg6tkDW3-Ko2Fj1q9U9rjM.roa (raw, json)
Hash identifier: m3IZ4E9iTFBEvHgMwMmb/F3F5jQFINfkwm1zng7j3wE=
Subject key identifier: 8A:72:95:81:F8:3A:B6:40:D6:DF:E2:A8:D8:58:F5:AB:D5:3D:AE:33
Certificate issuer: /CN=b72588c00eef715809eb5fdd6d6717cc28c0dfac
Certificate serial: 01942827A154E6254A75DBF1F71ADFC9ABE4
Authority key identifier: B7:25:88:C0:0E:EF:71:58:09:EB:5F:DD:6D:67:17:CC:28:C0:DF:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tyWIwA7vcVgJ61_dbWcXzCjA36w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/inKVgfg6tkDW3-Ko2Fj1q9U9rjM.roa
Signing time: Thu 02 Jan 2025 17:54:33 +0000
ROA not before: Thu 02 Jan 2025 17:54:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215247
IP address blocks: 31.207.64.0/23 maxlen: 23
31.207.64.0/24 maxlen: 24
31.207.65.0/24 maxlen: 24
152.89.135.0/24 maxlen: 24
192.145.19.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/tyWIwA7vcVgJ61_dbWcXzCjA36w.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/tyWIwA7vcVgJ61_dbWcXzCjA36w.mft
rsync://rpki.ripe.net/repository/DEFAULT/tyWIwA7vcVgJ61_dbWcXzCjA36w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 14:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:a1:54:e6:25:4a:75:db:f1:f7:1a:df:c9:ab:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72588c00eef715809eb5fdd6d6717cc28c0dfac
Validity
Not Before: Jan 2 17:54:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8a729581f83ab640d6dfe2a8d858f5abd53dae33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:63:6f:54:dc:90:95:bb:48:4e:dc:8e:22:31:
48:62:39:7c:c4:79:12:25:d2:e3:f8:d0:05:52:87:
ff:88:ba:d0:fa:b2:c5:13:be:cb:2e:13:f5:6d:88:
5c:40:87:61:a0:c2:62:95:fb:0b:0c:90:bb:fd:2d:
3e:ee:3c:10:dc:b5:8f:0a:04:98:ae:92:53:5c:00:
2c:dc:a9:ea:4b:a9:84:5b:0a:e5:c9:9a:3c:e8:7b:
75:03:77:45:2c:93:7c:5a:79:24:55:fe:d3:34:d4:
46:3d:2c:ac:19:2a:57:9c:cb:bb:3b:db:8a:ed:7f:
75:59:d8:cb:11:8a:f8:ca:08:61:7f:80:47:e3:42:
0f:ab:ff:f1:d9:0e:c9:37:c9:3d:e4:dc:e5:20:f9:
5d:d9:a1:95:36:0c:28:68:7d:dc:7f:b2:8e:a6:c5:
0d:91:ce:d6:47:01:1f:a9:81:f5:57:ee:57:09:ae:
aa:62:5c:b2:32:f6:c0:41:5d:a4:9b:be:ef:e8:57:
5c:d6:03:97:53:36:2d:86:cf:ee:6c:8d:74:f0:f9:
36:3e:0c:08:e9:03:9f:b6:90:e8:a5:42:9f:07:3d:
4e:a6:4b:00:b0:e0:c7:f8:fd:fc:c8:5a:ba:82:f0:
43:68:fb:98:dd:ca:2b:15:8b:59:1d:91:3d:b6:63:
2b:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:72:95:81:F8:3A:B6:40:D6:DF:E2:A8:D8:58:F5:AB:D5:3D:AE:33
X509v3 Authority Key Identifier:
keyid:B7:25:88:C0:0E:EF:71:58:09:EB:5F:DD:6D:67:17:CC:28:C0:DF:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tyWIwA7vcVgJ61_dbWcXzCjA36w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/inKVgfg6tkDW3-Ko2Fj1q9U9rjM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/tyWIwA7vcVgJ61_dbWcXzCjA36w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.207.64.0/23
