Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/672629-a0e2-476f-aead-ee380b82cfca/1/bVV-LmRxrJACwIt_3H5Y-KZM4tk.roa
File: bVV-LmRxrJACwIt_3H5Y-KZM4tk.roa (raw, json)
Hash identifier: YG03EdxheWfNj9nAWSYO4FwqQuG3FqjegdG/4SAUoRw=
Subject key identifier: 6D:55:7E:2E:64:71:AC:90:02:C0:8B:7F:DC:7E:58:F8:A6:4C:E2:D9
Certificate issuer: /CN=1c04848bfef724e26abed3c65e4e8f9508fb1796
Certificate serial: 0194206869AB57292B6449D017D1243674BE
Authority key identifier: 1C:04:84:8B:FE:F7:24:E2:6A:BE:D3:C6:5E:4E:8F:95:08:FB:17:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HASEi_73JOJqvtPGXk6PlQj7F5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/672629-a0e2-476f-aead-ee380b82cfca/1/bVV-LmRxrJACwIt_3H5Y-KZM4tk.roa
Signing time: Wed 01 Jan 2025 05:48:21 +0000
ROA not before: Wed 01 Jan 2025 05:48:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7029
IP address blocks: 193.135.116.0/24 maxlen: 24
193.135.117.0/24 maxlen: 24
193.135.118.0/24 maxlen: 24
193.135.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/672629-a0e2-476f-aead-ee380b82cfca/1/HASEi_73JOJqvtPGXk6PlQj7F5Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/672629-a0e2-476f-aead-ee380b82cfca/1/HASEi_73JOJqvtPGXk6PlQj7F5Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/HASEi_73JOJqvtPGXk6PlQj7F5Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 11 Apr 2025 08:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:69:ab:57:29:2b:64:49:d0:17:d1:24:36:74:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c04848bfef724e26abed3c65e4e8f9508fb1796
Validity
Not Before: Jan 1 05:48:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6d557e2e6471ac9002c08b7fdc7e58f8a64ce2d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:36:7c:1d:f6:cf:05:0d:e6:a9:96:31:c3:b6:
53:e3:00:c9:08:10:c0:44:68:e5:10:5c:a7:3b:33:
5b:34:aa:e2:e1:a4:91:c9:b6:16:80:f6:f2:b2:69:
61:e4:2a:3c:68:0e:f4:f2:20:31:89:c3:b2:86:b3:
d9:f6:5c:36:be:0d:c9:5d:de:e0:3d:82:6d:01:01:
3e:99:79:26:bd:a0:4b:e7:81:6b:cf:17:73:a0:f1:
86:30:6c:69:d8:ae:91:84:ba:73:87:46:70:75:8c:
a8:fe:ad:83:f8:61:0a:e3:30:e1:31:d9:70:cc:f3:
1b:d5:99:c7:1a:e5:22:4f:5c:ef:00:0e:61:80:6e:
06:7b:5a:e5:cb:23:00:31:fb:2d:16:2a:5b:fe:b2:
44:8e:7e:50:3e:24:6f:43:b3:7c:92:54:45:af:a7:
6e:1d:40:5a:bd:1c:7f:f5:53:b5:3e:5a:a4:24:1d:
cf:97:a4:0f:10:ef:fb:d2:0f:b4:8e:86:86:a1:b6:
cf:a7:b4:dd:2a:ae:e1:fc:1c:08:0d:b9:75:a9:a9:
bc:8e:99:f1:3e:bd:48:fd:b5:fd:28:d1:e3:e5:cf:
38:6a:30:72:8c:39:ce:92:42:12:c8:e6:f0:c8:d8:
0f:01:16:1b:34:e7:3b:52:ad:25:75:be:12:19:e2:
ae:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:55:7E:2E:64:71:AC:90:02:C0:8B:7F:DC:7E:58:F8:A6:4C:E2:D9
X509v3 Authority Key Identifier:
keyid:1C:04:84:8B:FE:F7:24:E2:6A:BE:D3:C6:5E:4E:8F:95:08:FB:17:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HASEi_73JOJqvtPGXk6PlQj7F5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/672629-a0e2-476f-aead-ee380b82cfca/1/bVV-LmRxrJACwIt_3H5Y-KZM4tk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/672629-a0e2-476f-aead-ee380b82cfca/1/HASEi_73JOJqvtPGXk6PlQj7F5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.135.116.0/22
Signature Algorithm: sha256WithRSAEncryption
a3:10:63:62:d4:b5:f4:18:e5:d3:81:9f:4c:22:8b:00:18:7c:
ca:c4:2d:8c:12:89:e1:93:fc:b1:02:3b:27:22:75:a0:d5:81:
aa:81:7a:47:3e:69:4a:07:0e:66:f1:ab:70:f8:80:1f:8e:e8:
ef:4b:ef:2f:42:4d:90:ec:66:e8:d3:38:ea:a0:22:d8:17:4e:
46:4f:f3:67:0f:d7:f7:2b:d7:75:50:6d:2e:c6:1b:00:72:4b:
af:24:09:13:af:27:f5:ad:0d:12:11:e3:6b:7c:8b:c9:82:98:
b3:5a:0c:6f:ee:dc:9a:61:50:07:8b:ac:0c:21:c6:5c:87:71:
aa:15:28:01:7a:5a:95:86:0c:6f:89:59:0c:13:c5:4b:d8:2c:
30:aa:25:2e:ca:16:c7:7b:f5:de:cc:c5:b4:b6:9c:8b:02:88:
c4:6e:38:ef:61:d3:89:4c:4e:c7:5d:e9:1c:b4:63:c6:52:21:
6f:71:14:72:f3:bb:4b:c1:be:6d:c7:aa:ee:8f:63:7b:80:4c:
1e:10:ee:0e:49:07:c7:6c:d0:4d:58:5d:bd:79:6b:ad:9d:e6:
42:3d:38:41:3a:e2:ab:bc:b4:6e:c7:b6:51:89:9b:a4:f8:1d:
4c:a0:76:56:56:fd:19:41:04:41:8a:80:d4:76:a0:2c:50:81:
e4:08:32:b1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaGmrVykrZEnQF9EkNnS+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMDQ4NDhiZmVmNzI0ZTI2YWJlZDNjNjVlNGU4Zjk1MDhm
YjE3OTYwHhcNMjUwMTAxMDU0ODIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDU1N2UyZTY0NzFhYzkwMDJjMDhiN2ZkYzdlNThmOGE2NGNlMmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnzZ8HfbPBQ3mqZYxw7ZT4wDJCBDA
RGjlEFynOzNbNKri4aSRybYWgPbysmlh5Co8aA708iAxicOyhrPZ9lw2vg3JXd7g
PYJtAQE+mXkmvaBL54FrzxdzoPGGMGxp2K6RhLpzh0ZwdYyo/q2D+GEK4zDhMdlw
zPMb1ZnHGuUiT1zvAA5hgG4Ge1rlyyMAMfstFipb/rJEjn5QPiRvQ7N8klRFr6du
HUBavRx/9VO1PlqkJB3Pl6QPEO/70g+0joaGobbPp7TdKq7h/BwIDbl1qam8jpnx
Pr1I/bX9KNHj5c84ajByjDnOkkISyObwyNgPARYbNOc7Uq0ldb4SGeKuCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG1Vfi5kcayQAsCLf9x+WPimTOLZMB8GA1UdIwQY
MBaAFBwEhIv+9yTiar7Txl5Oj5UI+xeWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEFTRWlfNzNKT0pxdnRQR1hrNlBsUWo3RjVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny82NzI2MjktYTBlMi00NzZmLWFlYWQt
ZWUzODBiODJjZmNhLzEvYlZWLUxtUnhySkFDd0l0XzNINVktS1pNNHRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny82NzI2MjktYTBlMi00NzZmLWFlYWQtZWUzODBiODJjZmNh
LzEvSEFTRWlfNzNKT0pxdnRQR1hrNlBsUWo3RjVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwYd0MA0G
CSqGSIb3DQEBCwUAA4IBAQCjEGNi1LX0GOXTgZ9MIosAGHzKxC2MEonhk/yxAjsn
InWg1YGqgXpHPmlKBw5m8atw+IAfjujvS+8vQk2Q7Gbo0zjqoCLYF05GT/NnD9f3
K9d1UG0uxhsAckuvJAkTryf1rQ0SEeNrfIvJgpizWgxv7tyaYVAHi6wMIcZch3Gq
FSgBelqVhgxviVkME8VL2CwwqiUuyhbHe/XezMW0tpyLAojEbjjvYdOJTE7HXekc
tGPGUiFvcRRy87tLwb5tx6ruj2N7gEweEO4OSQfHbNBNWF29eWutneZCPThBOuKr
vLRux7ZRiZuk+B1MoHZWVv0ZQQRBioDUdqAsUIHkCDKx
-----END CERTIFICATE-----
Generated at Thu Apr 10 16:03:46 2025 by rpki-client