Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/SjnxGzDuodUPY7uXPAdarLVoUTk.roa
File: SjnxGzDuodUPY7uXPAdarLVoUTk.roa (raw, json)
Hash identifier: jdx+OqjPrI+74H3/YL5/X45YyHozFCiq49+CYmIV6iw=
Subject key identifier: 4A:39:F1:1B:30:EE:A1:D5:0F:63:BB:97:3C:07:5A:AC:B5:68:51:39
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0194A8299C77DC5F5593AEB9611220EE6977
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/SjnxGzDuodUPY7uXPAdarLVoUTk.roa
Signing time: Mon 27 Jan 2025 14:28:06 +0000
ROA not before: Mon 27 Jan 2025 14:28:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41798
IP address blocks: 193.124.93.0/24 maxlen: 24
193.124.204.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
195.133.8.0/24 maxlen: 24
195.133.62.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 10:07:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:a8:29:9c:77:dc:5f:55:93:ae:b9:61:12:20:ee:69:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 27 14:28:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4a39f11b30eea1d50f63bb973c075aacb5685139
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:a4:dd:b3:85:1c:da:f3:3c:3f:3a:7a:c8:fa:
6e:7c:a0:c2:2c:62:11:e7:13:98:5e:14:67:ff:18:
70:7a:51:f2:4d:9f:d7:ef:f7:b6:c7:b5:ee:1e:18:
3d:91:2b:c2:fc:2e:35:e5:d3:57:70:6b:77:f1:71:
64:42:78:db:a8:24:8a:f5:6e:37:1d:59:54:93:fc:
71:84:10:5d:07:22:44:f5:22:b5:8c:fa:ab:2a:dd:
b6:5b:ba:72:69:91:d0:a1:95:81:80:61:43:d3:5a:
8e:0a:ef:aa:7b:6e:99:eb:ab:18:4f:a0:e5:62:f2:
03:8b:30:a6:2f:28:92:ea:dd:bf:9c:c3:e3:c1:5b:
b9:a8:ab:91:2f:5f:c0:9a:38:d5:25:08:4c:b8:5a:
47:ff:f5:58:37:2a:bc:6b:fe:9a:15:21:05:da:80:
52:87:b7:cc:7a:dd:67:b5:47:e2:0d:a9:39:2e:2a:
40:2c:74:b7:84:8a:3a:7c:3d:72:a1:2e:89:cd:23:
64:5a:6a:fb:75:97:4f:5c:ea:95:2a:02:30:27:ff:
73:eb:b8:eb:3e:0d:a7:e1:50:37:43:84:c3:fe:ac:
51:38:8d:f0:0c:26:3d:de:10:bf:cf:1e:62:83:05:
fc:15:38:2c:d3:ef:23:2a:17:bf:80:63:8d:e6:46:
f5:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:39:F1:1B:30:EE:A1:D5:0F:63:BB:97:3C:07:5A:AC:B5:68:51:39
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/SjnxGzDuodUPY7uXPAdarLVoUTk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.93.0/24
193.124.204.0/24
194.58.42.0/24
195.133.8.0/24
195.133.62.0/24
Signature Algorithm: sha256WithRSAEncryption
89:4e:05:92:72:81:d2:de:9c:a4:20:8e:19:fe:cc:50:38:c5:
b8:2b:7a:51:0e:16:28:ec:25:3b:76:a5:18:99:1b:d7:54:de:
49:d9:9e:da:8b:6f:2d:31:72:8f:60:d1:b5:22:ec:05:a9:7f:
e4:f8:c5:ee:88:9c:bc:fc:58:d7:44:7b:67:52:24:52:89:7f:
6f:e2:e9:49:98:da:ee:ee:31:c7:5f:63:46:bc:b0:eb:6c:bf:
74:ab:2e:8e:1c:3e:05:9d:c2:74:8c:fb:95:3e:69:54:b1:a8:
0d:0b:97:be:60:5c:0a:ff:ee:06:0f:c7:9d:82:3f:54:ad:4d:
38:f5:11:f1:7c:e6:0e:d3:ee:d1:b2:c9:07:b1:e1:f7:b3:63:
c8:d8:f4:07:26:01:29:95:a1:ed:57:16:f9:dd:d9:75:7f:19:
2d:f0:02:f4:23:96:1c:71:5a:15:fc:66:42:57:ca:88:eb:7d:
23:ea:a3:30:9e:65:70:fb:93:5b:10:fa:f6:e9:4d:23:40:bd:
98:cc:a0:53:69:a0:be:ca:f6:61:2c:90:34:6f:35:a0:fc:be:
2c:d0:b5:e0:18:45:55:12:78:57:e5:33:0e:ad:68:ec:45:38:
95:48:0b:4d:be:f8:a4:21:ba:03:44:24:92:7b:38:e6:24:19:
24:24:6c:01
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZSoKZx33F9Vk665YRIg7ml3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwMTI3MTQyODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTM5ZjExYjMwZWVhMWQ1MGY2M2JiOTczYzA3NWFhY2I1Njg1MTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjKTds4Uc2vM8Pzp6yPpufKDCLGIR
5xOYXhRn/xhwelHyTZ/X7/e2x7XuHhg9kSvC/C415dNXcGt38XFkQnjbqCSK9W43
HVlUk/xxhBBdByJE9SK1jPqrKt22W7pyaZHQoZWBgGFD01qOCu+qe26Z66sYT6Dl
YvIDizCmLyiS6t2/nMPjwVu5qKuRL1/AmjjVJQhMuFpH//VYNyq8a/6aFSEF2oBS
h7fMet1ntUfiDak5LipALHS3hIo6fD1yoS6JzSNkWmr7dZdPXOqVKgIwJ/9z67jr
Pg2n4VA3Q4TD/qxROI3wDCY93hC/zx5igwX8FTgs0+8jKhe/gGON5kb1AwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEo58Rsw7qHVD2O7lzwHWqy1aFE5MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvU2pueEd6RHVvZFVQWTd1WFBBZGFyTFZvVVRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwXxdAwQA
wXzMAwQAwjoqAwQAw4UIAwQAw4U+MA0GCSqGSIb3DQEBCwUAA4IBAQCJTgWScoHS
3pykII4Z/sxQOMW4K3pRDhYo7CU7dqUYmRvXVN5J2Z7ai28tMXKPYNG1IuwFqX/k
+MXuiJy8/FjXRHtnUiRSiX9v4ulJmNru7jHHX2NGvLDrbL90qy6OHD4FncJ0jPuV
PmlUsagNC5e+YFwK/+4GD8edgj9UrU049RHxfOYO0+7RsskHseH3s2PI2PQHJgEp
laHtVxb53dl1fxkt8AL0I5YccVoV/GZCV8qI630j6qMwnmVw+5NbEPr26U0jQL2Y
zKBTaaC+yvZhLJA0bzWg/L4s0LXgGEVVEnhX5TMOrWjsRTiVSAtNvvikIboDRCSS
ezjmJBkkJGwB
-----END CERTIFICATE-----
Generated at Sun Apr 6 20:21:56 2025 by rpki-client