Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/c426c3-4f03-46bb-8008-be9ad2bf725f/1/DurIZqoPKpw9LYGIPBrHPFq3LHw.roa
File: DurIZqoPKpw9LYGIPBrHPFq3LHw.roa (raw, json)
Hash identifier: zhg8WLRUrYe0q7NH9Wz8ueiA39mg7KprcnCZzHNNbsw=
Subject key identifier: 0E:EA:C8:66:AA:0F:2A:9C:3D:2D:81:88:3C:1A:C7:3C:5A:B7:2C:7C
Certificate issuer: /CN=807709e7b0efba127025c83e5d3194c71ba428c3
Certificate serial: 019420680EE28C02E4FB5EAF55849CD40A71
Authority key identifier: 80:77:09:E7:B0:EF:BA:12:70:25:C8:3E:5D:31:94:C7:1B:A4:28:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gHcJ57DvuhJwJcg-XTGUxxukKMM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/c426c3-4f03-46bb-8008-be9ad2bf725f/1/DurIZqoPKpw9LYGIPBrHPFq3LHw.roa
Signing time: Wed 01 Jan 2025 05:47:57 +0000
ROA not before: Wed 01 Jan 2025 05:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39855
IP address blocks: 195.238.95.0/24 maxlen: 24
195.238.242.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/c426c3-4f03-46bb-8008-be9ad2bf725f/1/gHcJ57DvuhJwJcg-XTGUxxukKMM.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/c426c3-4f03-46bb-8008-be9ad2bf725f/1/gHcJ57DvuhJwJcg-XTGUxxukKMM.mft
rsync://rpki.ripe.net/repository/DEFAULT/gHcJ57DvuhJwJcg-XTGUxxukKMM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 05:01:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:0e:e2:8c:02:e4:fb:5e:af:55:84:9c:d4:0a:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=807709e7b0efba127025c83e5d3194c71ba428c3
Validity
Not Before: Jan 1 05:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0eeac866aa0f2a9c3d2d81883c1ac73c5ab72c7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:b7:fb:5c:92:80:b5:14:97:e4:95:0d:05:0e:
eb:51:0b:e1:52:ef:8f:30:71:da:0d:fc:7d:b7:d6:
90:ab:96:ca:de:87:ac:86:e8:cf:23:6a:f3:48:f5:
14:93:f8:6e:e3:5a:9e:39:dc:6a:62:b2:bc:f3:40:
ed:b2:88:56:3d:05:a3:81:8a:e8:db:82:b8:c6:86:
4e:92:69:f9:7e:6a:bc:93:4f:7c:9b:fe:5d:84:2a:
36:d1:a7:9b:52:4e:94:f0:6d:d5:c2:5b:3b:49:1b:
dd:3a:f0:83:c8:f5:18:23:cb:0d:9e:47:cd:c9:76:
d2:62:22:63:b1:f9:4f:c7:af:cf:81:2f:fa:21:8e:
18:c7:98:6a:b9:36:20:f8:09:c1:19:26:54:5b:dd:
d5:c8:28:0a:00:94:8b:fa:3d:00:e5:36:67:8f:fe:
79:e2:6a:31:7f:8f:53:ac:9f:b5:31:3d:0e:d1:b3:
af:3f:4e:32:0a:f9:98:4d:34:b7:92:b8:4a:0b:06:
c1:2f:a5:93:c4:ef:f5:6d:5b:bc:d8:b8:c1:02:58:
74:8e:72:85:04:62:27:47:63:50:44:e8:17:e6:5e:
28:17:c4:cb:0d:a0:d6:d2:1e:0a:9e:fb:69:2e:03:
72:35:ba:1c:80:68:6a:75:8f:7f:44:5f:47:7d:6d:
1c:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:EA:C8:66:AA:0F:2A:9C:3D:2D:81:88:3C:1A:C7:3C:5A:B7:2C:7C
X509v3 Authority Key Identifier:
keyid:80:77:09:E7:B0:EF:BA:12:70:25:C8:3E:5D:31:94:C7:1B:A4:28:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gHcJ57DvuhJwJcg-XTGUxxukKMM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/c426c3-4f03-46bb-8008-be9ad2bf725f/1/DurIZqoPKpw9LYGIPBrHPFq3LHw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/c426c3-4f03-46bb-8008-be9ad2bf725f/1/gHcJ57DvuhJwJcg-XTGUxxukKMM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.238.95.0/24
195.238.242.0/23
Signature Algorithm: sha256WithRSAEncryption
a5:75:05:d6:6d:86:01:54:97:a0:dd:17:d8:8f:33:89:08:cf:
f9:c3:28:2c:29:d4:87:51:5f:77:8d:b4:5e:fc:88:5c:38:9a:
6c:b2:19:df:23:45:3b:a8:c7:c9:a3:f5:d9:22:31:9a:0e:29:
6a:ff:93:37:e0:05:8f:da:5b:63:bc:c2:a0:ff:df:54:ec:d7:
39:47:8d:8f:f6:2e:e7:8c:37:b4:85:b7:51:5d:3d:91:96:c3:
25:42:3a:4e:e8:08:77:ce:6f:c8:05:30:04:bb:c6:58:fe:0c:
d6:31:9c:c1:0c:4a:1a:07:45:a3:8e:24:8e:f9:21:b1:7f:65:
0b:ff:d6:98:a6:6d:d4:07:6e:02:9a:2c:f1:58:3f:c4:0e:4d:
37:f6:eb:40:45:4b:47:0a:3a:d8:b5:b6:21:44:13:61:d8:13:
bd:2e:0f:01:0e:b0:1f:74:a7:c2:8a:5a:69:f7:c7:da:97:fb:
3e:a5:8c:5d:e7:5f:e1:6c:e0:6b:b6:bd:40:e6:57:41:59:56:
47:76:fc:3d:d9:78:ae:27:2e:b6:ad:6a:99:3f:56:ae:f0:16:
4d:1b:a3:4d:39:3b:4b:cf:a1:6f:f0:e7:16:de:2b:10:69:2a:
79:4b:52:b2:f9:7b:a5:5e:95:7f:f6:31:d9:3d:43:96:22:69:
6d:99:e6:25
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQgaA7ijALk+16vVYSc1ApxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwNzcwOWU3YjBlZmJhMTI3MDI1YzgzZTVkMzE5NGM3MWJh
NDI4YzMwHhcNMjUwMTAxMDU0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWVhYzg2NmFhMGYyYTljM2QyZDgxODgzYzFhYzczYzVhYjcyYzdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkLf7XJKAtRSX5JUNBQ7rUQvhUu+P
MHHaDfx9t9aQq5bK3oeshujPI2rzSPUUk/hu41qeOdxqYrK880DtsohWPQWjgYro
24K4xoZOkmn5fmq8k098m/5dhCo20aebUk6U8G3Vwls7SRvdOvCDyPUYI8sNnkfN
yXbSYiJjsflPx6/PgS/6IY4Yx5hquTYg+AnBGSZUW93VyCgKAJSL+j0A5TZnj/55
4moxf49TrJ+1MT0O0bOvP04yCvmYTTS3krhKCwbBL6WTxO/1bVu82LjBAlh0jnKF
BGInR2NQROgX5l4oF8TLDaDW0h4KnvtpLgNyNbocgGhqdY9/RF9HfW0c9QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFA7qyGaqDyqcPS2BiDwaxzxatyx8MB8GA1UdIwQY
MBaAFIB3Ceew77oScCXIPl0xlMcbpCjDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0hjSjU3RHZ1aEp3SmNnLVhUR1V4eHVrS01NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9jNDI2YzMtNGYwMy00NmJiLTgwMDgt
YmU5YWQyYmY3MjVmLzEvRHVySVpxb1BLcHc5TFlHSVBCckhQRnEzTEh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9jNDI2YzMtNGYwMy00NmJiLTgwMDgtYmU5YWQyYmY3MjVm
LzEvZ0hjSjU3RHZ1aEp3SmNnLVhUR1V4eHVrS01NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAw+5fAwQB
w+7yMA0GCSqGSIb3DQEBCwUAA4IBAQCldQXWbYYBVJeg3RfYjzOJCM/5wygsKdSH
UV93jbRe/IhcOJpsshnfI0U7qMfJo/XZIjGaDilq/5M34AWP2ltjvMKg/99U7Nc5
R42P9i7njDe0hbdRXT2RlsMlQjpO6Ah3zm/IBTAEu8ZY/gzWMZzBDEoaB0WjjiSO
+SGxf2UL/9aYpm3UB24CmizxWD/EDk039utARUtHCjrYtbYhRBNh2BO9Lg8BDrAf
dKfCilpp98fal/s+pYxd51/hbOBrtr1A5ldBWVZHdvw92XiuJy62rWqZP1au8BZN
G6NNOTtLz6Fv8OcW3isQaSp5S1Ky+XulXpV/9jHZPUOWImltmeYl
-----END CERTIFICATE-----
Generated at Sun Apr 13 14:49:30 2025 by rpki-client