Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/32779d-3656-44c0-8ab5-981fbb3442dd/1/rxB_SKD05flXCVb5a9Y1L-kYSOM.roa
File: rxB_SKD05flXCVb5a9Y1L-kYSOM.roa (raw, json)
Hash identifier: xxBSeAniUfhkRNjna0RuKk7EzeOrdkzGj8pWxibPVsM=
Subject key identifier: AF:10:7F:48:A0:F4:E5:F9:57:09:56:F9:6B:D6:35:2F:E9:18:48:E3
Certificate issuer: /CN=ecf7ca9ffafe72a30966f7e43d92b58e774ce741
Certificate serial: 01942747C73BA40BD6E198E2941A45C913F3
Authority key identifier: EC:F7:CA:9F:FA:FE:72:A3:09:66:F7:E4:3D:92:B5:8E:77:4C:E7:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7PfKn_r-cqMJZvfkPZK1jndM50E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/32779d-3656-44c0-8ab5-981fbb3442dd/1/rxB_SKD05flXCVb5a9Y1L-kYSOM.roa
Signing time: Thu 02 Jan 2025 13:50:03 +0000
ROA not before: Thu 02 Jan 2025 13:50:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41745
IP address blocks: 185.236.22.0/24 maxlen: 24
185.236.23.0/24 maxlen: 24
193.32.177.0/24 maxlen: 24
193.32.178.0/24 maxlen: 24
193.32.179.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/32779d-3656-44c0-8ab5-981fbb3442dd/1/7PfKn_r-cqMJZvfkPZK1jndM50E.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/32779d-3656-44c0-8ab5-981fbb3442dd/1/7PfKn_r-cqMJZvfkPZK1jndM50E.mft
rsync://rpki.ripe.net/repository/DEFAULT/7PfKn_r-cqMJZvfkPZK1jndM50E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:c7:3b:a4:0b:d6:e1:98:e2:94:1a:45:c9:13:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ecf7ca9ffafe72a30966f7e43d92b58e774ce741
Validity
Not Before: Jan 2 13:50:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=af107f48a0f4e5f9570956f96bd6352fe91848e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:6e:2d:6a:4f:bc:a7:4c:a9:d6:6c:1d:1a:6a:
0d:6e:c9:56:bc:03:87:07:a5:9c:da:ef:a5:16:c3:
73:3f:9c:5a:ed:ee:9f:27:da:22:2f:ed:42:15:bf:
4b:48:f8:c0:b6:6b:fc:3a:d7:f5:0e:1b:c0:38:f2:
2d:cb:f9:1c:16:6c:2e:46:73:1d:7d:3c:8d:00:75:
44:c6:ed:0f:42:bc:bc:89:33:eb:12:6c:dd:9e:ae:
12:db:8d:11:90:df:7f:5f:25:90:82:64:c2:3f:23:
5f:bc:03:94:5f:d6:be:78:a5:28:0b:75:73:d4:28:
aa:fc:11:bb:a6:61:a1:77:11:35:49:aa:61:e7:0b:
c3:2d:21:e9:16:b4:62:97:a2:b3:75:7a:5e:77:f4:
42:9b:c4:68:88:f6:ae:f8:ce:4d:ae:40:1e:3b:51:
c9:d4:04:56:a5:34:24:79:8b:f5:f0:54:24:ae:57:
3e:d8:06:af:cf:4d:5b:88:f3:73:1d:61:48:f2:8f:
23:13:1e:16:02:e4:36:ec:a8:e8:06:82:5e:20:38:
d9:c3:a4:e4:19:bb:46:28:e9:ae:83:62:f9:d2:30:
1e:d7:9c:ef:fe:ac:c1:6b:19:96:f2:bc:a2:fd:8d:
63:85:ca:46:5a:44:28:90:32:6e:76:0e:23:36:a0:
a2:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:10:7F:48:A0:F4:E5:F9:57:09:56:F9:6B:D6:35:2F:E9:18:48:E3
X509v3 Authority Key Identifier:
keyid:EC:F7:CA:9F:FA:FE:72:A3:09:66:F7:E4:3D:92:B5:8E:77:4C:E7:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7PfKn_r-cqMJZvfkPZK1jndM50E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/32779d-3656-44c0-8ab5-981fbb3442dd/1/rxB_SKD05flXCVb5a9Y1L-kYSOM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/32779d-3656-44c0-8ab5-981fbb3442dd/1/7PfKn_r-cqMJZvfkPZK1jndM50E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.236.22.0/23
193.32.177.0-193.32.179.255
Signature Algorithm: sha256WithRSAEncryption
2c:d8:cd:04:7b:f9:5e:4b:a4:bd:33:db:91:a3:24:97:1c:f4:
2d:2c:ae:ff:65:39:b6:5a:3b:27:13:f6:8b:16:b7:43:01:4b:
bb:26:84:26:64:17:67:db:3d:92:a0:16:2c:e9:d5:b4:05:ef:
d5:7d:de:8a:f2:43:39:ed:31:a8:24:21:06:49:85:e0:bf:fe:
13:28:85:a1:65:12:22:c9:f3:1c:90:ca:b2:18:52:7a:66:2e:
d4:7f:94:ec:03:ee:6b:45:98:f5:27:1b:3e:25:62:d1:95:c7:
7f:ed:3e:e0:53:7f:18:91:fa:eb:5b:fe:cc:59:97:ad:15:fc:
05:1a:42:35:97:a0:4d:78:91:65:1b:e8:ed:b5:06:b7:e7:15:
f3:f6:83:ec:35:46:60:e5:b4:e6:ee:2e:d2:c4:9d:34:8f:63:
2c:52:8d:b6:07:2e:57:89:29:31:0e:e3:23:9a:ba:c9:06:1a:
7f:40:ca:67:17:43:6c:83:d8:56:0e:1c:c8:b5:14:b9:06:f2:
89:79:82:7f:53:6f:54:95:cf:89:f1:3c:32:47:54:aa:6e:f1:
c2:ea:88:1c:81:50:f3:c3:6a:8b:91:75:da:75:58:f4:dc:58:
5d:10:1f:04:57:d2:ac:76:29:c5:75:13:d3:80:90:c6:11:a8:
88:3b:e0:f8
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQnR8c7pAvW4ZjilBpFyRPzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjZjdjYTlmZmFmZTcyYTMwOTY2ZjdlNDNkOTJiNThlNzc0
Y2U3NDEwHhcNMjUwMTAyMTM1MDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjEwN2Y0OGEwZjRlNWY5NTcwOTU2Zjk2YmQ2MzUyZmU5MTg0OGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA424tak+8p0yp1mwdGmoNbslWvAOH
B6Wc2u+lFsNzP5xa7e6fJ9oiL+1CFb9LSPjAtmv8Otf1DhvAOPIty/kcFmwuRnMd
fTyNAHVExu0PQry8iTPrEmzdnq4S240RkN9/XyWQgmTCPyNfvAOUX9a+eKUoC3Vz
1Ciq/BG7pmGhdxE1Saph5wvDLSHpFrRil6KzdXped/RCm8RoiPau+M5NrkAeO1HJ
1ARWpTQkeYv18FQkrlc+2Aavz01biPNzHWFI8o8jEx4WAuQ27KjoBoJeIDjZw6Tk
GbtGKOmug2L50jAe15zv/qzBaxmW8ryi/Y1jhcpGWkQokDJudg4jNqCiCQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFK8Qf0ig9OX5VwlW+WvWNS/pGEjjMB8GA1UdIwQY
MBaAFOz3yp/6/nKjCWb35D2StY53TOdBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1BmS25fci1jcU1KWnZma1BaSzFqbmRNNTBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy8zMjc3OWQtMzY1Ni00NGMwLThhYjUt
OTgxZmJiMzQ0MmRkLzEvcnhCX1NLRDA1ZmxYQ1ZiNWE5WTFMLWtZU09NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy8zMjc3OWQtMzY1Ni00NGMwLThhYjUtOTgxZmJiMzQ0MmRk
LzEvN1BmS25fci1jcU1KWnZma1BaSzFqbmRNNTBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBuewWMAwD
BADBILEDBALBILAwDQYJKoZIhvcNAQELBQADggEBACzYzQR7+V5LpL0z25GjJJcc
9C0srv9lObZaOycT9osWt0MBS7smhCZkF2fbPZKgFizp1bQF79V93oryQzntMagk
IQZJheC//hMohaFlEiLJ8xyQyrIYUnpmLtR/lOwD7mtFmPUnGz4lYtGVx3/tPuBT
fxiR+utb/sxZl60V/AUaQjWXoE14kWUb6O21BrfnFfP2g+w1RmDltObuLtLEnTSP
YyxSjbYHLleJKTEO4yOauskGGn9AymcXQ2yD2FYOHMi1FLkG8ol5gn9Tb1SVz4nx
PDJHVKpu8cLqiByBUPPDaouRddp1WPTcWF0QHwRX0qx2KcV1E9OAkMYRqIg74Pg=
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:54:27 2025 by rpki-client