Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/25e079-fcbc-418d-bec1-1f3b5b056dfc/1/1AGt6vAj9ZNv2w7Fp5tJobLB8aI.roa
File: 1AGt6vAj9ZNv2w7Fp5tJobLB8aI.roa (raw, json)
Hash identifier: GbnSbQEBgHsaOZrngwqdPSv9qkJB1d7PRyKBT0jDdQQ=
Subject key identifier: D4:01:AD:EA:F0:23:F5:93:6F:DB:0E:C5:A7:9B:49:A1:B2:C1:F1:A2
Certificate issuer: /CN=c7dd297d0898fffde28d7696795bdbd5223f8a66
Certificate serial: 0196195438AEB6822370F3B2CA0833CF34E4
Authority key identifier: C7:DD:29:7D:08:98:FF:FD:E2:8D:76:96:79:5B:DB:D5:22:3F:8A:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x90pfQiY__3ijXaWeVvb1SI_imY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/25e079-fcbc-418d-bec1-1f3b5b056dfc/1/1AGt6vAj9ZNv2w7Fp5tJobLB8aI.roa
Signing time: Wed 09 Apr 2025 06:54:31 +0000
ROA not before: Wed 09 Apr 2025 06:54:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48083
IP address blocks: 94.127.96.0/21 maxlen: 24
193.53.99.0/24 maxlen: 24
193.53.100.0/24 maxlen: 24
193.116.128.0/19 maxlen: 24
193.116.160.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/25e079-fcbc-418d-bec1-1f3b5b056dfc/1/x90pfQiY__3ijXaWeVvb1SI_imY.crl
rsync://rpki.ripe.net/repository/DEFAULT/26/25e079-fcbc-418d-bec1-1f3b5b056dfc/1/x90pfQiY__3ijXaWeVvb1SI_imY.mft
rsync://rpki.ripe.net/repository/DEFAULT/x90pfQiY__3ijXaWeVvb1SI_imY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 06:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:19:54:38:ae:b6:82:23:70:f3:b2:ca:08:33:cf:34:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7dd297d0898fffde28d7696795bdbd5223f8a66
Validity
Not Before: Apr 9 06:54:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d401adeaf023f5936fdb0ec5a79b49a1b2c1f1a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:80:20:d9:bc:c0:22:dd:ef:f2:d0:22:6d:6a:
6d:bd:85:a8:54:e4:49:b2:6b:13:4b:6c:aa:fb:96:
e4:38:fe:9a:0f:e6:5a:b4:39:7b:4b:02:44:3e:88:
5e:95:0f:74:89:fe:36:03:cd:6a:9a:e4:bf:2b:34:
a7:06:59:87:5e:01:aa:a4:10:4f:19:a3:77:81:d0:
f8:7e:9f:3d:1e:64:55:c2:16:f6:19:ee:e8:d4:4c:
51:ba:a1:c5:0b:2f:b9:7f:64:3a:c6:e8:17:d2:03:
bb:8d:92:16:27:8e:ad:e1:5f:d8:b7:cc:a7:e3:9f:
87:d7:b6:0d:80:2e:11:48:34:da:55:8f:91:d6:c4:
27:f8:7f:4e:6a:48:60:fc:d1:72:d8:85:d0:6a:86:
22:43:b6:36:1c:5f:f0:2b:c7:7e:c1:42:34:32:ff:
97:cf:4d:84:31:c0:92:8e:b9:78:1e:e4:ad:e9:0b:
ce:9c:a1:32:d8:40:a5:70:6c:8b:37:d6:6a:1e:d8:
8f:f1:fe:7c:6b:b5:bf:a9:37:1c:66:8a:78:3b:9b:
c9:3d:07:73:1b:ee:e0:f1:f4:0a:f6:ad:dd:60:be:
03:8c:05:ae:7a:52:9c:3d:be:c7:37:f5:0c:55:66:
7a:4c:c5:cc:75:e3:a8:9c:18:67:03:3a:a8:bb:33:
6b:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:01:AD:EA:F0:23:F5:93:6F:DB:0E:C5:A7:9B:49:A1:B2:C1:F1:A2
X509v3 Authority Key Identifier:
