Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/d29fe7-8c22-4aaa-b8d6-660f39f64316/1/2OZ_lpKGV37MXe5UjWqN6pJGN0I.roa
File: 2OZ_lpKGV37MXe5UjWqN6pJGN0I.roa (raw, json)
Hash identifier: /SKwcSk1TPHGfonvbfCcudrh/7BTbQOLo1nol958xWU=
Subject key identifier: D8:E6:7F:96:92:86:57:7E:CC:5D:EE:54:8D:6A:8D:EA:92:46:37:42
Certificate issuer: /CN=1da81713853c9b18d410d4ff3099ab668e69b3f5
Certificate serial: 01942143F057AC17C26CF2C1852E22C468A5
Authority key identifier: 1D:A8:17:13:85:3C:9B:18:D4:10:D4:FF:30:99:AB:66:8E:69:B3:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HagXE4U8mxjUENT_MJmrZo5ps_U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/d29fe7-8c22-4aaa-b8d6-660f39f64316/1/2OZ_lpKGV37MXe5UjWqN6pJGN0I.roa
Signing time: Wed 01 Jan 2025 09:48:07 +0000
ROA not before: Wed 01 Jan 2025 09:48:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 193.131.114.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/d29fe7-8c22-4aaa-b8d6-660f39f64316/1/HagXE4U8mxjUENT_MJmrZo5ps_U.crl
rsync://rpki.ripe.net/repository/DEFAULT/83/d29fe7-8c22-4aaa-b8d6-660f39f64316/1/HagXE4U8mxjUENT_MJmrZo5ps_U.mft
rsync://rpki.ripe.net/repository/DEFAULT/HagXE4U8mxjUENT_MJmrZo5ps_U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 03:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:f0:57:ac:17:c2:6c:f2:c1:85:2e:22:c4:68:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1da81713853c9b18d410d4ff3099ab668e69b3f5
Validity
Not Before: Jan 1 09:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d8e67f969286577ecc5dee548d6a8dea92463742
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:24:53:8d:1c:d9:91:fd:ea:9e:9c:3e:fa:a0:
db:0c:fe:12:ef:fd:bf:31:40:e3:c0:9d:b0:18:9c:
11:e3:7b:ec:c9:db:4e:82:7b:4d:55:09:22:fc:fb:
33:34:67:15:4d:8d:b0:78:c5:5a:89:19:cf:3e:76:
24:43:a8:ef:14:be:fd:0d:87:7c:2e:53:b9:fd:58:
d9:d4:88:be:16:52:e3:3b:df:65:c4:3c:4c:65:97:
d9:62:d5:0a:51:10:11:20:97:be:97:72:18:94:ab:
f4:8d:94:64:04:a3:20:ba:61:71:4c:5c:20:1b:af:
de:75:69:07:75:3d:f2:17:98:ee:20:f9:56:ff:b8:
53:a5:74:57:6e:77:02:fa:db:4f:d9:65:46:1c:c2:
50:64:b5:0e:75:56:16:54:34:59:2f:41:07:64:ef:
36:31:8e:96:fb:60:bf:0a:d9:e2:07:3d:09:9d:fc:
ef:73:70:9d:7e:7a:9c:f0:bb:59:1f:21:7a:c1:13:
80:14:8c:6b:21:84:98:a0:6b:02:18:a9:c1:36:48:
5b:70:d0:85:9a:f8:00:37:5e:11:88:a9:18:c6:64:
2f:9b:58:f5:81:8c:1d:cc:7f:85:b9:2a:d5:ca:10:
c0:11:5c:2b:ec:1b:04:28:ee:e1:5e:ec:45:04:ff:
87:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:E6:7F:96:92:86:57:7E:CC:5D:EE:54:8D:6A:8D:EA:92:46:37:42
X509v3 Authority Key Identifier:
keyid:1D:A8:17:13:85:3C:9B:18:D4:10:D4:FF:30:99:AB:66:8E:69:B3:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HagXE4U8mxjUENT_MJmrZo5ps_U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/d29fe7-8c22-4aaa-b8d6-660f39f64316/1/2OZ_lpKGV37MXe5UjWqN6pJGN0I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/d29fe7-8c22-4aaa-b8d6-660f39f64316/1/HagXE4U8mxjUENT_MJmrZo5ps_U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.131.114.0/23
