Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/8c006d-50f5-445d-b7e8-24994b040f41/1/1-u5MAxIx2a76GWU9BSY3kkXJY7s.roa
File: 1-u5MAxIx2a76GWU9BSY3kkXJY7s.roa (raw, json)
Hash identifier: opAgG+CnSobBzmEROSJ8hMqy2rOkfcnuYJpvFL5TYq0=
Subject key identifier: FA:EE:4C:03:12:31:D9:AE:FA:19:65:3D:05:26:37:92:45:C9:63:BB
Certificate issuer: /CN=29187f811597dd03513be42f43155bc15a3a0b3f
Certificate serial: 019427B68A29FE2BE09E0001209B6CC866C4
Authority key identifier: 29:18:7F:81:15:97:DD:03:51:3B:E4:2F:43:15:5B:C1:5A:3A:0B:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KRh_gRWX3QNRO-QvQxVbwVo6Cz8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/8c006d-50f5-445d-b7e8-24994b040f41/1/1-u5MAxIx2a76GWU9BSY3kkXJY7s.roa
Signing time: Thu 02 Jan 2025 15:51:01 +0000
ROA not before: Thu 02 Jan 2025 15:51:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58012
IP address blocks: 193.17.70.0/24 maxlen: 24
193.17.179.0/24 maxlen: 24
193.17.193.0/24 maxlen: 24
193.17.220.0/24 maxlen: 24
2a0f:7540::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/8c006d-50f5-445d-b7e8-24994b040f41/1/KRh_gRWX3QNRO-QvQxVbwVo6Cz8.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/8c006d-50f5-445d-b7e8-24994b040f41/1/KRh_gRWX3QNRO-QvQxVbwVo6Cz8.mft
rsync://rpki.ripe.net/repository/DEFAULT/KRh_gRWX3QNRO-QvQxVbwVo6Cz8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 03:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:8a:29:fe:2b:e0:9e:00:01:20:9b:6c:c8:66:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29187f811597dd03513be42f43155bc15a3a0b3f
Validity
Not Before: Jan 2 15:51:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=faee4c031231d9aefa19653d0526379245c963bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:87:b4:c9:73:d8:a6:46:dc:13:84:f3:54:01:
83:8f:7c:04:17:34:64:bc:00:ee:b8:6e:2f:12:b9:
3f:83:de:28:93:b6:78:81:7f:39:6f:cd:4f:a9:c9:
cb:11:75:dd:17:ba:b6:09:e1:ff:91:7e:37:10:05:
c6:4b:a4:5f:4f:bb:fd:a9:0a:8f:48:3d:10:a2:bc:
38:56:2b:b0:8b:19:13:66:ac:bf:d4:05:c0:e0:b9:
0d:a3:1e:8e:eb:54:b2:b5:ac:c7:92:c1:17:14:90:
9e:62:24:4f:43:14:a9:73:ff:5f:5c:ac:79:fe:51:
ac:25:1f:ab:23:55:2d:1d:fb:b3:e7:53:6e:f6:b9:
ab:71:4d:96:14:9d:42:30:06:02:1a:53:31:68:33:
40:bf:53:10:a2:9f:bf:7f:6c:5a:23:fd:f9:4f:cd:
d6:bd:8d:3c:a3:98:d8:60:3f:81:ab:00:ab:8a:af:
72:49:76:31:2b:06:94:64:59:d9:b8:3f:ab:5a:69:
f9:e4:c6:a8:41:d1:5a:a4:ec:bc:66:ac:b6:17:98:
a7:b7:77:56:28:f6:c3:54:3e:cb:b0:52:06:d1:6a:
db:bb:10:f6:78:8d:2b:67:47:d6:3e:3c:b2:36:94:
bd:0e:a5:39:c9:f7:fa:73:ed:a6:06:15:ef:c4:a6:
2d:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:EE:4C:03:12:31:D9:AE:FA:19:65:3D:05:26:37:92:45:C9:63:BB
X509v3 Authority Key Identifier:
keyid:29:18:7F:81:15:97:DD:03:51:3B:E4:2F:43:15:5B:C1:5A:3A:0B:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KRh_gRWX3QNRO-QvQxVbwVo6Cz8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/8c006d-50f5-445d-b7e8-24994b040f41/1/1-u5MAxIx2a76GWU9BSY3kkXJY7s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/8c006d-50f5-445d-b7e8-24994b040f41/1/KRh_gRWX3QNRO-QvQxVbwVo6Cz8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.17.70.0/24
