Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/1-AOVRFLZrj2nPYVaoQTOsQL1WlQ.roa
File: 1-AOVRFLZrj2nPYVaoQTOsQL1WlQ.roa (raw, json)
Hash identifier: o++gvFVPi/+ixRZFv2gXzhdCHbthUj+xLJ1n6s73kig=
Subject key identifier: F8:03:95:44:52:D9:AE:3D:A7:3D:85:5A:A1:04:CE:B1:02:F5:5A:54
Certificate issuer: /CN=53b46ab79b9fc58f5dc4cf29d72dc5267ec3edde
Certificate serial: 01963858431A6AB6122E7D2C6A5B791849F9
Authority key identifier: 53:B4:6A:B7:9B:9F:C5:8F:5D:C4:CF:29:D7:2D:C5:26:7E:C3:ED:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/1-AOVRFLZrj2nPYVaoQTOsQL1WlQ.roa
Signing time: Tue 15 Apr 2025 07:27:10 +0000
ROA not before: Tue 15 Apr 2025 07:27:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200712
IP address blocks: 80.254.231.0/24 maxlen: 24
91.216.32.0/24 maxlen: 24
185.92.170.0/24 maxlen: 24
2001:67c:1084::/48 maxlen: 48
2a13:5240::/32 maxlen: 32
2a13:5242::/32 maxlen: 48
2a13:5243::/32 maxlen: 48
2a13:5244::/32 maxlen: 48
2a13:5245::/32 maxlen: 48
2a13:5246::/32 maxlen: 48
2a13:5247::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.mft
rsync://rpki.ripe.net/repository/DEFAULT/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 15 May 2025 13:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:38:58:43:1a:6a:b6:12:2e:7d:2c:6a:5b:79:18:49:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53b46ab79b9fc58f5dc4cf29d72dc5267ec3edde
Validity
Not Before: Apr 15 07:27:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f803954452d9ae3da73d855aa104ceb102f55a54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:31:32:30:be:f9:ec:09:d9:1e:71:6a:83:de:
4e:18:a2:82:20:4f:93:65:7b:a5:dc:e5:aa:6f:ca:
70:fc:19:5e:4b:6b:54:6d:2d:7f:2a:08:67:a7:68:
99:90:af:fb:70:cc:8b:24:e0:69:cb:f0:17:43:ca:
9d:72:0e:33:14:20:f0:30:93:c3:6a:dd:15:fe:59:
31:13:de:6a:fe:ed:f5:99:bb:64:d1:c7:fb:8e:92:
8d:13:1a:d5:45:9c:d3:cf:26:cf:64:3a:aa:94:ef:
24:7f:eb:29:b7:56:9e:be:3f:3c:c4:cd:b4:02:07:
ad:85:9b:fc:b8:74:44:25:b1:dd:46:f6:fd:8b:ba:
5f:42:ae:57:d6:2c:25:9d:f2:c3:57:31:96:cb:64:
a9:22:ba:f5:68:ff:f4:8c:c4:cf:25:81:32:3a:ed:
b3:9f:f2:1b:fc:6e:72:49:38:03:45:76:fc:c0:69:
a2:9f:bd:da:77:36:8b:e0:fb:d1:6a:91:16:c3:32:
46:49:ad:cb:cb:c1:4d:85:27:36:7d:43:97:d8:cf:
a4:d2:d7:b1:32:d9:36:d1:70:8a:d1:1f:8b:62:6f:
f1:8a:c7:85:01:50:4d:08:9c:9a:2f:83:f4:2d:7f:
15:9c:c1:8b:69:1b:25:2f:f1:6e:b1:10:58:67:42:
b8:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:03:95:44:52:D9:AE:3D:A7:3D:85:5A:A1:04:CE:B1:02:F5:5A:54
X509v3 Authority Key Identifier:
keyid:53:B4:6A:B7:9B:9F:C5:8F:5D:C4:CF:29:D7:2D:C5:26:7E:C3:ED:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/1-AOVRFLZrj2nPYVaoQTOsQL1WlQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.254.231.0/24
91.216.32.0/24
185.92.170.0/24
