Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/a0e90f-2198-442e-95fc-b7f63423f192/1/DLIEmy-lWsyrr-sd36twYuEevio.roa
File: DLIEmy-lWsyrr-sd36twYuEevio.roa (raw, json)
Hash identifier: aUcurTUu0ie7YyEr+ll+2DTq3WZheC8vTveKU2r56C8=
Subject key identifier: 0C:B2:04:9B:2F:A5:5A:CC:AB:AF:EB:1D:DF:AB:70:62:E1:1E:BE:2A
Certificate issuer: /CN=84695c825129e3654a508b3bc529fe3a5b3839b1
Certificate serial: 0194236A1E9C2F6A02A79EA7D7B2A793C105
Authority key identifier: 84:69:5C:82:51:29:E3:65:4A:50:8B:3B:C5:29:FE:3A:5B:38:39:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hGlcglEp42VKUIs7xSn-Ols4ObE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/a0e90f-2198-442e-95fc-b7f63423f192/1/DLIEmy-lWsyrr-sd36twYuEevio.roa
Signing time: Wed 01 Jan 2025 19:49:04 +0000
ROA not before: Wed 01 Jan 2025 19:49:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 194.56.216.0/23 maxlen: 23
194.56.222.0/23 maxlen: 23
2a0f:13c0::/31 maxlen: 31
2a0f:13c2::/31 maxlen: 31
2a0f:13c4::/31 maxlen: 31
2a0f:13c6::/31 maxlen: 31
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/a0e90f-2198-442e-95fc-b7f63423f192/1/hGlcglEp42VKUIs7xSn-Ols4ObE.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/a0e90f-2198-442e-95fc-b7f63423f192/1/hGlcglEp42VKUIs7xSn-Ols4ObE.mft
rsync://rpki.ripe.net/repository/DEFAULT/hGlcglEp42VKUIs7xSn-Ols4ObE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:1e:9c:2f:6a:02:a7:9e:a7:d7:b2:a7:93:c1:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84695c825129e3654a508b3bc529fe3a5b3839b1
Validity
Not Before: Jan 1 19:49:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0cb2049b2fa55accabafeb1ddfab7062e11ebe2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:9a:9b:e9:c7:cb:4b:6b:7d:13:8f:c6:46:b7:
ad:87:fe:0e:48:48:65:73:46:6a:de:6b:5b:92:2d:
17:23:4b:4e:f4:a0:3a:5a:d0:50:dd:3d:0e:fe:78:
b1:6f:0d:5c:11:a5:e3:c7:2d:47:17:93:b1:e6:2c:
08:bf:2c:95:1e:22:f6:74:5d:89:0b:73:80:da:ec:
7c:bf:28:09:c4:cc:73:36:cf:cf:11:25:27:69:03:
23:f0:a9:00:60:dd:dd:9a:8e:6d:6b:ed:a2:40:37:
41:47:1b:e2:0d:58:1c:bd:60:8f:cc:5e:d1:55:40:
6b:09:72:bd:74:9a:36:53:46:8f:29:70:95:0b:c4:
78:ec:6f:05:fb:24:d0:92:69:14:08:24:8d:3b:dc:
e4:15:64:b9:bd:c5:c4:fa:03:2c:3b:73:3b:8d:0f:
d0:5e:55:48:34:00:54:95:60:3d:b8:10:f8:4b:38:
53:8d:19:2a:da:27:82:16:e2:3d:20:4e:37:9b:fb:
91:b7:dd:6e:1c:dc:0b:9e:97:26:d0:5f:8c:70:dd:
16:69:44:7e:a9:e8:bb:b2:08:e4:69:87:79:dd:a1:
7d:ab:25:84:55:14:a3:1a:44:ed:71:19:03:b0:5e:
ba:47:fb:cf:93:d0:31:78:2f:f4:bd:ca:07:dd:d1:
37:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:B2:04:9B:2F:A5:5A:CC:AB:AF:EB:1D:DF:AB:70:62:E1:1E:BE:2A
X509v3 Authority Key Identifier:
keyid:84:69:5C:82:51:29:E3:65:4A:50:8B:3B:C5:29:FE:3A:5B:38:39:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hGlcglEp42VKUIs7xSn-Ols4ObE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/a0e90f-2198-442e-95fc-b7f63423f192/1/DLIEmy-lWsyrr-sd36twYuEevio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/a0e90f-2198-442e-95fc-b7f63423f192/1/hGlcglEp42VKUIs7xSn-Ols4ObE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.56.216.0/23
194.56.222.0/23
IPv6:
2a0f:13c0::/29
Signature Algorithm: sha256WithRSAEncryption
09:13:21:10:1d:38:72:34:af:71:d3:84:ac:5a:3f:1c:76:1d:
59:86:3e:9c:22:ff:ea:cb:24:de:61:8f:3e:b9:2f:6a:97:89:
5f:4b:ad:1e:8e:a3:3d:07:7d:00:1c:16:34:b2:44:44:6c:c7:
ae:1f:25:da:80:41:47:be:e0:50:21:dd:61:5e:f5:79:d2:9c:
13:a7:e4:9d:c7:90:07:51:06:76:5f:a6:a2:b5:de:41:58:55:
47:fc:3a:22:43:ee:4e:fa:37:3f:07:6a:1e:59:06:63:d3:09:
f6:ae:23:08:6a:7e:ee:a4:d1:ee:d3:93:45:90:67:3b:d2:38:
6e:8b:b9:37:cf:4c:db:f5:b9:0e:de:60:7a:59:99:ca:9a:34:
13:a8:3a:b8:67:11:72:c2:1e:b7:a4:80:8a:24:f8:08:d4:e2:
88:f0:75:e5:36:45:d9:e8:9d:be:22:29:8a:78:1b:c4:28:4f:
f8:98:63:f0:01:77:6e:b2:f9:15:9a:ed:a5:71:5b:a0:6e:a6:
9a:a7:83:bd:f4:48:96:18:37:a5:7f:ab:7f:9a:ea:de:2d:f4:
c2:d2:fb:7f:04:ce:73:35:43:be:d6:b2:ad:8a:e2:01:2d:2c:
7f:38:76:a2:a0:67:d9:11:21:32:c3:ef:e9:3e:9b:b9:20:5c:
d2:63:29:1b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQjah6cL2oCp56n17Knk8EFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0Njk1YzgyNTEyOWUzNjU0YTUwOGIzYmM1MjlmZTNhNWIz
ODM5YjEwHhcNMjUwMTAxMTk0OTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2IyMDQ5YjJmYTU1YWNjYWJhZmViMWRkZmFiNzA2MmUxMWViZTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu5qb6cfLS2t9E4/GRreth/4OSEhl
c0Zq3mtbki0XI0tO9KA6WtBQ3T0O/nixbw1cEaXjxy1HF5Ox5iwIvyyVHiL2dF2J
C3OA2ux8vygJxMxzNs/PESUnaQMj8KkAYN3dmo5ta+2iQDdBRxviDVgcvWCPzF7R
VUBrCXK9dJo2U0aPKXCVC8R47G8F+yTQkmkUCCSNO9zkFWS5vcXE+gMsO3M7jQ/Q
XlVINABUlWA9uBD4SzhTjRkq2ieCFuI9IE43m/uRt91uHNwLnpcm0F+McN0WaUR+
qei7sgjkaYd53aF9qyWEVRSjGkTtcRkDsF66R/vPk9AxeC/0vcoH3dE3ywIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAyyBJsvpVrMq6/rHd+rcGLhHr4qMB8GA1UdIwQY
MBaAFIRpXIJRKeNlSlCLO8Up/jpbODmxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEdsY2dsRXA0MlZLVUlzN3hTbi1PbHM0T2JFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9hMGU5MGYtMjE5OC00NDJlLTk1ZmMt
YjdmNjM0MjNmMTkyLzEvRExJRW15LWxXc3lyci1zZDM2dHdZdUVldmlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9hMGU5MGYtMjE5OC00NDJlLTk1ZmMtYjdmNjM0MjNmMTky
LzEvaEdsY2dsRXA0MlZLVUlzN3hTbi1PbHM0T2JFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBwjjYAwQB
wjjeMA0EAgACMAcDBQMqDxPAMA0GCSqGSIb3DQEBCwUAA4IBAQAJEyEQHThyNK9x
04SsWj8cdh1Zhj6cIv/qyyTeYY8+uS9ql4lfS60ejqM9B30AHBY0skREbMeuHyXa
gEFHvuBQId1hXvV50pwTp+Sdx5AHUQZ2X6aitd5BWFVH/DoiQ+5O+jc/B2oeWQZj
0wn2riMIan7upNHu05NFkGc70jhui7k3z0zb9bkO3mB6WZnKmjQTqDq4ZxFywh63
pICKJPgI1OKI8HXlNkXZ6J2+IimKeBvEKE/4mGPwAXdusvkVmu2lcVugbqaap4O9
9EiWGDelf6t/mureLfTC0vt/BM5zNUO+1rKtiuIBLSx/OHaioGfZESEyw+/pPpu5
IFzSYykb
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:15:12 2025 by rpki-client