Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/784c9e-e6ea-49e9-adbe-479297364eb6/1/d20SUDYIRv-4bm5PviK5Z-zGDs0.roa
File: d20SUDYIRv-4bm5PviK5Z-zGDs0.roa (raw, json)
Hash identifier: Eh4bKXtFp88meM/tOgLhq0HIMCc67pkb4NNRMEjL16E=
Subject key identifier: 77:6D:12:50:36:08:46:FF:B8:6E:6E:4F:BE:22:B9:67:EC:C6:0E:CD
Certificate issuer: /CN=c15c153441aab020eb6f60dff7152eeaacaea4e7
Certificate serial: 019427B5D1C4E8A24FB158269231ABAA419F
Authority key identifier: C1:5C:15:34:41:AA:B0:20:EB:6F:60:DF:F7:15:2E:EA:AC:AE:A4:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wVwVNEGqsCDrb2Df9xUu6qyupOc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/784c9e-e6ea-49e9-adbe-479297364eb6/1/d20SUDYIRv-4bm5PviK5Z-zGDs0.roa
Signing time: Thu 02 Jan 2025 15:50:14 +0000
ROA not before: Thu 02 Jan 2025 15:50:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39823
IP address blocks: 92.62.96.0/20 maxlen: 20
185.12.236.0/22 maxlen: 22
188.92.160.0/21 maxlen: 21
2a02:e80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/784c9e-e6ea-49e9-adbe-479297364eb6/1/wVwVNEGqsCDrb2Df9xUu6qyupOc.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/784c9e-e6ea-49e9-adbe-479297364eb6/1/wVwVNEGqsCDrb2Df9xUu6qyupOc.mft
rsync://rpki.ripe.net/repository/DEFAULT/wVwVNEGqsCDrb2Df9xUu6qyupOc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 12:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:d1:c4:e8:a2:4f:b1:58:26:92:31:ab:aa:41:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c15c153441aab020eb6f60dff7152eeaacaea4e7
Validity
Not Before: Jan 2 15:50:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=776d1250360846ffb86e6e4fbe22b967ecc60ecd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:70:fa:97:90:be:af:1a:8f:49:62:4e:5e:6c:
2e:fa:fa:3b:86:81:d7:05:66:55:a2:e5:c2:b0:ca:
65:c3:78:bc:54:ed:5d:4b:06:f9:42:75:3a:51:ab:
8b:ac:b9:f3:24:e4:20:d6:4f:92:9c:4c:3f:21:23:
cc:d4:8b:5d:fd:92:f6:1c:23:b7:34:8b:97:fb:d1:
b7:4c:2f:1b:8d:c6:b9:98:48:44:90:e0:e8:55:55:
3d:c4:46:4e:53:e4:3b:0b:90:f7:39:4e:62:a3:74:
b3:bc:1a:6d:7b:f5:c6:09:7e:10:be:1b:05:90:69:
a2:5c:b6:50:76:cf:de:e8:6d:32:07:20:ea:78:83:
b2:70:c0:60:48:2c:39:a6:7a:0b:72:49:8e:70:97:
21:0d:4d:bf:72:4e:cb:a5:18:a5:bd:7b:d4:67:f8:
9d:82:6c:2d:5b:b9:b4:06:44:39:50:55:4b:ca:e3:
d7:43:28:d9:41:b6:22:0b:7a:d9:e7:2b:cb:23:eb:
de:6e:e5:80:f6:cc:55:0f:ae:d0:e6:93:c8:e8:f1:
e7:f5:14:66:07:c9:1b:90:3e:77:c0:16:84:58:bb:
8f:4e:eb:85:10:c2:fd:45:66:41:b7:32:44:d4:cc:
4d:e5:4f:da:9c:1c:2f:33:55:18:3e:f1:96:0e:d0:
b6:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:6D:12:50:36:08:46:FF:B8:6E:6E:4F:BE:22:B9:67:EC:C6:0E:CD
X509v3 Authority Key Identifier:
