Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/yMoGVUgWkLcjGd-eCHwp0f7sYEw.roa
File: yMoGVUgWkLcjGd-eCHwp0f7sYEw.roa (raw, json)
Hash identifier: zWDi7LVWgZCgN22tu3iijDKXUYSQ4BnSDtV5uO573e0=
Subject key identifier: C8:CA:06:55:48:16:90:B7:23:19:DF:9E:08:7C:29:D1:FE:EC:60:4C
Certificate issuer: /CN=e0dee1b06ba24a676213f976a4b50c129dcb2b73
Certificate serial: 01942826FD8D3AEC65B13EB1D7179743BBB2
Authority key identifier: E0:DE:E1:B0:6B:A2:4A:67:62:13:F9:76:A4:B5:0C:12:9D:CB:2B:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4N7hsGuiSmdiE_l2pLUMEp3LK3M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/yMoGVUgWkLcjGd-eCHwp0f7sYEw.roa
Signing time: Thu 02 Jan 2025 17:53:51 +0000
ROA not before: Thu 02 Jan 2025 17:53:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6667
IP address blocks: 192.136.73.0/24 maxlen: 24
192.136.74.0/24 maxlen: 24
192.175.45.0/24 maxlen: 24
213.192.184.0/21 maxlen: 21
2001:670::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/4N7hsGuiSmdiE_l2pLUMEp3LK3M.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/4N7hsGuiSmdiE_l2pLUMEp3LK3M.mft
rsync://rpki.ripe.net/repository/DEFAULT/4N7hsGuiSmdiE_l2pLUMEp3LK3M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 17:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:fd:8d:3a:ec:65:b1:3e:b1:d7:17:97:43:bb:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0dee1b06ba24a676213f976a4b50c129dcb2b73
Validity
Not Before: Jan 2 17:53:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c8ca0655481690b72319df9e087c29d1feec604c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:94:b0:01:5e:17:53:4d:7b:30:7f:88:3b:f2:
04:49:f1:88:10:bc:be:e7:b1:08:e5:3f:ad:71:3d:
6f:c5:76:41:45:d5:6f:41:22:cf:92:17:d5:7d:c7:
92:15:44:68:7c:32:21:e5:96:66:cf:6a:25:7e:c1:
90:74:50:c2:ef:30:89:91:4f:bc:68:e0:b3:06:bd:
8f:94:50:c7:19:fd:05:83:30:d2:7e:91:00:cc:81:
d6:be:b3:ee:73:95:4d:72:d8:89:e4:75:b7:a9:e2:
18:49:31:a5:c1:c4:60:53:ba:2a:4d:fe:c3:c3:66:
78:4b:21:bc:cd:aa:49:fa:2a:ee:76:1e:de:c9:aa:
0d:d1:48:59:dc:b1:4f:21:fc:3d:d4:62:91:d5:a0:
3d:12:cc:b8:93:94:5b:d8:9b:5f:18:d5:fe:85:60:
f1:12:7a:6c:cb:2d:96:7a:a9:95:92:0d:55:f4:a9:
80:e6:a3:dc:b2:e5:47:df:fa:e9:2e:72:62:91:4a:
3b:70:d9:1b:e6:db:ad:29:dc:c0:ce:e4:8e:52:fb:
62:40:a0:1e:ed:81:cf:77:3d:fb:45:b1:ee:f5:a6:
59:c1:85:79:88:2c:f3:03:45:4e:14:a1:ec:22:32:
73:eb:19:19:3c:97:fa:91:83:8d:08:cb:55:72:ca:
b9:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:CA:06:55:48:16:90:B7:23:19:DF:9E:08:7C:29:D1:FE:EC:60:4C
X509v3 Authority Key Identifier:
keyid:E0:DE:E1:B0:6B:A2:4A:67:62:13:F9:76:A4:B5:0C:12:9D:CB:2B:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4N7hsGuiSmdiE_l2pLUMEp3LK3M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/yMoGVUgWkLcjGd-eCHwp0f7sYEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/4N7hsGuiSmdiE_l2pLUMEp3LK3M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.136.73.0-192.136.74.255
