Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/6ece5b-360f-4be4-aa61-594a27db146b/1/j4EIa7tKAt7zUJqXstTzU7rzvAM.roa
File: j4EIa7tKAt7zUJqXstTzU7rzvAM.roa (raw, json)
Hash identifier: KBhYqMx9SY3f4s8BMjZo/0KJeCGNnKyC4D8ert+K2y0=
Subject key identifier: 8F:81:08:6B:BB:4A:02:DE:F3:50:9A:97:B2:D4:F3:53:BA:F3:BC:03
Certificate issuer: /CN=23a9867ea603fc8cf92bb5bac6f255710e3bf36a
Certificate serial: 019423D786923902AC7A7F1EB876DF1B0CA8
Authority key identifier: 23:A9:86:7E:A6:03:FC:8C:F9:2B:B5:BA:C6:F2:55:71:0E:3B:F3:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I6mGfqYD_Iz5K7W6xvJVcQ4782o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/6ece5b-360f-4be4-aa61-594a27db146b/1/j4EIa7tKAt7zUJqXstTzU7rzvAM.roa
Signing time: Wed 01 Jan 2025 21:48:34 +0000
ROA not before: Wed 01 Jan 2025 21:48:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1759
IP address blocks: 193.143.115.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/6ece5b-360f-4be4-aa61-594a27db146b/1/I6mGfqYD_Iz5K7W6xvJVcQ4782o.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/6ece5b-360f-4be4-aa61-594a27db146b/1/I6mGfqYD_Iz5K7W6xvJVcQ4782o.mft
rsync://rpki.ripe.net/repository/DEFAULT/I6mGfqYD_Iz5K7W6xvJVcQ4782o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 08:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:86:92:39:02:ac:7a:7f:1e:b8:76:df:1b:0c:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23a9867ea603fc8cf92bb5bac6f255710e3bf36a
Validity
Not Before: Jan 1 21:48:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8f81086bbb4a02def3509a97b2d4f353baf3bc03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:ac:3d:9b:63:6c:e4:0f:64:77:1c:c2:a4:3d:
92:36:bd:2e:23:ad:84:78:fb:03:ad:48:ec:1e:eb:
62:39:2d:5c:b7:f2:e0:a5:f5:c0:4f:05:0f:51:c2:
3e:48:c2:96:c7:2a:aa:38:a2:22:bc:59:5a:d7:2b:
3f:bd:64:82:47:96:07:6d:d1:33:29:ad:43:f0:59:
ad:0a:77:f6:7f:0a:5a:1b:7f:75:05:06:7d:39:39:
74:e5:3c:07:5c:0d:63:9e:bc:45:b5:d1:fc:37:a8:
d4:14:4f:7c:ba:ff:10:4e:c2:97:c6:cb:1d:f5:70:
93:01:5f:fb:2f:66:07:e8:6c:ec:d7:8f:14:5d:3b:
ba:cd:bc:fa:75:ef:da:98:89:f0:a9:eb:2e:bc:a0:
73:a6:bf:9f:72:6c:19:12:29:bb:84:0d:8a:f4:eb:
90:3a:fe:fb:1d:73:d1:d1:db:c5:b6:71:dd:34:7d:
ae:d6:62:5a:9c:6a:04:8f:40:eb:82:8c:d9:9f:02:
db:fe:ea:2f:df:f6:10:90:57:c2:ea:01:61:a5:50:
9c:8a:93:fa:31:80:8d:e8:e9:ab:1a:bf:21:fe:23:
da:6c:6e:06:26:a7:18:ec:9b:50:5a:86:a9:67:96:
b3:e8:c6:6b:dc:59:8a:f7:44:2d:14:ba:b6:36:91:
0d:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:81:08:6B:BB:4A:02:DE:F3:50:9A:97:B2:D4:F3:53:BA:F3:BC:03
X509v3 Authority Key Identifier:
keyid:23:A9:86:7E:A6:03:FC:8C:F9:2B:B5:BA:C6:F2:55:71:0E:3B:F3:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I6mGfqYD_Iz5K7W6xvJVcQ4782o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/6ece5b-360f-4be4-aa61-594a27db146b/1/j4EIa7tKAt7zUJqXstTzU7rzvAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/6ece5b-360f-4be4-aa61-594a27db146b/1/I6mGfqYD_Iz5K7W6xvJVcQ4782o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.143.115.0/24
Signature Algorithm: sha256WithRSAEncryption
51:fb:3a:32:b8:15:8d:92:37:b1:0b:be:5e:e0:2a:ee:59:0d:
24:3b:3c:40:88:8a:10:3f:df:1b:ab:07:1f:c7:18:37:6b:80:
d5:11:f2:b2:b4:37:ae:f4:8c:20:7f:e8:ac:5c:03:7e:18:e2:
3b:a6:ee:71:32:ef:c3:0d:51:64:5f:c8:cb:eb:9d:66:09:1a:
d3:19:01:24:34:c5:62:53:f9:77:85:15:64:04:29:83:91:14:
23:dc:4a:06:7c:d6:1a:a6:67:2f:14:98:7f:19:9c:84:e9:bc:
64:df:3b:3b:b7:e0:fa:fd:4c:b4:f7:c4:90:0e:2f:28:f4:2a:
5e:dc:65:90:17:7d:78:b1:a2:ad:3c:43:a4:2b:b5:2b:e1:91:
71:88:8c:06:e7:5f:d6:e6:15:c1:22:16:9b:0f:b2:a6:9e:e6:
1a:53:cf:20:51:25:30:94:a5:bf:41:31:13:10:b4:60:e5:70:
6b:0b:1b:4d:22:e0:b5:c8:c6:07:31:ae:7b:90:06:13:65:e5:
09:0c:21:c0:5a:f1:60:e4:82:e2:f5:29:c4:82:35:93:c1:d2:
ad:82:bd:b6:2a:3c:0b:1c:51:8c:fb:07:f1:31:92:4d:45:b9:
9b:93:80:e3:90:f9:9f:49:77:69:ab:59:14:ef:08:a3:84:26:
d4:68:93:d0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj14aSOQKsen8euHbfGwyoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzYTk4NjdlYTYwM2ZjOGNmOTJiYjViYWM2ZjI1NTcxMGUz
YmYzNmEwHhcNMjUwMTAxMjE0ODM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjgxMDg2YmJiNGEwMmRlZjM1MDlhOTdiMmQ0ZjM1M2JhZjNiYzAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6aw9m2Ns5A9kdxzCpD2SNr0uI62E
ePsDrUjsHutiOS1ct/LgpfXATwUPUcI+SMKWxyqqOKIivFla1ys/vWSCR5YHbdEz
Ka1D8FmtCnf2fwpaG391BQZ9OTl05TwHXA1jnrxFtdH8N6jUFE98uv8QTsKXxssd
9XCTAV/7L2YH6Gzs148UXTu6zbz6de/amInwqesuvKBzpr+fcmwZEim7hA2K9OuQ
Ov77HXPR0dvFtnHdNH2u1mJanGoEj0DrgozZnwLb/uov3/YQkFfC6gFhpVCcipP6
MYCN6OmrGr8h/iPabG4GJqcY7JtQWoapZ5az6MZr3FmK90QtFLq2NpENVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI+BCGu7SgLe81Cal7LU81O687wDMB8GA1UdIwQY
MBaAFCOphn6mA/yM+Su1usbyVXEOO/NqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTZtR2ZxWURfSXo1SzdXNnh2SlZjUTQ3ODJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi82ZWNlNWItMzYwZi00YmU0LWFhNjEt
NTk0YTI3ZGIxNDZiLzEvajRFSWE3dEtBdDd6VUpxWHN0VHpVN3J6dkFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi82ZWNlNWItMzYwZi00YmU0LWFhNjEtNTk0YTI3ZGIxNDZi
LzEvSTZtR2ZxWURfSXo1SzdXNnh2SlZjUTQ3ODJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwY9zMA0G
CSqGSIb3DQEBCwUAA4IBAQBR+zoyuBWNkjexC75e4CruWQ0kOzxAiIoQP98bqwcf
xxg3a4DVEfKytDeu9Iwgf+isXAN+GOI7pu5xMu/DDVFkX8jL651mCRrTGQEkNMVi
U/l3hRVkBCmDkRQj3EoGfNYapmcvFJh/GZyE6bxk3zs7t+D6/Uy098SQDi8o9Cpe
3GWQF314saKtPEOkK7Ur4ZFxiIwG51/W5hXBIhabD7KmnuYaU88gUSUwlKW/QTET
ELRg5XBrCxtNIuC1yMYHMa57kAYTZeUJDCHAWvFg5ILi9SnEgjWTwdKtgr22KjwL
HFGM+wfxMZJNRbmbk4DjkPmfSXdpq1kU7wijhCbUaJPQ
-----END CERTIFICATE-----
Generated at Tue Apr 15 12:39:32 2025 by rpki-client