152.89.135.0/24
192.145.19.0/24
Signature Algorithm: sha256WithRSAEncryption
34:7a:1d:d7:a1:8f:52:f1:e2:44:de:b8:2a:4e:84:bd:94:75:
70:96:52:87:6d:f2:b2:58:e8:dd:67:2e:11:8a:d4:55:b6:50:
d9:88:fa:b6:d4:9d:08:74:98:15:45:9e:d3:eb:38:cb:cc:53:
44:38:9b:66:29:2d:ae:ea:a5:c3:93:d8:e7:e6:e2:6a:a5:d1:
7c:f7:3c:32:2c:4d:91:00:7c:53:51:bf:bd:19:45:2e:45:27:
d6:30:5f:51:ca:f6:7a:03:58:32:c2:a2:f7:77:17:ba:eb:09:
a6:e8:9a:3f:25:1f:dc:0e:d2:d8:e1:8c:63:08:9b:12:41:c4:
8b:7d:ea:a0:f8:ce:95:42:43:75:1a:e5:29:65:f9:a3:e6:aa:
ab:82:79:d6:2d:f2:86:d8:65:e9:3f:b7:a6:2c:94:48:dd:13:
27:2e:6e:8c:8d:f3:30:c0:4c:54:b2:6f:b9:70:eb:82:79:86:
60:57:ff:ab:ef:d7:76:0c:00:dd:2a:2f:6f:f8:2d:97:fe:14:
57:de:db:06:64:f4:95:c2:b2:2c:a1:cd:2a:3b:8e:43:8c:61:
ff:28:7e:1a:3c:92:70:4e:ea:4a:21:b7:cf:9b:96:a4:fe:d3:
bf:8c:fb:16:59:f5:ad:04:41:2c:f7:c7:d2:f8:19:54:be:b5:
2f:bd:5e:bd
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQoJ6FU5iVKddvx9xrfyavkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3MjU4OGMwMGVlZjcxNTgwOWViNWZkZDZkNjcxN2NjMjhj
MGRmYWMwHhcNMjUwMTAyMTc1NDMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTcyOTU4MWY4M2FiNjQwZDZkZmUyYThkODU4ZjVhYmQ1M2RhZTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvmNvVNyQlbtITtyOIjFIYjl8xHkS
JdLj+NAFUof/iLrQ+rLFE77LLhP1bYhcQIdhoMJilfsLDJC7/S0+7jwQ3LWPCgSY
rpJTXAAs3KnqS6mEWwrlyZo86Ht1A3dFLJN8WnkkVf7TNNRGPSysGSpXnMu7O9uK
7X91WdjLEYr4yghhf4BH40IPq//x2Q7JN8k95NzlIPld2aGVNgwoaH3cf7KOpsUN
kc7WRwEfqYH1V+5XCa6qYlyyMvbAQV2km77v6Fdc1gOXUzYths/ubI108Pk2PgwI
6QOftpDopUKfBz1OpksAsODH+P38yFq6gvBDaPuY3corFYtZHZE9tmMrCwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIpylYH4OrZA1t/iqNhY9avVPa4zMB8GA1UdIwQY
MBaAFLcliMAO73FYCetf3W1nF8wowN+sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlXSXdBN3ZjVmdKNjFfZGJXY1h6Q2pBMzZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9lYmJhYzktZmVlNy00ZjNiLThjZDUt
N2E0MTI1NGVhYWNhLzEvaW5LVmdmZzZ0a0RXMy1LbzJGajFxOVU5cmpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9lYmJhYzktZmVlNy00ZjNiLThjZDUtN2E0MTI1NGVhYWNh
LzEvdHlXSXdBN3ZjVmdKNjFfZGJXY1h6Q2pBMzZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBH89AAwQA
mFmHAwQAwJETMA0GCSqGSIb3DQEBCwUAA4IBAQA0eh3XoY9S8eJE3rgqToS9lHVw
llKHbfKyWOjdZy4RitRVtlDZiPq21J0IdJgVRZ7T6zjLzFNEOJtmKS2u6qXDk9jn
5uJqpdF89zwyLE2RAHxTUb+9GUUuRSfWMF9RyvZ6A1gywqL3dxe66wmm6Jo/JR/c
DtLY4YxjCJsSQcSLfeqg+M6VQkN1GuUpZfmj5qqrgnnWLfKG2GXpP7emLJRI3RMn
Lm6MjfMwwExUsm+5cOuCeYZgV/+r79d2DADdKi9v+C2X/hRX3tsGZPSVwrIsoc0q
O45DjGH/KH4aPJJwTupKIbfPm5ak/tO/jPsWWfWtBEEs98fS+BlUvrUvvV69
-----END CERTIFICATE-----
Generated at Sun Apr 27 23:05:33 2025 by rpki-client