Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/a636ed-d20f-4802-9286-b84eda2e846a/1/M-hl5kfxem0FvK73oMF7geibFPw.roa
File: M-hl5kfxem0FvK73oMF7geibFPw.roa (raw, json)
Hash identifier: kiasuv7TGgsqASbNQOaoav2Adv17JAVzsKrjP2y4W90=
Subject key identifier: 33:E8:65:E6:47:F1:7A:6D:05:BC:AE:F7:A0:C1:7B:81:E8:9B:14:FC
Certificate issuer: /CN=ce7cacfa735ceeafdd2a214c09ee72469425250e
Certificate serial: 019424456CE5066F4A82003BE93490D5764C
Authority key identifier: CE:7C:AC:FA:73:5C:EE:AF:DD:2A:21:4C:09:EE:72:46:94:25:25:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/znys-nNc7q_dKiFMCe5yRpQlJQ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/a636ed-d20f-4802-9286-b84eda2e846a/1/M-hl5kfxem0FvK73oMF7geibFPw.roa
Signing time: Wed 01 Jan 2025 23:48:37 +0000
ROA not before: Wed 01 Jan 2025 23:48:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201089
IP address blocks: 193.58.117.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/a636ed-d20f-4802-9286-b84eda2e846a/1/znys-nNc7q_dKiFMCe5yRpQlJQ4.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/a636ed-d20f-4802-9286-b84eda2e846a/1/znys-nNc7q_dKiFMCe5yRpQlJQ4.mft
rsync://rpki.ripe.net/repository/DEFAULT/znys-nNc7q_dKiFMCe5yRpQlJQ4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 03:01:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:6c:e5:06:6f:4a:82:00:3b:e9:34:90:d5:76:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce7cacfa735ceeafdd2a214c09ee72469425250e
Validity
Not Before: Jan 1 23:48:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=33e865e647f17a6d05bcaef7a0c17b81e89b14fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:a8:a4:cf:5f:0a:e5:49:37:89:ca:50:5e:f8:
c8:86:f3:fc:c0:ef:58:97:32:ca:e7:e9:27:2c:e6:
a2:6b:d8:b5:40:cd:b1:e8:0f:f5:d7:8c:97:4c:3a:
cb:f5:2c:84:35:0a:bd:06:df:39:33:67:94:df:df:
47:04:7d:b5:00:44:0e:c5:1d:5d:47:f0:48:43:28:
d8:b0:15:0b:7a:63:7b:6a:81:ec:d0:77:68:50:9e:
7b:43:46:25:2d:a9:b2:a6:41:ac:67:ba:0d:8f:a8:
bf:7f:69:6f:9c:cf:5c:c2:01:4d:5a:6f:08:e1:9e:
95:79:8c:36:5d:7c:0a:ec:76:6e:f7:c3:bb:47:03:
25:9a:a8:65:c4:f9:49:1a:7a:7f:9d:ad:52:7d:e8:
67:52:ec:8b:e1:95:2a:2c:83:d3:63:3e:6c:8c:45:
b2:df:39:97:78:b3:6b:6a:b1:bc:eb:43:f6:72:4a:
d8:22:8c:b5:37:c0:e3:e4:c8:87:1e:cf:c3:61:a9:
10:46:95:0a:92:aa:32:a9:4f:6a:d9:e5:fa:9d:4c:
e6:b6:78:2d:90:5a:e7:20:1a:49:79:94:db:c7:9c:
25:15:7a:77:c8:0e:16:e1:01:62:49:d4:b4:f4:17:
ff:b8:54:4d:02:59:7e:77:3c:5c:3c:17:b5:8a:ed:
09:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:E8:65:E6:47:F1:7A:6D:05:BC:AE:F7:A0:C1:7B:81:E8:9B:14:FC
X509v3 Authority Key Identifier:
keyid:CE:7C:AC:FA:73:5C:EE:AF:DD:2A:21:4C:09:EE:72:46:94:25:25:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/znys-nNc7q_dKiFMCe5yRpQlJQ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a636ed-d20f-4802-9286-b84eda2e846a/1/M-hl5kfxem0FvK73oMF7geibFPw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a636ed-d20f-4802-9286-b84eda2e846a/1/znys-nNc7q_dKiFMCe5yRpQlJQ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.58.117.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:86:3e:0e:c5:ab:81:32:d0:38:46:32:a4:ec:1b:20:4d:df:
c9:38:7b:32:1d:3d:de:6e:ac:6b:7e:83:2d:c8:88:4b:34:d1:
86:83:ae:cc:83:1a:e7:ec:de:23:28:7a:bb:71:a3:49:d9:f7:
19:d4:06:82:a5:7b:2c:ba:cb:48:6c:b5:86:33:e8:e6:e1:8a:
5c:4b:d0:8e:95:8a:97:69:b1:37:16:70:4a:a4:98:f3:8b:70:
62:5f:74:5b:a2:bd:cb:4e:45:bb:fb:18:cb:c8:61:8c:0f:37:
db:c9:d7:a1:a5:55:8d:60:0d:87:6a:55:dc:5b:a5:95:47:19:
6f:2c:aa:8f:94:33:36:d9:75:b9:69:7e:fa:1c:91:39:a7:42:
c7:2b:85:1e:59:0b:bc:f5:dc:1b:16:d5:df:95:6c:ac:7e:eb:
b5:4b:63:c4:e5:22:48:e6:d8:ca:91:8e:b3:b0:42:07:9f:ad:
51:e5:b2:ba:a2:19:67:51:26:5b:01:90:0c:22:f4:83:7b:3a:
6f:40:27:7f:76:7b:e4:26:5b:20:f2:35:1e:1b:e3:a8:6f:9e:
38:97:97:c9:9f:72:56:97:ee:47:40:d4:b9:40:66:67:9e:ea:
b8:57:53:13:43:b9:16:48:57:7f:70:de:7b:2a:c4:e0:d9:29:
44:a0:80:9c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRWzlBm9KggA76TSQ1XZMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlN2NhY2ZhNzM1Y2VlYWZkZDJhMjE0YzA5ZWU3MjQ2OTQy
NTI1MGUwHhcNMjUwMTAxMjM0ODM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2U4NjVlNjQ3ZjE3YTZkMDViY2FlZjdhMGMxN2I4MWU4OWIxNGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8aikz18K5Uk3icpQXvjIhvP8wO9Y
lzLK5+knLOaia9i1QM2x6A/114yXTDrL9SyENQq9Bt85M2eU399HBH21AEQOxR1d
R/BIQyjYsBULemN7aoHs0HdoUJ57Q0YlLamypkGsZ7oNj6i/f2lvnM9cwgFNWm8I
4Z6VeYw2XXwK7HZu98O7RwMlmqhlxPlJGnp/na1SfehnUuyL4ZUqLIPTYz5sjEWy
3zmXeLNrarG860P2ckrYIoy1N8Dj5MiHHs/DYakQRpUKkqoyqU9q2eX6nUzmtngt
kFrnIBpJeZTbx5wlFXp3yA4W4QFiSdS09Bf/uFRNAll+dzxcPBe1iu0JnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDPoZeZH8XptBbyu96DBe4HomxT8MB8GA1UdIwQY
MBaAFM58rPpzXO6v3SohTAnuckaUJSUOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvem55cy1uTmM3cV9kS2lGTUNlNXlScFFsSlE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9hNjM2ZWQtZDIwZi00ODAyLTkyODYt
Yjg0ZWRhMmU4NDZhLzEvTS1obDVrZnhlbTBGdks3M29NRjdnZWliRlB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9hNjM2ZWQtZDIwZi00ODAyLTkyODYtYjg0ZWRhMmU4NDZh
LzEvem55cy1uTmM3cV9kS2lGTUNlNXlScFFsSlE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwTp1MA0G
CSqGSIb3DQEBCwUAA4IBAQB9hj4OxauBMtA4RjKk7BsgTd/JOHsyHT3ebqxrfoMt
yIhLNNGGg67Mgxrn7N4jKHq7caNJ2fcZ1AaCpXssustIbLWGM+jm4YpcS9COlYqX
abE3FnBKpJjzi3BiX3Rbor3LTkW7+xjLyGGMDzfbydehpVWNYA2HalXcW6WVRxlv
LKqPlDM22XW5aX76HJE5p0LHK4UeWQu89dwbFtXflWysfuu1S2PE5SJI5tjKkY6z
sEIHn61R5bK6ohlnUSZbAZAMIvSDezpvQCd/dnvkJlsg8jUeG+Oob544l5fJn3JW
l+5HQNS5QGZnnuq4V1MTQ7kWSFd/cN57KsTg2SlEoICc
-----END CERTIFICATE-----
Generated at Sun Apr 13 14:26:41 2025 by rpki-client