Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/647485-635e-4ac6-b0b9-3351c577b432/1/ExuO0wU2-ClJDZRwWSRuAs7W0gk.roa
File: ExuO0wU2-ClJDZRwWSRuAs7W0gk.roa (raw, json)
Hash identifier: 2j3+sZIfGB/S0w3o+OLoSghT+pM132gfjkW2EjpJ9JQ=
Subject key identifier: 13:1B:8E:D3:05:36:F8:29:49:0D:94:70:59:24:6E:02:CE:D6:D2:09
Certificate issuer: /CN=d954ab94e4595194d2c39b1d3fe6a891f1eb92bc
Certificate serial: 019425FC31B8D33141D0562F2867F46F3EC4
Authority key identifier: D9:54:AB:94:E4:59:51:94:D2:C3:9B:1D:3F:E6:A8:91:F1:EB:92:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2VSrlORZUZTSw5sdP-aokfHrkrw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/647485-635e-4ac6-b0b9-3351c577b432/1/ExuO0wU2-ClJDZRwWSRuAs7W0gk.roa
Signing time: Thu 02 Jan 2025 07:47:52 +0000
ROA not before: Thu 02 Jan 2025 07:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13037
IP address blocks: 185.169.116.0/23 maxlen: 23
185.169.118.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/647485-635e-4ac6-b0b9-3351c577b432/1/2VSrlORZUZTSw5sdP-aokfHrkrw.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/647485-635e-4ac6-b0b9-3351c577b432/1/2VSrlORZUZTSw5sdP-aokfHrkrw.mft
rsync://rpki.ripe.net/repository/DEFAULT/2VSrlORZUZTSw5sdP-aokfHrkrw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:31:b8:d3:31:41:d0:56:2f:28:67:f4:6f:3e:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d954ab94e4595194d2c39b1d3fe6a891f1eb92bc
Validity
Not Before: Jan 2 07:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=131b8ed30536f829490d947059246e02ced6d209
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:d4:d8:51:6d:03:e9:96:9c:4b:51:c7:bb:52:
df:31:37:5b:05:bc:52:87:6b:7f:40:bd:e2:14:31:
74:ae:c7:42:5a:7e:e4:fe:ba:8f:dd:91:cf:9b:38:
2c:92:65:7f:7e:d4:63:95:5b:f2:af:68:8d:20:1a:
45:96:8d:96:77:3a:e8:ee:fb:f4:e1:cb:17:dd:eb:
0d:c1:a4:23:23:d6:5d:fc:18:a4:17:ea:4e:f6:c3:
29:48:08:fe:b2:62:fe:74:58:ff:53:15:d4:c9:48:
fa:5d:66:0d:14:b2:3e:c9:98:9b:60:fa:f8:5b:95:
c9:2e:97:0c:9c:de:87:f0:33:7a:c5:8f:a8:33:58:
66:1e:e8:14:a3:d0:74:16:07:5d:49:b2:da:1a:89:
09:98:e7:a4:06:e1:b6:3b:4d:de:8d:ab:6a:06:dd:
d6:df:6e:0c:c2:90:21:26:99:22:48:d0:76:c0:9b:
b5:52:da:e9:03:a2:80:78:c2:5d:0c:0a:9a:fc:47:
92:48:45:60:03:83:b1:63:c1:8c:6a:c5:8d:b7:9a:
26:7e:3a:1d:d0:93:b9:d8:7a:20:73:aa:7d:ba:25:
ec:c6:05:fd:29:a9:97:b6:a7:b7:36:f6:45:be:65:
7f:a9:fa:70:5f:5d:96:ab:54:09:ac:13:5c:14:65:
00:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:1B:8E:D3:05:36:F8:29:49:0D:94:70:59:24:6E:02:CE:D6:D2:09
X509v3 Authority Key Identifier:
keyid:D9:54:AB:94:E4:59:51:94:D2:C3:9B:1D:3F:E6:A8:91:F1:EB:92:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2VSrlORZUZTSw5sdP-aokfHrkrw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/647485-635e-4ac6-b0b9-3351c577b432/1/ExuO0wU2-ClJDZRwWSRuAs7W0gk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/647485-635e-4ac6-b0b9-3351c577b432/1/2VSrlORZUZTSw5sdP-aokfHrkrw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.169.116.0/22
