Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/AbJd6W7uXgNPJ0JZRmRmQZP7B5M.roa
File: AbJd6W7uXgNPJ0JZRmRmQZP7B5M.roa (raw, json)
Hash identifier: kx+bI8SXtz95qqpP5QsvrZOh8LeRrBlUcwzoxiTg9YM=
Subject key identifier: 01:B2:5D:E9:6E:EE:5E:03:4F:27:42:59:46:64:66:41:93:FB:07:93
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0194ACDA50A8A08F114F7A76E0546F53F322
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/AbJd6W7uXgNPJ0JZRmRmQZP7B5M.roa
Signing time: Tue 28 Jan 2025 12:19:36 +0000
ROA not before: Tue 28 Jan 2025 12:19:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216127
IP address blocks: 194.87.54.0/24 maxlen: 24
194.87.55.0/24 maxlen: 24
195.58.38.0/24 maxlen: 24
195.58.39.0/24 maxlen: 24
195.133.64.0/24 maxlen: 24
195.133.65.0/24 maxlen: 24
212.193.4.0/24 maxlen: 24
212.193.5.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 11:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ac:da:50:a8:a0:8f:11:4f:7a:76:e0:54:6f:53:f3:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 28 12:19:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=01b25de96eee5e034f2742594664664193fb0793
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:8e:f3:58:06:00:31:1b:3a:5e:f5:07:4a:a8:
61:d9:7e:4c:fe:e5:71:4e:4e:4e:87:61:75:26:0d:
6e:cb:7f:4e:17:4a:b6:06:e0:81:47:f3:fa:62:9a:
cd:77:fc:2d:0c:5a:0f:64:f6:52:2e:7b:15:c3:b8:
f6:df:ac:3d:b3:40:ed:27:11:b8:c0:90:7f:4f:ae:
b9:4b:27:b6:32:57:80:96:f6:30:35:16:90:10:e9:
42:67:e7:34:d1:c0:12:d7:bb:ff:20:81:39:5e:70:
dd:0b:ad:7b:c7:95:87:cd:27:9e:80:65:64:f0:07:
33:41:c8:40:fe:55:b0:bb:5e:75:dc:f3:69:cc:cd:
75:6a:1b:8e:3d:36:cf:b6:d1:e5:ef:ce:04:26:ff:
34:71:dc:2f:f8:92:89:50:44:fb:d5:91:46:84:92:
81:de:cc:4d:4a:6b:6b:e4:3d:f9:b0:8f:bd:06:cc:
70:82:90:21:e6:5a:d5:64:ae:3c:b8:a8:57:b9:ca:
af:0d:88:66:b0:d1:9a:67:d1:18:fe:ae:43:3b:6e:
c0:9d:24:ac:55:2c:f4:10:90:bd:ca:17:85:cf:22:
64:7f:da:bd:90:2d:d7:65:f1:41:10:8b:a7:cc:d4:
fe:62:f0:71:10:ed:27:a1:df:08:2a:a7:37:89:f7:
8a:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:B2:5D:E9:6E:EE:5E:03:4F:27:42:59:46:64:66:41:93:FB:07:93
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/AbJd6W7uXgNPJ0JZRmRmQZP7B5M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.54.0/23
195.58.38.0/23
195.133.64.0/23
212.193.4.0/23
Signature Algorithm: sha256WithRSAEncryption
46:af:46:a8:64:a0:82:21:0f:cf:c3:75:96:21:43:7e:23:06:
bd:76:ab:88:c9:51:c1:8b:e7:43:95:43:ff:f8:65:fb:b3:b1:
22:98:0a:41:bf:85:6a:82:bb:1b:c4:d3:f7:80:51:c2:05:46:
90:a2:5a:34:ae:48:cd:b5:42:0b:b8:ce:96:a6:06:68:07:05:
11:9d:1f:41:fc:80:02:9a:f0:1c:35:db:a8:e7:12:5f:d3:e7:
09:42:c5:59:d9:1d:da:5d:b2:83:c6:a9:57:54:a9:60:13:a9:
17:b3:84:5f:80:06:1c:f7:47:b0:bc:9d:4c:e9:51:d8:f2:67:
4c:38:9c:10:2e:91:8e:00:5a:35:50:9d:90:b9:1d:22:d9:08:
ca:2c:0d:1a:88:96:62:34:64:c4:bb:94:5f:e4:89:f7:84:82:
41:10:a2:22:bf:0b:37:f2:0f:67:e8:e0:cd:4a:cb:cb:46:04:
89:58:e7:a2:03:7d:67:db:23:2e:29:86:66:5c:50:bd:a7:ba:
fc:09:57:64:29:a3:6b:7b:43:34:17:84:77:65:6c:a1:f8:2a:
91:0a:c7:b0:a6:b1:86:a4:a5:03:31:92:87:c0:97:39:e6:e1:
f0:e5:94:3b:50:ea:09:2d:e0:dc:bb:60:4d:b7:ef:43:af:7b:
8f:8e:c8:ce
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZSs2lCooI8RT3p24FRvU/MiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwMTI4MTIxOTM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWIyNWRlOTZlZWU1ZTAzNGYyNzQyNTk0NjY0NjY0MTkzZmIwNzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtI7zWAYAMRs6XvUHSqhh2X5M/uVx
Tk5Oh2F1Jg1uy39OF0q2BuCBR/P6YprNd/wtDFoPZPZSLnsVw7j236w9s0DtJxG4
wJB/T665Sye2MleAlvYwNRaQEOlCZ+c00cAS17v/IIE5XnDdC617x5WHzSeegGVk
8AczQchA/lWwu1513PNpzM11ahuOPTbPttHl784EJv80cdwv+JKJUET71ZFGhJKB
3sxNSmtr5D35sI+9BsxwgpAh5lrVZK48uKhXucqvDYhmsNGaZ9EY/q5DO27AnSSs
VSz0EJC9yheFzyJkf9q9kC3XZfFBEIunzNT+YvBxEO0nod8IKqc3ifeKnQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAGyXelu7l4DTydCWUZkZkGT+weTMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvQWJKZDZXN3VYZ05QSjBKWlJtUm1RWlA3QjVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBwlc2AwQB
wzomAwQBw4VAAwQB1MEEMA0GCSqGSIb3DQEBCwUAA4IBAQBGr0aoZKCCIQ/Pw3WW
IUN+Iwa9dquIyVHBi+dDlUP/+GX7s7EimApBv4VqgrsbxNP3gFHCBUaQolo0rkjN
tUILuM6WpgZoBwURnR9B/IACmvAcNduo5xJf0+cJQsVZ2R3aXbKDxqlXVKlgE6kX
s4RfgAYc90ewvJ1M6VHY8mdMOJwQLpGOAFo1UJ2QuR0i2QjKLA0aiJZiNGTEu5Rf
5In3hIJBEKIivws38g9n6ODNSsvLRgSJWOeiA31n2yMuKYZmXFC9p7r8CVdkKaNr
e0M0F4R3ZWyh+CqRCsewprGGpKUDMZKHwJc55uHw5ZQ7UOoJLeDcu2BNt+9Dr3uP
jsjO
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:38:37 2025 by rpki-client