Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/59c24e-a21f-46b2-9ea1-b3a6707ead04/1/yuW5WVwgNaxBxObKx0w_CE3bdf0.roa
File: yuW5WVwgNaxBxObKx0w_CE3bdf0.roa (raw, json)
Hash identifier: bxzeDx/FJJDZscd0BPoaz8SHe0rmx/Qll6/QwchRolI=
Subject key identifier: CA:E5:B9:59:5C:20:35:AC:41:C4:E6:CA:C7:4C:3F:08:4D:DB:75:FD
Certificate issuer: /CN=a90d9ac2ef11d5469375d6de6c6bf721129e3b71
Certificate serial: 0194266BF633BCC05749640C63BCA94722AE
Authority key identifier: A9:0D:9A:C2:EF:11:D5:46:93:75:D6:DE:6C:6B:F7:21:12:9E:3B:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qQ2awu8R1UaTddbebGv3IRKeO3E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/59c24e-a21f-46b2-9ea1-b3a6707ead04/1/yuW5WVwgNaxBxObKx0w_CE3bdf0.roa
Signing time: Thu 02 Jan 2025 09:49:57 +0000
ROA not before: Thu 02 Jan 2025 09:49:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198221
IP address blocks: 193.168.54.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/59c24e-a21f-46b2-9ea1-b3a6707ead04/1/qQ2awu8R1UaTddbebGv3IRKeO3E.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/59c24e-a21f-46b2-9ea1-b3a6707ead04/1/qQ2awu8R1UaTddbebGv3IRKeO3E.mft
rsync://rpki.ripe.net/repository/DEFAULT/qQ2awu8R1UaTddbebGv3IRKeO3E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:f6:33:bc:c0:57:49:64:0c:63:bc:a9:47:22:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a90d9ac2ef11d5469375d6de6c6bf721129e3b71
Validity
Not Before: Jan 2 09:49:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cae5b9595c2035ac41c4e6cac74c3f084ddb75fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:f9:2f:61:c2:0c:b4:6c:23:3a:21:1e:e1:82:
6c:87:75:a3:f5:72:82:aa:97:30:20:62:89:9c:d4:
2e:ca:fc:4e:45:38:35:a2:5e:e2:e3:fb:6f:2e:f1:
51:49:64:0c:32:9d:97:8e:cd:12:53:2f:da:a3:c5:
35:84:7a:4f:0f:ed:57:e6:a5:f9:97:5f:ab:1c:e7:
15:72:5e:99:27:58:68:a5:60:ae:38:f1:17:75:65:
29:f9:a6:8b:62:b7:10:74:ed:86:ce:6b:03:00:a6:
91:da:63:7f:36:4c:df:7e:a1:9d:46:bd:17:a0:35:
8c:3a:62:3b:24:00:8c:98:f7:bb:96:f3:01:6c:bf:
7a:87:9a:d0:23:7d:48:5b:e1:64:7c:4a:5d:af:3d:
4f:1a:3e:ea:75:7c:69:97:11:e4:2e:97:1e:1b:38:
dc:b5:c4:a6:de:ca:4e:73:15:64:ad:03:da:3f:77:
ba:bd:24:b1:bd:72:77:d7:2e:fe:fe:20:d6:42:0c:
9a:dc:5b:93:e1:87:7c:4f:96:ed:ad:35:c4:35:18:
64:ed:ad:67:24:6b:44:5d:26:2e:ed:35:7d:b4:0c:
67:25:07:81:8a:44:65:0f:02:c2:52:73:c3:17:f0:
b8:6f:c5:8b:6d:05:28:29:3e:c3:21:0e:ac:45:eb:
77:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:E5:B9:59:5C:20:35:AC:41:C4:E6:CA:C7:4C:3F:08:4D:DB:75:FD
X509v3 Authority Key Identifier:
keyid:A9:0D:9A:C2:EF:11:D5:46:93:75:D6:DE:6C:6B:F7:21:12:9E:3B:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qQ2awu8R1UaTddbebGv3IRKeO3E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/59c24e-a21f-46b2-9ea1-b3a6707ead04/1/yuW5WVwgNaxBxObKx0w_CE3bdf0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/59c24e-a21f-46b2-9ea1-b3a6707ead04/1/qQ2awu8R1UaTddbebGv3IRKeO3E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.168.54.0/24
