Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/41o_KDQT0UQR0-pEGq6ZFFoyGEY.roa
File: 41o_KDQT0UQR0-pEGq6ZFFoyGEY.roa (raw, json)
Hash identifier: mkyU9FNe+9kldpNCWIBTUaB1xImUCSbnmtoOt1trV1c=
Subject key identifier: E3:5A:3F:28:34:13:D1:44:11:D3:EA:44:1A:AE:99:14:5A:32:18:46
Certificate issuer: /CN=38ca3f38d8e5a301eaf6924b924fe8f57aac690d
Certificate serial: 01942369227595064E21E5C554413BD69586
Authority key identifier: 38:CA:3F:38:D8:E5:A3:01:EA:F6:92:4B:92:4F:E8:F5:7A:AC:69:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OMo_ONjlowHq9pJLkk_o9XqsaQ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/41o_KDQT0UQR0-pEGq6ZFFoyGEY.roa
Signing time: Wed 01 Jan 2025 19:48:00 +0000
ROA not before: Wed 01 Jan 2025 19:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60353
IP address blocks: 193.19.72.0/24 maxlen: 24
193.19.96.0/24 maxlen: 24
193.19.97.0/24 maxlen: 24
2a00:cee6::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/OMo_ONjlowHq9pJLkk_o9XqsaQ0.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/OMo_ONjlowHq9pJLkk_o9XqsaQ0.mft
rsync://rpki.ripe.net/repository/DEFAULT/OMo_ONjlowHq9pJLkk_o9XqsaQ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:22:75:95:06:4e:21:e5:c5:54:41:3b:d6:95:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38ca3f38d8e5a301eaf6924b924fe8f57aac690d
Validity
Not Before: Jan 1 19:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e35a3f283413d14411d3ea441aae99145a321846
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:a7:35:30:bc:0e:f9:7a:96:fe:8c:11:26:e8:
e2:74:ef:92:71:32:f4:df:60:81:d5:fb:7f:19:2f:
6f:eb:d4:20:a8:08:d0:9e:c0:73:67:75:8b:21:f8:
38:cb:59:93:43:52:f4:a5:46:b0:81:95:d5:41:c1:
3e:fa:68:70:21:e4:c7:0e:3b:91:b6:13:ec:6f:10:
fb:4e:31:a2:bc:d8:ab:c8:18:a9:1d:bb:df:b3:75:
97:ee:8a:eb:b4:d9:87:a5:f2:41:a0:21:7b:95:eb:
fb:6b:c0:74:62:86:a5:71:75:61:4b:7d:af:b4:98:
8d:dd:74:82:0c:96:82:70:c7:4a:51:e7:9a:02:3e:
88:ac:5a:6d:88:6c:e2:27:0d:ad:4b:2d:d6:65:d9:
d8:47:a4:57:e2:de:6f:a5:97:f4:05:ef:70:3c:78:
61:8b:c0:4a:e6:43:08:8c:bd:ee:42:f5:ef:5d:1b:
13:40:23:06:54:6e:85:51:5b:b2:38:65:6b:b1:d0:
52:5b:d0:a1:02:9f:20:e4:3f:c6:22:42:0a:a1:33:
6d:23:97:07:e4:d7:5a:c7:c6:54:58:b9:00:66:01:
74:e7:cb:20:fe:d0:61:b2:4a:02:a0:dd:22:0d:60:
40:3d:57:b0:fe:6e:f2:72:1e:fa:db:cc:6b:c6:09:
8d:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:5A:3F:28:34:13:D1:44:11:D3:EA:44:1A:AE:99:14:5A:32:18:46
X509v3 Authority Key Identifier:
keyid:38:CA:3F:38:D8:E5:A3:01:EA:F6:92:4B:92:4F:E8:F5:7A:AC:69:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OMo_ONjlowHq9pJLkk_o9XqsaQ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/41o_KDQT0UQR0-pEGq6ZFFoyGEY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/OMo_ONjlowHq9pJLkk_o9XqsaQ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.19.72.0/24
