Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/ec84d7-ed3e-4ada-beb9-18e65e64df71/1/d4QzmUrPPbJQxMw96G7I8wKAY_8.roa
File: d4QzmUrPPbJQxMw96G7I8wKAY_8.roa (raw, json)
Hash identifier: kCIIAo6mIinxOh21iDNSoj9jRYqWTcCgtvPqYHHPUqY=
Subject key identifier: 77:84:33:99:4A:CF:3D:B2:50:C4:CC:3D:E8:6E:C8:F3:02:80:63:FF
Certificate issuer: /CN=84827de36da383801ec42a8043c787253776037e
Certificate serial: 019421B1B5FFA42AE5C7C29CD1855C61D8F8
Authority key identifier: 84:82:7D:E3:6D:A3:83:80:1E:C4:2A:80:43:C7:87:25:37:76:03:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hIJ9422jg4AexCqAQ8eHJTd2A34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/ec84d7-ed3e-4ada-beb9-18e65e64df71/1/d4QzmUrPPbJQxMw96G7I8wKAY_8.roa
Signing time: Wed 01 Jan 2025 11:48:02 +0000
ROA not before: Wed 01 Jan 2025 11:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12350
IP address blocks: 195.13.52.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7c/ec84d7-ed3e-4ada-beb9-18e65e64df71/1/hIJ9422jg4AexCqAQ8eHJTd2A34.crl
rsync://rpki.ripe.net/repository/DEFAULT/7c/ec84d7-ed3e-4ada-beb9-18e65e64df71/1/hIJ9422jg4AexCqAQ8eHJTd2A34.mft
rsync://rpki.ripe.net/repository/DEFAULT/hIJ9422jg4AexCqAQ8eHJTd2A34.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 20 Apr 2025 10:01:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:b5:ff:a4:2a:e5:c7:c2:9c:d1:85:5c:61:d8:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84827de36da383801ec42a8043c787253776037e
Validity
Not Before: Jan 1 11:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=778433994acf3db250c4cc3de86ec8f3028063ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:28:62:ff:86:32:61:bf:43:39:fc:31:5c:cc:
65:46:3d:0f:eb:2a:e6:7a:72:7d:bf:43:93:e1:4a:
d9:e4:4b:c0:c0:a4:47:9f:a6:e5:53:1e:39:38:5d:
97:8d:4d:f1:b6:8d:70:0d:55:a3:90:b3:0d:11:d1:
5b:6b:e0:f4:bb:46:e8:37:76:dd:68:fc:ae:a9:48:
33:d5:96:e0:d7:28:09:8a:dd:b5:b3:33:51:0a:31:
cb:2b:00:cc:66:b1:5f:e8:28:33:f7:3d:46:43:88:
cc:5e:a3:fe:ab:13:d8:97:18:f2:d6:dc:63:99:7a:
e5:6e:46:e8:bd:74:04:38:9c:a4:f0:4c:a3:a1:5f:
b6:b3:61:3a:56:5d:69:4b:a8:25:8e:eb:a5:2c:8e:
59:bd:18:18:a4:23:aa:b0:e6:ae:59:da:5f:8c:44:
26:59:a0:fc:22:35:8c:09:b4:37:12:46:75:44:f6:
c5:f7:ef:13:6d:42:f1:03:01:d8:42:03:b8:a9:d2:
f9:16:c5:70:b1:d3:4a:f8:04:1d:f7:d3:0d:bf:31:
32:95:da:6b:b8:55:60:ad:bf:07:1b:9c:2f:e4:17:
c5:29:df:a3:0b:66:92:e4:d9:ef:98:fb:7b:5e:f6:
54:49:06:cf:36:d1:c7:35:58:7a:0e:38:f4:f6:95:
cc:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:84:33:99:4A:CF:3D:B2:50:C4:CC:3D:E8:6E:C8:F3:02:80:63:FF
X509v3 Authority Key Identifier:
keyid:84:82:7D:E3:6D:A3:83:80:1E:C4:2A:80:43:C7:87:25:37:76:03:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hIJ9422jg4AexCqAQ8eHJTd2A34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/ec84d7-ed3e-4ada-beb9-18e65e64df71/1/d4QzmUrPPbJQxMw96G7I8wKAY_8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/ec84d7-ed3e-4ada-beb9-18e65e64df71/1/hIJ9422jg4AexCqAQ8eHJTd2A34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.13.52.0/23
Signature Algorithm: sha256WithRSAEncryption
05:ba:0b:fa:ed:3b:db:95:53:01:5a:57:5e:92:92:41:e9:4c:
37:05:ee:0a:89:20:04:15:5a:db:11:58:b8:d1:0a:b4:62:bf:
3b:77:dd:58:90:b9:f3:3d:e5:92:8e:f6:b9:10:75:03:61:8a:
be:0b:a1:3e:b5:1a:30:aa:08:6f:de:8a:c6:34:d9:b7:9d:d1:
2a:47:ae:07:72:c0:7c:29:fd:e0:fd:17:ae:91:b4:f8:07:37:
88:da:34:f8:4f:d3:cb:37:9c:a0:a7:fc:9e:88:6a:ec:f3:c3:
63:f5:27:05:64:99:cd:a3:87:e5:97:d5:c0:7e:59:81:18:49:
c5:c9:44:fe:b1:3a:fb:cb:e8:91:a7:26:61:fa:9f:43:6c:50:
c5:93:3b:57:8e:ae:74:f2:86:5f:2e:dc:15:c3:bc:24:32:e6:
84:e6:d5:6d:b0:d1:91:d9:c5:2a:e8:74:8f:1c:e1:ee:43:8d:
e4:d2:58:fc:37:b6:99:4c:aa:72:74:74:71:45:1b:f3:b1:18:
2d:14:9d:37:e6:10:53:24:20:ce:a9:05:11:c8:d0:df:9b:be:
ae:5d:c6:4f:52:f5:5a:40:6d:18:4e:4c:b1:04:e0:25:b9:d7:
cb:af:61:ab:3d:ad:44:00:4d:7b:33:e3:ed:9c:8e:d4:27:cb:
f2:96:c5:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsbX/pCrlx8Kc0YVcYdj4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0ODI3ZGUzNmRhMzgzODAxZWM0MmE4MDQzYzc4NzI1Mzc3
NjAzN2UwHhcNMjUwMTAxMTE0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Nzg0MzM5OTRhY2YzZGIyNTBjNGNjM2RlODZlYzhmMzAyODA2M2ZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjyhi/4YyYb9DOfwxXMxlRj0P6yrm
enJ9v0OT4UrZ5EvAwKRHn6blUx45OF2XjU3xto1wDVWjkLMNEdFba+D0u0boN3bd
aPyuqUgz1Zbg1ygJit21szNRCjHLKwDMZrFf6Cgz9z1GQ4jMXqP+qxPYlxjy1txj
mXrlbkbovXQEOJyk8EyjoV+2s2E6Vl1pS6gljuulLI5ZvRgYpCOqsOauWdpfjEQm
WaD8IjWMCbQ3EkZ1RPbF9+8TbULxAwHYQgO4qdL5FsVwsdNK+AQd99MNvzEyldpr
uFVgrb8HG5wv5BfFKd+jC2aS5NnvmPt7XvZUSQbPNtHHNVh6Djj09pXMZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHeEM5lKzz2yUMTMPehuyPMCgGP/MB8GA1UdIwQY
MBaAFISCfeNto4OAHsQqgEPHhyU3dgN+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaElKOTQyMmpnNEFleENxQVE4ZUhKVGQyQTM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9lYzg0ZDctZWQzZS00YWRhLWJlYjkt
MThlNjVlNjRkZjcxLzEvZDRRem1VclBQYkpReE13OTZHN0k4d0tBWV84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy9lYzg0ZDctZWQzZS00YWRhLWJlYjktMThlNjVlNjRkZjcx
LzEvaElKOTQyMmpnNEFleENxQVE4ZUhKVGQyQTM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBww00MA0G
CSqGSIb3DQEBCwUAA4IBAQAFugv67TvblVMBWldekpJB6Uw3Be4KiSAEFVrbEVi4
0Qq0Yr87d91YkLnzPeWSjva5EHUDYYq+C6E+tRowqghv3orGNNm3ndEqR64HcsB8
Kf3g/ReukbT4BzeI2jT4T9PLN5ygp/yeiGrs88Nj9ScFZJnNo4fll9XAflmBGEnF
yUT+sTr7y+iRpyZh+p9DbFDFkztXjq508oZfLtwVw7wkMuaE5tVtsNGR2cUq6HSP
HOHuQ43k0lj8N7aZTKpydHRxRRvzsRgtFJ035hBTJCDOqQURyNDfm76uXcZPUvVa
QG0YTkyxBOAludfLr2GrPa1EAE17M+PtnI7UJ8vylsW0
-----END CERTIFICATE-----
Generated at Sat Apr 19 17:41:16 2025 by rpki-client