keyid:C1:5C:15:34:41:AA:B0:20:EB:6F:60:DF:F7:15:2E:EA:AC:AE:A4:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wVwVNEGqsCDrb2Df9xUu6qyupOc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/784c9e-e6ea-49e9-adbe-479297364eb6/1/d20SUDYIRv-4bm5PviK5Z-zGDs0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/784c9e-e6ea-49e9-adbe-479297364eb6/1/wVwVNEGqsCDrb2Df9xUu6qyupOc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.62.96.0/20
185.12.236.0/22
188.92.160.0/21
IPv6:
2a02:e80::/32
Signature Algorithm: sha256WithRSAEncryption
35:9e:ba:1c:a6:dd:3c:f1:9b:f6:21:1f:78:8f:b3:d5:8f:eb:
6f:34:36:df:84:25:67:96:28:b5:38:98:68:2c:98:3c:c6:f0:
08:cc:cf:37:3e:0f:65:4e:7f:01:1f:65:cc:c5:30:1c:99:03:
a4:93:1a:3a:4e:bf:88:0c:71:ff:12:c4:1f:c3:46:96:2d:27:
95:ee:77:cb:ea:2f:c7:ed:f6:9e:da:50:98:ce:a2:77:fb:ec:
a9:87:83:76:54:57:66:98:0c:64:41:81:09:09:c8:a5:bf:95:
e5:0c:dd:be:6d:d3:f8:55:76:7a:13:ae:af:f5:8b:34:02:62:
19:fc:41:77:f5:12:b7:f1:2d:5c:0e:aa:3c:9a:99:10:05:9e:
77:38:03:69:16:51:83:42:1e:6e:bb:61:db:0c:b0:ff:b5:9c:
ad:a9:19:5e:46:0c:a9:ae:6f:f6:39:14:ce:ca:e0:06:a4:9f:
ab:f0:64:5c:96:55:f1:99:f5:83:f8:76:06:2a:14:e9:88:5a:
64:e2:da:fd:21:9f:8e:2f:cc:23:6c:ec:5b:49:f2:91:c9:94:
34:8b:a0:6c:93:e2:fb:59:8a:f1:11:3a:d4:90:c3:29:36:ce:
8c:1e:c2:57:92:30:8a:b3:cb:d0:28:63:0d:60:c5:f1:2d:68:
9c:98:4c:1b
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQntdHE6KJPsVgmkjGrqkGfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxNWMxNTM0NDFhYWIwMjBlYjZmNjBkZmY3MTUyZWVhYWNh
ZWE0ZTcwHhcNMjUwMTAyMTU1MDE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzZkMTI1MDM2MDg0NmZmYjg2ZTZlNGZiZTIyYjk2N2VjYzYwZWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXD6l5C+rxqPSWJOXmwu+vo7hoHX
BWZVouXCsMplw3i8VO1dSwb5QnU6UauLrLnzJOQg1k+SnEw/ISPM1Itd/ZL2HCO3
NIuX+9G3TC8bjca5mEhEkODoVVU9xEZOU+Q7C5D3OU5io3SzvBpte/XGCX4QvhsF
kGmiXLZQds/e6G0yByDqeIOycMBgSCw5pnoLckmOcJchDU2/ck7LpRilvXvUZ/id
gmwtW7m0BkQ5UFVLyuPXQyjZQbYiC3rZ5yvLI+vebuWA9sxVD67Q5pPI6PHn9RRm
B8kbkD53wBaEWLuPTuuFEML9RWZBtzJE1MxN5U/anBwvM1UYPvGWDtC2MQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFHdtElA2CEb/uG5uT74iuWfsxg7NMB8GA1UdIwQY
MBaAFMFcFTRBqrAg629g3/cVLuqsrqTnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1Z3Vk5FR3FzQ0RyYjJEZjl4VXU2cXl1cE9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi83ODRjOWUtZTZlYS00OWU5LWFkYmUt
NDc5Mjk3MzY0ZWI2LzEvZDIwU1VEWUlSdi00Ym01UHZpSzVaLXpHRHMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi83ODRjOWUtZTZlYS00OWU5LWFkYmUtNDc5Mjk3MzY0ZWI2
LzEvd1Z3Vk5FR3FzQ0RyYjJEZjl4VXU2cXl1cE9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQEXD5gAwQC
uQzsAwQDvFygMA0EAgACMAcDBQAqAg6AMA0GCSqGSIb3DQEBCwUAA4IBAQA1nroc
pt088Zv2IR94j7PVj+tvNDbfhCVnlii1OJhoLJg8xvAIzM83Pg9lTn8BH2XMxTAc
mQOkkxo6Tr+IDHH/EsQfw0aWLSeV7nfL6i/H7fae2lCYzqJ3++yph4N2VFdmmAxk
QYEJCcilv5XlDN2+bdP4VXZ6E66v9Ys0AmIZ/EF39RK38S1cDqo8mpkQBZ53OANp
FlGDQh5uu2HbDLD/tZytqRleRgyprm/2ORTOyuAGpJ+r8GRcllXxmfWD+HYGKhTp
iFpk4tr9IZ+OL8wjbOxbSfKRyZQ0i6Bsk+L7WYrxETrUkMMpNs6MHsJXkjCKs8vQ
KGMNYMXxLWicmEwb
-----END CERTIFICATE-----
Generated at Tue Apr 22 20:47:13 2025 by rpki-client