Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/_dFWPYWoHvRgP0hZoUdByhput5c.roa
File: _dFWPYWoHvRgP0hZoUdByhput5c.roa (raw, json)
Hash identifier: MieQq/1x+woCbXRNA7MMSVebpmr8h54HKnXrTS3apcc=
Subject key identifier: FD:D1:56:3D:85:A8:1E:F4:60:3F:48:59:A1:47:41:CA:1A:6E:B7:97
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 019422FC0A67D924E605368EAA0CE472D32C
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/_dFWPYWoHvRgP0hZoUdByhput5c.roa
Signing time: Wed 01 Jan 2025 17:48:50 +0000
ROA not before: Wed 01 Jan 2025 17:48:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42694
IP address blocks: 193.163.74.0/24 maxlen: 24
193.163.101.0/24 maxlen: 24
193.221.211.0/24 maxlen: 24
2a13:5800::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.mft
rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:0a:67:d9:24:e6:05:36:8e:aa:0c:e4:72:d3:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jan 1 17:48:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fdd1563d85a81ef4603f4859a14741ca1a6eb797
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:44:8d:6b:66:e3:d9:e3:7b:66:50:50:7c:6d:
e7:b1:54:5d:2a:2e:0d:09:2c:79:89:fc:48:ad:53:
f7:d0:db:6b:f3:44:96:d7:6d:d1:21:11:ec:79:80:
7c:e2:e4:af:a3:f1:09:14:1c:88:ac:20:8f:31:c5:
9f:a3:d6:ac:12:85:6b:06:4c:ac:4c:86:14:4c:33:
e1:0c:49:8d:2b:7f:45:e5:de:7f:31:89:05:c9:8f:
66:ca:e3:03:c1:2b:4a:13:92:3f:32:37:1f:15:94:
94:fd:a8:84:df:00:94:eb:32:fa:75:b2:be:2a:97:
bd:8e:38:53:60:6e:1d:23:c4:a5:f7:49:19:3d:42:
01:52:2c:a0:ff:0b:62:fa:1c:9d:0a:84:3c:7a:6f:
06:b4:27:a3:e3:a6:d1:55:1d:e3:bf:16:1e:d2:ed:
b7:08:7e:79:1c:9b:d8:c4:4e:31:f2:e0:25:16:2f:
a8:67:a1:69:aa:6a:c9:e7:ef:f3:14:78:70:e9:9c:
65:73:83:f6:5d:86:d4:c4:45:d8:48:bc:23:fd:61:
0a:68:8b:c5:5c:11:c6:c6:e6:11:7f:2e:7d:55:76:
8e:61:f0:60:1b:e3:c1:11:2f:80:e6:ce:a3:e9:8b:
bb:c6:8e:6d:44:91:c0:96:61:41:ef:d7:22:bf:f2:
7f:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:D1:56:3D:85:A8:1E:F4:60:3F:48:59:A1:47:41:CA:1A:6E:B7:97
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/_dFWPYWoHvRgP0hZoUdByhput5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.163.74.0/24
193.163.101.0/24
193.221.211.0/24
IPv6:
2a13:5800::/29
Signature Algorithm: sha256WithRSAEncryption
99:83:88:1a:d5:dc:60:82:46:f7:97:27:02:5d:6b:fe:a1:68:
de:db:7a:34:16:98:0a:43:7a:a1:45:14:21:ba:01:42:5d:7d:
64:c6:e0:6a:a9:1b:8f:28:a5:57:cc:da:f9:35:bd:bc:b4:4f:
92:7d:d3:92:7b:04:3b:79:2f:f1:3a:bc:cd:43:93:73:ff:4a:
9e:6c:24:0d:d3:67:31:9c:e0:dd:6b:58:70:7a:c3:cd:1f:63:
a7:5c:3f:07:35:d1:9a:e1:49:1c:21:2c:7b:55:62:51:e3:b1:
dd:45:a8:9b:64:73:a7:d2:a5:ea:ea:82:a9:c0:bd:e5:f4:af:
48:bb:24:f6:a2:7b:e7:88:f7:97:4a:16:d6:32:32:76:47:5b:
e8:4d:16:14:a9:a0:cb:77:7c:89:1d:8f:b9:f1:a1:d5:3c:13:
b1:33:ca:09:03:a5:8b:57:3b:75:4f:ec:cd:5d:98:d2:d7:d5:
3e:30:ca:e6:5a:ff:7f:a6:7c:7c:42:d6:a4:8b:67:24:18:2e:
15:dd:d1:56:fb:f2:6f:73:e0:28:fb:9a:38:72:0c:f2:43:81:
1e:41:9f:e7:02:5d:90:d2:54:dc:08:8d:bf:c1:e5:9a:41:c2:
3c:00:76:b6:ef:a9:e2:d1:8b:c4:be:54:6d:d4:bf:5b:78:5d:
54:16:9e:6d
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQi/Apn2STmBTaOqgzkctMsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjUwMTAxMTc0ODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGQxNTYzZDg1YTgxZWY0NjAzZjQ4NTlhMTQ3NDFjYTFhNmViNzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApkSNa2bj2eN7ZlBQfG3nsVRdKi4N
CSx5ifxIrVP30Ntr80SW123RIRHseYB84uSvo/EJFByIrCCPMcWfo9asEoVrBkys
TIYUTDPhDEmNK39F5d5/MYkFyY9myuMDwStKE5I/MjcfFZSU/aiE3wCU6zL6dbK+
Kpe9jjhTYG4dI8Sl90kZPUIBUiyg/wti+hydCoQ8em8GtCej46bRVR3jvxYe0u23
CH55HJvYxE4x8uAlFi+oZ6FpqmrJ5+/zFHhw6Zxlc4P2XYbUxEXYSLwj/WEKaIvF
XBHGxuYRfy59VXaOYfBgG+PBES+A5s6j6Yu7xo5tRJHAlmFB79civ/J/4QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFP3RVj2FqB70YD9IWaFHQcoabreXMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvX2RGV1BZV29IdlJnUDBoWm9VZEJ5aHB1dDVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAwaNKAwQA
waNlAwQAwd3TMA0EAgACMAcDBQMqE1gAMA0GCSqGSIb3DQEBCwUAA4IBAQCZg4ga
1dxggkb3lycCXWv+oWje23o0FpgKQ3qhRRQhugFCXX1kxuBqqRuPKKVXzNr5Nb28
tE+SfdOSewQ7eS/xOrzNQ5Nz/0qebCQN02cxnODda1hwesPNH2OnXD8HNdGa4Ukc
ISx7VWJR47HdRaibZHOn0qXq6oKpwL3l9K9IuyT2onvniPeXShbWMjJ2R1voTRYU
qaDLd3yJHY+58aHVPBOxM8oJA6WLVzt1T+zNXZjS19U+MMrmWv9/pnx8Qtaki2ck
GC4V3dFW+/Jvc+Ao+5o4cgzyQ4EeQZ/nAl2Q0lTcCI2/weWaQcI8AHa276ni0YvE
vlRt1L9beF1UFp5t
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:24:54 2025 by rpki-client