IPv6:
2001:67c:1084::/48
2a13:5240::/32
2a13:5242::-2a13:5247:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
4a:8a:99:5d:f6:5b:de:32:7c:c4:d2:9f:a5:4d:86:c7:f1:e5:
72:e9:d0:6f:e9:d2:02:75:df:bc:68:17:e4:56:71:31:e7:ee:
b3:c4:6e:b1:22:68:13:fb:3d:72:6a:d5:5e:89:6e:5c:53:f1:
da:57:03:32:8a:52:3e:4b:5f:2f:33:fa:93:a2:3f:2e:7f:29:
97:29:85:a8:ad:be:b8:8b:d0:66:6f:b8:54:1e:58:26:98:6c:
e0:95:9b:66:f8:e1:81:01:0e:9c:7b:5a:2e:be:b2:18:63:86:
c0:ea:88:a1:79:4a:fc:51:be:f5:ff:19:94:06:3b:6f:66:e1:
16:2b:9b:55:ef:e1:19:27:a1:c3:e1:3b:78:7a:7f:90:54:5d:
03:98:50:d8:73:65:41:8c:b1:66:71:b7:31:d3:0a:4b:9c:bc:
dc:e6:9a:d4:75:27:ae:25:c6:c7:fa:c6:e6:18:1e:d4:48:12:
6e:9f:4f:a2:b0:3d:a8:ae:4b:33:86:48:51:f8:d6:77:e2:22:
b7:2a:28:d0:70:ea:1d:24:80:e0:53:32:48:c3:09:07:70:e5:
8e:cb:e1:b5:e3:43:77:0b:fd:b7:d0:45:8b:2c:e0:fd:79:e1:
a3:3f:5b:9c:22:0b:df:63:e2:80:f8:c9:d7:df:1a:d6:93:31:
d6:de:01:3f
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAZY4WEMaarYSLn0salt5GEn5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzYjQ2YWI3OWI5ZmM1OGY1ZGM0Y2YyOWQ3MmRjNTI2N2Vj
M2VkZGUwHhcNMjUwNDE1MDcyNzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODAzOTU0NDUyZDlhZTNkYTczZDg1NWFhMTA0Y2ViMTAyZjU1YTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2DEyML757AnZHnFqg95OGKKCIE+T
ZXul3OWqb8pw/BleS2tUbS1/Kghnp2iZkK/7cMyLJOBpy/AXQ8qdcg4zFCDwMJPD
at0V/lkxE95q/u31mbtk0cf7jpKNExrVRZzTzybPZDqqlO8kf+spt1aevj88xM20
AgethZv8uHREJbHdRvb9i7pfQq5X1iwlnfLDVzGWy2SpIrr1aP/0jMTPJYEyOu2z
n/Ib/G5ySTgDRXb8wGmin73adzaL4PvRapEWwzJGSa3Ly8FNhSc2fUOX2M+k0tex
Mtk20XCK0R+LYm/xiseFAVBNCJyaL4P0LX8VnMGLaRslL/FusRBYZ0K43wIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFPgDlURS2a49pz2FWqEEzrEC9VpUMB8GA1UdIwQY
MBaAFFO0arebn8WPXcTPKdctxSZ+w+3eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTdScXQ1dWZ4WTlkeE04cDF5M0ZKbjdEN2Q0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9hYzlhZjYtN2ZjMy00ZDEzLWE1OTQt
MDYwYTQ3MzgwOTFkLzEvMS1BT1ZSRkxacmoyblBZVmFvUVRPc1FMMVdsUS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMWMvYWM5YWY2LTdmYzMtNGQxMy1hNTk0LTA2MGE0NzM4MDkx
ZC8xL1U3UnF0NXVmeFk5ZHhNOHAxeTNGSm43RDdkNC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBTBggrBgEFBQcBBwEB/wREMEIwGAQCAAEwEgMEAFD+5wME
AFvYIAMEALlcqjAmBAIAAjAgAwcAIAEGfBCEAwUAKhNSQDAOAwUBKhNSQgMFAyoT
UkAwDQYJKoZIhvcNAQELBQADggEBAEqKmV32W94yfMTSn6VNhsfx5XLp0G/p0gJ1
37xoF+RWcTHn7rPEbrEiaBP7PXJq1V6JblxT8dpXAzKKUj5LXy8z+pOiPy5/KZcp
haitvriL0GZvuFQeWCaYbOCVm2b44YEBDpx7Wi6+shhjhsDqiKF5SvxRvvX/GZQG
O29m4RYrm1Xv4RknocPhO3h6f5BUXQOYUNhzZUGMsWZxtzHTCkucvNzmmtR1J64l
xsf6xuYYHtRIEm6fT6KwPaiuSzOGSFH41nfiIrcqKNBw6h0kgOBTMkjDCQdw5Y7L
4bXjQ3cL/bfQRYss4P154aM/W5wiC99j4oD4ydffGtaTMdbeAT8=
-----END CERTIFICATE-----
Generated at Wed May 14 18:42:50 2025 by rpki-client