keyid:C7:DD:29:7D:08:98:FF:FD:E2:8D:76:96:79:5B:DB:D5:22:3F:8A:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x90pfQiY__3ijXaWeVvb1SI_imY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/25e079-fcbc-418d-bec1-1f3b5b056dfc/1/1AGt6vAj9ZNv2w7Fp5tJobLB8aI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/25e079-fcbc-418d-bec1-1f3b5b056dfc/1/x90pfQiY__3ijXaWeVvb1SI_imY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.127.96.0/21
193.53.99.0-193.53.100.255
193.116.128.0/18
Signature Algorithm: sha256WithRSAEncryption
0a:29:24:7a:48:35:52:5c:70:89:b1:b5:fc:b7:23:09:1c:de:
aa:e1:2b:37:d2:b9:46:98:45:78:7a:c7:7b:99:4d:7a:ec:75:
56:53:4f:07:74:cc:f2:b8:90:f9:a3:a9:60:6f:4f:8c:46:15:
55:31:7c:f3:2b:58:bd:d0:79:af:dd:d0:02:ef:39:98:bf:d0:
5e:dd:d1:45:43:0e:50:f4:bf:7c:06:1e:56:78:1c:be:9e:ae:
d3:fa:43:cd:b1:f7:8c:ef:a3:a0:73:ce:d6:70:de:1c:c0:cf:
40:6d:49:1d:80:29:b9:6f:32:0d:86:df:75:24:71:fd:9f:ee:
90:44:45:0c:4c:52:70:2d:cc:e9:fd:10:8d:c5:f4:fc:1a:08:
73:87:d3:45:c9:50:2a:50:54:ac:50:56:f4:86:9c:87:83:6a:
eb:8d:ab:a4:46:5f:f2:9c:f0:3a:b3:7d:1d:fe:ca:38:88:9f:
79:49:cb:21:f1:80:b2:49:c7:42:7e:68:7a:53:29:af:24:23:
cd:a6:1e:55:b8:c5:0a:1a:d3:a7:59:2f:69:7e:d3:ca:25:ff:
ea:e1:6f:aa:73:1e:74:62:96:91:13:c5:cb:a8:5b:05:aa:34:
5b:8f:ce:ed:e4:76:00:53:c2:13:40:5a:d7:35:a9:e7:38:4b:
b7:f9:8f:13
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZYZVDiutoIjcPOyyggzzzTkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3ZGQyOTdkMDg5OGZmZmRlMjhkNzY5Njc5NWJkYmQ1MjIz
ZjhhNjYwHhcNMjUwNDA5MDY1NDMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDAxYWRlYWYwMjNmNTkzNmZkYjBlYzVhNzliNDlhMWIyYzFmMWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1IAg2bzAIt3v8tAibWptvYWoVORJ
smsTS2yq+5bkOP6aD+ZatDl7SwJEPohelQ90if42A81qmuS/KzSnBlmHXgGqpBBP
GaN3gdD4fp89HmRVwhb2Ge7o1ExRuqHFCy+5f2Q6xugX0gO7jZIWJ46t4V/Yt8yn
45+H17YNgC4RSDTaVY+R1sQn+H9Oakhg/NFy2IXQaoYiQ7Y2HF/wK8d+wUI0Mv+X
z02EMcCSjrl4HuSt6QvOnKEy2EClcGyLN9ZqHtiP8f58a7W/qTccZop4O5vJPQdz
G+7g8fQK9q3dYL4DjAWuelKcPb7HN/UMVWZ6TMXMdeOonBhnAzqouzNrJQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFNQBrerwI/WTb9sOxaebSaGywfGiMB8GA1UdIwQY
MBaAFMfdKX0ImP/94o12lnlb29UiP4pmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDkwcGZRaVlfXzNpalhhV2VWdmIxU0lfaW1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8yNWUwNzktZmNiYy00MThkLWJlYzEt
MWYzYjViMDU2ZGZjLzEvMUFHdDZ2QWo5Wk52Mnc3RnA1dEpvYkxCOGFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8yNWUwNzktZmNiYy00MThkLWJlYzEtMWYzYjViMDU2ZGZj
LzEveDkwcGZRaVlfXzNpalhhV2VWdmIxU0lfaW1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQDXn9gMAwD
BADBNWMDBADBNWQDBAbBdIAwDQYJKoZIhvcNAQELBQADggEBAAopJHpINVJccImx
tfy3Iwkc3qrhKzfSuUaYRXh6x3uZTXrsdVZTTwd0zPK4kPmjqWBvT4xGFVUxfPMr
WL3Qea/d0ALvOZi/0F7d0UVDDlD0v3wGHlZ4HL6ertP6Q82x94zvo6BzztZw3hzA
z0BtSR2AKblvMg2G33Ukcf2f7pBERQxMUnAtzOn9EI3F9PwaCHOH00XJUCpQVKxQ
VvSGnIeDauuNq6RGX/Kc8DqzfR3+yjiIn3lJyyHxgLJJx0J+aHpTKa8kI82mHlW4
xQoa06dZL2l+08ol/+rhb6pzHnRilpETxcuoWwWqNFuPzu3kdgBTwhNAWtc1qec4
S7f5jxM=
-----END CERTIFICATE-----
Generated at Tue Apr 15 16:55:28 2025 by rpki-client