Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/8331e0-e8ab-4a6e-92b7-8a96f03bc617/1/r1yy0iaaI6tU-hR6fBL9Hl5rZ8s.roa
File: r1yy0iaaI6tU-hR6fBL9Hl5rZ8s.roa (raw, json)
Hash identifier: YmIYOIAciROTE+jQf1c1upjbnpWZiAky+TZT072x85g=
Subject key identifier: AF:5C:B2:D2:26:9A:23:AB:54:FA:14:7A:7C:12:FD:1E:5E:6B:67:CB
Certificate issuer: /CN=baa7ed08b8e9e8eef5f83e3ccb26745f8b3885e7
Certificate serial: 0194DF7BE5F5D3C3ACF9F7DEE8120742CA66
Authority key identifier: BA:A7:ED:08:B8:E9:E8:EE:F5:F8:3E:3C:CB:26:74:5F:8B:38:85:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uqftCLjp6O71-D48yyZ0X4s4hec.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/8331e0-e8ab-4a6e-92b7-8a96f03bc617/1/r1yy0iaaI6tU-hR6fBL9Hl5rZ8s.roa
Signing time: Fri 07 Feb 2025 08:17:06 +0000
ROA not before: Fri 07 Feb 2025 08:17:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3303
IP address blocks: 194.38.192.0/23 maxlen: 23
194.38.195.0/24 maxlen: 24
194.38.196.0/22 maxlen: 22
194.38.200.0/21 maxlen: 21
194.38.208.0/20 maxlen: 20
2a06:d581:3000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/8331e0-e8ab-4a6e-92b7-8a96f03bc617/1/uqftCLjp6O71-D48yyZ0X4s4hec.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/8331e0-e8ab-4a6e-92b7-8a96f03bc617/1/uqftCLjp6O71-D48yyZ0X4s4hec.mft
rsync://rpki.ripe.net/repository/DEFAULT/uqftCLjp6O71-D48yyZ0X4s4hec.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 16:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:df:7b:e5:f5:d3:c3:ac:f9:f7:de:e8:12:07:42:ca:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=baa7ed08b8e9e8eef5f83e3ccb26745f8b3885e7
Validity
Not Before: Feb 7 08:17:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=af5cb2d2269a23ab54fa147a7c12fd1e5e6b67cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:bb:cc:7e:a7:aa:bd:ad:3d:90:12:98:8e:df:
9e:53:0e:43:2c:6d:cc:db:7c:94:15:d9:c4:d5:da:
94:e6:0b:29:bf:da:7f:91:9f:ef:7c:59:54:c0:28:
5b:63:2e:8d:99:af:d3:ab:95:ef:39:1d:22:46:f3:
02:6a:c8:53:98:43:08:94:4a:80:71:7e:11:84:d0:
4f:6c:a5:f2:20:68:8e:53:23:9b:43:14:0a:62:d6:
f3:2e:66:b9:55:ec:b0:b1:b0:9b:7f:a6:d4:fa:d6:
af:6d:d9:3c:8e:d9:d0:a7:09:e3:06:f4:96:fb:23:
23:fb:28:2b:75:1b:44:39:c3:43:d7:34:53:cf:46:
37:d8:c6:fa:f0:5e:09:8b:f7:0f:45:9b:e3:13:49:
ec:a3:b4:da:72:53:49:05:ee:ea:9d:2e:39:b0:aa:
68:61:5a:a6:8e:3c:a2:b8:c3:46:d7:f0:e3:7c:3b:
6c:12:57:d3:d0:22:54:9c:ca:17:cf:12:c7:92:0a:
72:72:2b:96:e2:52:2a:68:cb:c4:62:a4:06:14:68:
81:d5:b1:f5:d3:d1:ea:a8:53:b8:7c:cf:1c:4a:18:
ac:b5:f4:b5:d6:6d:74:2c:1d:a2:32:bd:33:4a:a5:
0f:c1:03:1d:d8:02:a0:49:68:c8:ab:50:1d:96:32:
bb:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:5C:B2:D2:26:9A:23:AB:54:FA:14:7A:7C:12:FD:1E:5E:6B:67:CB
X509v3 Authority Key Identifier:
keyid:BA:A7:ED:08:B8:E9:E8:EE:F5:F8:3E:3C:CB:26:74:5F:8B:38:85:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uqftCLjp6O71-D48yyZ0X4s4hec.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/8331e0-e8ab-4a6e-92b7-8a96f03bc617/1/r1yy0iaaI6tU-hR6fBL9Hl5rZ8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/8331e0-e8ab-4a6e-92b7-8a96f03bc617/1/uqftCLjp6O71-D48yyZ0X4s4hec.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.38.192.0/23
194.38.195.0-194.38.223.255
IPv6:
2a06:d581:3000::/36
Signature Algorithm: sha256WithRSAEncryption
8e:f6:cd:3b:40:a7:f8:ef:54:20:6c:69:f8:13:a7:a9:c7:bc:
d6:c6:ce:70:b3:1e:64:cd:48:8f:db:6a:dd:2c:82:31:d3:5c:
7b:32:7f:0d:21:e2:cd:36:ce:1e:3f:b9:9b:dc:44:b1:a8:47:
ff:d8:e8:99:f1:51:39:90:3b:f2:b9:ba:66:12:96:4d:b8:72:
f6:71:45:05:13:8f:7f:b5:63:c6:30:86:b0:dc:b5:70:63:13:
ae:9e:ac:eb:6d:0c:e1:24:3e:b2:45:ba:eb:e8:a9:e8:4a:15:
0c:24:6e:14:97:d0:f9:8f:0d:b2:c5:89:0f:7e:48:2a:2a:4f:
ac:61:7f:b8:6b:df:c4:9a:a1:9a:67:90:87:e9:72:0f:e4:5a:
97:75:ee:08:fb:dd:0e:c0:5d:f7:41:6c:42:28:72:f6:d6:26:
2d:88:0b:05:bf:fd:d2:67:0c:b4:fd:e1:71:b0:32:e8:fd:35:
e0:6e:e8:d1:42:76:37:8b:59:de:fc:87:2f:06:d4:b8:e5:f8:
35:bb:f0:c2:33:61:22:06:f7:f0:31:f2:9d:a5:8b:66:84:21:
92:53:c3:a3:69:6c:41:41:64:39:22:ee:b3:e6:15:c3:37:d6:
a8:d1:b7:b4:a4:b5:7d:41:af:b9:c8:35:a9:81:ca:14:50:af:
fd:32:4c:ae
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZTfe+X108Os+ffe6BIHQspmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYTdlZDA4YjhlOWU4ZWVmNWY4M2UzY2NiMjY3NDVmOGIz
ODg1ZTcwHhcNMjUwMjA3MDgxNzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjVjYjJkMjI2OWEyM2FiNTRmYTE0N2E3YzEyZmQxZTVlNmI2N2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi7vMfqeqva09kBKYjt+eUw5DLG3M
23yUFdnE1dqU5gspv9p/kZ/vfFlUwChbYy6Nma/Tq5XvOR0iRvMCashTmEMIlEqA
cX4RhNBPbKXyIGiOUyObQxQKYtbzLma5VeywsbCbf6bU+tavbdk8jtnQpwnjBvSW
+yMj+ygrdRtEOcND1zRTz0Y32Mb68F4Ji/cPRZvjE0nso7TaclNJBe7qnS45sKpo
YVqmjjyiuMNG1/DjfDtsElfT0CJUnMoXzxLHkgpyciuW4lIqaMvEYqQGFGiB1bH1
09HqqFO4fM8cShistfS11m10LB2iMr0zSqUPwQMd2AKgSWjIq1AdljK7DwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFK9cstImmiOrVPoUenwS/R5ea2fLMB8GA1UdIwQY
MBaAFLqn7Qi46eju9fg+PMsmdF+LOIXnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXFmdENManA2TzcxLUQ0OHl5WjBYNHM0aGVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS84MzMxZTAtZThhYi00YTZlLTkyYjct
OGE5NmYwM2JjNjE3LzEvcjF5eTBpYWFJNnRVLWhSNmZCTDlIbDVyWjhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS84MzMxZTAtZThhYi00YTZlLTkyYjctOGE5NmYwM2JjNjE3
LzEvdXFmdENManA2TzcxLUQ0OHl5WjBYNHM0aGVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAaBAIAATAUAwQBwibAMAwD
BADCJsMDBAXCJsAwDgQCAAIwCAMGBCoG1YEwMA0GCSqGSIb3DQEBCwUAA4IBAQCO
9s07QKf471QgbGn4E6epx7zWxs5wsx5kzUiP22rdLIIx01x7Mn8NIeLNNs4eP7mb
3ESxqEf/2OiZ8VE5kDvyubpmEpZNuHL2cUUFE49/tWPGMIaw3LVwYxOunqzrbQzh
JD6yRbrr6KnoShUMJG4Ul9D5jw2yxYkPfkgqKk+sYX+4a9/EmqGaZ5CH6XIP5FqX
de4I+90OwF33QWxCKHL21iYtiAsFv/3SZwy0/eFxsDLo/TXgbujRQnY3i1ne/Icv
BtS45fg1u/DCM2EiBvfwMfKdpYtmhCGSU8OjaWxBQWQ5Iu6z5hXDN9ao0be0pLV9
Qa+5yDWpgcoUUK/9Mkyu
-----END CERTIFICATE-----
Generated at Mon Apr 7 01:10:45 2025 by rpki-client