Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/4ASPJ6Rf3OZuyvkxUCqmxsHEhIY.roa
File: 4ASPJ6Rf3OZuyvkxUCqmxsHEhIY.roa (raw, json)
Hash identifier: VeRPeNqkpr6EV3MWDou/2mp7eTbcZZ59+2EgpyGM/LI=
Subject key identifier: E0:04:8F:27:A4:5F:DC:E6:6E:CA:F9:31:50:2A:A6:C6:C1:C4:84:86
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0196D41ECDF30F7CCC1DD0A81ECFF97F2F69
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/4ASPJ6Rf3OZuyvkxUCqmxsHEhIY.roa
Signing time: Thu 15 May 2025 13:25:10 +0000
ROA not before: Thu 15 May 2025 13:25:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202129
IP address blocks: 93.123.104.0/22 maxlen: 24
2a00:1728:1e::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Jun 2025 08:25:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:d4:1e:cd:f3:0f:7c:cc:1d:d0:a8:1e:cf:f9:7f:2f:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 15 13:25:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e0048f27a45fdce66ecaf931502aa6c6c1c48486
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:7e:43:52:9e:a4:cf:a1:9a:bf:26:17:a8:9e:
9c:b4:64:01:4a:cf:ab:27:b6:95:d9:14:1e:18:a7:
ab:e6:27:58:f5:6a:5e:60:79:5b:1f:da:fc:a0:bb:
28:47:ac:5f:49:56:b4:69:19:6c:51:99:24:33:bf:
16:ad:0a:83:ce:34:7c:80:be:ee:3e:d2:b4:cf:e7:
c7:94:ee:71:dc:93:e0:6f:66:cb:03:32:63:63:1e:
ac:91:04:df:06:1b:b0:e4:d8:c2:b5:ab:17:53:d6:
e4:02:c9:d2:8b:8f:22:45:d1:57:c7:bd:3c:9d:d8:
55:1f:24:09:bb:2f:6b:41:d8:14:b2:65:d4:21:18:
1c:df:ba:e9:f0:71:28:0d:79:98:87:03:c3:57:3c:
2a:20:66:98:7c:eb:f6:c5:8c:eb:b8:56:3c:27:74:
b2:c4:6d:ab:c0:77:5b:96:31:27:ac:80:1e:15:a4:
d7:a1:e5:3b:d5:54:9e:9b:81:ac:61:9c:03:57:b5:
81:b8:69:15:87:71:b9:29:7d:16:9d:94:60:83:9f:
1b:fa:ac:77:ee:0a:76:78:a7:76:e3:1b:70:9f:41:
22:42:91:49:63:2b:a3:04:0d:72:f0:40:1e:14:ea:
a4:b0:b0:8b:d9:36:29:f9:5d:6c:5a:af:2d:33:fa:
8d:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:04:8F:27:A4:5F:DC:E6:6E:CA:F9:31:50:2A:A6:C6:C1:C4:84:86
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/4ASPJ6Rf3OZuyvkxUCqmxsHEhIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.123.104.0/22
IPv6:
2a00:1728:1e::/48
Signature Algorithm: sha256WithRSAEncryption
91:90:6c:73:53:96:ef:77:5a:9c:a3:58:8c:83:95:f2:cf:48:
a9:d8:b0:16:af:8b:0d:32:d3:32:36:6d:17:1e:14:3a:26:9d:
b3:df:f7:8c:7f:56:8c:40:d4:df:0c:90:23:bc:75:1d:b8:a2:
d1:1e:61:8a:d7:73:dd:c4:03:27:48:b6:5d:56:34:1e:be:2b:
0d:04:14:f8:d6:b0:e0:cc:08:4c:d0:58:d3:36:e5:fe:ac:d9:
22:a9:9a:03:eb:20:5b:9c:2f:b3:cb:4a:fe:4e:05:2e:f9:cd:
23:ab:e0:37:fe:e5:64:33:cd:d3:88:fb:c7:e4:d1:6d:af:9a:
9f:af:14:8a:84:96:57:8b:7b:7e:25:9c:a8:65:3c:94:e0:dc:
eb:f2:28:ba:80:a1:77:0a:dc:5f:82:2a:77:9f:eb:4e:e4:d5:
b5:4f:73:d3:af:25:83:a2:a6:07:81:70:1d:64:17:d9:ea:df:
15:c5:85:11:87:f7:ec:ee:8d:66:e7:18:57:9c:0b:eb:9d:ca:
f4:89:0b:d2:e2:e5:43:78:4e:2f:4e:d6:7c:ea:c6:dc:35:40:
33:e9:ac:c0:7b:1a:bd:ff:21:aa:9c:c5:c5:61:29:8c:9b:bc:
ae:66:0c:0b:36:ed:1a:c2:f6:12:87:d9:35:dd:c9:73:45:0d:
d4:8b:f4:c6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZbUHs3zD3zMHdCoHs/5fy9pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwNTE1MTMyNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDA0OGYyN2E0NWZkY2U2NmVjYWY5MzE1MDJhYTZjNmMxYzQ4NDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqX5DUp6kz6GavyYXqJ6ctGQBSs+r
J7aV2RQeGKer5idY9WpeYHlbH9r8oLsoR6xfSVa0aRlsUZkkM78WrQqDzjR8gL7u
PtK0z+fHlO5x3JPgb2bLAzJjYx6skQTfBhuw5NjCtasXU9bkAsnSi48iRdFXx708
ndhVHyQJuy9rQdgUsmXUIRgc37rp8HEoDXmYhwPDVzwqIGaYfOv2xYzruFY8J3Sy
xG2rwHdbljEnrIAeFaTXoeU71VSem4GsYZwDV7WBuGkVh3G5KX0WnZRgg58b+qx3
7gp2eKd24xtwn0EiQpFJYyujBA1y8EAeFOqksLCL2TYp+V1sWq8tM/qN4QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOAEjyekX9zmbsr5MVAqpsbBxISGMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvNEFTUEo2UmYzT1p1eXZreFVDcW14c0hFaElZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCXXtoMA8E
AgACMAkDBwAqABcoAB4wDQYJKoZIhvcNAQELBQADggEBAJGQbHNTlu93WpyjWIyD
lfLPSKnYsBaviw0y0zI2bRceFDomnbPf94x/VoxA1N8MkCO8dR24otEeYYrXc93E
AydItl1WNB6+Kw0EFPjWsODMCEzQWNM25f6s2SKpmgPrIFucL7PLSv5OBS75zSOr
4Df+5WQzzdOI+8fk0W2vmp+vFIqElleLe34lnKhlPJTg3OvyKLqAoXcK3F+CKnef
607k1bVPc9OvJYOipgeBcB1kF9nq3xXFhRGH9+zujWbnGFecC+udyvSJC9Li5UN4
Ti9O1nzqxtw1QDPprMB7Gr3/IaqcxcVhKYybvK5mDAs27RrC9hKH2TXdyXNFDdSL
9MY=
-----END CERTIFICATE-----
Generated at Wed Jun 4 12:12:43 2025 by rpki-client