Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/kpUSihbhgvTcdmyj9NGKwu0oPfM.roa
File: kpUSihbhgvTcdmyj9NGKwu0oPfM.roa (raw, json)
Hash identifier: lH6cta+wswGHvCHN9PlavLgYXrnxfODiWAeS2ekzWV0=
Subject key identifier: 92:95:12:8A:16:E1:82:F4:DC:76:6C:A3:F4:D1:8A:C2:ED:28:3D:F3
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 01942747DD614D2CE6A19C1C47ACA9EF671C
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/kpUSihbhgvTcdmyj9NGKwu0oPfM.roa
Signing time: Thu 02 Jan 2025 13:50:08 +0000
ROA not before: Thu 02 Jan 2025 13:50:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205203
IP address blocks: 194.56.227.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:dd:61:4d:2c:e6:a1:9c:1c:47:ac:a9:ef:67:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 2 13:50:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9295128a16e182f4dc766ca3f4d18ac2ed283df3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:a0:75:53:7b:e3:31:bd:ba:e9:dc:2a:b6:7e:
57:37:f7:cc:f1:9b:8e:ea:e0:83:98:8c:d0:6a:a2:
b6:88:71:b5:5a:4f:98:06:bb:18:3f:84:0c:8f:9e:
e3:ab:a3:69:fa:aa:a5:b9:cd:85:04:e9:95:0e:bf:
ea:16:03:4b:38:0b:6e:55:59:18:e2:75:1d:13:7f:
8d:39:44:5a:5c:f5:03:a9:f0:2f:ad:f4:43:21:cc:
bb:21:fe:39:0a:ab:a5:fc:41:ca:dc:5a:75:63:35:
b5:06:c0:cf:b1:51:32:e9:40:63:d5:1b:58:a4:d7:
0e:71:1d:2f:02:1f:45:96:fd:f8:dd:3d:fc:f1:d3:
07:02:fb:dd:16:e8:e8:c9:d4:e3:55:c5:0b:c9:30:
38:c8:f0:4d:f8:64:78:c4:28:4d:2b:a3:b4:b3:dc:
13:15:30:3f:33:3b:64:11:fb:d7:8a:32:8e:83:d2:
7d:4b:33:bc:45:88:6f:ad:68:f3:df:ac:eb:0f:5d:
75:46:76:d7:55:41:ee:18:db:ef:3c:f0:9e:54:a6:
5b:b7:8a:cd:4f:23:c4:60:44:3b:2d:c4:3b:97:c6:
54:9b:99:b4:3e:eb:f5:6c:19:a9:df:ae:b6:26:53:
ff:fe:56:b8:4a:b8:2d:9e:16:e5:b5:3a:56:c3:d4:
fd:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:95:12:8A:16:E1:82:F4:DC:76:6C:A3:F4:D1:8A:C2:ED:28:3D:F3
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/kpUSihbhgvTcdmyj9NGKwu0oPfM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.56.227.0/24
Signature Algorithm: sha256WithRSAEncryption
91:19:46:6d:00:ad:3c:80:b1:ac:27:e4:9f:8d:19:f8:9c:3a:
23:96:6c:b3:5e:d9:b2:41:44:a1:fd:36:f7:69:8a:ee:4a:bc:
72:f0:6c:c4:44:97:13:3c:e8:2b:4f:80:0f:7b:51:e3:4c:c2:
75:1a:c1:8f:51:4b:bf:2a:26:f4:8e:3c:ec:d1:6c:33:08:eb:
21:c7:06:21:b2:dd:d9:d0:dd:6d:b9:65:83:3d:d3:18:05:59:
5e:17:c2:eb:94:51:80:7c:32:b9:1b:d7:26:d8:96:d1:51:34:
25:0b:58:c8:f7:91:12:8b:ad:50:13:6c:62:a8:b5:e0:e5:5a:
d4:4a:78:0d:71:0d:77:aa:7a:af:38:5a:02:e0:b5:69:f2:c6:
3b:55:a9:84:30:da:87:98:ed:52:cd:cc:60:3b:31:8d:55:f9:
12:c4:47:40:39:65:7b:ad:5d:2f:9d:5e:0e:26:d1:65:f8:d8:
88:d6:9e:83:05:1f:a2:d6:da:db:83:4c:76:24:fa:42:39:56:
cd:13:e8:04:c7:b6:9d:65:3c:a3:7a:ce:a5:0d:a1:39:87:a4:
0a:81:b7:1d:16:ed:3c:9c:5e:4d:6d:3e:36:10:4a:f9:70:6a:
44:2c:89:42:3a:c5:16:99:cd:a1:17:fe:9d:e0:22:cd:f5:53:
e7:1c:63:9d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnR91hTSzmoZwcR6yp72ccMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjUwMTAyMTM1MDA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Mjk1MTI4YTE2ZTE4MmY0ZGM3NjZjYTNmNGQxOGFjMmVkMjgzZGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5KB1U3vjMb266dwqtn5XN/fM8ZuO
6uCDmIzQaqK2iHG1Wk+YBrsYP4QMj57jq6Np+qqluc2FBOmVDr/qFgNLOAtuVVkY
4nUdE3+NOURaXPUDqfAvrfRDIcy7If45Cqul/EHK3Fp1YzW1BsDPsVEy6UBj1RtY
pNcOcR0vAh9Flv343T388dMHAvvdFujoydTjVcULyTA4yPBN+GR4xChNK6O0s9wT
FTA/MztkEfvXijKOg9J9SzO8RYhvrWjz36zrD111RnbXVUHuGNvvPPCeVKZbt4rN
TyPEYEQ7LcQ7l8ZUm5m0Puv1bBmp3662JlP//la4SrgtnhbltTpWw9T91QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJKVEooW4YL03HZso/TRisLtKD3zMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEva3BVU2loYmhndlRjZG15ajlOR0t3dTBvUGZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwjjjMA0G
CSqGSIb3DQEBCwUAA4IBAQCRGUZtAK08gLGsJ+SfjRn4nDojlmyzXtmyQUSh/Tb3
aYruSrxy8GzERJcTPOgrT4APe1HjTMJ1GsGPUUu/Kib0jjzs0WwzCOshxwYhst3Z
0N1tuWWDPdMYBVleF8LrlFGAfDK5G9cm2JbRUTQlC1jI95ESi61QE2xiqLXg5VrU
SngNcQ13qnqvOFoC4LVp8sY7VamEMNqHmO1SzcxgOzGNVfkSxEdAOWV7rV0vnV4O
JtFl+NiI1p6DBR+i1trbg0x2JPpCOVbNE+gEx7adZTyjes6lDaE5h6QKgbcdFu08
nF5NbT42EEr5cGpELIlCOsUWmc2hF/6d4CLN9VPnHGOd
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:00:35 2025 by rpki-client