Signature Algorithm: sha256WithRSAEncryption
a8:49:46:eb:54:50:81:db:0a:bf:b8:36:4d:cc:46:f9:9e:96:
a7:bd:83:5c:e6:b6:32:9b:f0:a3:1b:22:f7:50:89:f7:ad:e3:
7b:67:fb:05:2a:57:c0:27:50:fc:c8:b3:07:3f:1d:f0:f4:36:
26:4d:16:8a:91:49:72:ab:66:b4:55:87:44:b2:ec:27:10:da:
78:f1:ec:be:f0:16:ae:89:a2:65:0b:1b:c0:19:52:14:ed:a6:
95:5a:e4:f6:9e:01:7a:3d:4d:9a:14:10:c8:1c:24:8f:9a:0a:
d2:aa:a9:ab:a9:94:3a:59:8a:a2:71:74:3d:97:da:a6:e7:73:
cb:df:39:7a:ea:90:8c:c0:bd:6b:0c:e3:ae:f2:2a:54:03:cd:
65:ef:3d:05:43:82:2e:92:eb:f5:08:44:09:6e:a2:00:e9:8d:
48:0a:76:0f:bc:80:bc:5a:3f:36:92:1d:e0:18:e7:83:05:57:
c7:ac:3e:d9:44:92:14:01:61:8d:7e:e4:d2:e2:f8:a2:bf:d7:
ea:25:75:99:39:7f:be:95:3c:3e:42:36:a8:32:b3:26:53:bf:
32:64:db:e4:1c:be:f4:67:c3:40:42:5b:f9:46:1f:e9:b2:b4:
65:9b:55:65:aa:27:6e:0c:72:70:00:66:23:98:a5:fe:0e:64:
d8:eb:6e:d1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/DG40zFB0FYvKGf0bz7EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5NTRhYjk0ZTQ1OTUxOTRkMmMzOWIxZDNmZTZhODkxZjFl
YjkyYmMwHhcNMjUwMTAyMDc0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzFiOGVkMzA1MzZmODI5NDkwZDk0NzA1OTI0NmUwMmNlZDZkMjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAutTYUW0D6ZacS1HHu1LfMTdbBbxS
h2t/QL3iFDF0rsdCWn7k/rqP3ZHPmzgskmV/ftRjlVvyr2iNIBpFlo2Wdzro7vv0
4csX3esNwaQjI9Zd/BikF+pO9sMpSAj+smL+dFj/UxXUyUj6XWYNFLI+yZibYPr4
W5XJLpcMnN6H8DN6xY+oM1hmHugUo9B0FgddSbLaGokJmOekBuG2O03ejatqBt3W
324MwpAhJpkiSNB2wJu1UtrpA6KAeMJdDAqa/EeSSEVgA4OxY8GMasWNt5omfjod
0JO52Hogc6p9uiXsxgX9KamXtqe3NvZFvmV/qfpwX12Wq1QJrBNcFGUApQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBMbjtMFNvgpSQ2UcFkkbgLO1tIJMB8GA1UdIwQY
MBaAFNlUq5TkWVGU0sObHT/mqJHx65K8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlZTcmxPUlpVWlRTdzVzZFAtYW9rZkhya3J3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC82NDc0ODUtNjM1ZS00YWM2LWIwYjkt
MzM1MWM1NzdiNDMyLzEvRXh1TzB3VTItQ2xKRFpSd1dTUnVBczdXMGdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC82NDc0ODUtNjM1ZS00YWM2LWIwYjktMzM1MWM1NzdiNDMy
LzEvMlZTcmxPUlpVWlRTdzVzZFAtYW9rZkhya3J3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCual0MA0G
CSqGSIb3DQEBCwUAA4IBAQCoSUbrVFCB2wq/uDZNzEb5npanvYNc5rYym/CjGyL3
UIn3reN7Z/sFKlfAJ1D8yLMHPx3w9DYmTRaKkUlyq2a0VYdEsuwnENp48ey+8Bau
iaJlCxvAGVIU7aaVWuT2ngF6PU2aFBDIHCSPmgrSqqmrqZQ6WYqicXQ9l9qm53PL
3zl66pCMwL1rDOOu8ipUA81l7z0FQ4Iukuv1CEQJbqIA6Y1ICnYPvIC8Wj82kh3g
GOeDBVfHrD7ZRJIUAWGNfuTS4viiv9fqJXWZOX++lTw+QjaoMrMmU78yZNvkHL70
Z8NAQlv5Rh/psrRlm1VlqiduDHJwAGYjmKX+DmTY627R
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:27:08 2025 by rpki-client