Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/761bf5-037e-4807-88c0-feee86c6b600/1/Goi94Dc_RUuC8EGWeEnJH7qqhjU.roa
File: Goi94Dc_RUuC8EGWeEnJH7qqhjU.roa (raw, json)
Hash identifier: G+DgjuNd7tv+5EJaL+G6NuJWBrxhCutOC8EdL+rglNc=
Subject key identifier: 1A:88:BD:E0:37:3F:45:4B:82:F0:41:96:78:49:C9:1F:BA:AA:86:35
Certificate issuer: /CN=e938cd7ecf23ac1c4962546e1bcf5e083ad229a5
Certificate serial: 01941F8C866310726FA63CEA6CAFFF9C61F8
Authority key identifier: E9:38:CD:7E:CF:23:AC:1C:49:62:54:6E:1B:CF:5E:08:3A:D2:29:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6TjNfs8jrBxJYlRuG89eCDrSKaU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/761bf5-037e-4807-88c0-feee86c6b600/1/Goi94Dc_RUuC8EGWeEnJH7qqhjU.roa
Signing time: Wed 01 Jan 2025 01:48:10 +0000
ROA not before: Wed 01 Jan 2025 01:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 680
IP address blocks: 193.22.64.0/20 maxlen: 20
193.22.71.0/24 maxlen: 24
193.22.72.0/23 maxlen: 23
193.22.74.0/23 maxlen: 23
193.22.76.0/24 maxlen: 24
193.22.78.0/24 maxlen: 24
193.22.79.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/761bf5-037e-4807-88c0-feee86c6b600/1/6TjNfs8jrBxJYlRuG89eCDrSKaU.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/761bf5-037e-4807-88c0-feee86c6b600/1/6TjNfs8jrBxJYlRuG89eCDrSKaU.mft
rsync://rpki.ripe.net/repository/DEFAULT/6TjNfs8jrBxJYlRuG89eCDrSKaU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 05:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:86:63:10:72:6f:a6:3c:ea:6c:af:ff:9c:61:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e938cd7ecf23ac1c4962546e1bcf5e083ad229a5
Validity
Not Before: Jan 1 01:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1a88bde0373f454b82f041967849c91fbaaa8635
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:6c:65:12:12:70:26:5f:52:fd:f4:12:2a:88:
08:f7:68:d2:91:27:75:ef:cd:38:5f:22:24:cc:7d:
30:e1:67:3f:94:c5:37:97:a1:ff:ac:6b:8d:82:59:
ad:dd:a2:6c:c2:00:60:a9:f4:45:e8:1c:bc:d6:1b:
f8:33:65:61:ad:6f:1d:c1:fe:b4:f2:58:78:c1:8c:
21:68:2d:b8:ab:8b:82:5d:cd:37:4d:84:af:53:5e:
b0:dd:09:05:bb:8d:8f:d7:4a:3f:a8:18:5a:10:21:
9d:b3:3e:dc:94:fc:66:a0:46:db:7c:c5:0d:db:d7:
9b:eb:b3:a7:c3:5a:9e:96:7c:10:dd:7e:bd:d5:7a:
43:56:a8:ee:87:8e:c3:3c:fb:18:cc:27:2f:d7:0b:
a1:45:a9:6f:2e:3f:a4:b6:5a:18:fb:a9:d7:8e:29:
e2:da:e4:9c:9e:6a:7e:1b:99:f1:97:a5:22:20:83:
7a:ab:00:fa:40:ce:4c:c9:77:bd:ef:e4:c3:13:00:
c1:78:a8:b1:3c:6c:3c:b5:e1:44:1b:05:9e:f7:db:
55:f7:98:98:36:a9:ee:3f:fc:46:8f:fe:24:10:e0:
93:47:10:c2:c0:33:36:0a:66:fd:c5:94:26:db:6f:
aa:c7:09:96:22:73:f4:da:74:7e:9f:d1:c3:c3:0b:
33:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:88:BD:E0:37:3F:45:4B:82:F0:41:96:78:49:C9:1F:BA:AA:86:35
X509v3 Authority Key Identifier:
keyid:E9:38:CD:7E:CF:23:AC:1C:49:62:54:6E:1B:CF:5E:08:3A:D2:29:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6TjNfs8jrBxJYlRuG89eCDrSKaU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/761bf5-037e-4807-88c0-feee86c6b600/1/Goi94Dc_RUuC8EGWeEnJH7qqhjU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/761bf5-037e-4807-88c0-feee86c6b600/1/6TjNfs8jrBxJYlRuG89eCDrSKaU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.22.64.0/20
Signature Algorithm: sha256WithRSAEncryption
6d:35:c2:e3:a9:38:e1:d9:1a:7e:22:4f:08:6a:d4:cc:1d:3d:
37:27:20:92:f1:09:68:06:1d:dc:18:c4:61:40:ae:c7:34:7c:
47:90:87:0a:2a:13:9d:be:13:08:78:d8:ee:86:c9:01:36:f3:
77:c0:f3:c5:3b:de:70:5f:59:5c:0b:72:65:34:ed:67:f4:2b:
be:ca:0d:07:67:93:ff:22:3e:aa:bc:1f:93:96:17:6b:1b:7c:
fb:29:80:9d:ee:6e:6d:13:14:59:dc:50:e0:3c:c3:7c:17:50:
b5:e0:48:e8:98:05:cf:aa:3a:0e:03:1b:77:a6:02:f8:fe:0b:
8e:2c:e2:6a:ae:7e:3a:55:30:d5:d4:51:f8:b6:24:a7:3c:19:
6d:05:56:63:ce:1c:27:04:44:39:5f:aa:a8:58:ae:16:1b:f8:
19:68:98:bc:98:a0:ee:91:e8:39:e9:ec:2e:8c:35:d4:17:8b:
61:db:08:99:e9:f5:12:36:ba:d3:38:1d:26:51:ce:f5:92:e4:
52:c2:54:9a:14:c9:57:fa:c5:70:18:b3:ad:79:69:cc:ee:6e:
1d:f7:56:35:78:1a:4a:36:ac:ba:dc:46:da:39:41:49:98:12:
2b:1e:78:2e:12:ad:bd:d9:15:e7:26:43:37:2a:4c:30:ce:b7:
e8:15:7f:7e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjIZjEHJvpjzqbK//nGH4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5MzhjZDdlY2YyM2FjMWM0OTYyNTQ2ZTFiY2Y1ZTA4M2Fk
MjI5YTUwHhcNMjUwMTAxMDE0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTg4YmRlMDM3M2Y0NTRiODJmMDQxOTY3ODQ5YzkxZmJhYWE4NjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAimxlEhJwJl9S/fQSKogI92jSkSd1
7804XyIkzH0w4Wc/lMU3l6H/rGuNglmt3aJswgBgqfRF6By81hv4M2VhrW8dwf60
8lh4wYwhaC24q4uCXc03TYSvU16w3QkFu42P10o/qBhaECGdsz7clPxmoEbbfMUN
29eb67Onw1qelnwQ3X691XpDVqjuh47DPPsYzCcv1wuhRalvLj+ktloY+6nXjini
2uScnmp+G5nxl6UiIIN6qwD6QM5MyXe97+TDEwDBeKixPGw8teFEGwWe99tV95iY
NqnuP/xGj/4kEOCTRxDCwDM2Cmb9xZQm22+qxwmWInP02nR+n9HDwwsz0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBqIveA3P0VLgvBBlnhJyR+6qoY1MB8GA1UdIwQY
MBaAFOk4zX7PI6wcSWJUbhvPXgg60imlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlRqTmZzOGpyQnhKWWxSdUc4OWVDRHJTS2FVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi83NjFiZjUtMDM3ZS00ODA3LTg4YzAt
ZmVlZTg2YzZiNjAwLzEvR29pOTREY19SVXVDOEVHV2VFbkpIN3FxaGpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi83NjFiZjUtMDM3ZS00ODA3LTg4YzAtZmVlZTg2YzZiNjAw
LzEvNlRqTmZzOGpyQnhKWWxSdUc4OWVDRHJTS2FVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEwRZAMA0G
CSqGSIb3DQEBCwUAA4IBAQBtNcLjqTjh2Rp+Ik8IatTMHT03JyCS8QloBh3cGMRh
QK7HNHxHkIcKKhOdvhMIeNjuhskBNvN3wPPFO95wX1lcC3JlNO1n9Cu+yg0HZ5P/
Ij6qvB+TlhdrG3z7KYCd7m5tExRZ3FDgPMN8F1C14EjomAXPqjoOAxt3pgL4/guO
LOJqrn46VTDV1FH4tiSnPBltBVZjzhwnBEQ5X6qoWK4WG/gZaJi8mKDukeg56ewu
jDXUF4th2wiZ6fUSNrrTOB0mUc71kuRSwlSaFMlX+sVwGLOteWnM7m4d91Y1eBpK
Nqy63EbaOUFJmBIrHnguEq292RXnJkM3KkwwzrfoFX9+
-----END CERTIFICATE-----
Generated at Sat Apr 12 13:04:29 2025 by rpki-client