Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/a723d8-d8cc-4e60-85ab-6c9b5c9bfa75/1/7FOJ9WC3T7pHyWWCuyPjcheMLEQ.roa
File: 7FOJ9WC3T7pHyWWCuyPjcheMLEQ.roa (raw, json)
Hash identifier: nKrGLaOlKefy6/k/jC1QdJsWJ/jAJ+vYp4Lo3APL+Ec=
Subject key identifier: EC:53:89:F5:60:B7:4F:BA:47:C9:65:82:BB:23:E3:72:17:8C:2C:44
Certificate issuer: /CN=a748fbe1d7d3a6aa474de43fa885ce2d091c529b
Certificate serial: 01968E16F157044D0B3F3081E3DDE4E5F7F4
Authority key identifier: A7:48:FB:E1:D7:D3:A6:AA:47:4D:E4:3F:A8:85:CE:2D:09:1C:52:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p0j74dfTpqpHTeQ_qIXOLQkcUps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/a723d8-d8cc-4e60-85ab-6c9b5c9bfa75/1/7FOJ9WC3T7pHyWWCuyPjcheMLEQ.roa
Signing time: Thu 01 May 2025 23:03:10 +0000
ROA not before: Thu 01 May 2025 23:03:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203206
IP address blocks: 185.204.101.0/24 maxlen: 24
2a10:8400::/29 maxlen: 32
2a10:8400::/32 maxlen: 32
2a10:8401::/32 maxlen: 32
2a10:8402::/32 maxlen: 32
2a10:8403::/32 maxlen: 32
2a10:8404::/32 maxlen: 32
2a10:8405::/32 maxlen: 32
2a10:8406::/32 maxlen: 32
2a10:8407::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/a723d8-d8cc-4e60-85ab-6c9b5c9bfa75/1/p0j74dfTpqpHTeQ_qIXOLQkcUps.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/a723d8-d8cc-4e60-85ab-6c9b5c9bfa75/1/p0j74dfTpqpHTeQ_qIXOLQkcUps.mft
rsync://rpki.ripe.net/repository/DEFAULT/p0j74dfTpqpHTeQ_qIXOLQkcUps.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:8e:16:f1:57:04:4d:0b:3f:30:81:e3:dd:e4:e5:f7:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a748fbe1d7d3a6aa474de43fa885ce2d091c529b
Validity
Not Before: May 1 23:03:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ec5389f560b74fba47c96582bb23e372178c2c44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:c8:18:de:ee:a0:12:27:ff:48:05:e6:77:3a:
6e:e8:16:d8:00:aa:d2:64:14:28:d3:13:5b:46:0c:
39:66:67:b4:27:1c:50:d4:49:b2:92:0e:15:a3:40:
1e:7e:1b:db:89:88:11:a8:b2:f8:a7:42:70:2a:81:
d6:7e:03:1b:ba:d6:7a:e9:e1:ea:06:47:fc:9d:a0:
ab:19:71:f0:ff:df:77:74:b6:6b:27:e3:20:6d:d1:
ae:81:0e:5e:75:ad:94:5a:ed:94:c7:87:1a:62:c4:
48:aa:0e:ee:51:7d:09:5d:4f:c2:d5:d3:11:39:52:
76:32:47:06:64:87:fb:f0:c6:0e:2a:59:fd:20:90:
46:05:ab:a6:7a:a4:12:c6:72:40:60:4e:a5:0e:51:
15:c8:b1:32:e5:b2:74:fc:2a:ed:cd:3c:90:4c:bb:
a1:6b:1e:e8:b7:23:62:4a:25:6f:3e:af:a2:dd:d4:
1a:11:ca:22:cd:24:34:46:9f:68:67:35:15:18:48:
87:9c:d9:de:bb:1a:1d:3e:e9:21:db:c7:66:28:96:
41:6b:31:63:1a:1d:d5:0d:11:6e:d0:6f:ba:bf:ac:
53:a2:cd:9f:f6:89:3f:7d:81:45:d2:ff:2e:92:ea:
1a:77:00:c4:57:41:32:dd:0b:8f:b7:bb:a1:dd:6a:
57:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:53:89:F5:60:B7:4F:BA:47:C9:65:82:BB:23:E3:72:17:8C:2C:44
X509v3 Authority Key Identifier:
keyid:A7:48:FB:E1:D7:D3:A6:AA:47:4D:E4:3F:A8:85:CE:2D:09:1C:52:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p0j74dfTpqpHTeQ_qIXOLQkcUps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a723d8-d8cc-4e60-85ab-6c9b5c9bfa75/1/7FOJ9WC3T7pHyWWCuyPjcheMLEQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a723d8-d8cc-4e60-85ab-6c9b5c9bfa75/1/p0j74dfTpqpHTeQ_qIXOLQkcUps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.204.101.0/24
IPv6:
2a10:8400::/29
Signature Algorithm: sha256WithRSAEncryption
27:8b:0d:13:ff:b3:b0:47:41:52:d3:d8:1f:64:d0:d4:19:23:
0e:51:48:dd:4b:d4:9f:7e:04:e8:95:0a:69:8d:6b:0c:2f:26:
22:81:9c:7f:97:2f:54:b8:af:b2:ea:2c:5f:02:bb:59:e0:3c:
af:5b:f7:59:d6:5c:f6:01:53:50:a6:c7:74:9e:f0:4a:c6:0a:
9f:54:f6:db:90:ad:02:08:af:54:57:e6:4a:78:bb:fc:45:1a:
2a:1e:de:28:77:4f:18:96:5e:a2:c0:fd:2b:0a:fd:3c:ab:4c:
5a:25:06:41:37:b2:77:f4:a1:04:f6:3e:0f:1f:7e:51:fe:4e:
37:17:ee:cf:34:9a:29:22:18:84:e6:cb:6b:5f:aa:14:72:f5:
e1:de:4d:de:32:cc:a3:ae:bc:c2:b4:54:c0:21:5a:9e:65:59:
30:5c:92:f1:e0:dc:ec:1b:ee:94:9d:bc:f9:2a:0c:9e:3c:83:
ba:1f:f9:5a:37:05:61:7c:cc:e5:31:93:b7:d3:34:c9:88:40:
c3:68:7d:09:dc:43:9f:07:ff:05:15:ee:ab:98:4a:92:ae:3c:
e9:ac:f5:98:d9:67:86:d9:9a:67:fe:fb:12:55:68:5d:ec:33:
08:a8:e4:e4:49:13:2f:f6:55:87:f3:26:af:0a:ee:f3:18:ce:
a0:31:ca:4b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZaOFvFXBE0LPzCB493k5ff0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3NDhmYmUxZDdkM2E2YWE0NzRkZTQzZmE4ODVjZTJkMDkx
YzUyOWIwHhcNMjUwNTAxMjMwMzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzUzODlmNTYwYjc0ZmJhNDdjOTY1ODJiYjIzZTM3MjE3OGMyYzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmsgY3u6gEif/SAXmdzpu6BbYAKrS
ZBQo0xNbRgw5Zme0JxxQ1Emykg4Vo0AefhvbiYgRqLL4p0JwKoHWfgMbutZ66eHq
Bkf8naCrGXHw/993dLZrJ+MgbdGugQ5eda2UWu2Ux4caYsRIqg7uUX0JXU/C1dMR
OVJ2MkcGZIf78MYOKln9IJBGBaumeqQSxnJAYE6lDlEVyLEy5bJ0/CrtzTyQTLuh
ax7otyNiSiVvPq+i3dQaEcoizSQ0Rp9oZzUVGEiHnNneuxodPukh28dmKJZBazFj
Gh3VDRFu0G+6v6xTos2f9ok/fYFF0v8ukuoadwDEV0Ey3QuPt7uh3WpXLQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOxTifVgt0+6R8llgrsj43IXjCxEMB8GA1UdIwQY
MBaAFKdI++HX06aqR03kP6iFzi0JHFKbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDBqNzRkZlRwcXBIVGVRX3FJWE9MUWtjVXBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9hNzIzZDgtZDhjYy00ZTYwLTg1YWIt
NmM5YjVjOWJmYTc1LzEvN0ZPSjlXQzNUN3BIeVdXQ3V5UGpjaGVNTEVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9hNzIzZDgtZDhjYy00ZTYwLTg1YWItNmM5YjVjOWJmYTc1
LzEvcDBqNzRkZlRwcXBIVGVRX3FJWE9MUWtjVXBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAucxlMA0E
AgACMAcDBQMqEIQAMA0GCSqGSIb3DQEBCwUAA4IBAQAniw0T/7OwR0FS09gfZNDU
GSMOUUjdS9SffgTolQppjWsMLyYigZx/ly9UuK+y6ixfArtZ4DyvW/dZ1lz2AVNQ
psd0nvBKxgqfVPbbkK0CCK9UV+ZKeLv8RRoqHt4od08Yll6iwP0rCv08q0xaJQZB
N7J39KEE9j4PH35R/k43F+7PNJopIhiE5strX6oUcvXh3k3eMsyjrrzCtFTAIVqe
ZVkwXJLx4NzsG+6Unbz5KgyePIO6H/laNwVhfMzlMZO30zTJiEDDaH0J3EOfB/8F
Fe6rmEqSrjzprPWY2WeG2Zpn/vsSVWhd7DMIqOTkSRMv9lWH8yavCu7zGM6gMcpL
-----END CERTIFICATE-----
Generated at Sat May 10 13:30:45 2025 by rpki-client