Signature Algorithm: sha256WithRSAEncryption
c4:25:4c:c8:15:65:fe:22:10:80:29:35:4d:85:fa:89:82:f6:
b4:31:78:90:ac:9b:c9:fd:8a:73:3d:66:c6:79:60:57:a5:df:
d4:ce:ba:78:16:ae:04:ac:97:9d:26:1d:d1:d7:81:86:60:80:
16:32:5a:cf:a5:e1:fb:f6:58:33:1b:aa:94:4d:7f:31:9c:27:
d6:41:70:8a:7f:ed:af:0e:75:98:a6:77:26:48:b8:68:f7:7f:
d7:7a:ac:4a:4e:80:dd:36:e1:1f:49:c7:ef:5c:fb:ae:a3:eb:
eb:36:93:cc:89:55:60:b9:26:98:08:49:fd:4d:f8:3e:4f:60:
fc:a7:44:4b:77:27:3c:fe:93:f1:f6:17:67:dd:54:a2:77:09:
9a:03:05:07:ff:db:25:e9:0c:03:b3:fc:7a:25:62:06:1b:00:
ef:03:fb:42:09:e2:ed:ff:0c:7a:3a:28:8f:1d:b5:4b:fc:06:
23:46:40:eb:5b:e3:f1:56:80:0a:3a:23:8a:76:51:c8:05:de:
ee:5b:c9:5e:69:43:ff:f0:57:96:05:4f:ed:95:80:3f:d4:9c:
f4:b2:ad:dc:82:39:54:09:4c:13:b2:c5:4f:6c:76:78:dc:5e:
ea:d8:2a:29:c1:e7:da:75:ed:08:34:b3:67:0d:38:c1:2a:15:
29:34:2b:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQma/YzvMBXSWQMY7ypRyKuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5MGQ5YWMyZWYxMWQ1NDY5Mzc1ZDZkZTZjNmJmNzIxMTI5
ZTNiNzEwHhcNMjUwMTAyMDk0OTU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWU1Yjk1OTVjMjAzNWFjNDFjNGU2Y2FjNzRjM2YwODRkZGI3NWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4vkvYcIMtGwjOiEe4YJsh3Wj9XKC
qpcwIGKJnNQuyvxORTg1ol7i4/tvLvFRSWQMMp2Xjs0SUy/ao8U1hHpPD+1X5qX5
l1+rHOcVcl6ZJ1hopWCuOPEXdWUp+aaLYrcQdO2GzmsDAKaR2mN/NkzffqGdRr0X
oDWMOmI7JACMmPe7lvMBbL96h5rQI31IW+FkfEpdrz1PGj7qdXxplxHkLpceGzjc
tcSm3spOcxVkrQPaP3e6vSSxvXJ31y7+/iDWQgya3FuT4Yd8T5btrTXENRhk7a1n
JGtEXSYu7TV9tAxnJQeBikRlDwLCUnPDF/C4b8WLbQUoKT7DIQ6sRet38wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMrluVlcIDWsQcTmysdMPwhN23X9MB8GA1UdIwQY
MBaAFKkNmsLvEdVGk3XW3mxr9yESnjtxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVEyYXd1OFIxVWFUZGRiZWJHdjNJUktlTzNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi81OWMyNGUtYTIxZi00NmIyLTllYTEt
YjNhNjcwN2VhZDA0LzEveXVXNVdWd2dOYXhCeE9iS3gwd19DRTNiZGYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi81OWMyNGUtYTIxZi00NmIyLTllYTEtYjNhNjcwN2VhZDA0
LzEvcVEyYXd1OFIxVWFUZGRiZWJHdjNJUktlTzNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwag2MA0G
CSqGSIb3DQEBCwUAA4IBAQDEJUzIFWX+IhCAKTVNhfqJgva0MXiQrJvJ/YpzPWbG
eWBXpd/Uzrp4Fq4ErJedJh3R14GGYIAWMlrPpeH79lgzG6qUTX8xnCfWQXCKf+2v
DnWYpncmSLho93/XeqxKToDdNuEfScfvXPuuo+vrNpPMiVVguSaYCEn9Tfg+T2D8
p0RLdyc8/pPx9hdn3VSidwmaAwUH/9sl6QwDs/x6JWIGGwDvA/tCCeLt/wx6OiiP
HbVL/AYjRkDrW+PxVoAKOiOKdlHIBd7uW8leaUP/8FeWBU/tlYA/1Jz0sq3cgjlU
CUwTssVPbHZ43F7q2Copwefade0INLNnDTjBKhUpNCti
-----END CERTIFICATE-----
Generated at Tue Apr 22 10:26:59 2025 by rpki-client