Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/3be865-5c79-47c0-aa4d-1c654e02d75d/1/g4B1jDEDEnpyKjOUdwNXtiRBKVo.roa
File: g4B1jDEDEnpyKjOUdwNXtiRBKVo.roa (raw, json)
Hash identifier: 7UWQudX+rqrs+vIGMtBiZa4lyOkbMuzxNBR2/83QsfI=
Subject key identifier: 83:80:75:8C:31:03:12:7A:72:2A:33:94:77:03:57:B6:24:41:29:5A
Certificate issuer: /CN=f5cf73b3e45f772fae1b915690b317344c3f442b
Certificate serial: 0196291BF334621C123D2051C48B37DFD60B
Authority key identifier: F5:CF:73:B3:E4:5F:77:2F:AE:1B:91:56:90:B3:17:34:4C:3F:44:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9c9zs-Rfdy-uG5FWkLMXNEw_RCs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/3be865-5c79-47c0-aa4d-1c654e02d75d/1/g4B1jDEDEnpyKjOUdwNXtiRBKVo.roa
Signing time: Sat 12 Apr 2025 08:26:59 +0000
ROA not before: Sat 12 Apr 2025 08:26:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396362
IP address blocks: 37.44.214.0/24 maxlen: 32
92.243.84.0/24 maxlen: 24
176.223.109.0/24 maxlen: 24
2a0f:ea82::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/3be865-5c79-47c0-aa4d-1c654e02d75d/1/9c9zs-Rfdy-uG5FWkLMXNEw_RCs.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/3be865-5c79-47c0-aa4d-1c654e02d75d/1/9c9zs-Rfdy-uG5FWkLMXNEw_RCs.mft
rsync://rpki.ripe.net/repository/DEFAULT/9c9zs-Rfdy-uG5FWkLMXNEw_RCs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Apr 2025 11:00:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:29:1b:f3:34:62:1c:12:3d:20:51:c4:8b:37:df:d6:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5cf73b3e45f772fae1b915690b317344c3f442b
Validity
Not Before: Apr 12 08:26:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8380758c3103127a722a3394770357b62441295a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:a3:25:52:66:76:34:f6:af:4d:3c:c8:a9:ba:
cd:50:80:c0:37:ed:8d:01:26:14:e0:b8:83:6b:cf:
5a:09:62:21:74:9e:c8:3d:24:eb:b6:77:4e:4e:8f:
86:0b:cc:16:c7:a2:a4:82:c9:cf:42:36:e0:77:c6:
28:d4:d6:8e:2d:12:a5:c4:e9:12:4f:cf:00:08:31:
ca:93:22:0b:61:2f:47:0c:1c:07:5f:41:87:95:dc:
c2:89:67:71:25:62:c7:44:84:b2:07:44:e0:db:a9:
70:f5:7b:f8:b6:eb:89:e0:7b:ef:dc:96:e8:17:d2:
3f:d3:17:ea:9c:a1:ab:fd:03:30:70:a4:f6:9f:4e:
4f:ac:70:cb:fe:13:7b:67:68:48:13:78:d4:11:45:
f8:ff:5a:24:6e:8f:21:bc:01:46:31:e1:b8:de:3f:
ab:5e:c9:df:c4:96:20:7f:53:db:2a:11:ce:73:c1:
d0:09:dd:5e:78:d8:29:33:57:96:ef:35:fa:98:b6:
5f:69:19:23:62:94:fd:7a:8e:19:8c:a1:91:3c:87:
84:f4:ed:70:d5:ad:73:21:05:4b:1f:67:e0:cf:7e:
9b:64:d1:9f:b8:a2:46:e6:8a:04:02:6b:b4:62:4e:
18:19:10:d0:33:8c:f6:c9:4c:a6:65:79:01:6d:96:
fd:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:80:75:8C:31:03:12:7A:72:2A:33:94:77:03:57:B6:24:41:29:5A
X509v3 Authority Key Identifier:
keyid:F5:CF:73:B3:E4:5F:77:2F:AE:1B:91:56:90:B3:17:34:4C:3F:44:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c9zs-Rfdy-uG5FWkLMXNEw_RCs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/3be865-5c79-47c0-aa4d-1c654e02d75d/1/g4B1jDEDEnpyKjOUdwNXtiRBKVo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/3be865-5c79-47c0-aa4d-1c654e02d75d/1/9c9zs-Rfdy-uG5FWkLMXNEw_RCs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.44.214.0/24
92.243.84.0/24
176.223.109.0/24
IPv6:
2a0f:ea82::/32
Signature Algorithm: sha256WithRSAEncryption
07:4a:ab:e0:76:0f:be:4d:30:71:0d:5a:25:32:5d:fe:bc:df:
5d:bf:d6:5f:c7:9b:13:5a:16:f6:1b:50:d6:5f:d7:c7:d4:19:
6d:f5:aa:a1:57:82:2d:31:d4:ee:5e:62:07:f6:f7:0a:01:ee:
08:3e:fd:17:8b:ef:42:1d:87:ae:fe:98:b2:c5:80:bc:01:f5:
f5:ac:fc:c4:17:d9:04:f1:26:8b:88:d0:f0:b3:cd:a9:d8:6b:
b0:6b:ad:a4:5f:f9:78:d6:44:ed:ff:0c:ac:dd:2c:37:1e:fe:
b9:8b:38:51:4d:29:ee:8c:61:d1:a2:fc:25:e1:38:83:7a:eb:
cc:13:71:50:1b:a0:82:ae:d8:9b:3c:c3:49:c8:f4:d7:9e:a8:
0b:cd:a8:89:b8:51:d5:34:f0:7c:73:c3:74:9c:d6:30:fb:9a:
89:05:2c:64:5f:5f:49:e1:ce:0e:38:0e:c2:63:28:31:2c:cb:
a8:26:e2:7c:02:67:05:9e:f9:4a:cc:3f:e7:4a:02:c0:29:e2:
48:09:79:fe:1f:63:ef:b6:59:03:13:21:ae:12:7d:be:66:b2:
16:a5:b3:69:5d:6b:6b:13:b0:6d:ec:45:e4:ae:e8:36:58:dd:
06:3e:5d:f3:2a:1d:79:85:59:d9:d1:34:69:63:27:ee:47:28:
f7:d7:6c:f0
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZYpG/M0YhwSPSBRxIs339YLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1Y2Y3M2IzZTQ1Zjc3MmZhZTFiOTE1NjkwYjMxNzM0NGMz
ZjQ0MmIwHhcNMjUwNDEyMDgyNjU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzgwNzU4YzMxMDMxMjdhNzIyYTMzOTQ3NzAzNTdiNjI0NDEyOTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxqMlUmZ2NPavTTzIqbrNUIDAN+2N
ASYU4LiDa89aCWIhdJ7IPSTrtndOTo+GC8wWx6KkgsnPQjbgd8Yo1NaOLRKlxOkS
T88ACDHKkyILYS9HDBwHX0GHldzCiWdxJWLHRISyB0Tg26lw9Xv4tuuJ4Hvv3Jbo
F9I/0xfqnKGr/QMwcKT2n05PrHDL/hN7Z2hIE3jUEUX4/1okbo8hvAFGMeG43j+r
XsnfxJYgf1PbKhHOc8HQCd1eeNgpM1eW7zX6mLZfaRkjYpT9eo4ZjKGRPIeE9O1w
1a1zIQVLH2fgz36bZNGfuKJG5ooEAmu0Yk4YGRDQM4z2yUymZXkBbZb9JwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFIOAdYwxAxJ6ciozlHcDV7YkQSlaMB8GA1UdIwQY
MBaAFPXPc7PkX3cvrhuRVpCzFzRMP0QrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWM5enMtUmZkeS11RzVGV2tMTVhORXdfUkNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS8zYmU4NjUtNWM3OS00N2MwLWFhNGQt
MWM2NTRlMDJkNzVkLzEvZzRCMWpERURFbnB5S2pPVWR3Tlh0aVJCS1ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS8zYmU4NjUtNWM3OS00N2MwLWFhNGQtMWM2NTRlMDJkNzVk
LzEvOWM5enMtUmZkeS11RzVGV2tMTVhORXdfUkNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAJSzWAwQA
XPNUAwQAsN9tMA0EAgACMAcDBQAqD+qCMA0GCSqGSIb3DQEBCwUAA4IBAQAHSqvg
dg++TTBxDVolMl3+vN9dv9Zfx5sTWhb2G1DWX9fH1Blt9aqhV4ItMdTuXmIH9vcK
Ae4IPv0Xi+9CHYeu/piyxYC8AfX1rPzEF9kE8SaLiNDws82p2Guwa62kX/l41kTt
/wys3Sw3Hv65izhRTSnujGHRovwl4TiDeuvME3FQG6CCrtibPMNJyPTXnqgLzaiJ
uFHVNPB8c8N0nNYw+5qJBSxkX19J4c4OOA7CYygxLMuoJuJ8AmcFnvlKzD/nSgLA
KeJICXn+H2PvtlkDEyGuEn2+ZrIWpbNpXWtrE7Bt7EXkrug2WN0GPl3zKh15hVnZ
0TRpYyfuRyj312zw
-----END CERTIFICATE-----
Generated at Mon Apr 28 18:07:53 2025 by rpki-client