Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/5eb289-6270-4db2-acde-a879df46eb99/1/kDp8o5lwoauyIIWuMVQKzWrOZfg.roa
File: kDp8o5lwoauyIIWuMVQKzWrOZfg.roa (raw, json)
Hash identifier: k1SzOsCV3pSTvUNttrz3FSSmM4yVZTra60XB+dEnFds=
Subject key identifier: 90:3A:7C:A3:99:70:A1:AB:B2:20:85:AE:31:54:0A:CD:6A:CE:65:F8
Certificate issuer: /CN=41761e6d16ebf17e571c6bf77ec06bdf7ab68af8
Certificate serial: 0194214424422115FBA20F021EA17BFBF8AF
Authority key identifier: 41:76:1E:6D:16:EB:F1:7E:57:1C:6B:F7:7E:C0:6B:DF:7A:B6:8A:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QXYebRbr8X5XHGv3fsBr33q2ivg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/5eb289-6270-4db2-acde-a879df46eb99/1/kDp8o5lwoauyIIWuMVQKzWrOZfg.roa
Signing time: Wed 01 Jan 2025 09:48:21 +0000
ROA not before: Wed 01 Jan 2025 09:48:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60193
IP address blocks: 194.31.255.0/24 maxlen: 24
194.32.68.0/24 maxlen: 24
194.32.70.0/24 maxlen: 24
194.32.83.0/24 maxlen: 24
2a10:7f80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/46/5eb289-6270-4db2-acde-a879df46eb99/1/QXYebRbr8X5XHGv3fsBr33q2ivg.crl
rsync://rpki.ripe.net/repository/DEFAULT/46/5eb289-6270-4db2-acde-a879df46eb99/1/QXYebRbr8X5XHGv3fsBr33q2ivg.mft
rsync://rpki.ripe.net/repository/DEFAULT/QXYebRbr8X5XHGv3fsBr33q2ivg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 21:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:24:42:21:15:fb:a2:0f:02:1e:a1:7b:fb:f8:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41761e6d16ebf17e571c6bf77ec06bdf7ab68af8
Validity
Not Before: Jan 1 09:48:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=903a7ca39970a1abb22085ae31540acd6ace65f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:2c:82:34:85:6d:42:f7:94:c8:bd:d6:5b:ed:
51:be:29:e7:42:bb:b9:77:d6:0e:d9:63:2a:83:57:
3c:78:d3:45:f0:91:aa:72:b4:ee:b0:09:4c:ab:f0:
89:64:d7:85:1e:95:c8:1b:f4:0c:43:0c:39:34:d9:
17:b7:b8:55:fc:0e:50:e4:52:08:b5:a1:12:aa:e6:
3f:c5:a4:ec:7d:f7:e4:95:7b:01:48:1b:09:f2:ce:
68:ea:ce:ec:4e:55:9f:28:12:fd:b0:fd:84:e2:11:
51:fb:08:b5:37:85:da:8e:4c:79:83:e1:ec:4a:b4:
90:92:2e:40:26:5d:cd:b7:1b:09:96:88:83:4b:5d:
85:95:01:f3:2d:d8:27:c5:d7:47:a8:a1:3e:ae:aa:
60:e5:c3:6b:42:05:b9:10:7d:f5:50:cd:15:b0:c3:
11:fd:79:e8:fd:c8:ab:a2:46:e5:32:4c:4c:b9:1a:
4a:33:ce:00:56:bc:90:91:6f:f6:44:8f:d2:2f:4a:
c3:31:f2:de:e8:4f:e0:7a:2e:8a:fe:9d:ba:4e:8f:
a7:8d:cd:da:d6:44:b9:46:a5:e9:05:a9:33:b1:08:
33:1f:e0:89:2f:f5:8f:84:04:05:55:c1:63:54:90:
3a:1f:79:0d:29:d0:29:7a:aa:01:8c:eb:2b:9f:44:
90:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:3A:7C:A3:99:70:A1:AB:B2:20:85:AE:31:54:0A:CD:6A:CE:65:F8
X509v3 Authority Key Identifier:
keyid:41:76:1E:6D:16:EB:F1:7E:57:1C:6B:F7:7E:C0:6B:DF:7A:B6:8A:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QXYebRbr8X5XHGv3fsBr33q2ivg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5eb289-6270-4db2-acde-a879df46eb99/1/kDp8o5lwoauyIIWuMVQKzWrOZfg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5eb289-6270-4db2-acde-a879df46eb99/1/QXYebRbr8X5XHGv3fsBr33q2ivg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.31.255.0/24
194.32.68.0/24
194.32.70.0/24
194.32.83.0/24
IPv6:
2a10:7f80::/29
Signature Algorithm: sha256WithRSAEncryption
98:e2:f4:38:1b:49:39:3f:82:1b:d1:fc:a9:11:b8:31:d7:00:
6f:57:dd:07:46:59:5f:e5:48:e0:ba:7f:6c:6a:74:2b:52:da:
a6:02:f7:94:4f:1b:b5:7a:15:4c:01:6f:2d:08:3c:c4:7d:0d:
e8:cc:29:72:f4:72:ef:a0:8b:0c:82:2b:90:d2:f6:8b:4f:20:
a2:e3:ca:d8:e8:4c:b3:13:31:d6:93:b0:9a:6c:16:81:ce:80:
11:6c:d9:7d:0d:6b:ed:1e:b1:79:ed:1a:eb:11:9f:d9:62:59:
9b:d9:b5:92:e4:d5:65:d8:8e:b4:3a:f8:2a:fb:ab:61:9c:5f:
f4:69:7e:a2:a1:8e:20:21:40:02:d8:47:eb:ca:7f:26:12:e3:
e0:d2:b2:f3:e7:5f:2e:0c:20:d4:46:05:ae:45:1f:5b:7c:0e:
d1:9e:ee:b9:e1:0c:d9:dd:1b:a3:dd:39:9a:20:d1:d2:9c:5c:
c0:1c:2e:18:9d:57:81:87:c4:76:2f:d1:26:98:ce:7c:90:fb:
ab:a7:9c:fa:59:99:02:e6:50:d9:3e:c8:ed:80:b4:55:31:b5:
76:c6:c0:d9:45:f6:4a:3f:44:86:b0:21:90:c3:8a:dd:bc:69:
20:6c:89:e8:bb:d0:50:49:05:69:98:f0:9b:03:e2:52:48:d9:
9f:d6:d8:e1
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQhRCRCIRX7og8CHqF7+/ivMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxNzYxZTZkMTZlYmYxN2U1NzFjNmJmNzdlYzA2YmRmN2Fi
NjhhZjgwHhcNMjUwMTAxMDk0ODIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDNhN2NhMzk5NzBhMWFiYjIyMDg1YWUzMTU0MGFjZDZhY2U2NWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCyCNIVtQveUyL3WW+1RvinnQru5
d9YO2WMqg1c8eNNF8JGqcrTusAlMq/CJZNeFHpXIG/QMQww5NNkXt7hV/A5Q5FII
taESquY/xaTsfffklXsBSBsJ8s5o6s7sTlWfKBL9sP2E4hFR+wi1N4Xajkx5g+Hs
SrSQki5AJl3NtxsJloiDS12FlQHzLdgnxddHqKE+rqpg5cNrQgW5EH31UM0VsMMR
/Xno/cirokblMkxMuRpKM84AVryQkW/2RI/SL0rDMfLe6E/gei6K/p26To+njc3a
1kS5RqXpBakzsQgzH+CJL/WPhAQFVcFjVJA6H3kNKdApeqoBjOsrn0SQyQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFJA6fKOZcKGrsiCFrjFUCs1qzmX4MB8GA1UdIwQY
MBaAFEF2Hm0W6/F+Vxxr937Aa996tor4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVhZZWJSYnI4WDVYSEd2M2ZzQnIzM3EyaXZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni81ZWIyODktNjI3MC00ZGIyLWFjZGUt
YTg3OWRmNDZlYjk5LzEva0RwOG81bHdvYXV5SUlXdU1WUUt6V3JPWmZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni81ZWIyODktNjI3MC00ZGIyLWFjZGUtYTg3OWRmNDZlYjk5
LzEvUVhZZWJSYnI4WDVYSEd2M2ZzQnIzM3EyaXZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAwh//AwQA
wiBEAwQAwiBGAwQAwiBTMA0EAgACMAcDBQMqEH+AMA0GCSqGSIb3DQEBCwUAA4IB
AQCY4vQ4G0k5P4Ib0fypEbgx1wBvV90HRllf5Ujgun9sanQrUtqmAveUTxu1ehVM
AW8tCDzEfQ3ozCly9HLvoIsMgiuQ0vaLTyCi48rY6EyzEzHWk7CabBaBzoARbNl9
DWvtHrF57RrrEZ/ZYlmb2bWS5NVl2I60Ovgq+6thnF/0aX6ioY4gIUAC2Efryn8m
EuPg0rLz518uDCDURgWuRR9bfA7Rnu654QzZ3Ruj3TmaINHSnFzAHC4YnVeBh8R2
L9EmmM58kPurp5z6WZkC5lDZPsjtgLRVMbV2xsDZRfZKP0SGsCGQw4rdvGkgbIno
u9BQSQVpmPCbA+JSSNmf1tjh
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:41:52 2025 by rpki-client