Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/grTxe7kxw6ZzaQqpTIbiKf1m4JM.roa
File: grTxe7kxw6ZzaQqpTIbiKf1m4JM.roa (raw, json)
Hash identifier: i5OkfeqChX4b5A5gBGr0b6nOiJOg7XT/mMLOR9RIW50=
Subject key identifier: 82:B4:F1:7B:B9:31:C3:A6:73:69:0A:A9:4C:86:E2:29:FD:66:E0:93
Certificate issuer: /CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Certificate serial: 0194221FED4BDCEE1F1CE2C6C037098568B2
Authority key identifier: D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/grTxe7kxw6ZzaQqpTIbiKf1m4JM.roa
Signing time: Wed 01 Jan 2025 13:48:25 +0000
ROA not before: Wed 01 Jan 2025 13:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7018
IP address blocks: 194.38.48.0/24 maxlen: 24
194.38.50.0/24 maxlen: 24
194.38.51.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.mft
rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 16:01:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:ed:4b:dc:ee:1f:1c:e2:c6:c0:37:09:85:68:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Validity
Not Before: Jan 1 13:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=82b4f17bb931c3a673690aa94c86e229fd66e093
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:a7:4c:1a:10:f0:7e:83:9b:5f:55:92:bf:2c:
09:ca:32:2d:8f:bf:ee:e8:e6:c7:4b:53:52:8b:bf:
95:97:7a:f2:b5:bd:71:ac:99:8e:05:0e:dd:98:a3:
d1:32:dc:28:ef:7f:08:a4:8c:6c:53:d3:61:91:7b:
fd:b3:f9:d6:38:a8:ac:4f:72:48:07:cf:4b:d8:f2:
bc:89:38:86:fa:57:b8:f7:07:57:ae:0b:2d:6c:05:
48:e8:c9:4f:58:5b:45:0c:33:1b:a2:25:c9:59:9b:
1f:84:b5:7b:b9:98:db:8d:a4:be:25:1b:bc:5d:36:
f0:94:7c:17:91:ae:ae:b2:e5:54:39:05:30:5f:ab:
a4:e3:a2:3d:8b:4f:be:70:5a:66:c6:8e:a4:bc:fc:
76:ab:40:f3:3b:13:6b:de:7d:ba:c3:d6:4e:21:1e:
98:20:a4:a0:24:5b:1b:ec:61:05:6b:a2:8f:72:45:
8e:09:79:44:cb:39:35:b2:41:fd:7f:72:77:88:16:
4b:65:75:54:bb:6a:fe:86:f2:e7:70:c7:de:00:d2:
3b:f3:76:c7:ed:97:71:a9:55:e8:56:57:cc:92:53:
40:a7:56:6f:f4:36:59:95:f7:e4:a0:30:6a:a3:f8:
79:6b:ba:24:9e:fe:7e:97:13:37:c5:91:2c:e3:d6:
b1:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:B4:F1:7B:B9:31:C3:A6:73:69:0A:A9:4C:86:E2:29:FD:66:E0:93
X509v3 Authority Key Identifier:
keyid:D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/grTxe7kxw6ZzaQqpTIbiKf1m4JM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.38.48.0/24
194.38.50.0/23
Signature Algorithm: sha256WithRSAEncryption
a6:3b:1d:c2:4c:c9:ca:ae:f7:7f:41:a9:1b:26:04:33:44:c2:
49:3d:89:48:9e:fe:64:05:e1:a2:fe:4f:48:05:06:93:68:b3:
b1:a2:3a:e7:c1:97:88:6c:e3:19:b7:5f:43:dc:18:db:18:46:
8c:62:f4:a3:87:65:57:f1:84:93:b4:73:41:a7:89:aa:2c:a6:
37:c4:5d:fb:93:bd:c1:7b:60:f9:22:c3:de:17:ca:b7:ce:41:
b3:10:e3:a9:42:d8:ce:fb:b3:d0:67:38:21:56:b3:22:95:07:
9a:ce:bb:dd:19:f3:ab:30:bf:d4:44:db:90:40:73:62:a5:b0:
85:7e:79:75:27:22:c3:a6:d2:de:d1:8d:02:0e:13:51:e2:43:
a9:eb:e9:90:09:47:e5:a8:06:19:87:c6:60:64:b4:3e:0b:71:
a3:db:3f:09:06:73:47:d3:b8:91:a8:5b:03:9f:16:ea:72:70:
75:74:d3:9e:87:a3:5b:d4:4a:50:61:21:37:bc:3b:2a:7c:8e:
35:2b:a7:36:fd:d5:b0:88:4c:97:f1:d4:fc:65:96:5b:83:85:
d4:8a:e8:24:dd:b3:03:0b:1e:99:db:74:bf:16:b1:a4:1b:7a:
bb:90:1b:db:0e:44:ea:8c:3a:fd:4e:88:6d:7e:6d:02:68:5d:
9b:60:70:04
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQiH+1L3O4fHOLGwDcJhWiyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwOGRhOWNmMDBkNGQ1OGI4NTRmZmM2MjAxMGYyMzViMDZk
ZjM1NGEwHhcNMjUwMTAxMTM0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmI0ZjE3YmI5MzFjM2E2NzM2OTBhYTk0Yzg2ZTIyOWZkNjZlMDkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqdMGhDwfoObX1WSvywJyjItj7/u
6ObHS1NSi7+Vl3rytb1xrJmOBQ7dmKPRMtwo738IpIxsU9NhkXv9s/nWOKisT3JI
B89L2PK8iTiG+le49wdXrgstbAVI6MlPWFtFDDMboiXJWZsfhLV7uZjbjaS+JRu8
XTbwlHwXka6usuVUOQUwX6uk46I9i0++cFpmxo6kvPx2q0DzOxNr3n26w9ZOIR6Y
IKSgJFsb7GEFa6KPckWOCXlEyzk1skH9f3J3iBZLZXVUu2r+hvLncMfeANI783bH
7ZdxqVXoVlfMklNAp1Zv9DZZlffkoDBqo/h5a7oknv5+lxM3xZEs49axdwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIK08Xu5McOmc2kKqUyG4in9ZuCTMB8GA1UdIwQY
MBaAFNCNqc8A1NWLhU/8YgEPI1sG3zVKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYt
MjBlMTk3ODBjYjJlLzEvZ3JUeGU3a3h3Nlp6YVFxcFRJYmlLZjFtNEpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYtMjBlMTk3ODBjYjJl
LzEvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwiYwAwQB
wiYyMA0GCSqGSIb3DQEBCwUAA4IBAQCmOx3CTMnKrvd/QakbJgQzRMJJPYlInv5k
BeGi/k9IBQaTaLOxojrnwZeIbOMZt19D3BjbGEaMYvSjh2VX8YSTtHNBp4mqLKY3
xF37k73Be2D5IsPeF8q3zkGzEOOpQtjO+7PQZzghVrMilQeazrvdGfOrML/URNuQ
QHNipbCFfnl1JyLDptLe0Y0CDhNR4kOp6+mQCUflqAYZh8ZgZLQ+C3Gj2z8JBnNH
07iRqFsDnxbqcnB1dNOeh6Nb1EpQYSE3vDsqfI41K6c2/dWwiEyX8dT8ZZZbg4XU
iugk3bMDCx6Z23S/FrGkG3q7kBvbDkTqjDr9Tohtfm0CaF2bYHAE
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:55:58 2025 by rpki-client