Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/iqHhPAnbEuJWVlX6R-WO4UF2Xg8.roa
File: iqHhPAnbEuJWVlX6R-WO4UF2Xg8.roa (raw, json)
Hash identifier: W/QF2SnMCbJrWefw9Em94IkCYL2yJSb5SAJQmW2J57E=
Subject key identifier: 8A:A1:E1:3C:09:DB:12:E2:56:56:55:FA:47:E5:8E:E1:41:76:5E:0F
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0195F641021F7CF43A98DE669DEB65AD5D73
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/iqHhPAnbEuJWVlX6R-WO4UF2Xg8.roa
Signing time: Wed 02 Apr 2025 11:26:50 +0000
ROA not before: Wed 02 Apr 2025 11:26:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 193.222.97.0/24 maxlen: 24
195.178.111.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f6:41:02:1f:7c:f4:3a:98:de:66:9d:eb:65:ad:5d:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 2 11:26:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8aa1e13c09db12e2565655fa47e58ee141765e0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:12:15:35:8f:eb:99:8c:f3:12:a9:d8:65:8f:
11:ed:32:49:95:99:d7:0a:80:90:34:f3:63:68:14:
44:89:eb:a8:fe:51:8e:9b:15:44:3d:f1:28:29:53:
61:ee:3b:4c:32:de:c5:a0:1e:9c:0a:14:e6:e7:56:
4d:c1:cd:a3:b7:19:cb:20:e4:93:e8:22:cd:57:d0:
25:c2:fd:98:d1:dd:d6:e1:cc:bb:8d:2b:19:81:67:
6c:e0:98:2a:82:fe:dc:e6:ce:a7:4b:e2:f9:81:39:
bc:a6:12:9c:ea:ff:52:be:05:e5:7f:59:4d:71:15:
08:8b:22:df:45:a6:12:ce:2a:ca:3c:40:3f:2f:78:
0f:5b:40:d4:71:e7:da:2d:3f:05:2f:8f:65:ad:b1:
c0:81:72:56:37:e2:99:ae:eb:9a:f7:d5:f7:c6:9e:
e9:f8:68:94:0a:05:97:b4:65:3c:22:67:2b:73:23:
f5:d4:ae:30:94:10:75:ed:2f:31:8f:db:89:a6:31:
8f:ae:96:b8:89:0a:26:9a:12:8b:a0:09:a0:d3:d8:
11:6c:9b:a3:7c:f6:fe:45:df:7c:0c:9d:ed:93:8b:
01:ad:ef:66:87:7b:8e:dd:c0:67:f0:58:9f:b3:b6:
fd:41:be:e6:f4:e8:bb:5a:94:a8:01:25:ca:ae:f3:
df:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:A1:E1:3C:09:DB:12:E2:56:56:55:FA:47:E5:8E:E1:41:76:5E:0F
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/iqHhPAnbEuJWVlX6R-WO4UF2Xg8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.222.97.0/24
195.178.111.0/24
Signature Algorithm: sha256WithRSAEncryption
69:84:a0:5d:57:b2:fd:58:bb:ba:0d:d5:76:62:37:60:34:42:
eb:05:24:7e:d3:d6:52:45:92:d1:3d:8b:91:3d:33:56:94:0a:
f2:e7:32:39:f1:07:64:d9:4f:b8:29:13:1b:3e:9c:4b:a2:b4:
c4:47:41:4a:f2:af:84:e0:1b:7e:fb:48:b3:45:06:14:58:34:
ae:52:b6:a9:be:2a:e3:7a:10:7b:3a:1c:e8:01:d7:e7:76:0f:
00:7f:a2:24:f1:cb:33:07:fe:96:d9:dc:a3:55:e2:7d:c8:0b:
d6:ff:55:b4:21:13:b1:3c:39:89:7d:53:3b:3d:d7:f7:9e:ce:
60:26:2f:57:ae:0a:de:9c:a6:e9:41:c5:3d:6d:27:56:ec:37:
91:d6:ad:55:14:63:2f:25:32:1f:9d:a6:5c:f0:87:ef:9c:1a:
99:05:88:ff:45:39:85:82:e8:1e:7b:79:65:5f:68:d3:a4:b5:
89:4f:3e:f5:fe:6b:f6:70:2d:53:f7:1e:aa:7e:c0:fa:81:d3:
08:c4:3a:ed:01:a9:56:9a:d0:2f:39:8a:50:7e:04:75:7c:8e:
13:cc:68:36:47:1b:db:37:c5:a3:22:f1:49:23:60:ee:04:27:
62:d6:6b:30:aa:40:c1:df:ff:b4:28:73:14:08:bd:61:e3:75:
8c:ee:75:40
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZX2QQIffPQ6mN5mnetlrV1zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwNDAyMTEyNjUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWExZTEzYzA5ZGIxMmUyNTY1NjU1ZmE0N2U1OGVlMTQxNzY1ZTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhIVNY/rmYzzEqnYZY8R7TJJlZnX
CoCQNPNjaBREieuo/lGOmxVEPfEoKVNh7jtMMt7FoB6cChTm51ZNwc2jtxnLIOST
6CLNV9Alwv2Y0d3W4cy7jSsZgWds4Jgqgv7c5s6nS+L5gTm8phKc6v9SvgXlf1lN
cRUIiyLfRaYSzirKPEA/L3gPW0DUcefaLT8FL49lrbHAgXJWN+KZruua99X3xp7p
+GiUCgWXtGU8ImcrcyP11K4wlBB17S8xj9uJpjGPrpa4iQommhKLoAmg09gRbJuj
fPb+Rd98DJ3tk4sBre9mh3uO3cBn8Fifs7b9Qb7m9Oi7WpSoASXKrvPfQQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIqh4TwJ2xLiVlZV+kfljuFBdl4PMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvaXFIaFBBbmJFdUpXVmxYNlItV080VUYyWGc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwd5hAwQA
w7JvMA0GCSqGSIb3DQEBCwUAA4IBAQBphKBdV7L9WLu6DdV2YjdgNELrBSR+09ZS
RZLRPYuRPTNWlAry5zI58Qdk2U+4KRMbPpxLorTER0FK8q+E4Bt++0izRQYUWDSu
UrapvirjehB7OhzoAdfndg8Af6Ik8cszB/6W2dyjVeJ9yAvW/1W0IROxPDmJfVM7
Pdf3ns5gJi9XrgrenKbpQcU9bSdW7DeR1q1VFGMvJTIfnaZc8IfvnBqZBYj/RTmF
gugee3llX2jTpLWJTz71/mv2cC1T9x6qfsD6gdMIxDrtAalWmtAvOYpQfgR1fI4T
zGg2RxvbN8WjIvFJI2DuBCdi1mswqkDB3/+0KHMUCL1h43WM7nVA
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:38:55 2025 by rpki-client