Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/abac14-6eab-4985-867a-c8e863c1a8d1/1/dV3eLvyh7dkJSKTfdErtuw7Jadc.roa
File: dV3eLvyh7dkJSKTfdErtuw7Jadc.roa (raw, json)
Hash identifier: NpVV1N+SDAUUoPHhUF4/SnqeySzcrRHlw0l3druFyDo=
Subject key identifier: 75:5D:DE:2E:FC:A1:ED:D9:09:48:A4:DF:74:4A:ED:BB:0E:C9:69:D7
Certificate issuer: /CN=d2c2b0ee187928409065d19ee9c0858e8c17ea13
Certificate serial: 01951314276088FDF4C419AFF54067C3F85A
Authority key identifier: D2:C2:B0:EE:18:79:28:40:90:65:D1:9E:E9:C0:85:8E:8C:17:EA:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0sKw7hh5KECQZdGe6cCFjowX6hM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/abac14-6eab-4985-867a-c8e863c1a8d1/1/dV3eLvyh7dkJSKTfdErtuw7Jadc.roa
Signing time: Mon 17 Feb 2025 08:44:02 +0000
ROA not before: Mon 17 Feb 2025 08:44:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210004
IP address blocks: 194.0.5.0/24 maxlen: 24
194.0.29.0/24 maxlen: 24
2001:678:8::/48 maxlen: 48
2001:678:30::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/abac14-6eab-4985-867a-c8e863c1a8d1/1/0sKw7hh5KECQZdGe6cCFjowX6hM.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/abac14-6eab-4985-867a-c8e863c1a8d1/1/0sKw7hh5KECQZdGe6cCFjowX6hM.mft
rsync://rpki.ripe.net/repository/DEFAULT/0sKw7hh5KECQZdGe6cCFjowX6hM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 23:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:13:14:27:60:88:fd:f4:c4:19:af:f5:40:67:c3:f8:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2c2b0ee187928409065d19ee9c0858e8c17ea13
Validity
Not Before: Feb 17 08:44:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=755dde2efca1edd90948a4df744aedbb0ec969d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:68:53:43:43:f2:7b:f5:bf:78:1f:f3:ee:56:
5f:94:8d:cf:90:f8:10:c0:a5:48:cf:01:91:6f:42:
93:54:70:d3:8d:c4:05:a2:3a:e0:07:63:49:cf:05:
e1:a2:fe:c5:fa:05:e4:f2:39:49:29:37:ab:78:c2:
eb:7a:37:04:12:c4:d2:08:0c:0f:fc:27:46:9d:2e:
37:4e:59:05:04:be:a7:9f:a2:8c:67:60:9a:5e:5f:
22:00:23:b7:90:7c:8f:12:71:b8:14:01:2c:12:82:
86:1d:cf:fc:07:d8:76:09:c2:15:85:8b:01:2d:2e:
82:98:f9:1a:fe:e1:f7:14:2c:9a:5f:49:77:36:1c:
77:89:8c:c1:9f:d9:82:9d:b6:d0:02:fb:64:f7:ba:
c4:a5:76:9f:f3:38:98:55:bf:44:7c:f2:c3:f4:ef:
98:58:0c:dc:44:d4:b1:e1:10:5d:17:f0:26:95:55:
ba:89:f6:f4:43:6f:5b:6c:b4:8c:2c:89:d9:67:76:
76:dd:35:ec:0a:09:10:d9:14:66:f4:51:f9:25:39:
e2:15:ac:14:33:b9:90:62:38:9b:bb:76:f4:b4:fb:
d8:bd:92:d6:60:16:8d:ad:37:82:70:87:1b:2c:b6:
51:c2:39:76:09:a7:0e:ae:64:63:82:40:88:7e:73:
68:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:5D:DE:2E:FC:A1:ED:D9:09:48:A4:DF:74:4A:ED:BB:0E:C9:69:D7
X509v3 Authority Key Identifier:
keyid:D2:C2:B0:EE:18:79:28:40:90:65:D1:9E:E9:C0:85:8E:8C:17:EA:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0sKw7hh5KECQZdGe6cCFjowX6hM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/abac14-6eab-4985-867a-c8e863c1a8d1/1/dV3eLvyh7dkJSKTfdErtuw7Jadc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/abac14-6eab-4985-867a-c8e863c1a8d1/1/0sKw7hh5KECQZdGe6cCFjowX6hM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.0.5.0/24
194.0.29.0/24
IPv6:
2001:678:8::/48
2001:678:30::/48
Signature Algorithm: sha256WithRSAEncryption
74:81:3d:a6:e7:7f:fb:71:90:0c:72:25:88:25:a1:89:06:f0:
79:d2:ab:ec:0a:0d:79:62:82:5f:81:98:f7:40:b8:e1:d7:d4:
b3:ef:c3:51:82:01:05:9a:82:f8:6e:82:f9:5f:0e:12:99:3d:
4d:08:e3:b1:e9:0f:31:d7:8f:04:1d:b1:ce:60:db:c0:21:0e:
8f:1a:3b:e4:62:e4:a9:b6:06:93:f4:64:a4:f0:86:70:03:83:
4c:01:53:3d:a8:b9:a8:50:17:08:c5:b5:85:d3:b8:8f:2c:86:
05:1b:25:d3:f8:d9:f0:94:80:5b:5d:a0:c0:77:cb:da:36:14:
d7:b1:09:b7:93:31:dc:b2:1a:0c:c5:9a:3b:0a:27:c5:bb:36:
c6:f0:b7:f9:49:6f:99:05:ab:ae:c6:cc:44:c8:fa:6a:98:ce:
03:24:e6:ed:a6:53:15:a4:1a:04:be:28:10:06:90:7a:c9:69:
4b:3d:57:b8:3e:2c:3b:53:e2:4a:6d:e7:67:bd:4b:a4:02:c4:
79:63:b3:ba:f8:2e:3d:5f:0c:db:6e:aa:09:ac:00:e5:1e:b5:
a5:06:52:c8:c9:86:2e:b7:ed:fc:aa:e7:f8:20:a6:47:27:49:
aa:35:43:f6:d1:a5:b2:1c:78:18:55:f8:59:d2:8e:fa:b8:5d:
45:cf:76:24
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZUTFCdgiP30xBmv9UBnw/haMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyYzJiMGVlMTg3OTI4NDA5MDY1ZDE5ZWU5YzA4NThlOGMx
N2VhMTMwHhcNMjUwMjE3MDg0NDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTVkZGUyZWZjYTFlZGQ5MDk0OGE0ZGY3NDRhZWRiYjBlYzk2OWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw2hTQ0Pye/W/eB/z7lZflI3PkPgQ
wKVIzwGRb0KTVHDTjcQFojrgB2NJzwXhov7F+gXk8jlJKTereMLrejcEEsTSCAwP
/CdGnS43TlkFBL6nn6KMZ2CaXl8iACO3kHyPEnG4FAEsEoKGHc/8B9h2CcIVhYsB
LS6CmPka/uH3FCyaX0l3Nhx3iYzBn9mCnbbQAvtk97rEpXaf8ziYVb9EfPLD9O+Y
WAzcRNSx4RBdF/AmlVW6ifb0Q29bbLSMLInZZ3Z23TXsCgkQ2RRm9FH5JTniFawU
M7mQYjibu3b0tPvYvZLWYBaNrTeCcIcbLLZRwjl2CacOrmRjgkCIfnNogwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFHVd3i78oe3ZCUik33RK7bsOyWnXMB8GA1UdIwQY
MBaAFNLCsO4YeShAkGXRnunAhY6MF+oTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHNLdzdoaDVLRUNRWmRHZTZjQ0Zqb3dYNmhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9hYmFjMTQtNmVhYi00OTg1LTg2N2Et
YzhlODYzYzFhOGQxLzEvZFYzZUx2eWg3ZGtKU0tUZmRFcnR1dzdKYWRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9hYmFjMTQtNmVhYi00OTg1LTg2N2EtYzhlODYzYzFhOGQx
LzEvMHNLdzdoaDVLRUNRWmRHZTZjQ0Zqb3dYNmhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAwgAFAwQA
wgAdMBgEAgACMBIDBwAgAQZ4AAgDBwAgAQZ4ADAwDQYJKoZIhvcNAQELBQADggEB
AHSBPabnf/txkAxyJYgloYkG8HnSq+wKDXligl+BmPdAuOHX1LPvw1GCAQWagvhu
gvlfDhKZPU0I47HpDzHXjwQdsc5g28AhDo8aO+Ri5Km2BpP0ZKTwhnADg0wBUz2o
uahQFwjFtYXTuI8shgUbJdP42fCUgFtdoMB3y9o2FNexCbeTMdyyGgzFmjsKJ8W7
Nsbwt/lJb5kFq67GzETI+mqYzgMk5u2mUxWkGgS+KBAGkHrJaUs9V7g+LDtT4kpt
52e9S6QCxHljs7r4Lj1fDNtuqgmsAOUetaUGUsjJhi637fyq5/ggpkcnSao1Q/bR
pbIceBhV+FnSjvq4XUXPdiQ=
-----END CERTIFICATE-----
Generated at Sun Apr 13 07:34:29 2025 by rpki-client