192.175.45.0/24
213.192.184.0/21
IPv6:
2001:670::/32
Signature Algorithm: sha256WithRSAEncryption
46:14:50:95:27:fc:93:ea:f2:17:65:a7:49:ae:05:78:06:b3:
9a:3a:84:f2:27:88:b1:eb:6e:bd:dd:22:2a:58:87:57:87:f0:
51:e2:21:33:1f:98:39:17:89:b3:c5:85:32:c4:53:61:fd:9e:
f0:14:61:c1:d1:50:f6:99:45:8c:b2:65:72:5e:f0:d2:f2:04:
5e:d2:35:e6:34:a3:fb:50:9d:d8:24:8d:76:2e:45:e5:fd:17:
60:a2:da:48:b1:fb:13:ca:24:a2:e0:d3:e9:5b:4f:78:e6:87:
8c:67:95:18:74:27:d4:2b:e6:d9:11:15:1f:32:cf:1b:6b:5f:
f4:14:e5:d8:91:c0:bb:f7:f6:1d:49:54:78:6c:65:22:9a:37:
df:6e:27:9f:4a:3f:f4:7c:be:fe:17:6b:3a:d8:a8:b4:34:5e:
06:81:00:65:ef:38:ca:33:00:d5:dd:df:89:d8:bb:0f:b2:ee:
6d:95:dc:63:9b:ad:01:fa:b1:e7:84:ef:42:2b:d5:49:52:cb:
44:1d:22:4a:d2:64:78:58:2c:4a:4d:32:ba:e8:92:49:cf:e7:
35:d8:a7:75:45:b6:d5:20:67:4b:97:1c:80:9e:8c:d5:99:15:
cb:ca:12:5c:18:bd:6d:45:7e:5b:0f:db:0f:c7:b9:30:29:37:
66:63:cb:ce
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZQoJv2NOuxlsT6x1xeXQ7uyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwZGVlMWIwNmJhMjRhNjc2MjEzZjk3NmE0YjUwYzEyOWRj
YjJiNzMwHhcNMjUwMTAyMTc1MzUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGNhMDY1NTQ4MTY5MGI3MjMxOWRmOWUwODdjMjlkMWZlZWM2MDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZSwAV4XU017MH+IO/IESfGIELy+
57EI5T+tcT1vxXZBRdVvQSLPkhfVfceSFURofDIh5ZZmz2olfsGQdFDC7zCJkU+8
aOCzBr2PlFDHGf0FgzDSfpEAzIHWvrPuc5VNctiJ5HW3qeIYSTGlwcRgU7oqTf7D
w2Z4SyG8zapJ+irudh7eyaoN0UhZ3LFPIfw91GKR1aA9Esy4k5Rb2JtfGNX+hWDx
Enpsyy2WeqmVkg1V9KmA5qPcsuVH3/rpLnJikUo7cNkb5tutKdzAzuSOUvtiQKAe
7YHPdz37RbHu9aZZwYV5iCzzA0VOFKHsIjJz6xkZPJf6kYONCMtVcsq51QIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFMjKBlVIFpC3Ixnfngh8KdH+7GBMMB8GA1UdIwQY
MBaAFODe4bBrokpnYhP5dqS1DBKdyytzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNE43aHNHdWlTbWRpRV9sMnBMVU1FcDNMSzNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9jMjJkYzktYzdiYS00MTU2LWE3OWMt
MTVlOTBiZjg3ZmFiLzEveU1vR1ZVZ1drTGNqR2QtZUNId3AwZjdzWUV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9jMjJkYzktYzdiYS00MTU2LWE3OWMtMTVlOTBiZjg3ZmFi
LzEvNE43aHNHdWlTbWRpRV9sMnBMVU1FcDNMSzNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaMAwDBADAiEkD
BADAiEoDBADAry0DBAPVwLgwDQQCAAIwBwMFACABBnAwDQYJKoZIhvcNAQELBQAD
ggEBAEYUUJUn/JPq8hdlp0muBXgGs5o6hPIniLHrbr3dIipYh1eH8FHiITMfmDkX
ibPFhTLEU2H9nvAUYcHRUPaZRYyyZXJe8NLyBF7SNeY0o/tQndgkjXYuReX9F2Ci
2kix+xPKJKLg0+lbT3jmh4xnlRh0J9Qr5tkRFR8yzxtrX/QU5diRwLv39h1JVHhs
ZSKaN99uJ59KP/R8vv4XazrYqLQ0XgaBAGXvOMozANXd34nYuw+y7m2V3GObrQH6
seeE70Ir1UlSy0QdIkrSZHhYLEpNMrrokknP5zXYp3VFttUgZ0uXHICejNWZFcvK
ElwYvW1FflsP2w/HuTApN2Zjy84=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:55:39 2025 by rpki-client