Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/56748e-c297-4de7-8e96-89783317ea29/1/1nJZi9GJ90J5FpzQE_nW1w9Y34A.roa
File: 1nJZi9GJ90J5FpzQE_nW1w9Y34A.roa (raw, json)
Hash identifier: GVbUZdYnFxfV/6HU/T0jmvYJT+FivYMJd3zG7OwlXB4=
Subject key identifier: D6:72:59:8B:D1:89:F7:42:79:16:9C:D0:13:F9:D6:D7:0F:58:DF:80
Certificate issuer: /CN=abc2de820e02f3c3f86e5b8c9c49ddc49325123f
Certificate serial: 019421B2349ADB91E0363056DE5EE7668504
Authority key identifier: AB:C2:DE:82:0E:02:F3:C3:F8:6E:5B:8C:9C:49:DD:C4:93:25:12:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q8Legg4C88P4bluMnEndxJMlEj8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/56748e-c297-4de7-8e96-89783317ea29/1/1nJZi9GJ90J5FpzQE_nW1w9Y34A.roa
Signing time: Wed 01 Jan 2025 11:48:34 +0000
ROA not before: Wed 01 Jan 2025 11:48:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201072
IP address blocks: 193.57.185.0/24 maxlen: 24
193.57.186.0/24 maxlen: 24
193.57.187.0/24 maxlen: 24
193.57.188.0/24 maxlen: 24
193.57.189.0/24 maxlen: 24
193.57.190.0/24 maxlen: 24
193.57.199.0/24 maxlen: 24
193.57.204.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/56748e-c297-4de7-8e96-89783317ea29/1/q8Legg4C88P4bluMnEndxJMlEj8.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/56748e-c297-4de7-8e96-89783317ea29/1/q8Legg4C88P4bluMnEndxJMlEj8.mft
rsync://rpki.ripe.net/repository/DEFAULT/q8Legg4C88P4bluMnEndxJMlEj8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 02:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:34:9a:db:91:e0:36:30:56:de:5e:e7:66:85:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abc2de820e02f3c3f86e5b8c9c49ddc49325123f
Validity
Not Before: Jan 1 11:48:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d672598bd189f74279169cd013f9d6d70f58df80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:38:a2:9b:ad:c9:20:a6:91:bf:ec:5c:7c:2f:
52:ee:31:f5:dd:44:5e:3b:40:62:91:9f:b1:5a:d6:
d6:9c:cc:15:61:da:ae:57:38:e8:7e:e8:f6:66:43:
68:d7:ad:8f:0a:f1:2f:c8:ba:8e:a9:45:6c:fa:44:
d3:f1:70:fb:a3:5e:8d:f2:f3:94:35:55:79:9f:63:
b3:57:ca:d3:74:c9:33:87:6a:65:03:d1:b5:2b:bf:
8b:4f:a1:4a:7d:30:fc:ad:a2:30:01:73:95:17:67:
86:db:21:f5:19:4d:32:a1:b9:05:81:ca:90:32:54:
77:b3:57:b8:0b:9d:50:df:0b:e3:4c:57:50:7e:17:
5f:6b:bc:8d:b2:b3:12:fc:3d:30:9b:a6:53:7a:ee:
ff:94:49:1a:19:8b:72:e8:fa:62:94:62:6d:a0:91:
f0:bb:a2:1e:3c:17:78:5a:13:45:db:41:53:b7:7e:
14:ef:42:ed:91:55:2b:7d:69:81:e5:d5:93:81:11:
12:32:71:c7:6f:4c:e0:d6:57:b9:d1:f0:6b:95:04:
88:25:6d:fe:a7:29:94:4d:3a:30:32:c4:ee:a8:d5:
70:78:30:06:2b:1b:97:a8:09:ba:8f:ff:5c:b5:6d:
88:3f:47:36:04:aa:d1:17:fe:03:73:8f:32:eb:fd:
5f:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:72:59:8B:D1:89:F7:42:79:16:9C:D0:13:F9:D6:D7:0F:58:DF:80
X509v3 Authority Key Identifier:
keyid:AB:C2:DE:82:0E:02:F3:C3:F8:6E:5B:8C:9C:49:DD:C4:93:25:12:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q8Legg4C88P4bluMnEndxJMlEj8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/56748e-c297-4de7-8e96-89783317ea29/1/1nJZi9GJ90J5FpzQE_nW1w9Y34A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/56748e-c297-4de7-8e96-89783317ea29/1/q8Legg4C88P4bluMnEndxJMlEj8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.185.0-193.57.190.255
193.57.199.0/24
193.57.204.0/24
Signature Algorithm: sha256WithRSAEncryption
26:e3:aa:7f:1c:8c:ed:ed:21:ab:85:80:f3:b1:51:e7:7f:ae:
db:02:c6:ad:6f:11:70:f4:b9:12:7d:32:e1:a1:67:4a:35:56:
9f:d8:89:a9:bb:73:48:e1:cc:04:41:0f:dc:14:c8:4b:26:16:
8f:a6:82:cb:b4:89:6f:78:d6:c6:7a:66:04:c5:ca:71:65:ca:
1d:bc:94:20:d5:c4:79:f8:26:06:fc:2f:1f:be:f3:12:e1:a9:
89:aa:02:57:7c:b1:f8:a0:4b:73:3c:20:eb:ea:1f:28:ee:52:
d1:60:d7:57:07:04:ba:0d:c2:9f:71:7d:06:40:46:dc:7d:c1:
d5:12:90:76:0d:8b:fd:c9:37:53:94:78:15:a5:1c:96:b7:6a:
ef:33:c4:c0:6f:6a:55:b1:9a:4b:6a:7d:b5:fd:fc:a9:27:a9:
13:d9:9e:12:33:e4:7b:71:6a:dd:0d:f4:2f:cc:72:06:19:7d:
c3:c7:bc:32:56:e0:8a:ac:00:bf:04:4e:08:5d:d0:2c:5b:fc:
f2:3f:3c:49:be:b3:32:4f:6b:ca:86:2c:1d:fe:74:da:4e:44:
89:b1:d2:4f:86:94:a2:17:b2:62:7a:2d:30:56:dd:eb:08:63:
40:f6:d8:be:e8:6c:aa:0d:34:06:97:e2:e0:8b:db:87:a4:4d:
0c:c9:91:d6
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQhsjSa25HgNjBW3l7nZoUEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYzJkZTgyMGUwMmYzYzNmODZlNWI4YzljNDlkZGM0OTMy
NTEyM2YwHhcNMjUwMTAxMTE0ODM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjcyNTk4YmQxODlmNzQyNzkxNjljZDAxM2Y5ZDZkNzBmNThkZjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjiim63JIKaRv+xcfC9S7jH13URe
O0BikZ+xWtbWnMwVYdquVzjofuj2ZkNo162PCvEvyLqOqUVs+kTT8XD7o16N8vOU
NVV5n2OzV8rTdMkzh2plA9G1K7+LT6FKfTD8raIwAXOVF2eG2yH1GU0yobkFgcqQ
MlR3s1e4C51Q3wvjTFdQfhdfa7yNsrMS/D0wm6ZTeu7/lEkaGYty6PpilGJtoJHw
u6IePBd4WhNF20FTt34U70LtkVUrfWmB5dWTgRESMnHHb0zg1le50fBrlQSIJW3+
pymUTTowMsTuqNVweDAGKxuXqAm6j/9ctW2IP0c2BKrRF/4Dc48y6/1fZwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFNZyWYvRifdCeRac0BP51tcPWN+AMB8GA1UdIwQY
MBaAFKvC3oIOAvPD+G5bjJxJ3cSTJRI/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcThMZWdnNEM4OFA0Ymx1TW5FbmR4Sk1sRWo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS81Njc0OGUtYzI5Ny00ZGU3LThlOTYt
ODk3ODMzMTdlYTI5LzEvMW5KWmk5R0o5MEo1RnB6UUVfblcxdzlZMzRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS81Njc0OGUtYzI5Ny00ZGU3LThlOTYtODk3ODMzMTdlYTI5
LzEvcThMZWdnNEM4OFA0Ymx1TW5FbmR4Sk1sRWo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBADBObkD
BADBOb4DBADBOccDBADBOcwwDQYJKoZIhvcNAQELBQADggEBACbjqn8cjO3tIauF
gPOxUed/rtsCxq1vEXD0uRJ9MuGhZ0o1Vp/Yiam7c0jhzARBD9wUyEsmFo+mgsu0
iW941sZ6ZgTFynFlyh28lCDVxHn4Jgb8Lx++8xLhqYmqAld8sfigS3M8IOvqHyju
UtFg11cHBLoNwp9xfQZARtx9wdUSkHYNi/3JN1OUeBWlHJa3au8zxMBvalWxmktq
fbX9/KknqRPZnhIz5Htxat0N9C/McgYZfcPHvDJW4IqsAL8ETghd0Cxb/PI/PEm+
szJPa8qGLB3+dNpORImx0k+GlKIXsmJ6LTBW3esIY0D22L7obKoNNAaX4uCL24ek
TQzJkdY=
-----END CERTIFICATE-----
Generated at Tue Apr 22 12:37:41 2025 by rpki-client