Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/e445e4-26bd-48c9-83db-7a0ece9c0af8/1/raR6qfZ5L-9hzvpYVK9us-1wIug.roa
File: raR6qfZ5L-9hzvpYVK9us-1wIug.roa (raw, json)
Hash identifier: ARfa5iwtjYV/gUtHJTALBEg3MfK/IBejlaZvsXofCl8=
Subject key identifier: AD:A4:7A:A9:F6:79:2F:EF:61:CE:FA:58:54:AF:6E:B3:ED:70:22:E8
Certificate issuer: /CN=8aad9c0ce5ba3905b41970a04e51976076c67e00
Certificate serial: 0194274864CCCA0B8564A12D422C5E216FE1
Authority key identifier: 8A:AD:9C:0C:E5:BA:39:05:B4:19:70:A0:4E:51:97:60:76:C6:7E:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iq2cDOW6OQW0GXCgTlGXYHbGfgA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/e445e4-26bd-48c9-83db-7a0ece9c0af8/1/raR6qfZ5L-9hzvpYVK9us-1wIug.roa
Signing time: Thu 02 Jan 2025 13:50:43 +0000
ROA not before: Thu 02 Jan 2025 13:50:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198949
IP address blocks: 193.135.40.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/e445e4-26bd-48c9-83db-7a0ece9c0af8/1/iq2cDOW6OQW0GXCgTlGXYHbGfgA.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/e445e4-26bd-48c9-83db-7a0ece9c0af8/1/iq2cDOW6OQW0GXCgTlGXYHbGfgA.mft
rsync://rpki.ripe.net/repository/DEFAULT/iq2cDOW6OQW0GXCgTlGXYHbGfgA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 13:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:64:cc:ca:0b:85:64:a1:2d:42:2c:5e:21:6f:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8aad9c0ce5ba3905b41970a04e51976076c67e00
Validity
Not Before: Jan 2 13:50:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ada47aa9f6792fef61cefa5854af6eb3ed7022e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:27:88:24:53:c2:03:15:be:20:b9:f0:75:f0:
ee:c9:3b:19:08:f8:72:11:29:ea:45:20:08:23:a2:
d4:30:5e:37:4d:dd:f1:8b:87:93:fb:09:b8:3b:9f:
8e:81:04:f9:84:0c:8a:15:57:87:c4:60:81:e7:dc:
0f:23:7d:02:74:c5:4d:4e:c5:57:77:01:13:4e:3c:
e4:73:ea:3d:12:d4:c8:67:63:44:bd:0e:5f:68:18:
66:a5:31:8f:45:58:fc:8a:c4:1a:c2:55:41:09:3d:
20:0d:1f:80:d0:88:e3:79:bd:22:79:de:e6:13:01:
e7:7c:a8:28:a8:07:53:08:40:2b:ef:20:08:ee:f5:
09:86:2b:82:84:4e:9f:56:7a:27:40:ef:40:d3:8f:
ca:3d:d6:c9:10:dc:c5:fb:8e:ae:2d:08:81:ac:c4:
f6:48:7b:07:08:4d:9d:bc:e2:c5:19:4b:f7:7f:56:
d6:c4:b7:58:5a:4e:f4:e3:90:b2:53:cd:ea:28:a4:
ba:ff:e1:f3:e6:34:91:e2:f0:07:4c:03:ba:8c:12:
5b:48:f7:07:6d:78:cf:35:cf:dc:59:e6:6d:1d:6f:
60:90:b6:c9:2d:24:68:a0:b2:8b:61:81:9a:d6:11:
db:dc:a9:f3:24:3b:1e:d4:e0:e0:f7:36:e6:d3:8a:
18:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:A4:7A:A9:F6:79:2F:EF:61:CE:FA:58:54:AF:6E:B3:ED:70:22:E8
X509v3 Authority Key Identifier:
keyid:8A:AD:9C:0C:E5:BA:39:05:B4:19:70:A0:4E:51:97:60:76:C6:7E:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iq2cDOW6OQW0GXCgTlGXYHbGfgA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/e445e4-26bd-48c9-83db-7a0ece9c0af8/1/raR6qfZ5L-9hzvpYVK9us-1wIug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/e445e4-26bd-48c9-83db-7a0ece9c0af8/1/iq2cDOW6OQW0GXCgTlGXYHbGfgA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.135.40.0/21
Signature Algorithm: sha256WithRSAEncryption
0b:60:ba:4e:24:4a:cd:ab:c2:15:ec:3a:d9:13:ab:54:a9:ef:
22:3c:e4:47:d1:21:f4:bf:45:7e:a8:51:a6:64:aa:56:ed:86:
11:43:8a:98:a8:3e:27:81:8f:fe:2d:0d:00:49:07:10:57:de:
6f:c5:3b:4f:e2:ba:f1:58:d9:98:06:77:38:ca:9b:b4:37:0b:
68:98:fa:d9:df:5f:e5:d3:f7:b2:ef:31:66:27:5d:a8:31:8f:
0b:cd:31:fe:9b:a8:23:8f:59:81:e0:ea:2e:5b:43:a0:36:ad:
eb:70:08:bc:a3:e6:88:2f:e5:b7:e5:5b:37:07:e4:ed:7c:23:
de:27:ec:11:96:6e:76:01:1c:52:02:ec:45:ca:aa:a4:9c:fd:
a0:d0:c6:81:01:d8:ec:e1:0b:0c:4c:eb:98:a0:87:cd:1f:f0:
a3:a9:7d:70:0a:99:9b:3a:cb:01:75:59:b4:91:bd:a6:fe:a5:
96:ff:2d:af:e3:d1:3c:55:02:54:70:98:4a:9f:82:f2:f5:19:
11:72:88:11:2e:90:97:db:91:95:59:8c:e6:e4:ca:4d:43:bd:
08:2e:02:c2:70:8a:bf:23:2d:68:f6:1c:7f:a9:fc:a0:1e:13:
8e:6a:3e:fe:90:41:f8:20:3e:86:02:12:11:4b:dd:44:05:6b:
ee:e2:63:d6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnSGTMyguFZKEtQixeIW/hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhYWQ5YzBjZTViYTM5MDViNDE5NzBhMDRlNTE5NzYwNzZj
NjdlMDAwHhcNMjUwMTAyMTM1MDQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGE0N2FhOWY2NzkyZmVmNjFjZWZhNTg1NGFmNmViM2VkNzAyMmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvCeIJFPCAxW+ILnwdfDuyTsZCPhy
ESnqRSAII6LUMF43Td3xi4eT+wm4O5+OgQT5hAyKFVeHxGCB59wPI30CdMVNTsVX
dwETTjzkc+o9EtTIZ2NEvQ5faBhmpTGPRVj8isQawlVBCT0gDR+A0Ijjeb0ied7m
EwHnfKgoqAdTCEAr7yAI7vUJhiuChE6fVnonQO9A04/KPdbJENzF+46uLQiBrMT2
SHsHCE2dvOLFGUv3f1bWxLdYWk7045CyU83qKKS6/+Hz5jSR4vAHTAO6jBJbSPcH
bXjPNc/cWeZtHW9gkLbJLSRooLKLYYGa1hHb3KnzJDse1ODg9zbm04oY6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK2keqn2eS/vYc76WFSvbrPtcCLoMB8GA1UdIwQY
MBaAFIqtnAzlujkFtBlwoE5Rl2B2xn4AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXEyY0RPVzZPUVcwR1hDZ1RsR1hZSGJHZmdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9lNDQ1ZTQtMjZiZC00OGM5LTgzZGIt
N2EwZWNlOWMwYWY4LzEvcmFSNnFmWjVMLTloenZwWVZLOXVzLTF3SXVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9lNDQ1ZTQtMjZiZC00OGM5LTgzZGItN2EwZWNlOWMwYWY4
LzEvaXEyY0RPVzZPUVcwR1hDZ1RsR1hZSGJHZmdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDwYcoMA0G
CSqGSIb3DQEBCwUAA4IBAQALYLpOJErNq8IV7DrZE6tUqe8iPORH0SH0v0V+qFGm
ZKpW7YYRQ4qYqD4ngY/+LQ0ASQcQV95vxTtP4rrxWNmYBnc4ypu0NwtomPrZ31/l
0/ey7zFmJ12oMY8LzTH+m6gjj1mB4OouW0OgNq3rcAi8o+aIL+W35Vs3B+TtfCPe
J+wRlm52ARxSAuxFyqqknP2g0MaBAdjs4QsMTOuYoIfNH/CjqX1wCpmbOssBdVm0
kb2m/qWW/y2v49E8VQJUcJhKn4Ly9RkRcogRLpCX25GVWYzm5MpNQ70ILgLCcIq/
Iy1o9hx/qfygHhOOaj7+kEH4ID6GAhIRS91EBWvu4mPW
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:35:17 2025 by rpki-client