Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/8BE87qjZ_YzeOfLNdwdedbKrhNM.roa
File: 8BE87qjZ_YzeOfLNdwdedbKrhNM.roa (raw, json)
Hash identifier: y4H1lZp3OfxaXMKEpq+PSjjHa3Z9ishqljKxtowY4Rw=
Subject key identifier: F0:11:3C:EE:A8:D9:FD:8C:DE:39:F2:CD:77:07:5E:75:B2:AB:84:D3
Certificate issuer: /CN=e0559ce889ae4241121fe0a1653e4b955f3edf4b
Certificate serial: 01963351AC4FFC5B9179BCCB439E0F9106CA
Authority key identifier: E0:55:9C:E8:89:AE:42:41:12:1F:E0:A1:65:3E:4B:95:5F:3E:DF:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/8BE87qjZ_YzeOfLNdwdedbKrhNM.roa
Signing time: Mon 14 Apr 2025 08:01:52 +0000
ROA not before: Mon 14 Apr 2025 08:01:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214690
IP address blocks: 203.202.233.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/4FWc6ImuQkESH-ChZT5LlV8-30s.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/4FWc6ImuQkESH-ChZT5LlV8-30s.mft
rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 30 Apr 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:33:51:ac:4f:fc:5b:91:79:bc:cb:43:9e:0f:91:06:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0559ce889ae4241121fe0a1653e4b955f3edf4b
Validity
Not Before: Apr 14 08:01:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f0113ceea8d9fd8cde39f2cd77075e75b2ab84d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:a9:6e:c5:06:b0:c4:50:87:81:c7:c1:bf:92:
f5:a7:3f:1e:d7:70:d5:b5:67:6c:d5:07:98:3c:59:
00:2e:23:7a:85:ee:97:99:a5:1c:e3:81:36:07:06:
5c:c2:62:c4:31:f1:00:a1:13:52:62:5b:7b:80:14:
74:07:8d:87:1b:83:f2:57:6e:24:0e:e4:f2:3d:a9:
99:21:da:fd:10:92:6c:06:ae:52:87:36:b0:6a:76:
2a:fb:74:61:a6:f6:68:be:23:d8:1b:f6:82:97:b7:
22:c4:e4:c2:1a:45:c1:3d:86:b7:8c:86:c3:21:bc:
c4:5a:b2:fd:51:58:ff:d6:df:08:36:1a:5e:da:0d:
be:19:aa:63:e9:cf:22:d3:fb:65:85:7e:0a:e5:d9:
10:73:3a:4d:67:e8:e1:0e:f6:3f:5e:7f:29:af:47:
01:ab:a0:46:ae:22:ba:92:08:e3:bd:db:dd:20:ef:
bd:69:53:c0:cf:73:18:06:bb:20:0e:4b:23:f7:47:
23:19:5d:17:61:9c:59:ca:dd:61:6c:07:2a:31:0b:
ac:0b:59:75:a7:56:e1:f7:68:0f:89:90:26:50:77:
80:0f:26:8c:90:c3:59:c4:60:4a:09:6f:13:46:e3:
9a:d9:e5:4f:e6:de:5d:71:1a:3c:c3:33:b0:61:85:
97:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:11:3C:EE:A8:D9:FD:8C:DE:39:F2:CD:77:07:5E:75:B2:AB:84:D3
X509v3 Authority Key Identifier:
keyid:E0:55:9C:E8:89:AE:42:41:12:1F:E0:A1:65:3E:4B:95:5F:3E:DF:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/8BE87qjZ_YzeOfLNdwdedbKrhNM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/4FWc6ImuQkESH-ChZT5LlV8-30s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
