Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/ooJYDHFdEREIgf4OuEizaI0RYEQ.roa
File: ooJYDHFdEREIgf4OuEizaI0RYEQ.roa (raw, json)
Hash identifier: Ok6UNU7+ms2uNQDYJUKBy1bLjOgvXMPMPw+iB8LaDFo=
Subject key identifier: A2:82:58:0C:71:5D:11:11:08:81:FE:0E:B8:48:B3:68:8D:11:60:44
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 0196339CDB04015D5EEDC89CD32ED2D35D00
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/ooJYDHFdEREIgf4OuEizaI0RYEQ.roa
Signing time: Mon 14 Apr 2025 09:23:59 +0000
ROA not before: Mon 14 Apr 2025 09:23:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 33993
IP address blocks: 2.56.178.0/24 maxlen: 24
45.12.114.0/24 maxlen: 24
45.12.115.0/24 maxlen: 24
45.128.49.0/24 maxlen: 24
45.128.53.0/24 maxlen: 24
171.22.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 01 May 2025 13:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:33:9c:db:04:01:5d:5e:ed:c8:9c:d3:2e:d2:d3:5d:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Apr 14 09:23:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a282580c715d11110881fe0eb848b3688d116044
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:d7:01:02:16:2d:ae:2c:53:7c:6b:15:d9:81:
74:39:d4:14:19:e8:e1:7a:ed:26:9f:17:ca:89:e6:
04:fb:24:8a:e2:2a:b8:7f:fe:ac:b8:e6:bc:7f:99:
69:4b:cd:2e:1d:90:04:5a:09:65:4a:cb:35:25:07:
b0:d7:32:b7:83:4f:2d:4b:a9:d2:84:a9:ff:41:93:
a2:f7:2b:5d:cd:6c:c9:f5:55:27:ca:67:fc:a2:f5:
d7:58:70:44:5f:b3:f6:ea:29:e9:74:35:2f:71:59:
64:28:1f:c1:d2:a3:73:21:bb:03:4f:60:0a:03:bd:
83:e7:eb:23:c8:6d:ea:7e:51:90:ba:8b:73:3b:1b:
ca:05:8d:91:96:1b:b7:0a:d0:c6:a3:6d:d8:26:f2:
56:52:bc:e3:e8:e1:d4:3d:26:f7:33:98:48:a0:69:
5b:0a:e9:1b:be:87:6d:1c:79:85:d7:8c:0b:1d:dd:
fa:91:3c:fc:5c:dd:04:22:ac:c9:35:e7:70:43:7b:
33:c3:11:89:46:29:76:c9:bc:69:97:35:3f:11:bc:
e7:c2:c8:58:d2:1a:36:00:15:78:d6:40:a7:77:8c:
0c:3e:a1:62:01:78:c8:fe:b7:61:b4:9a:fc:dc:32:
6a:86:ea:58:73:a3:77:7c:ce:ef:58:19:01:38:c9:
10:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:82:58:0C:71:5D:11:11:08:81:FE:0E:B8:48:B3:68:8D:11:60:44
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/ooJYDHFdEREIgf4OuEizaI0RYEQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.178.0/24
45.12.114.0/23
45.128.49.0/24
45.128.53.0/24
171.22.119.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:3e:fa:df:22:f9:42:55:4c:db:a4:eb:5f:43:5f:e7:c3:32:
97:cb:41:6d:53:18:d9:91:2e:17:37:6b:76:91:a9:91:88:74:
ec:ed:c1:9b:56:ac:6f:a5:d9:2e:be:d5:7c:b0:90:93:6f:0d:
07:75:65:60:10:92:04:d3:c4:65:aa:16:66:e6:62:f0:fb:57:
76:b0:a8:ed:6c:ba:cb:3d:e2:9b:ca:1f:75:31:47:f5:d7:59:
b5:e8:aa:13:29:56:88:18:5e:c4:0c:19:25:e3:5e:2d:88:1b:
50:df:5f:54:ab:90:95:b8:cd:ef:26:61:71:5d:23:d9:b3:35:
e9:59:c4:ca:a3:a6:b1:c1:e1:99:a7:36:9b:4c:53:d0:9d:69:
ac:7e:ff:eb:d9:6c:07:b0:72:3d:63:d2:34:e8:8e:42:66:cc:
e4:fc:19:c5:3b:f3:f6:d3:2e:ec:58:5a:45:98:2c:a0:c7:9a:
fb:a4:79:a6:f1:76:92:38:4f:2b:53:13:da:b8:0f:d7:43:09:
72:95:6e:5b:90:cd:66:12:5f:a4:de:32:7e:47:54:b4:f2:25:
08:9d:37:3d:ac:cc:15:d7:5b:48:61:ef:b0:c1:a0:7a:f0:4c:
70:3b:bf:c2:76:fe:d3:10:ca:a5:65:4f:ab:d8:93:9e:e6:2d:
10:a4:9c:f7
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZYznNsEAV1e7cic0y7S010AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjUwNDE0MDkyMzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjgyNTgwYzcxNWQxMTExMDg4MWZlMGViODQ4YjM2ODhkMTE2MDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7NcBAhYtrixTfGsV2YF0OdQUGejh
eu0mnxfKieYE+ySK4iq4f/6suOa8f5lpS80uHZAEWgllSss1JQew1zK3g08tS6nS
hKn/QZOi9ytdzWzJ9VUnymf8ovXXWHBEX7P26inpdDUvcVlkKB/B0qNzIbsDT2AK
A72D5+sjyG3qflGQuotzOxvKBY2Rlhu3CtDGo23YJvJWUrzj6OHUPSb3M5hIoGlb
CukbvodtHHmF14wLHd36kTz8XN0EIqzJNedwQ3szwxGJRil2ybxplzU/EbznwshY
0ho2ABV41kCnd4wMPqFiAXjI/rdhtJr83DJqhupYc6N3fM7vWBkBOMkQtQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKKCWAxxXRERCIH+DrhIs2iNEWBEMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvb29KWURIRmRFUkVJZ2Y0T3VFaXphSTBSWUVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAAjiyAwQB
LQxyAwQALYAxAwQALYA1AwQAqxZ3MA0GCSqGSIb3DQEBCwUAA4IBAQB8PvrfIvlC
VUzbpOtfQ1/nwzKXy0FtUxjZkS4XN2t2kamRiHTs7cGbVqxvpdkuvtV8sJCTbw0H
dWVgEJIE08RlqhZm5mLw+1d2sKjtbLrLPeKbyh91MUf111m16KoTKVaIGF7EDBkl
414tiBtQ319Uq5CVuM3vJmFxXSPZszXpWcTKo6axweGZpzabTFPQnWmsfv/r2WwH
sHI9Y9I06I5CZszk/BnFO/P20y7sWFpFmCygx5r7pHmm8XaSOE8rUxPauA/XQwly
lW5bkM1mEl+k3jJ+R1S08iUInTc9rMwV11tIYe+wwaB68ExwO7/Cdv7TEMqlZU+r
2JOe5i0QpJz3
-----END CERTIFICATE-----
Generated at Wed Apr 30 21:01:51 2025 by rpki-client