Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/c2e18c-c63f-4dd3-8921-05116c9f8aef/1/seG0cSvUmJpa8tNqX_V-DMKTXGE.roa
File: seG0cSvUmJpa8tNqX_V-DMKTXGE.roa (raw, json)
Hash identifier: 0BF0vQ0Y+DaO6qvrnPzJ13hBughhON940nySfXNNYFI=
Subject key identifier: B1:E1:B4:71:2B:D4:98:9A:5A:F2:D3:6A:5F:F5:7E:0C:C2:93:5C:61
Certificate issuer: /CN=cd7cb97b523c73f1406d63c767c73d9c957d433b
Certificate serial: 0194228D721DB3019CB896997B3436800200
Authority key identifier: CD:7C:B9:7B:52:3C:73:F1:40:6D:63:C7:67:C7:3D:9C:95:7D:43:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zXy5e1I8c_FAbWPHZ8c9nJV9Qzs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/c2e18c-c63f-4dd3-8921-05116c9f8aef/1/seG0cSvUmJpa8tNqX_V-DMKTXGE.roa
Signing time: Wed 01 Jan 2025 15:48:02 +0000
ROA not before: Wed 01 Jan 2025 15:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44328
IP address blocks: 193.163.224.0/20 maxlen: 20
193.163.224.0/21 maxlen: 21
193.163.232.0/22 maxlen: 22
193.163.236.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/c2e18c-c63f-4dd3-8921-05116c9f8aef/1/zXy5e1I8c_FAbWPHZ8c9nJV9Qzs.crl
rsync://rpki.ripe.net/repository/DEFAULT/05/c2e18c-c63f-4dd3-8921-05116c9f8aef/1/zXy5e1I8c_FAbWPHZ8c9nJV9Qzs.mft
rsync://rpki.ripe.net/repository/DEFAULT/zXy5e1I8c_FAbWPHZ8c9nJV9Qzs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 18:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:72:1d:b3:01:9c:b8:96:99:7b:34:36:80:02:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd7cb97b523c73f1406d63c767c73d9c957d433b
Validity
Not Before: Jan 1 15:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b1e1b4712bd4989a5af2d36a5ff57e0cc2935c61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:f1:de:de:93:71:a2:24:b4:56:b5:6a:1b:e8:
30:3f:35:22:bf:d4:d3:d5:f3:d0:7b:23:06:99:40:
54:ad:c9:49:0b:5b:57:72:fd:d6:50:eb:58:12:50:
9c:01:19:95:fd:d6:94:5e:78:a2:03:ae:be:0c:aa:
f1:d3:16:31:47:bc:1e:ef:30:7d:b8:b6:73:6f:ad:
2e:38:a1:b9:e0:48:db:6d:55:13:d1:7a:6b:f2:60:
e1:5e:34:da:c9:92:c1:d0:72:30:9d:c2:a4:a1:93:
90:5b:42:d7:7f:91:06:df:a1:06:c0:68:53:22:1d:
20:02:82:a8:f8:10:86:e4:ad:eb:d1:5b:aa:86:ed:
3a:78:0d:c2:15:2c:54:bd:82:5c:7d:83:f8:8b:40:
5e:57:9d:75:4c:e1:37:ef:1d:97:63:81:02:de:66:
c7:8f:db:1a:90:af:c9:18:7f:65:66:00:d8:30:33:
83:2b:cb:dc:45:ba:5b:6d:13:47:93:ea:12:eb:0a:
a0:5c:a9:31:9b:78:94:6d:f9:1c:dc:09:fa:4d:75:
c5:4b:17:7c:d0:4f:a7:94:e0:5f:d3:ac:6e:7c:00:
54:49:12:a6:e1:f2:56:ce:97:89:03:ef:f0:59:58:
47:ef:ae:42:94:00:76:6a:f5:29:97:12:0e:34:9e:
57:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:E1:B4:71:2B:D4:98:9A:5A:F2:D3:6A:5F:F5:7E:0C:C2:93:5C:61
X509v3 Authority Key Identifier:
keyid:CD:7C:B9:7B:52:3C:73:F1:40:6D:63:C7:67:C7:3D:9C:95:7D:43:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zXy5e1I8c_FAbWPHZ8c9nJV9Qzs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/c2e18c-c63f-4dd3-8921-05116c9f8aef/1/seG0cSvUmJpa8tNqX_V-DMKTXGE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/c2e18c-c63f-4dd3-8921-05116c9f8aef/1/zXy5e1I8c_FAbWPHZ8c9nJV9Qzs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.163.224.0/20
Signature Algorithm: sha256WithRSAEncryption
7b:d3:00:02:f3:ef:3e:14:e0:89:d4:ac:c9:21:df:48:f1:8c:
8b:74:4e:77:6f:1b:6b:62:6c:a4:fa:2a:40:ab:9c:76:a7:c1:
05:ce:0a:6e:7a:98:94:73:ea:6a:85:6a:7f:33:7c:6a:bf:96:
da:17:0c:d2:bb:3c:2d:75:77:9b:4c:a6:7b:51:de:38:8f:01:
17:d3:f1:be:59:a9:f0:2a:37:8a:7c:ca:f5:3e:dd:ef:15:de:
c2:f6:6c:84:61:3c:52:77:42:c2:8d:87:e0:58:76:e0:62:fb:
01:db:c8:aa:90:98:29:c2:51:81:1d:d5:7d:4b:23:4d:1f:29:
e2:5c:3b:bd:69:aa:dc:6a:27:3c:1a:7b:2c:fd:e9:0a:b9:b2:
e9:f5:9e:f1:ba:8b:51:f5:1a:f8:c5:9b:24:ba:0a:2f:ca:18:
65:e6:b8:70:38:49:23:01:31:67:53:ae:d0:c2:da:a8:23:ac:
c2:14:3f:b6:c0:bf:78:bf:4f:4d:44:e5:00:44:7f:77:66:ae:
27:85:4d:41:d5:e1:9c:f7:7b:b9:e3:f5:2e:81:8e:b9:cf:eb:
42:77:de:a8:d1:88:64:f5:91:23:a0:70:cb:24:86:0e:5c:9b:
04:92:89:7e:ae:a1:cd:c1:1c:7e:a9:68:53:a0:c0:3f:91:6d:
0c:b4:2a:05
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijXIdswGcuJaZezQ2gAIAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkN2NiOTdiNTIzYzczZjE0MDZkNjNjNzY3YzczZDljOTU3
ZDQzM2IwHhcNMjUwMTAxMTU0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWUxYjQ3MTJiZDQ5ODlhNWFmMmQzNmE1ZmY1N2UwY2MyOTM1YzYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1/He3pNxoiS0VrVqG+gwPzUiv9TT
1fPQeyMGmUBUrclJC1tXcv3WUOtYElCcARmV/daUXniiA66+DKrx0xYxR7we7zB9
uLZzb60uOKG54EjbbVUT0Xpr8mDhXjTayZLB0HIwncKkoZOQW0LXf5EG36EGwGhT
Ih0gAoKo+BCG5K3r0Vuqhu06eA3CFSxUvYJcfYP4i0BeV511TOE37x2XY4EC3mbH
j9sakK/JGH9lZgDYMDODK8vcRbpbbRNHk+oS6wqgXKkxm3iUbfkc3An6TXXFSxd8
0E+nlOBf06xufABUSRKm4fJWzpeJA+/wWVhH765ClAB2avUplxIONJ5XPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLHhtHEr1JiaWvLTal/1fgzCk1xhMB8GA1UdIwQY
MBaAFM18uXtSPHPxQG1jx2fHPZyVfUM7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelh5NWUxSThjX0ZBYldQSFo4YzluSlY5UXpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9jMmUxOGMtYzYzZi00ZGQzLTg5MjEt
MDUxMTZjOWY4YWVmLzEvc2VHMGNTdlVtSnBhOHROcVhfVi1ETUtUWEdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9jMmUxOGMtYzYzZi00ZGQzLTg5MjEtMDUxMTZjOWY4YWVm
LzEvelh5NWUxSThjX0ZBYldQSFo4YzluSlY5UXpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEwaPgMA0G
CSqGSIb3DQEBCwUAA4IBAQB70wAC8+8+FOCJ1KzJId9I8YyLdE53bxtrYmyk+ipA
q5x2p8EFzgpuepiUc+pqhWp/M3xqv5baFwzSuzwtdXebTKZ7Ud44jwEX0/G+Wanw
KjeKfMr1Pt3vFd7C9myEYTxSd0LCjYfgWHbgYvsB28iqkJgpwlGBHdV9SyNNHyni
XDu9aarcaic8Gnss/ekKubLp9Z7xuotR9Rr4xZskugovyhhl5rhwOEkjATFnU67Q
wtqoI6zCFD+2wL94v09NROUARH93Zq4nhU1B1eGc93u54/UugY65z+tCd96o0Yhk
9ZEjoHDLJIYOXJsEkol+rqHNwRx+qWhToMA/kW0MtCoF
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:53:13 2025 by rpki-client