Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/78fea9-efac-4983-ac2b-df45054dd934/1/x4WRkvTk4Qfvxow9VzZXx3rDXCk.roa
File: x4WRkvTk4Qfvxow9VzZXx3rDXCk.roa (raw, json)
Hash identifier: RyOgBcFttRpc6DEmQeaGYO0tOWZlEQp1Uhl8vvwB5VE=
Subject key identifier: C7:85:91:92:F4:E4:E1:07:EF:C6:8C:3D:57:36:57:C7:7A:C3:5C:29
Certificate issuer: /CN=3bd543d0465ea2f6feb828f18504b03f403ac669
Certificate serial: 01942747AF82550EE80BC1DF0CF3F2D5DB53
Authority key identifier: 3B:D5:43:D0:46:5E:A2:F6:FE:B8:28:F1:85:04:B0:3F:40:3A:C6:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O9VD0EZeovb-uCjxhQSwP0A6xmk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/78fea9-efac-4983-ac2b-df45054dd934/1/x4WRkvTk4Qfvxow9VzZXx3rDXCk.roa
Signing time: Thu 02 Jan 2025 13:49:56 +0000
ROA not before: Thu 02 Jan 2025 13:49:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57395
IP address blocks: 194.26.16.0/24 maxlen: 24
2a11:9400::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/78fea9-efac-4983-ac2b-df45054dd934/1/O9VD0EZeovb-uCjxhQSwP0A6xmk.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/78fea9-efac-4983-ac2b-df45054dd934/1/O9VD0EZeovb-uCjxhQSwP0A6xmk.mft
rsync://rpki.ripe.net/repository/DEFAULT/O9VD0EZeovb-uCjxhQSwP0A6xmk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 22:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:af:82:55:0e:e8:0b:c1:df:0c:f3:f2:d5:db:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bd543d0465ea2f6feb828f18504b03f403ac669
Validity
Not Before: Jan 2 13:49:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c7859192f4e4e107efc68c3d573657c77ac35c29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:41:b8:5e:35:fb:40:43:44:82:2a:b8:3c:63:
df:7e:8c:5d:a0:08:ac:a6:0e:05:cd:c4:4f:63:2e:
c5:2a:eb:74:3a:d4:0a:b0:f2:03:72:a6:e0:eb:9f:
7a:20:ef:6c:7d:ab:78:54:84:fc:7a:c7:c2:0c:e0:
62:48:7c:14:31:b5:dc:31:a7:c2:ac:1b:fa:2c:7c:
78:7c:06:3f:fa:1a:20:01:b4:95:a7:f2:a9:ad:13:
e1:9f:a9:34:3e:a3:8a:68:c0:df:d2:16:b2:68:6a:
f6:45:9e:fa:50:f3:59:ab:f5:44:e6:66:52:43:c4:
5d:5e:b9:f4:de:a0:b2:4c:5c:e2:41:ca:11:02:4a:
8d:9b:1f:75:4b:59:ca:e4:7d:63:5e:e3:4e:46:dc:
39:4d:49:a4:09:78:13:ca:af:d1:e3:c6:46:be:db:
77:42:b3:f3:cf:5c:fe:81:74:9a:2b:7e:d0:bc:f7:
5b:47:26:48:05:9d:49:ca:c9:6c:02:7b:91:49:4b:
c3:67:19:76:fd:5c:90:5b:08:68:ff:71:85:94:60:
05:91:ac:bc:43:9e:20:e0:4f:5f:99:6d:88:4f:ae:
6c:3d:db:4d:5a:7a:dd:f4:95:b9:dd:02:1f:ba:c8:
44:42:41:1c:d5:9c:3a:d9:27:e4:f2:d3:2d:57:c9:
7a:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:85:91:92:F4:E4:E1:07:EF:C6:8C:3D:57:36:57:C7:7A:C3:5C:29
X509v3 Authority Key Identifier:
keyid:3B:D5:43:D0:46:5E:A2:F6:FE:B8:28:F1:85:04:B0:3F:40:3A:C6:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O9VD0EZeovb-uCjxhQSwP0A6xmk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/78fea9-efac-4983-ac2b-df45054dd934/1/x4WRkvTk4Qfvxow9VzZXx3rDXCk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/78fea9-efac-4983-ac2b-df45054dd934/1/O9VD0EZeovb-uCjxhQSwP0A6xmk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.26.16.0/24
IPv6:
2a11:9400::/32
Signature Algorithm: sha256WithRSAEncryption
60:8c:8f:13:d0:de:ec:bd:44:45:89:69:09:ad:6e:44:7d:5e:
ec:82:9f:7c:08:fd:0c:e4:cb:d8:38:44:4d:77:18:75:8b:15:
47:91:21:6f:c7:74:2e:2d:5d:3f:54:f4:ac:bd:ef:42:75:aa:
23:2e:fa:d3:7f:c4:9f:42:c2:26:37:6d:33:01:79:ad:56:65:
cf:42:cb:ab:47:04:34:e1:71:8f:70:95:98:e5:52:4e:93:8a:
e2:2b:5d:0a:f9:49:f9:fb:d8:0f:6c:70:ac:8c:1b:05:a9:ec:
34:21:37:81:63:a8:36:c7:61:b7:39:c2:fe:ce:ce:61:8a:65:
d0:c4:f8:7b:62:31:02:08:ef:2f:4a:8b:c7:10:4d:2a:f9:a4:
09:b9:6d:db:01:9a:72:54:d0:36:52:8c:03:38:91:31:d6:ee:
1f:89:c4:b5:c4:85:e7:a9:f0:44:dd:61:09:3a:17:68:04:9f:
c4:97:f6:b0:23:6e:6c:d1:11:31:8b:35:d9:9b:f0:35:3c:2c:
30:35:b4:56:e4:5f:4c:1f:97:c5:8e:9c:63:4e:35:0a:fe:c3:
88:d0:44:99:fc:41:66:27:0c:5c:3a:b5:96:2f:6d:3b:b1:1b:
74:8d:42:7b:0a:c6:2c:8e:8a:a5:15:aa:9a:3b:d3:5a:e2:39:
65:7a:2d:45
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQnR6+CVQ7oC8HfDPPy1dtTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZDU0M2QwNDY1ZWEyZjZmZWI4MjhmMTg1MDRiMDNmNDAz
YWM2NjkwHhcNMjUwMTAyMTM0OTU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzg1OTE5MmY0ZTRlMTA3ZWZjNjhjM2Q1NzM2NTdjNzdhYzM1YzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtkG4XjX7QENEgiq4PGPffoxdoAis
pg4FzcRPYy7FKut0OtQKsPIDcqbg6596IO9sfat4VIT8esfCDOBiSHwUMbXcMafC
rBv6LHx4fAY/+hogAbSVp/KprRPhn6k0PqOKaMDf0hayaGr2RZ76UPNZq/VE5mZS
Q8RdXrn03qCyTFziQcoRAkqNmx91S1nK5H1jXuNORtw5TUmkCXgTyq/R48ZGvtt3
QrPzz1z+gXSaK37QvPdbRyZIBZ1JyslsAnuRSUvDZxl2/VyQWwho/3GFlGAFkay8
Q54g4E9fmW2IT65sPdtNWnrd9JW53QIfushEQkEc1Zw62Sfk8tMtV8l6UQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMeFkZL05OEH78aMPVc2V8d6w1wpMB8GA1UdIwQY
MBaAFDvVQ9BGXqL2/rgo8YUEsD9AOsZpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzlWRDBFWmVvdmItdUNqeGhRU3dQMEE2eG1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy83OGZlYTktZWZhYy00OTgzLWFjMmIt
ZGY0NTA1NGRkOTM0LzEveDRXUmt2VGs0UWZ2eG93OVZ6Wlh4M3JEWENrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy83OGZlYTktZWZhYy00OTgzLWFjMmItZGY0NTA1NGRkOTM0
LzEvTzlWRDBFWmVvdmItdUNqeGhRU3dQMEE2eG1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwhoQMA0E
AgACMAcDBQAqEZQAMA0GCSqGSIb3DQEBCwUAA4IBAQBgjI8T0N7svURFiWkJrW5E
fV7sgp98CP0M5MvYOERNdxh1ixVHkSFvx3QuLV0/VPSsve9CdaojLvrTf8SfQsIm
N20zAXmtVmXPQsurRwQ04XGPcJWY5VJOk4riK10K+Un5+9gPbHCsjBsFqew0ITeB
Y6g2x2G3OcL+zs5himXQxPh7YjECCO8vSovHEE0q+aQJuW3bAZpyVNA2UowDOJEx
1u4ficS1xIXnqfBE3WEJOhdoBJ/El/awI25s0RExizXZm/A1PCwwNbRW5F9MH5fF
jpxjTjUK/sOI0ESZ/EFmJwxcOrWWL207sRt0jUJ7CsYsjoqlFaqaO9Na4jllei1F
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:55:27 2025 by rpki-client