Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/76275a-6f41-4804-837b-89799deadc47/1/A0W4NLtnqVewyPWtMUlDJQbCQXE.roa
File: A0W4NLtnqVewyPWtMUlDJQbCQXE.roa (raw, json)
Hash identifier: MYxIYetVdJmSAzMctuQMtMzPS4ahJ2EbSnELEfjBMw0=
Subject key identifier: 03:45:B8:34:BB:67:A9:57:B0:C8:F5:AD:31:49:43:25:06:C2:41:71
Certificate issuer: /CN=5dc67c6be367ab9e941d1427d050449447b8865c
Certificate serial: 0194228D4BB12B080BA03EF3D3C7542B4996
Authority key identifier: 5D:C6:7C:6B:E3:67:AB:9E:94:1D:14:27:D0:50:44:94:47:B8:86:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XcZ8a-Nnq56UHRQn0FBElEe4hlw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/76275a-6f41-4804-837b-89799deadc47/1/A0W4NLtnqVewyPWtMUlDJQbCQXE.roa
Signing time: Wed 01 Jan 2025 15:47:52 +0000
ROA not before: Wed 01 Jan 2025 15:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205240
IP address blocks: 193.218.204.0/24 maxlen: 24
193.218.222.0/24 maxlen: 24
193.219.0.0/24 maxlen: 24
2a0f:99c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/76275a-6f41-4804-837b-89799deadc47/1/XcZ8a-Nnq56UHRQn0FBElEe4hlw.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/76275a-6f41-4804-837b-89799deadc47/1/XcZ8a-Nnq56UHRQn0FBElEe4hlw.mft
rsync://rpki.ripe.net/repository/DEFAULT/XcZ8a-Nnq56UHRQn0FBElEe4hlw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 18:00:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:4b:b1:2b:08:0b:a0:3e:f3:d3:c7:54:2b:49:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dc67c6be367ab9e941d1427d050449447b8865c
Validity
Not Before: Jan 1 15:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0345b834bb67a957b0c8f5ad3149432506c24171
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:78:8f:73:ef:c1:bf:4a:e5:2c:8e:92:a9:4a:
b1:ef:88:00:ed:44:a2:9b:b0:2f:56:a0:c0:c4:64:
7f:7c:f7:af:9a:86:58:1d:08:a5:8b:d1:0f:d6:1d:
c2:78:21:29:16:1a:72:07:39:32:2b:35:7e:6a:55:
eb:09:4d:00:69:b9:1d:50:ca:9d:1c:32:04:c6:4e:
a6:0f:ae:2d:d3:c9:62:56:d8:e0:e6:79:9d:a1:0c:
10:04:c1:bc:26:ba:b1:2c:f5:6f:0b:26:d2:8a:b6:
a9:d0:b9:85:c0:7a:68:4d:66:38:5f:1c:09:c0:56:
4f:27:b9:d1:ac:0f:0c:5b:3f:8a:d6:b6:5d:38:34:
63:d7:e2:6e:90:1a:19:a9:12:1f:da:86:19:35:59:
a7:c5:53:f3:8c:f8:21:3c:a6:9a:ec:d7:b7:f4:c2:
4c:19:01:73:22:c5:5a:29:51:50:86:30:c8:ee:60:
48:b8:ab:8d:bf:72:fc:31:0b:d4:04:c8:d7:11:98:
1d:40:7f:a1:9e:c1:8e:f8:1f:a4:4e:fc:4f:80:eb:
26:be:15:99:bd:05:67:0e:70:68:ca:dc:c1:18:7b:
4f:a3:35:d7:b3:34:eb:ce:29:7d:d0:8a:09:46:33:
d1:01:8b:b7:e0:28:a6:61:5a:74:db:e7:46:64:87:
e1:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:45:B8:34:BB:67:A9:57:B0:C8:F5:AD:31:49:43:25:06:C2:41:71
X509v3 Authority Key Identifier:
keyid:5D:C6:7C:6B:E3:67:AB:9E:94:1D:14:27:D0:50:44:94:47:B8:86:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XcZ8a-Nnq56UHRQn0FBElEe4hlw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/76275a-6f41-4804-837b-89799deadc47/1/A0W4NLtnqVewyPWtMUlDJQbCQXE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/76275a-6f41-4804-837b-89799deadc47/1/XcZ8a-Nnq56UHRQn0FBElEe4hlw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.218.204.0/24
193.218.222.0/24
193.219.0.0/24
IPv6:
2a0f:99c0::/48
Signature Algorithm: sha256WithRSAEncryption
28:de:ba:2b:50:e6:c4:c3:6f:40:3e:eb:a4:5e:30:21:8a:bb:
d0:48:6b:e7:34:cb:6c:0d:4d:3e:8b:10:9f:c6:fb:87:6f:e9:
7c:dc:e4:76:a6:d9:25:d1:0b:b7:c5:22:23:25:6a:3e:07:d4:
da:33:a6:02:0b:e4:67:39:05:90:c9:48:d6:d9:c8:0d:f2:b5:
00:20:1d:44:29:37:f4:b6:a6:34:50:23:4a:6d:f2:bd:5b:ee:
eb:5b:8d:3e:94:bf:81:2e:92:0f:b3:9a:9b:93:30:46:2f:37:
fd:ee:43:73:8c:11:13:14:05:4e:99:50:2a:10:95:56:6a:7d:
cb:fa:01:a0:69:1c:99:81:b5:6f:45:8d:6f:c9:23:ce:f9:cb:
de:19:4c:44:11:e3:ec:14:b2:a4:3a:44:a1:5c:bc:0b:63:6d:
56:4e:1e:ff:f8:c6:ff:21:7c:39:05:66:aa:13:9a:4d:53:00:
05:4d:09:3f:a8:f6:4a:a8:98:27:6e:84:17:81:a8:2d:2d:0f:
95:76:12:66:64:11:2d:e4:e0:23:eb:a0:0b:82:a3:a7:57:bc:
27:86:7f:8a:fa:90:10:fb:72:d3:b1:7f:db:6f:e3:fe:e7:d8:
95:c2:84:5d:5f:4e:4f:7a:4e:5e:6e:62:a2:c6:16:ff:61:74:
6d:a0:75:a6
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZQijUuxKwgLoD7z08dUK0mWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYzY3YzZiZTM2N2FiOWU5NDFkMTQyN2QwNTA0NDk0NDdi
ODg2NWMwHhcNMjUwMTAxMTU0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzQ1YjgzNGJiNjdhOTU3YjBjOGY1YWQzMTQ5NDMyNTA2YzI0MTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyniPc+/Bv0rlLI6SqUqx74gA7USi
m7AvVqDAxGR/fPevmoZYHQili9EP1h3CeCEpFhpyBzkyKzV+alXrCU0AabkdUMqd
HDIExk6mD64t08liVtjg5nmdoQwQBMG8JrqxLPVvCybSirap0LmFwHpoTWY4XxwJ
wFZPJ7nRrA8MWz+K1rZdODRj1+JukBoZqRIf2oYZNVmnxVPzjPghPKaa7Ne39MJM
GQFzIsVaKVFQhjDI7mBIuKuNv3L8MQvUBMjXEZgdQH+hnsGO+B+kTvxPgOsmvhWZ
vQVnDnBoytzBGHtPozXXszTrzil90IoJRjPRAYu34CimYVp02+dGZIfh8wIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFANFuDS7Z6lXsMj1rTFJQyUGwkFxMB8GA1UdIwQY
MBaAFF3GfGvjZ6uelB0UJ9BQRJRHuIZcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGNaOGEtTm5xNTZVSFJRbjBGQkVsRWU0aGx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy83NjI3NWEtNmY0MS00ODA0LTgzN2It
ODk3OTlkZWFkYzQ3LzEvQTBXNE5MdG5xVmV3eVBXdE1VbERKUWJDUVhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy83NjI3NWEtNmY0MS00ODA0LTgzN2ItODk3OTlkZWFkYzQ3
LzEvWGNaOGEtTm5xNTZVSFJRbjBGQkVsRWU0aGx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAwdrMAwQA
wdreAwQAwdsAMA8EAgACMAkDBwAqD5nAAAAwDQYJKoZIhvcNAQELBQADggEBACje
uitQ5sTDb0A+66ReMCGKu9BIa+c0y2wNTT6LEJ/G+4dv6Xzc5Ham2SXRC7fFIiMl
aj4H1NozpgIL5Gc5BZDJSNbZyA3ytQAgHUQpN/S2pjRQI0pt8r1b7utbjT6Uv4Eu
kg+zmpuTMEYvN/3uQ3OMERMUBU6ZUCoQlVZqfcv6AaBpHJmBtW9FjW/JI875y94Z
TEQR4+wUsqQ6RKFcvAtjbVZOHv/4xv8hfDkFZqoTmk1TAAVNCT+o9kqomCduhBeB
qC0tD5V2EmZkES3k4CProAuCo6dXvCeGf4r6kBD7ctOxf9tv4/7n2JXChF1fTk96
Tl5uYqLGFv9hdG2gdaY=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:45:49 2025 by rpki-client