Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/0c2320-ba95-4531-8c81-22295df12b27/1/auYlcZnEp-yqavQsok9_TPLHAq0.roa
File: auYlcZnEp-yqavQsok9_TPLHAq0.roa (raw, json)
Hash identifier: kbe3quRrlIxTjuDhfKrAisNkV8HOTBuxWR/raJshlU4=
Subject key identifier: 6A:E6:25:71:99:C4:A7:EC:AA:6A:F4:2C:A2:4F:7F:4C:F2:C7:02:AD
Certificate issuer: /CN=5de613682552010298f3a694a00d7c5906060b95
Certificate serial: 019425FC40F87DD02653121EE96286A70F4C
Authority key identifier: 5D:E6:13:68:25:52:01:02:98:F3:A6:94:A0:0D:7C:59:06:06:0B:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XeYTaCVSAQKY86aUoA18WQYGC5U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/0c2320-ba95-4531-8c81-22295df12b27/1/auYlcZnEp-yqavQsok9_TPLHAq0.roa
Signing time: Thu 02 Jan 2025 07:47:56 +0000
ROA not before: Thu 02 Jan 2025 07:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202414
IP address blocks: 185.1.129.0/24 maxlen: 24
194.54.136.0/23 maxlen: 24
194.54.138.0/23 maxlen: 24
2a0c:c9c0::/29 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/0c2320-ba95-4531-8c81-22295df12b27/1/XeYTaCVSAQKY86aUoA18WQYGC5U.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/0c2320-ba95-4531-8c81-22295df12b27/1/XeYTaCVSAQKY86aUoA18WQYGC5U.mft
rsync://rpki.ripe.net/repository/DEFAULT/XeYTaCVSAQKY86aUoA18WQYGC5U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:40:f8:7d:d0:26:53:12:1e:e9:62:86:a7:0f:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5de613682552010298f3a694a00d7c5906060b95
Validity
Not Before: Jan 2 07:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6ae6257199c4a7ecaa6af42ca24f7f4cf2c702ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:31:4a:68:08:47:a8:88:c4:81:bc:f6:c6:77:
fe:8f:64:8c:68:f1:69:a9:f0:45:38:c4:49:ee:23:
22:21:86:a4:8a:45:f2:4b:03:c2:34:04:2d:ff:15:
4d:7e:8a:16:c0:bb:70:a0:90:85:55:ba:78:ef:0b:
01:f3:f2:46:e2:42:fd:e3:04:a3:d9:f5:4a:d7:c8:
78:e4:79:bf:80:79:ad:7c:4b:bb:cf:da:52:51:d7:
65:9b:60:47:78:6a:fc:e1:81:02:f7:66:00:3e:3e:
0c:bb:ab:29:73:06:d9:30:55:6e:14:0b:52:55:00:
6f:ba:57:90:37:23:bb:6e:c7:6a:67:86:1f:09:99:
86:7b:40:7e:0f:e4:19:d3:6e:7f:7e:7c:52:6a:30:
99:5c:4b:e5:1e:37:a3:69:4e:4f:96:1a:aa:a1:4b:
4b:f6:21:25:12:e5:c9:b8:3f:c1:2f:68:55:50:d3:
8b:c7:96:a3:a7:73:56:32:9f:54:0b:79:2c:9d:c0:
9b:24:3e:e4:63:81:5e:9b:20:ac:c2:96:c7:5d:cf:
a8:f4:bd:b8:1c:08:d0:78:d6:93:f9:f7:5f:10:e3:
fe:8c:e7:5a:1b:57:7b:4f:b7:49:76:fa:14:6a:2d:
6a:70:f5:93:d0:d5:77:25:7f:b4:48:79:02:60:40:
cf:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:E6:25:71:99:C4:A7:EC:AA:6A:F4:2C:A2:4F:7F:4C:F2:C7:02:AD
X509v3 Authority Key Identifier:
keyid:5D:E6:13:68:25:52:01:02:98:F3:A6:94:A0:0D:7C:59:06:06:0B:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XeYTaCVSAQKY86aUoA18WQYGC5U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/0c2320-ba95-4531-8c81-22295df12b27/1/auYlcZnEp-yqavQsok9_TPLHAq0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/0c2320-ba95-4531-8c81-22295df12b27/1/XeYTaCVSAQKY86aUoA18WQYGC5U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.129.0/24
