Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/oAMBeYq4kbZ5W0eWxxLvOm4KTvI.roa
File: oAMBeYq4kbZ5W0eWxxLvOm4KTvI.roa (raw, json)
Hash identifier: iOsqRS3B1Uxb5fepPkfmG5csbqwDQ4g0Bml4VxuXNWA=
Subject key identifier: A0:03:01:79:8A:B8:91:B6:79:5B:47:96:C7:12:EF:3A:6E:0A:4E:F2
Certificate issuer: /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial: 01961EB4BE34084888C2759EDAA695DA0F64
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/oAMBeYq4kbZ5W0eWxxLvOm4KTvI.roa
Signing time: Thu 10 Apr 2025 07:58:03 +0000
ROA not before: Thu 10 Apr 2025 07:58:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25374
IP address blocks: 79.124.10.0/23 maxlen: 24
79.124.12.0/24 maxlen: 24
79.124.18.0/23 maxlen: 24
79.124.46.0/24 maxlen: 24
80.72.84.0/22 maxlen: 24
130.185.230.0/23 maxlen: 24
130.185.233.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.mft
rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:1e:b4:be:34:08:48:88:c2:75:9e:da:a6:95:da:0f:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Validity
Not Before: Apr 10 07:58:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a00301798ab891b6795b4796c712ef3a6e0a4ef2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:62:02:c7:46:6a:3b:68:bf:9e:45:cf:1d:59:
be:95:b0:a5:13:94:5c:21:26:92:84:fc:6e:95:7c:
0f:d6:5c:95:fb:17:9e:7f:d4:8c:5b:81:83:54:e5:
75:e7:bb:4d:87:27:f9:07:d6:b8:30:f2:3d:9b:94:
98:7d:3d:92:67:c0:f7:87:21:3e:68:2b:a6:0f:3f:
93:0a:60:2e:09:48:53:03:bb:f1:39:c8:b0:7f:24:
25:5d:b8:e4:d5:93:4c:a4:69:79:b9:3f:1a:d7:07:
0b:6b:5a:10:f9:a6:80:5d:84:88:c6:8c:5e:ea:3d:
f9:46:16:3b:bc:73:30:37:d6:cf:a9:e8:27:9c:98:
d3:c7:4b:36:63:38:4a:2b:0d:11:82:04:fb:1d:49:
e9:36:84:35:35:70:f4:71:18:61:fb:b1:b3:fc:b4:
0d:40:d0:d3:00:1f:7e:c6:01:11:bf:22:d9:d7:f2:
6f:91:3e:a8:d0:4e:22:c7:42:21:92:f4:e6:a8:37:
16:f1:61:5e:c8:b5:d9:ad:97:36:8e:04:16:d3:97:
39:00:50:2a:ee:db:bf:c3:a2:df:59:da:ba:08:3a:
93:57:7c:8e:0d:a0:b5:0b:2e:b9:c2:48:32:5b:7d:
36:1d:70:d2:da:42:28:87:b2:23:90:4e:5a:cf:16:
29:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:03:01:79:8A:B8:91:B6:79:5B:47:96:C7:12:EF:3A:6E:0A:4E:F2
X509v3 Authority Key Identifier:
keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/oAMBeYq4kbZ5W0eWxxLvOm4KTvI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.124.10.0-79.124.12.255
79.124.18.0/23
79.124.46.0/24
80.72.84.0/22
130.185.230.0/23
130.185.233.0/24
Signature Algorithm: sha256WithRSAEncryption
30:3e:b0:32:69:bf:2e:80:7f:68:dd:5f:38:41:5e:2e:c3:1d:
89:f4:8d:b9:44:f3:55:01:98:20:db:f0:0a:bf:bf:d0:37:c2:
16:26:34:cb:a7:42:51:15:60:a8:64:bf:3d:2e:f6:ae:b8:04:
45:fd:e8:d6:43:14:8f:2e:85:5e:4d:52:c8:6c:eb:40:10:4f:
cb:72:34:e2:99:d6:11:3e:24:99:b7:ae:2a:b7:f7:5e:70:e8:
9e:e6:11:10:f6:c6:a2:74:01:cc:7e:0a:6f:a3:3c:d8:86:47:
60:18:4d:ed:42:da:35:80:cc:af:20:38:d2:78:78:9f:f0:6d:
90:71:8d:78:b2:af:87:81:9e:b8:ce:e7:12:73:de:6f:11:ca:
a1:f6:ac:00:ff:06:9a:91:b6:76:a9:63:0d:a9:61:4a:44:9d:
e2:11:ab:f8:29:24:4d:00:cd:8b:2d:c0:ec:01:10:4c:20:30:
98:73:32:a6:75:a0:a5:b2:68:bb:c5:ef:3a:a8:4d:e4:b7:ab:
e9:6c:fb:90:7d:56:53:ae:6d:fc:06:b3:35:ae:84:e6:e2:a9:
af:14:64:6f:ce:e5:9a:c8:fc:d2:6c:d2:99:63:90:0b:e0:70:
d4:06:b7:26:38:cd:63:df:79:52:da:ef:e4:3e:99:3c:e8:1f:
84:4e:fe:ed
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZYetL40CEiIwnWe2qaV2g9kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1
Y2IyYWEwHhcNMjUwNDEwMDc1ODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDAzMDE3OThhYjg5MWI2Nzk1YjQ3OTZjNzEyZWYzYTZlMGE0ZWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA02ICx0ZqO2i/nkXPHVm+lbClE5Rc
ISaShPxulXwP1lyV+xeef9SMW4GDVOV157tNhyf5B9a4MPI9m5SYfT2SZ8D3hyE+
aCumDz+TCmAuCUhTA7vxOciwfyQlXbjk1ZNMpGl5uT8a1wcLa1oQ+aaAXYSIxoxe
6j35RhY7vHMwN9bPqegnnJjTx0s2YzhKKw0RggT7HUnpNoQ1NXD0cRhh+7Gz/LQN
QNDTAB9+xgERvyLZ1/JvkT6o0E4ix0IhkvTmqDcW8WFeyLXZrZc2jgQW05c5AFAq
7tu/w6LfWdq6CDqTV3yODaC1Cy65wkgyW302HXDS2kIoh7IjkE5azxYpCQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFKADAXmKuJG2eVtHlscS7zpuCk7yMB8GA1UdIwQY
MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt
ZGFjYjVmMzU2ZWEzLzEvb0FNQmVZcTRrYlo1VzBlV3h4THZPbTRLVHZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz
LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsMAwDBAFPfAoD
BABPfAwDBAFPfBIDBABPfC4DBAJQSFQDBAGCueYDBACCuekwDQYJKoZIhvcNAQEL
BQADggEBADA+sDJpvy6Af2jdXzhBXi7DHYn0jblE81UBmCDb8Aq/v9A3whYmNMun
QlEVYKhkvz0u9q64BEX96NZDFI8uhV5NUshs60AQT8tyNOKZ1hE+JJm3riq3915w
6J7mERD2xqJ0Acx+Cm+jPNiGR2AYTe1C2jWAzK8gONJ4eJ/wbZBxjXiyr4eBnrjO
5xJz3m8RyqH2rAD/BpqRtnapYw2pYUpEneIRq/gpJE0AzYstwOwBEEwgMJhzMqZ1
oKWyaLvF7zqoTeS3q+ls+5B9VlOubfwGszWuhObiqa8UZG/O5ZrI/NJs0pljkAvg
cNQGtyY4zWPfeVLa7+Q+mTzoH4RO/u0=
-----END CERTIFICATE-----
Generated at Mon Apr 28 00:40:56 2025 by rpki-client