Signature Algorithm: sha256WithRSAEncryption
8d:ba:e4:a9:13:55:66:ed:46:9e:2e:8c:62:c5:e2:c5:f1:44:
cb:3c:87:b1:69:ba:3a:f9:12:43:87:4b:a3:d5:bb:c8:47:dc:
e2:ed:05:8b:14:fd:4b:52:ff:7e:17:a5:4c:c9:03:48:77:5a:
d8:b8:d4:42:ac:bd:b4:fc:2d:30:fb:1e:38:d1:ef:83:10:78:
5c:66:98:e2:c9:61:6b:f2:3c:f6:18:3a:37:30:59:1b:c4:06:
b7:b8:c1:b3:7d:24:f6:9d:01:12:9f:26:12:a5:89:75:be:7b:
aa:2f:83:05:0a:00:24:45:e3:94:c0:8f:de:91:c9:01:44:c7:
77:7d:25:31:66:5e:4c:ae:6c:ec:30:63:5b:95:fe:b4:9b:b4:
06:fb:fd:75:e8:57:e6:3e:74:06:d2:39:66:de:15:90:c9:ae:
33:c6:bf:10:7e:d8:49:39:14:e9:fb:38:ea:f6:2d:4b:be:1c:
96:6a:38:94:ae:da:20:c7:66:ea:6a:9f:ab:06:38:05:be:a8:
04:7e:33:cf:7f:54:3d:77:69:ff:c6:ca:4c:12:70:f0:e0:d9:
74:92:c2:f2:83:d6:ec:31:41:0b:27:3e:76:29:80:bd:cc:e7:
41:62:17:3b:b7:c7:cd:bf:c4:fd:2a:48:f9:31:18:8b:ec:7b:
ea:31:c7:9d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhQ/BXrBfCbPLBhS4ixGilMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkYTgxNzEzODUzYzliMThkNDEwZDRmZjMwOTlhYjY2OGU2
OWIzZjUwHhcNMjUwMTAxMDk0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGU2N2Y5NjkyODY1NzdlY2M1ZGVlNTQ4ZDZhOGRlYTkyNDYzNzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlCRTjRzZkf3qnpw++qDbDP4S7/2/
MUDjwJ2wGJwR43vsydtOgntNVQki/PszNGcVTY2weMVaiRnPPnYkQ6jvFL79DYd8
LlO5/VjZ1Ii+FlLjO99lxDxMZZfZYtUKURARIJe+l3IYlKv0jZRkBKMgumFxTFwg
G6/edWkHdT3yF5juIPlW/7hTpXRXbncC+ttP2WVGHMJQZLUOdVYWVDRZL0EHZO82
MY6W+2C/CtniBz0Jnfzvc3Cdfnqc8LtZHyF6wROAFIxrIYSYoGsCGKnBNkhbcNCF
mvgAN14RiKkYxmQvm1j1gYwdzH+FuSrVyhDAEVwr7BsEKO7hXuxFBP+HfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNjmf5aShld+zF3uVI1qjeqSRjdCMB8GA1UdIwQY
MBaAFB2oFxOFPJsY1BDU/zCZq2aOabP1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGFnWEU0VThteGpVRU5UX01KbXJabzVwc19VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My9kMjlmZTctOGMyMi00YWFhLWI4ZDYt
NjYwZjM5ZjY0MzE2LzEvMk9aX2xwS0dWMzdNWGU1VWpXcU42cEpHTjBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My9kMjlmZTctOGMyMi00YWFhLWI4ZDYtNjYwZjM5ZjY0MzE2
LzEvSGFnWEU0VThteGpVRU5UX01KbXJabzVwc19VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwYNyMA0G
CSqGSIb3DQEBCwUAA4IBAQCNuuSpE1Vm7UaeLoxixeLF8UTLPIexabo6+RJDh0uj
1bvIR9zi7QWLFP1LUv9+F6VMyQNId1rYuNRCrL20/C0w+x440e+DEHhcZpjiyWFr
8jz2GDo3MFkbxAa3uMGzfST2nQESnyYSpYl1vnuqL4MFCgAkReOUwI/ekckBRMd3
fSUxZl5MrmzsMGNblf60m7QG+/116FfmPnQG0jlm3hWQya4zxr8QfthJORTp+zjq
9i1LvhyWajiUrtogx2bqap+rBjgFvqgEfjPPf1Q9d2n/xspMEnDw4Nl0ksLyg9bs
MUELJz52KYC9zOdBYhc7t8fNv8T9Kkj5MRiL7HvqMced
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:00:30 2025 by rpki-client