194.54.136.0/22
IPv6:
2a0c:c9c0::/29
Signature Algorithm: sha256WithRSAEncryption
37:73:ed:44:be:c7:75:31:2e:6f:ef:d2:e0:96:e0:d9:8e:c0:
b9:b8:54:a3:24:7f:6d:26:66:e5:7f:43:28:b9:e8:f6:6c:22:
64:ff:4a:c4:3f:ac:bd:b4:88:b1:9c:b4:76:42:71:db:ed:c2:
29:93:6a:a9:fb:e0:8d:79:2e:0a:10:50:de:bd:84:31:a3:fa:
c5:ce:64:a9:95:6c:70:29:cb:d2:80:7c:43:07:81:7e:89:e3:
4a:b4:bf:85:9f:15:ff:4e:d0:b4:b3:8b:a4:8a:5c:c3:3d:1b:
5b:92:e2:98:79:cb:b8:d3:cd:c7:16:f0:22:64:43:9f:1d:12:
63:73:55:db:4f:17:18:38:99:98:79:0d:61:a6:a9:c0:de:12:
84:db:d6:9e:61:d7:03:f9:cb:4a:24:a0:61:ff:04:ad:c1:69:
ee:95:0f:2d:ce:ec:2e:cb:bf:9c:15:a2:9e:b1:2f:f4:b3:0e:
da:9b:9a:4d:ae:3d:7b:a1:80:9d:5d:9c:ba:58:bb:9f:19:86:
0f:33:06:69:f6:d8:59:20:63:e7:77:c4:69:ba:a4:d0:19:d3:
6a:cf:3e:15:b0:94:1d:6d:b2:2d:3e:72:f0:a7:eb:f1:e9:e0:
7d:42:12:43:0b:2f:84:30:5f:a5:a1:f2:a0:42:ef:04:74:72:
3f:48:49:3a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQl/ED4fdAmUxIe6WKGpw9MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZTYxMzY4MjU1MjAxMDI5OGYzYTY5NGEwMGQ3YzU5MDYw
NjBiOTUwHhcNMjUwMTAyMDc0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWU2MjU3MTk5YzRhN2VjYWE2YWY0MmNhMjRmN2Y0Y2YyYzcwMmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjzFKaAhHqIjEgbz2xnf+j2SMaPFp
qfBFOMRJ7iMiIYakikXySwPCNAQt/xVNfooWwLtwoJCFVbp47wsB8/JG4kL94wSj
2fVK18h45Hm/gHmtfEu7z9pSUddlm2BHeGr84YEC92YAPj4Mu6spcwbZMFVuFAtS
VQBvuleQNyO7bsdqZ4YfCZmGe0B+D+QZ025/fnxSajCZXEvlHjejaU5PlhqqoUtL
9iElEuXJuD/BL2hVUNOLx5ajp3NWMp9UC3ksncCbJD7kY4FemyCswpbHXc+o9L24
HAjQeNaT+fdfEOP+jOdaG1d7T7dJdvoUai1qcPWT0NV3JX+0SHkCYEDPwwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGrmJXGZxKfsqmr0LKJPf0zyxwKtMB8GA1UdIwQY
MBaAFF3mE2glUgECmPOmlKANfFkGBguVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGVZVGFDVlNBUUtZODZhVW9BMThXUVlHQzVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8wYzIzMjAtYmE5NS00NTMxLThjODEt
MjIyOTVkZjEyYjI3LzEvYXVZbGNabkVwLXlxYXZRc29rOV9UUExIQXEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8wYzIzMjAtYmE5NS00NTMxLThjODEtMjIyOTVkZjEyYjI3
LzEvWGVZVGFDVlNBUUtZODZhVW9BMThXUVlHQzVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuQGBAwQC
wjaIMA0EAgACMAcDBQMqDMnAMA0GCSqGSIb3DQEBCwUAA4IBAQA3c+1Evsd1MS5v
79LgluDZjsC5uFSjJH9tJmblf0Mouej2bCJk/0rEP6y9tIixnLR2QnHb7cIpk2qp
++CNeS4KEFDevYQxo/rFzmSplWxwKcvSgHxDB4F+ieNKtL+FnxX/TtC0s4ukilzD
PRtbkuKYecu4083HFvAiZEOfHRJjc1XbTxcYOJmYeQ1hpqnA3hKE29aeYdcD+ctK
JKBh/wStwWnulQ8tzuwuy7+cFaKesS/0sw7am5pNrj17oYCdXZy6WLufGYYPMwZp
9thZIGPnd8RpuqTQGdNqzz4VsJQdbbItPnLwp+vx6eB9QhJDCy+EMF+lofKgQu8E
dHI/SEk6
-----END CERTIFICATE-----
Generated at Tue Apr 22 12:37:32 2025 by rpki-client