193.19.96.0/23
IPv6:
2a00:cee6::/32
Signature Algorithm: sha256WithRSAEncryption
48:ca:14:a7:2a:34:8d:3a:53:ad:43:fc:f5:d0:a9:c8:9c:51:
c7:c1:c4:3d:b2:03:00:39:84:26:f7:17:b9:68:41:d9:b1:f7:
b3:3e:04:7e:59:4f:43:bb:2d:78:d5:a9:76:c8:29:dc:8c:dd:
9a:a6:10:f8:cc:b5:6c:ef:f0:76:52:26:e3:22:34:16:4a:21:
b7:fc:16:23:fc:5e:56:1a:ec:51:bb:e7:ad:95:9b:5d:59:f2:
7f:db:1d:ce:49:64:ae:32:a1:0f:a3:91:24:1d:5c:2a:42:9d:
75:a9:5c:ed:ec:f2:5c:2f:fd:2a:d7:a7:33:ad:c0:52:1c:f4:
7e:14:a2:55:47:8b:01:2f:37:95:b1:b1:55:3f:7a:f7:0f:11:
cb:5e:97:3a:c7:6c:e9:73:85:3b:56:0b:f6:3d:55:ab:a6:b6:
e2:d4:3f:05:82:79:d2:3b:86:3d:58:5e:6c:36:9b:e8:eb:ef:
05:9f:2b:15:ed:25:1b:4d:09:ce:1d:2f:94:1f:31:05:15:55:
da:40:5e:65:30:8f:3d:1e:c7:a4:f0:e2:5b:98:c4:3c:74:83:
7d:87:f2:62:27:c2:e3:19:1f:43:97:20:96:f5:08:e3:29:7f:
d7:f8:f6:6a:52:82:f0:15:1b:7a:83:5b:79:a2:be:c1:04:8e:
84:9e:a5:08
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQjaSJ1lQZOIeXFVEE71pWGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4Y2EzZjM4ZDhlNWEzMDFlYWY2OTI0YjkyNGZlOGY1N2Fh
YzY5MGQwHhcNMjUwMTAxMTk0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzVhM2YyODM0MTNkMTQ0MTFkM2VhNDQxYWFlOTkxNDVhMzIxODQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8ac1MLwO+XqW/owRJujidO+ScTL0
32CB1ft/GS9v69QgqAjQnsBzZ3WLIfg4y1mTQ1L0pUawgZXVQcE++mhwIeTHDjuR
thPsbxD7TjGivNiryBipHbvfs3WX7orrtNmHpfJBoCF7lev7a8B0YoalcXVhS32v
tJiN3XSCDJaCcMdKUeeaAj6IrFptiGziJw2tSy3WZdnYR6RX4t5vpZf0Be9wPHhh
i8BK5kMIjL3uQvXvXRsTQCMGVG6FUVuyOGVrsdBSW9ChAp8g5D/GIkIKoTNtI5cH
5Ndax8ZUWLkAZgF058sg/tBhskoCoN0iDWBAPVew/m7ych7628xrxgmNwQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFONaPyg0E9FEEdPqRBqumRRaMhhGMB8GA1UdIwQY
MBaAFDjKPzjY5aMB6vaSS5JP6PV6rGkNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT01vX09Oamxvd0hxOXBKTGtrX285WHFzYVEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9iYTY3NTUtNDI3My00OGUxLTg1ODIt
NzEyZmE2NWEyNWJhLzEvNDFvX0tEUVQwVVFSMC1wRUdxNlpGRm95R0VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9iYTY3NTUtNDI3My00OGUxLTg1ODItNzEyZmE2NWEyNWJh
LzEvT01vX09Oamxvd0hxOXBKTGtrX285WHFzYVEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAwRNIAwQB
wRNgMA0EAgACMAcDBQAqAM7mMA0GCSqGSIb3DQEBCwUAA4IBAQBIyhSnKjSNOlOt
Q/z10KnInFHHwcQ9sgMAOYQm9xe5aEHZsfezPgR+WU9Duy141al2yCncjN2aphD4
zLVs7/B2UibjIjQWSiG3/BYj/F5WGuxRu+etlZtdWfJ/2x3OSWSuMqEPo5EkHVwq
Qp11qVzt7PJcL/0q16czrcBSHPR+FKJVR4sBLzeVsbFVP3r3DxHLXpc6x2zpc4U7
Vgv2PVWrprbi1D8FgnnSO4Y9WF5sNpvo6+8FnysV7SUbTQnOHS+UHzEFFVXaQF5l
MI89Hsek8OJbmMQ8dIN9h/JiJ8LjGR9DlyCW9QjjKX/X+PZqUoLwFRt6g1t5or7B
BI6EnqUI
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:30:08 2025 by rpki-client