Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/d0992d-93fa-4846-a495-76522c207c55/1/zJ5MYEMzWfucEDGxLfmRzsaSeEg.roa
File: zJ5MYEMzWfucEDGxLfmRzsaSeEg.roa (raw, json)
Hash identifier: 13et8HkfUmrO0+ptVe41OzMBwG62Ru5G13R9afNJkP8=
Subject key identifier: CC:9E:4C:60:43:33:59:FB:9C:10:31:B1:2D:F9:91:CE:C6:92:78:48
Certificate issuer: /CN=1697c46eafa10ec5d907bb05e37123b692ab494c
Certificate serial: 0194282408E69C89E9380A678D233910781B
Authority key identifier: 16:97:C4:6E:AF:A1:0E:C5:D9:07:BB:05:E3:71:23:B6:92:AB:49:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FpfEbq-hDsXZB7sF43EjtpKrSUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/d0992d-93fa-4846-a495-76522c207c55/1/zJ5MYEMzWfucEDGxLfmRzsaSeEg.roa
Signing time: Thu 02 Jan 2025 17:50:37 +0000
ROA not before: Thu 02 Jan 2025 17:50:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209193
IP address blocks: 93.191.113.0/24 maxlen: 24
93.191.114.0/24 maxlen: 24
2a06:a544::/31 maxlen: 31
2a06:a546::/31 maxlen: 31
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3e/d0992d-93fa-4846-a495-76522c207c55/1/FpfEbq-hDsXZB7sF43EjtpKrSUw.crl
rsync://rpki.ripe.net/repository/DEFAULT/3e/d0992d-93fa-4846-a495-76522c207c55/1/FpfEbq-hDsXZB7sF43EjtpKrSUw.mft
rsync://rpki.ripe.net/repository/DEFAULT/FpfEbq-hDsXZB7sF43EjtpKrSUw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:08:e6:9c:89:e9:38:0a:67:8d:23:39:10:78:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1697c46eafa10ec5d907bb05e37123b692ab494c
Validity
Not Before: Jan 2 17:50:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cc9e4c60433359fb9c1031b12df991cec6927848
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:7e:fd:8b:bc:71:7e:97:f1:7f:71:2f:b2:4e:
8f:05:d6:f8:53:db:f3:12:e4:d1:54:60:d5:31:e1:
68:77:1c:8b:f7:8b:e2:d8:04:d5:f3:fe:ab:9d:98:
41:f2:7d:fc:8b:a5:2c:eb:e2:54:10:bf:1e:ca:4a:
a4:f2:4a:fe:f7:cc:45:da:e0:04:32:c7:d3:61:da:
85:9c:ff:03:87:ce:8c:ec:95:3b:8e:c5:6d:3c:e1:
c1:97:a5:9d:8e:0e:f2:05:ec:5e:33:78:12:b0:8d:
88:c3:3f:1b:09:16:22:fc:a4:25:68:29:8d:fe:ef:
d0:75:6a:76:bd:5f:78:6a:1b:b1:07:17:b3:b7:6f:
f6:2c:ef:9f:a6:f8:03:d1:72:7d:ea:2b:dd:dc:20:
f5:11:3f:66:9c:38:39:3a:a3:0b:bb:15:4c:20:64:
61:f0:9c:6d:e9:78:6b:07:81:b7:9a:c5:8a:61:8c:
89:87:0f:62:51:c5:11:b0:3a:09:eb:62:38:f9:71:
5a:16:41:3e:05:20:0f:e3:ed:df:aa:5b:bf:4d:9d:
f1:ac:5b:74:7d:d8:ca:f2:d8:47:ce:ad:ee:3e:54:
63:69:c6:0a:3d:42:a3:90:c7:20:46:af:15:d8:e8:
5d:dd:6c:a5:f5:73:61:70:07:37:21:f1:bc:fe:97:
45:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:9E:4C:60:43:33:59:FB:9C:10:31:B1:2D:F9:91:CE:C6:92:78:48
X509v3 Authority Key Identifier:
keyid:16:97:C4:6E:AF:A1:0E:C5:D9:07:BB:05:E3:71:23:B6:92:AB:49:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FpfEbq-hDsXZB7sF43EjtpKrSUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/d0992d-93fa-4846-a495-76522c207c55/1/zJ5MYEMzWfucEDGxLfmRzsaSeEg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/d0992d-93fa-4846-a495-76522c207c55/1/FpfEbq-hDsXZB7sF43EjtpKrSUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.191.113.0-93.191.114.255
IPv6:
2a06:a544::/30
Signature Algorithm: sha256WithRSAEncryption
5c:3b:89:de:99:de:2b:40:40:66:a2:25:14:a1:02:6a:f1:3b:
b2:c0:9a:24:7a:f4:28:27:c7:22:2c:7b:6f:6b:1e:c9:6a:eb:
60:17:a9:3f:c4:8b:80:6f:7e:7c:cf:cf:4d:d6:be:ef:0c:5c:
1c:79:19:6c:91:26:06:7a:9e:5a:4e:b7:f2:2a:2c:a5:f5:1c:
b0:54:c4:d3:a7:56:64:b6:79:56:8d:93:b2:f4:10:44:50:b9:
b5:72:5e:01:19:f4:cf:03:6c:79:fc:e0:b2:78:e9:7c:0f:96:
3d:89:c0:0e:0c:50:17:47:b7:10:02:f2:6f:36:28:83:3c:4b:
5d:da:c7:f5:f0:a4:92:70:b7:eb:20:f2:2f:2d:29:a2:a6:b7:
d6:92:07:75:2e:8a:6d:90:5b:a7:af:b3:87:ba:62:04:ed:59:
1f:f1:2a:ed:7e:1c:81:61:9e:4f:b8:58:6f:86:fe:6c:b7:6a:
05:2f:5a:36:d0:f3:6a:4e:73:c4:a7:63:48:56:ff:4c:f4:aa:
16:20:10:f8:d9:88:c5:6d:1a:6b:f1:c6:96:fd:98:28:79:f0:
48:1e:4b:8b:28:a2:af:82:2c:e0:0b:ec:a3:fb:77:96:3e:94:
a1:24:6e:64:53:35:9d:4d:3e:3e:63:70:d6:c5:b1:f9:44:62:
df:1c:0b:0c
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQoJAjmnInpOApnjSM5EHgbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2OTdjNDZlYWZhMTBlYzVkOTA3YmIwNWUzNzEyM2I2OTJh
YjQ5NGMwHhcNMjUwMTAyMTc1MDM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzllNGM2MDQzMzM1OWZiOWMxMDMxYjEyZGY5OTFjZWM2OTI3ODQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvn79i7xxfpfxf3Evsk6PBdb4U9vz
EuTRVGDVMeFodxyL94vi2ATV8/6rnZhB8n38i6Us6+JUEL8eykqk8kr+98xF2uAE
MsfTYdqFnP8Dh86M7JU7jsVtPOHBl6Wdjg7yBexeM3gSsI2Iwz8bCRYi/KQlaCmN
/u/QdWp2vV94ahuxBxezt2/2LO+fpvgD0XJ96ivd3CD1ET9mnDg5OqMLuxVMIGRh
8Jxt6XhrB4G3msWKYYyJhw9iUcURsDoJ62I4+XFaFkE+BSAP4+3fqlu/TZ3xrFt0
fdjK8thHzq3uPlRjacYKPUKjkMcgRq8V2Ohd3Wyl9XNhcAc3IfG8/pdFOwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFMyeTGBDM1n7nBAxsS35kc7GknhIMB8GA1UdIwQY
MBaAFBaXxG6voQ7F2Qe7BeNxI7aSq0lMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnBmRWJxLWhEc1haQjdzRjQzRWp0cEtyU1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9kMDk5MmQtOTNmYS00ODQ2LWE0OTUt
NzY1MjJjMjA3YzU1LzEveko1TVlFTXpXZnVjRURHeExmbVJ6c2FTZUVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9kMDk5MmQtOTNmYS00ODQ2LWE0OTUtNzY1MjJjMjA3YzU1
LzEvRnBmRWJxLWhEc1haQjdzRjQzRWp0cEtyU1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBABdv3ED
BABdv3IwDQQCAAIwBwMFAioGpUQwDQYJKoZIhvcNAQELBQADggEBAFw7id6Z3itA
QGaiJRShAmrxO7LAmiR69CgnxyIse29rHslq62AXqT/Ei4BvfnzPz03Wvu8MXBx5
GWyRJgZ6nlpOt/IqLKX1HLBUxNOnVmS2eVaNk7L0EERQubVyXgEZ9M8DbHn84LJ4
6XwPlj2JwA4MUBdHtxAC8m82KIM8S13ax/XwpJJwt+sg8i8tKaKmt9aSB3Uuim2Q
W6evs4e6YgTtWR/xKu1+HIFhnk+4WG+G/my3agUvWjbQ82pOc8SnY0hW/0z0qhYg
EPjZiMVtGmvxxpb9mCh58EgeS4sooq+CLOAL7KP7d5Y+lKEkbmRTNZ1NPj5jcNbF
sflEYt8cCww=
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:16:40 2025 by rpki-client