193.17.179.0/24
193.17.193.0/24
193.17.220.0/24
IPv6:
2a0f:7540::/29
Signature Algorithm: sha256WithRSAEncryption
3c:f8:1e:c8:d9:fd:88:6e:03:7f:72:68:18:7c:b7:6d:f3:a4:
cb:42:c5:12:f3:fb:f0:4c:94:af:31:6f:fb:4c:91:1f:25:37:
e2:2a:b9:8c:43:bd:98:c3:5e:69:77:ea:82:b7:69:12:86:a7:
84:a8:37:8d:0d:ee:24:53:e5:04:7e:77:b8:58:97:24:6f:5a:
f5:17:00:37:e9:17:b8:10:fb:15:5d:95:d2:eb:e9:22:fd:bf:
7b:26:2e:4f:2e:77:c5:10:9e:e9:26:db:7b:4d:03:ce:b4:d1:
a4:81:e0:d1:c8:4b:60:49:b7:90:50:7a:02:39:02:2d:76:33:
51:54:d1:0d:16:b4:4c:d9:88:62:e8:1d:21:84:00:43:37:e6:
6b:01:9e:6a:d6:81:e7:8c:a9:66:67:63:c1:70:c7:6c:31:43:
d5:6a:16:48:8b:fe:fd:93:01:32:99:dc:46:5d:5c:0d:73:77:
fd:4a:3f:25:4b:b0:d5:76:45:ab:5c:f7:45:e8:e7:f0:48:6a:
ec:b8:d1:35:95:fa:65:b2:34:21:57:94:ae:76:f5:3f:66:2f:
44:c3:6d:8a:15:c2:d6:c3:e2:a9:7e:ab:8c:26:a1:61:2c:e7:
8c:8b:06:52:c2:de:6e:0b:2b:5b:df:15:72:93:56:66:ee:ed:
92:81:0d:83
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZQntoop/ivgngABIJtsyGbEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MTg3ZjgxMTU5N2RkMDM1MTNiZTQyZjQzMTU1YmMxNWEz
YTBiM2YwHhcNMjUwMTAyMTU1MTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWVlNGMwMzEyMzFkOWFlZmExOTY1M2QwNTI2Mzc5MjQ1Yzk2M2JiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Ye0yXPYpkbcE4TzVAGDj3wEFzRk
vADuuG4vErk/g94ok7Z4gX85b81PqcnLEXXdF7q2CeH/kX43EAXGS6RfT7v9qQqP
SD0Qorw4ViuwixkTZqy/1AXA4LkNox6O61SytazHksEXFJCeYiRPQxSpc/9fXKx5
/lGsJR+rI1UtHfuz51Nu9rmrcU2WFJ1CMAYCGlMxaDNAv1MQop+/f2xaI/35T83W
vY08o5jYYD+BqwCriq9ySXYxKwaUZFnZuD+rWmn55MaoQdFapOy8Zqy2F5int3dW
KPbDVD7LsFIG0WrbuxD2eI0rZ0fWPjyyNpS9DqU5yff6c+2mBhXvxKYtkwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFPruTAMSMdmu+hllPQUmN5JFyWO7MB8GA1UdIwQY
MBaAFCkYf4EVl90DUTvkL0MVW8FaOgs/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1JoX2dSV1gzUU5STy1RdlF4VmJ3Vm82Q3o4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC84YzAwNmQtNTBmNS00NDVkLWI3ZTgt
MjQ5OTRiMDQwZjQxLzEvMS11NU1BeEl4MmE3NkdXVTlCU1kza2tYSlk3cy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzAvOGMwMDZkLTUwZjUtNDQ1ZC1iN2U4LTI0OTk0YjA0MGY0
MS8xL0tSaF9nUldYM1FOUk8tUXZReFZid1ZvNkN6OC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBABggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAMERRgME
AMERswMEAMERwQMEAMER3DANBAIAAjAHAwUDKg91QDANBgkqhkiG9w0BAQsFAAOC
AQEAPPgeyNn9iG4Df3JoGHy3bfOky0LFEvP78EyUrzFv+0yRHyU34iq5jEO9mMNe
aXfqgrdpEoanhKg3jQ3uJFPlBH53uFiXJG9a9RcAN+kXuBD7FV2V0uvpIv2/eyYu
Ty53xRCe6Sbbe00DzrTRpIHg0chLYEm3kFB6AjkCLXYzUVTRDRa0TNmIYugdIYQA
QzfmawGeataB54ypZmdjwXDHbDFD1WoWSIv+/ZMBMpncRl1cDXN3/Uo/JUuw1XZF
q1z3Rejn8Ehq7LjRNZX6ZbI0IVeUrnb1P2YvRMNtihXC1sPiqX6rjCahYSznjIsG
UsLebgsrW98VcpNWZu7tkoENgw==
-----END CERTIFICATE-----
Generated at Tue Apr 22 11:19:31 2025 by rpki-client