203.202.233.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:ad:9a:94:c8:6e:c2:dd:0f:96:c7:21:c6:b1:60:40:6b:a9:
78:94:d0:79:73:93:b7:53:73:20:c1:5f:cd:88:d8:00:30:9e:
10:b7:cd:9b:33:87:88:e2:fd:c7:4b:68:80:ee:97:b6:5c:54:
ff:8f:38:08:b5:c2:f3:e4:d0:aa:35:57:51:f8:e5:cf:bd:af:
d7:43:a4:fa:21:63:a7:0b:e0:16:79:63:c0:10:80:12:19:4c:
d7:74:57:69:88:40:a0:da:70:d4:0b:42:a7:35:b2:2a:38:a8:
03:41:e3:9b:4a:d9:90:f3:f1:f4:f9:fb:5f:08:3d:65:7e:35:
eb:15:60:23:17:60:fe:0e:c5:79:5e:48:d1:ff:27:62:25:18:
ae:4e:65:60:0a:64:2b:64:0e:cd:99:31:bc:33:6f:3a:e6:ea:
61:0e:f7:7d:a6:c7:fc:ad:e1:57:1c:63:2c:b2:4c:53:c3:33:
70:f0:aa:23:b9:cb:a1:5d:3e:d0:c4:84:de:be:84:bc:61:a9:
14:0f:f7:e6:51:4c:ab:57:bd:03:7e:ba:79:6d:8f:27:32:8d:
7d:bb:f1:8e:01:1a:56:9f:d0:57:bc:c9:20:8c:10:ec:84:4a:
cb:f3:86:42:89:5e:3e:9f:0b:1a:d0:cd:63:dd:c0:21:e0:bd:
db:cf:7a:28
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZYzUaxP/FuRebzLQ54PkQbKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNTU5Y2U4ODlhZTQyNDExMjFmZTBhMTY1M2U0Yjk1NWYz
ZWRmNGIwHhcNMjUwNDE0MDgwMTUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDExM2NlZWE4ZDlmZDhjZGUzOWYyY2Q3NzA3NWU3NWIyYWI4NGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk6luxQawxFCHgcfBv5L1pz8e13DV
tWds1QeYPFkALiN6he6XmaUc44E2BwZcwmLEMfEAoRNSYlt7gBR0B42HG4PyV24k
DuTyPamZIdr9EJJsBq5ShzawanYq+3RhpvZoviPYG/aCl7cixOTCGkXBPYa3jIbD
IbzEWrL9UVj/1t8INhpe2g2+Gapj6c8i0/tlhX4K5dkQczpNZ+jhDvY/Xn8pr0cB
q6BGriK6kgjjvdvdIO+9aVPAz3MYBrsgDksj90cjGV0XYZxZyt1hbAcqMQusC1l1
p1bh92gPiZAmUHeADyaMkMNZxGBKCW8TRuOa2eVP5t5dcRo8wzOwYYWXCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPARPO6o2f2M3jnyzXcHXnWyq4TTMB8GA1UdIwQY
MBaAFOBVnOiJrkJBEh/goWU+S5VfPt9LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEZXYzZJbXVRa0VTSC1DaFpUNUxsVjgtMzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi8xZmE0YTEtOWExYy00N2RlLWFjYTYt
OTQ0OTk1N2ZkNWE1LzEvOEJFODdxalpfWXplT2ZMTmR3ZGVkYktyaE5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi8xZmE0YTEtOWExYy00N2RlLWFjYTYtOTQ0OTk1N2ZkNWE1
LzEvNEZXYzZJbXVRa0VTSC1DaFpUNUxsVjgtMzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAy8rpMA0G
CSqGSIb3DQEBCwUAA4IBAQAKrZqUyG7C3Q+WxyHGsWBAa6l4lNB5c5O3U3MgwV/N
iNgAMJ4Qt82bM4eI4v3HS2iA7pe2XFT/jzgItcLz5NCqNVdR+OXPva/XQ6T6IWOn
C+AWeWPAEIASGUzXdFdpiECg2nDUC0KnNbIqOKgDQeObStmQ8/H0+ftfCD1lfjXr
FWAjF2D+DsV5XkjR/ydiJRiuTmVgCmQrZA7NmTG8M2865uphDvd9psf8reFXHGMs
skxTwzNw8KojucuhXT7QxITevoS8YakUD/fmUUyrV70Dfrp5bY8nMo19u/GOARpW
n9BXvMkgjBDshErL84ZCiV4+nwsa0M1j3cAh4L3bz3oo
-----END CERTIFICATE-----
Generated at Wed Apr 30 02:10:28 2025 by rpki-client