Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/IVU86CvM6q6csKxScpyKCrjK__E.roa
File: IVU86CvM6q6csKxScpyKCrjK__E.roa (raw, json)
Hash identifier: GLiO7sGCkPUm5JFvAUHOTVanbkM56fYU+jSG20csQaE=
Subject key identifier: 21:55:3C:E8:2B:CC:EA:AE:9C:B0:AC:52:72:9C:8A:0A:B8:CA:FF:F1
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 019424B2ED969AD5AA554BDAAB134861BEBB
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/IVU86CvM6q6csKxScpyKCrjK__E.roa
Signing time: Thu 02 Jan 2025 01:48:13 +0000
ROA not before: Thu 02 Jan 2025 01:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42849
IP address blocks: 193.200.131.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.mft
rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:ed:96:9a:d5:aa:55:4b:da:ab:13:48:61:be:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 2 01:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=21553ce82bcceaae9cb0ac52729c8a0ab8cafff1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:65:fd:3f:85:1c:d5:39:75:ff:32:5b:9f:d9:
13:c6:f2:4e:ef:07:99:ef:78:d7:bd:65:69:54:2a:
f6:4b:43:7d:a2:c0:63:b6:34:16:d7:45:71:1d:2b:
ab:2b:5c:94:42:a8:20:4d:09:af:45:dd:1e:86:a9:
65:51:68:41:e7:9d:2b:96:0f:d0:95:73:91:eb:6a:
e8:c6:70:02:4d:70:c0:c4:81:ef:45:9e:21:db:57:
66:29:63:51:bf:cd:d6:48:b5:6d:84:f1:7d:2b:7d:
ee:04:c4:c7:a9:71:aa:0e:ba:57:b2:24:d5:f9:b1:
fa:08:8e:54:49:7d:2b:69:87:8b:54:d4:3e:ca:e5:
1b:3f:11:02:f6:41:dd:01:aa:0e:59:95:d9:4c:9c:
83:c7:b7:12:3a:f0:45:b6:20:f3:9f:bb:9c:d3:3e:
fa:ee:43:c5:cb:a2:cf:38:e8:da:ed:45:2e:fa:06:
b8:00:56:f3:c2:f4:21:1e:88:e2:b9:53:84:e2:9b:
85:15:44:f8:ca:24:18:88:f6:06:b1:f6:f9:06:e7:
6d:d1:43:42:49:7a:7e:ea:55:f7:9b:38:3a:45:9c:
85:6a:3c:af:dd:40:89:1d:22:e6:28:34:34:80:90:
bf:d4:e6:02:ac:b5:e2:e1:dd:77:a8:82:62:25:59:
8d:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:55:3C:E8:2B:CC:EA:AE:9C:B0:AC:52:72:9C:8A:0A:B8:CA:FF:F1
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/IVU86CvM6q6csKxScpyKCrjK__E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.200.131.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:b7:70:11:66:16:a4:52:fc:34:d9:e9:84:6a:ea:c3:e0:b9:
04:79:49:6d:db:52:6e:cd:8f:2e:d4:05:53:fb:cb:3e:66:ad:
9a:a6:19:60:98:06:45:a8:01:8c:cd:d0:c3:55:ca:ba:b3:45:
08:da:89:d7:fb:ef:37:89:80:80:ad:66:95:13:5f:51:69:b8:
b8:f3:e9:76:c4:4b:80:17:3f:31:f8:1f:50:c0:45:18:b1:5a:
6e:3e:74:f1:9c:fa:f2:e9:bf:9e:c9:dc:9c:34:50:9f:7a:09:
8e:43:8b:5f:5f:90:e3:48:a0:73:6a:4f:f7:08:da:db:fe:ea:
b8:04:ad:05:2f:13:dd:ed:7e:7f:cc:1e:cc:7a:f9:40:55:31:
7e:55:79:6d:97:3e:3d:cc:88:ff:94:51:f7:54:e4:26:3d:48:
79:76:e1:b8:73:34:ef:12:c1:29:ba:f4:15:c9:4f:56:f6:01:
2e:7b:70:bf:46:01:1b:a0:b0:c6:98:db:85:94:6b:4d:96:be:
7e:ba:70:60:74:50:7a:d2:24:16:ba:2d:d1:eb:b3:9c:d4:05:
4c:17:7f:4f:18:a6:fd:f9:70:31:70:f6:2b:7d:74:77:64:9a:
b0:ca:a5:20:ca:32:3a:e1:dc:51:7f:40:f7:36:25:45:28:e6:
c4:5e:93:59
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQksu2WmtWqVUvaqxNIYb67MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjUwMTAyMDE0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTU1M2NlODJiY2NlYWFlOWNiMGFjNTI3MjljOGEwYWI4Y2FmZmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1WX9P4Uc1Tl1/zJbn9kTxvJO7weZ
73jXvWVpVCr2S0N9osBjtjQW10VxHSurK1yUQqggTQmvRd0ehqllUWhB550rlg/Q
lXOR62roxnACTXDAxIHvRZ4h21dmKWNRv83WSLVthPF9K33uBMTHqXGqDrpXsiTV
+bH6CI5USX0raYeLVNQ+yuUbPxEC9kHdAaoOWZXZTJyDx7cSOvBFtiDzn7uc0z76
7kPFy6LPOOja7UUu+ga4AFbzwvQhHojiuVOE4puFFUT4yiQYiPYGsfb5Budt0UNC
SXp+6lX3mzg6RZyFajyv3UCJHSLmKDQ0gJC/1OYCrLXi4d13qIJiJVmNKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCFVPOgrzOqunLCsUnKcigq4yv/xMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvSVZVODZDdk02cTZjc0t4U2NweUtDcmpLX19FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwciDMA0G
CSqGSIb3DQEBCwUAA4IBAQC1t3ARZhakUvw02emEaurD4LkEeUlt21JuzY8u1AVT
+8s+Zq2aphlgmAZFqAGMzdDDVcq6s0UI2onX++83iYCArWaVE19Rabi48+l2xEuA
Fz8x+B9QwEUYsVpuPnTxnPry6b+eydycNFCfegmOQ4tfX5DjSKBzak/3CNrb/uq4
BK0FLxPd7X5/zB7MevlAVTF+VXltlz49zIj/lFH3VOQmPUh5duG4czTvEsEpuvQV
yU9W9gEue3C/RgEboLDGmNuFlGtNlr5+unBgdFB60iQWui3R67Oc1AVMF39PGKb9
+XAxcPYrfXR3ZJqwyqUgyjI64dxRf0D3NiVFKObEXpNZ
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:15:21 2025 by rpki-client