Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/cfc1ba-9c78-4c3d-8ec3-c0ad74ca5d9b/1/M0x4P-eqDOpLCOY_5rdYfIPAYXc.roa
File: M0x4P-eqDOpLCOY_5rdYfIPAYXc.roa (raw, json)
Hash identifier: Hz1NV4C1yE6vehHnBgkxV2TE2v53JgdybplNGjL2XYQ=
Subject key identifier: 33:4C:78:3F:E7:AA:0C:EA:4B:08:E6:3F:E6:B7:58:7C:83:C0:61:77
Certificate issuer: /CN=f2aeebe41d0518284aba3a4f5e5da05cfabd6f76
Certificate serial: 01942748353F1C72CFA065A412604843BC54
Authority key identifier: F2:AE:EB:E4:1D:05:18:28:4A:BA:3A:4F:5E:5D:A0:5C:FA:BD:6F:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8q7r5B0FGChKujpPXl2gXPq9b3Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/cfc1ba-9c78-4c3d-8ec3-c0ad74ca5d9b/1/M0x4P-eqDOpLCOY_5rdYfIPAYXc.roa
Signing time: Thu 02 Jan 2025 13:50:31 +0000
ROA not before: Thu 02 Jan 2025 13:50:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42643
IP address blocks: 193.142.210.0/24 maxlen: 24
193.200.46.0/23 maxlen: 23
193.200.46.0/24 maxlen: 24
193.200.47.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/cfc1ba-9c78-4c3d-8ec3-c0ad74ca5d9b/1/8q7r5B0FGChKujpPXl2gXPq9b3Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/cfc1ba-9c78-4c3d-8ec3-c0ad74ca5d9b/1/8q7r5B0FGChKujpPXl2gXPq9b3Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/8q7r5B0FGChKujpPXl2gXPq9b3Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 20 Apr 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:35:3f:1c:72:cf:a0:65:a4:12:60:48:43:bc:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f2aeebe41d0518284aba3a4f5e5da05cfabd6f76
Validity
Not Before: Jan 2 13:50:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=334c783fe7aa0cea4b08e63fe6b7587c83c06177
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:1a:34:e2:9a:07:a3:0d:fa:5d:a7:91:a4:13:
07:96:66:16:a5:e4:5e:c7:9e:1f:f2:3c:a0:83:3a:
7b:16:04:26:db:b1:ec:e4:83:8c:26:dc:d6:2a:cc:
ce:5d:20:2a:1a:7a:78:85:0d:99:59:ae:5f:ce:87:
3d:33:14:d7:b6:d6:8f:bf:4a:31:6c:91:c1:27:61:
29:63:2c:9d:b5:59:94:38:76:d4:44:e5:40:f8:07:
73:ed:14:73:ca:d1:5f:6a:ad:15:83:5a:13:8d:81:
0f:7a:7e:66:71:cf:21:07:c2:6e:33:08:fc:fe:de:
b1:1e:55:a0:ec:54:3f:b3:b8:56:ab:9d:93:78:9c:
81:0b:6f:73:9b:e7:b8:7a:b7:c3:80:0e:ce:8f:ef:
fa:59:c4:08:25:09:92:4a:e3:b4:8e:96:7d:b0:b3:
9e:65:ea:15:66:32:b5:2c:63:5d:e9:9b:4a:a9:ac:
2b:68:eb:73:51:18:ab:df:22:32:52:9d:2e:1b:c6:
62:8f:9b:fe:e8:39:61:c8:9f:72:1e:6c:16:73:38:
8c:5b:4b:c0:eb:b9:a3:8f:40:87:2d:e4:be:eb:4a:
ec:4c:db:67:cd:70:72:c8:d6:4b:ef:26:12:f5:bd:
96:8f:f3:79:1e:f3:10:08:88:cb:5a:d0:37:47:f9:
12:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:4C:78:3F:E7:AA:0C:EA:4B:08:E6:3F:E6:B7:58:7C:83:C0:61:77
X509v3 Authority Key Identifier:
keyid:F2:AE:EB:E4:1D:05:18:28:4A:BA:3A:4F:5E:5D:A0:5C:FA:BD:6F:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8q7r5B0FGChKujpPXl2gXPq9b3Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/cfc1ba-9c78-4c3d-8ec3-c0ad74ca5d9b/1/M0x4P-eqDOpLCOY_5rdYfIPAYXc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/cfc1ba-9c78-4c3d-8ec3-c0ad74ca5d9b/1/8q7r5B0FGChKujpPXl2gXPq9b3Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.142.210.0/24
193.200.46.0/23
Signature Algorithm: sha256WithRSAEncryption
24:dd:84:41:c6:3e:2e:96:26:68:83:91:4f:e7:7b:92:eb:64:
7e:a6:70:fc:9e:7a:2a:a7:f6:49:5a:cb:95:39:b3:a6:59:a6:
10:4f:9e:16:12:66:ef:e1:1a:34:ef:7f:1b:70:63:ea:bd:11:
a5:ec:d2:bd:a7:d3:f7:55:9e:8c:46:d5:fc:bf:cc:10:b6:5a:
49:fb:d3:c2:14:d4:9e:2c:24:57:6f:8a:89:c2:02:60:7e:b2:
cf:c2:4d:e6:9d:ea:b2:17:a6:e2:45:05:0e:32:21:c0:94:7e:
b9:2b:de:c1:af:76:83:00:04:20:22:99:7d:66:64:b5:8c:36:
2b:fc:b3:3a:fa:fc:83:63:1a:68:b9:b2:9d:9b:db:ba:6c:4a:
8a:6c:8c:5d:f2:c0:65:39:ce:d7:e1:c7:f3:05:c7:77:f5:48:
8b:7d:f4:b7:5f:64:ba:75:a4:60:69:81:e8:81:33:e1:b7:4c:
2e:5b:ff:ad:75:af:5c:03:77:4e:94:60:df:25:22:2b:af:16:
48:5b:62:cc:30:e7:aa:50:00:50:5e:06:dd:8a:29:56:74:39:
47:3f:ca:a1:e8:4b:51:8e:f6:1f:74:40:60:fe:a8:c4:26:1b:
a3:57:a4:4e:7d:d2:a7:c6:e6:a1:54:3b:79:f4:ed:11:80:83:
db:4d:63:16
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQnSDU/HHLPoGWkEmBIQ7xUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyYWVlYmU0MWQwNTE4Mjg0YWJhM2E0ZjVlNWRhMDVjZmFi
ZDZmNzYwHhcNMjUwMTAyMTM1MDMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzRjNzgzZmU3YWEwY2VhNGIwOGU2M2ZlNmI3NTg3YzgzYzA2MTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApBo04poHow36XaeRpBMHlmYWpeRe
x54f8jyggzp7FgQm27Hs5IOMJtzWKszOXSAqGnp4hQ2ZWa5fzoc9MxTXttaPv0ox
bJHBJ2EpYyydtVmUOHbUROVA+Adz7RRzytFfaq0Vg1oTjYEPen5mcc8hB8JuMwj8
/t6xHlWg7FQ/s7hWq52TeJyBC29zm+e4erfDgA7Oj+/6WcQIJQmSSuO0jpZ9sLOe
ZeoVZjK1LGNd6ZtKqawraOtzURir3yIyUp0uG8Zij5v+6DlhyJ9yHmwWcziMW0vA
67mjj0CHLeS+60rsTNtnzXByyNZL7yYS9b2Wj/N5HvMQCIjLWtA3R/kSsQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDNMeD/nqgzqSwjmP+a3WHyDwGF3MB8GA1UdIwQY
MBaAFPKu6+QdBRgoSro6T15doFz6vW92MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHE3cjVCMEZHQ2hLdWpwUFhsMmdYUHE5YjNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9jZmMxYmEtOWM3OC00YzNkLThlYzMt
YzBhZDc0Y2E1ZDliLzEvTTB4NFAtZXFET3BMQ09ZXzVyZFlmSVBBWVhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9jZmMxYmEtOWM3OC00YzNkLThlYzMtYzBhZDc0Y2E1ZDli
LzEvOHE3cjVCMEZHQ2hLdWpwUFhsMmdYUHE5YjNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwY7SAwQB
wcguMA0GCSqGSIb3DQEBCwUAA4IBAQAk3YRBxj4uliZog5FP53uS62R+pnD8nnoq
p/ZJWsuVObOmWaYQT54WEmbv4Ro0738bcGPqvRGl7NK9p9P3VZ6MRtX8v8wQtlpJ
+9PCFNSeLCRXb4qJwgJgfrLPwk3mneqyF6biRQUOMiHAlH65K97Br3aDAAQgIpl9
ZmS1jDYr/LM6+vyDYxpoubKdm9u6bEqKbIxd8sBlOc7X4cfzBcd39UiLffS3X2S6
daRgaYHogTPht0wuW/+tda9cA3dOlGDfJSIrrxZIW2LMMOeqUABQXgbdiilWdDlH
P8qh6EtRjvYfdEBg/qjEJhujV6ROfdKnxuahVDt59O0RgIPbTWMW
-----END CERTIFICATE-----
Generated at Sat Apr 19 14:05:36 2025 by rpki-client