Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/cAxPMjYxWIQW032kljVHvZqGPzY.roa
File: cAxPMjYxWIQW032kljVHvZqGPzY.roa (raw, json)
Hash identifier: rLkMoJUwSnNyL55Bs3sx6kL8yDVwqlLuhqr2tjxy6OM=
Subject key identifier: 70:0C:4F:32:36:31:58:84:16:D3:7D:A4:96:35:47:BD:9A:86:3F:36
Certificate issuer: /CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Certificate serial: 019420686D62D83216BD18B1FD14D56AC163
Authority key identifier: 52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/cAxPMjYxWIQW032kljVHvZqGPzY.roa
Signing time: Wed 01 Jan 2025 05:48:22 +0000
ROA not before: Wed 01 Jan 2025 05:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216180
IP address blocks: 192.250.232.0/24 maxlen: 24
192.250.233.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft
rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Mar 2025 03:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:6d:62:d8:32:16:bd:18:b1:fd:14:d5:6a:c1:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Validity
Not Before: Jan 1 05:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=700c4f323631588416d37da4963547bd9a863f36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:d3:b7:9a:57:ea:2d:6a:12:eb:bc:85:ea:98:
83:35:58:25:e5:22:dc:08:87:40:1f:d2:98:c2:28:
9c:17:b4:d0:9d:27:be:49:be:76:d7:da:dc:68:46:
33:a0:c2:08:04:e4:4c:0b:4c:6a:40:48:a0:4a:30:
79:4b:93:77:e7:c4:9b:ab:2c:63:7f:68:4e:78:ac:
1b:a9:7e:b5:74:52:c2:1d:0c:39:c5:88:07:ce:c6:
3d:e7:35:eb:20:75:94:af:e6:4e:1e:ae:2c:f8:ed:
ee:1f:5f:4e:cb:2f:6d:f1:25:74:30:05:52:bd:dd:
0d:b7:e2:95:e7:bd:e6:ad:1f:ca:0e:84:01:d6:54:
71:e0:78:0b:a9:0a:5c:c8:58:fd:ec:44:23:92:40:
6a:bf:c5:3f:31:08:29:8d:53:7e:4f:d6:ff:04:88:
d1:72:cc:9d:87:97:90:11:3d:9d:a2:5c:0f:38:90:
12:19:88:66:6b:61:9a:2f:ad:ea:d6:a2:fc:1f:1f:
0d:9d:43:c6:2a:9a:14:f1:5b:5e:2a:dd:72:38:ce:
49:41:c1:2d:28:31:95:98:13:2c:73:cc:b7:37:68:
6b:5c:96:c2:61:e5:46:d6:a2:a9:30:46:9a:12:a0:
dc:d4:6e:4c:68:bd:64:20:6b:66:a6:36:70:45:ad:
99:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:0C:4F:32:36:31:58:84:16:D3:7D:A4:96:35:47:BD:9A:86:3F:36
X509v3 Authority Key Identifier:
keyid:52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/cAxPMjYxWIQW032kljVHvZqGPzY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.250.232.0/23
Signature Algorithm: sha256WithRSAEncryption
7d:8b:47:7e:af:3d:45:04:f9:18:62:4f:27:bc:ab:50:a6:a6:
15:f4:bc:00:a0:ab:1b:5f:45:10:09:0d:62:99:c7:57:f8:6a:
4b:4d:53:4c:0e:0b:1c:35:8e:8d:2f:ec:33:32:96:da:8a:30:
2e:5f:fa:bc:a1:bb:ae:13:8a:b9:e6:78:48:bc:7f:bd:a7:97:
00:c1:c8:4b:43:3d:54:2b:aa:9e:aa:a8:1e:19:79:f3:80:35:
d7:59:1a:89:77:15:88:c5:da:47:0d:1d:ff:60:0e:0d:dd:c5:
3f:40:8b:23:54:1f:70:90:0c:15:7c:fe:03:4c:1d:61:f0:26:
71:e7:27:10:89:6b:d5:cb:e9:71:e1:32:a7:00:b8:19:e2:f7:
8b:b9:19:95:5d:05:39:5a:d2:bc:59:6d:bc:44:f9:8d:e2:bc:
81:12:b3:e0:f5:41:71:4d:cb:33:4f:e4:02:e4:9a:d8:19:93:
be:8c:27:bb:ec:41:e7:39:bc:70:1a:e8:27:39:32:3e:df:d7:
d8:03:ad:a2:88:c3:f7:e1:d6:bb:9c:bf:01:c1:8f:63:91:97:
7e:53:ca:25:30:ef:31:2c:3b:fa:9a:bf:fd:32:40:0b:06:3f:
52:1a:cf:09:fb:e4:24:af:1d:30:1d:a3:b1:39:09:b7:b6:fe:
a3:7d:c1:f0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaG1i2DIWvRix/RTVasFjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyY2Q5YTY1MTJkYmYyNWE1ZjE5YjgyN2Q3YTJjN2UyMmEy
ZWU4ZGQwHhcNMjUwMTAxMDU0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDBjNGYzMjM2MzE1ODg0MTZkMzdkYTQ5NjM1NDdiZDlhODYzZjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvtO3mlfqLWoS67yF6piDNVgl5SLc
CIdAH9KYwiicF7TQnSe+Sb5219rcaEYzoMIIBORMC0xqQEigSjB5S5N358Sbqyxj
f2hOeKwbqX61dFLCHQw5xYgHzsY95zXrIHWUr+ZOHq4s+O3uH19Oyy9t8SV0MAVS
vd0Nt+KV573mrR/KDoQB1lRx4HgLqQpcyFj97EQjkkBqv8U/MQgpjVN+T9b/BIjR
csydh5eQET2dolwPOJASGYhma2GaL63q1qL8Hx8NnUPGKpoU8VteKt1yOM5JQcEt
KDGVmBMsc8y3N2hrXJbCYeVG1qKpMEaaEqDc1G5MaL1kIGtmpjZwRa2ZsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHAMTzI2MViEFtN9pJY1R72ahj82MB8GA1UdIwQY
MBaAFFLNmmUS2/JaXxm4J9eix+IqLujdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUt
Y2NhMzc2MDZiZjE4LzEvY0F4UE1qWXhXSVFXMDMya2xqVkh2WnFHUHpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUtY2NhMzc2MDZiZjE4
LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwProMA0G
CSqGSIb3DQEBCwUAA4IBAQB9i0d+rz1FBPkYYk8nvKtQpqYV9LwAoKsbX0UQCQ1i
mcdX+GpLTVNMDgscNY6NL+wzMpbaijAuX/q8obuuE4q55nhIvH+9p5cAwchLQz1U
K6qeqqgeGXnzgDXXWRqJdxWIxdpHDR3/YA4N3cU/QIsjVB9wkAwVfP4DTB1h8CZx
5ycQiWvVy+lx4TKnALgZ4veLuRmVXQU5WtK8WW28RPmN4ryBErPg9UFxTcszT+QC
5JrYGZO+jCe77EHnObxwGugnOTI+39fYA62iiMP34da7nL8BwY9jkZd+U8olMO8x
LDv6mr/9MkALBj9SGs8J++Qkrx0wHaOxOQm3tv6jfcHw
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:41:14 2025 by rpki-client