Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/SjmXZnG51JRTtLsN9sJ8Rvd5Pt4.roa
File: SjmXZnG51JRTtLsN9sJ8Rvd5Pt4.roa (raw, json)
Hash identifier: tJBERu9Lo1wC7SnI5+hmLMCW8eZfTvyvoHgD0vHT/x8=
Subject key identifier: 4A:39:97:66:71:B9:D4:94:53:B4:BB:0D:F6:C2:7C:46:F7:79:3E:DE
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 01954894B5233C2AB6BC259EA0078B3B77ED
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/SjmXZnG51JRTtLsN9sJ8Rvd5Pt4.roa
Signing time: Thu 27 Feb 2025 18:04:19 +0000
ROA not before: Thu 27 Feb 2025 18:04:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214231
IP address blocks: 93.152.230.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.mft
rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 23:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:48:94:b5:23:3c:2a:b6:bc:25:9e:a0:07:8b:3b:77:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Feb 27 18:04:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4a39976671b9d49453b4bb0df6c27c46f7793ede
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:47:d8:13:45:e8:c4:5d:41:62:4d:a7:57:80:
9d:84:dc:b8:a3:98:f7:2f:a9:38:27:4c:33:38:b2:
80:a6:b0:e8:bb:4d:a1:86:8d:e5:b2:5b:3e:4f:a6:
00:3d:82:f6:ff:08:d3:ff:38:44:64:76:33:c7:4a:
c0:c2:8a:86:0d:a5:c5:02:23:cc:23:19:e9:8f:16:
28:c5:f0:6e:f9:41:c5:c3:e5:4a:54:ed:4e:92:fa:
35:3a:93:7e:c4:19:bd:22:ea:9f:ba:54:7a:9c:00:
3d:66:6b:62:fd:f5:6e:5d:c7:01:ae:5b:b2:a2:22:
d7:0e:9a:6d:23:d3:1a:53:da:e6:bd:61:da:ff:57:
22:7b:61:40:71:4c:93:d4:14:f9:40:cb:a9:3b:f9:
64:df:ca:36:f7:c5:6f:f9:b9:5d:cf:7c:af:b1:00:
2c:c1:f8:04:75:9d:3a:79:56:48:50:08:e4:93:ea:
99:b1:cc:65:b1:c7:20:51:d7:2c:9d:8a:58:34:0a:
56:61:96:fc:d3:b7:b1:ae:0f:2c:d2:e0:b9:aa:22:
88:80:5a:12:b6:03:1c:52:dc:81:1e:d8:1f:24:8c:
62:33:b9:6c:03:8a:31:c1:8c:39:79:57:21:38:6b:
fc:0f:73:1e:cd:01:46:d2:8d:ca:eb:92:30:53:5a:
ae:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:39:97:66:71:B9:D4:94:53:B4:BB:0D:F6:C2:7C:46:F7:79:3E:DE
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/SjmXZnG51JRTtLsN9sJ8Rvd5Pt4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.152.230.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:d9:44:51:59:a7:e5:d6:19:ee:c4:fe:47:ea:46:b6:35:de:
f3:dd:05:2f:45:a7:58:2e:24:4f:b6:a9:7d:ec:8a:56:5e:73:
ce:0a:01:8b:7c:d8:6c:ae:b0:27:63:d5:07:c8:83:45:95:be:
32:91:de:12:ed:23:73:f7:62:26:29:b0:45:b1:ac:37:25:5f:
88:3a:50:29:49:53:d7:25:39:e1:6d:af:cb:3e:b3:78:e2:7b:
f7:c2:72:25:f0:e8:e7:76:a3:63:6a:ee:27:58:bf:db:0e:a5:
85:6e:4e:7b:0a:42:8f:39:e9:2c:43:58:01:47:20:a0:71:14:
54:eb:33:c4:3a:a0:46:b4:4d:cf:74:d8:e3:af:48:2a:e5:bc:
88:c7:0f:48:df:2d:82:48:16:9b:8a:55:e7:77:c5:51:d4:1b:
fb:34:a0:15:0b:96:9b:e4:f0:71:2b:1e:5d:d4:d2:c0:0b:41:
fd:10:fb:eb:06:fa:40:ae:80:b1:6d:c7:96:55:da:f7:16:69:
eb:13:bc:6b:32:1f:4d:b2:ed:c7:8d:d6:a3:37:de:51:d3:2f:
f1:b7:ae:ec:90:6d:0c:55:52:18:96:ca:04:cb:0f:51:32:45:
c6:1f:84:d5:bd:8b:8e:82:60:d0:32:c4:3b:25:c6:8d:61:f1:
5c:b7:3a:fd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZVIlLUjPCq2vCWeoAeLO3ftMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjUwMjI3MTgwNDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTM5OTc2NjcxYjlkNDk0NTNiNGJiMGRmNmMyN2M0NmY3NzkzZWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArUfYE0XoxF1BYk2nV4CdhNy4o5j3
L6k4J0wzOLKAprDou02hho3lsls+T6YAPYL2/wjT/zhEZHYzx0rAwoqGDaXFAiPM
IxnpjxYoxfBu+UHFw+VKVO1Okvo1OpN+xBm9IuqfulR6nAA9Zmti/fVuXccBrluy
oiLXDpptI9MaU9rmvWHa/1cie2FAcUyT1BT5QMupO/lk38o298Vv+bldz3yvsQAs
wfgEdZ06eVZIUAjkk+qZscxlsccgUdcsnYpYNApWYZb807exrg8s0uC5qiKIgFoS
tgMcUtyBHtgfJIxiM7lsA4oxwYw5eVchOGv8D3MezQFG0o3K65IwU1quTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEo5l2ZxudSUU7S7DfbCfEb3eT7eMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvU2ptWFpuRzUxSlJUdExzTjlzSjhSdmQ1UHQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXZjmMA0G
CSqGSIb3DQEBCwUAA4IBAQCL2URRWafl1hnuxP5H6ka2Nd7z3QUvRadYLiRPtql9
7IpWXnPOCgGLfNhsrrAnY9UHyINFlb4ykd4S7SNz92ImKbBFsaw3JV+IOlApSVPX
JTnhba/LPrN44nv3wnIl8OjndqNjau4nWL/bDqWFbk57CkKPOeksQ1gBRyCgcRRU
6zPEOqBGtE3PdNjjr0gq5byIxw9I3y2CSBabilXnd8VR1Bv7NKAVC5ab5PBxKx5d
1NLAC0H9EPvrBvpAroCxbceWVdr3FmnrE7xrMh9Nsu3HjdajN95R0y/xt67skG0M
VVIYlsoEyw9RMkXGH4TVvYuOgmDQMsQ7JcaNYfFctzr9
-----END CERTIFICATE-----
Generated at Tue Apr 8 05:25:04 2025 by rpki-client