Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/8NlM0Eh21zAG-7ltjEmP58d0YPg.roa
File: 8NlM0Eh21zAG-7ltjEmP58d0YPg.roa (raw, json)
Hash identifier: PQRwffU62WEskkTT7FaZAKFEazLHbNjwJxxiFSD+b+o=
Subject key identifier: F0:D9:4C:D0:48:76:D7:30:06:FB:B9:6D:8C:49:8F:E7:C7:74:60:F8
Certificate issuer: /CN=ceb86983547113359bade1f3f38104091e3a6439
Certificate serial: 01942522157A747FA691A30821E099EDE1CD
Authority key identifier: CE:B8:69:83:54:71:13:35:9B:AD:E1:F3:F3:81:04:09:1E:3A:64:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zrhpg1RxEzWbreHz84EECR46ZDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/8NlM0Eh21zAG-7ltjEmP58d0YPg.roa
Signing time: Thu 02 Jan 2025 03:49:38 +0000
ROA not before: Thu 02 Jan 2025 03:49:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198128
IP address blocks: 193.207.32.0/21 maxlen: 22
193.207.40.0/22 maxlen: 22
193.207.44.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/zrhpg1RxEzWbreHz84EECR46ZDk.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/zrhpg1RxEzWbreHz84EECR46ZDk.mft
rsync://rpki.ripe.net/repository/DEFAULT/zrhpg1RxEzWbreHz84EECR46ZDk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 23:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:15:7a:74:7f:a6:91:a3:08:21:e0:99:ed:e1:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ceb86983547113359bade1f3f38104091e3a6439
Validity
Not Before: Jan 2 03:49:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f0d94cd04876d73006fbb96d8c498fe7c77460f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:c9:1b:cd:12:18:6b:56:3e:e8:8d:f2:d6:5f:
f8:fb:cd:4f:25:e3:04:40:12:68:0c:ac:0d:19:2d:
58:d1:a9:dc:c7:f6:9c:50:22:c4:58:0c:d8:ab:97:
3f:1b:b7:98:e8:e2:36:39:21:51:54:2a:1d:5e:1c:
0e:3b:16:77:db:c7:06:83:b1:36:9d:67:52:3d:66:
09:a3:ed:fa:50:85:93:2b:5e:06:60:6c:2d:a1:b8:
1d:ff:e6:ce:22:ed:53:d8:89:42:6c:b5:d6:be:ea:
4f:95:f1:bd:50:5c:e3:f7:e9:d8:2b:e9:64:92:f2:
60:63:07:26:88:65:04:39:b6:b3:91:e7:8f:90:8d:
6f:d2:11:3e:36:a8:5d:4e:aa:12:3b:7a:b6:99:a8:
b1:8e:6e:cd:7f:25:fb:d8:58:d3:4a:f9:3a:a8:a4:
14:45:b4:6c:cb:88:c3:08:97:29:6b:fb:15:1a:3c:
e6:83:cb:5f:fa:83:78:70:a4:f8:81:d4:57:2e:58:
46:f4:a0:5d:be:1f:6e:28:b5:3f:98:2d:e9:b4:9c:
5e:79:c9:d4:84:fb:9c:2c:17:c2:37:ca:a8:be:1d:
45:1c:bc:d4:5b:0c:d2:03:df:2a:3d:8b:a0:24:d5:
26:aa:63:ee:5b:2e:77:cb:d7:6c:f8:fc:fe:06:e4:
66:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:D9:4C:D0:48:76:D7:30:06:FB:B9:6D:8C:49:8F:E7:C7:74:60:F8
X509v3 Authority Key Identifier:
keyid:CE:B8:69:83:54:71:13:35:9B:AD:E1:F3:F3:81:04:09:1E:3A:64:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zrhpg1RxEzWbreHz84EECR46ZDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/8NlM0Eh21zAG-7ltjEmP58d0YPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/zrhpg1RxEzWbreHz84EECR46ZDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.207.32.0/20
Signature Algorithm: sha256WithRSAEncryption
2b:be:a9:d2:ad:aa:bf:61:10:87:8f:b7:74:fb:6a:1d:e7:cc:
f4:3a:77:6c:d9:b1:37:0b:a6:fe:cd:89:70:c1:11:f2:13:41:
20:af:bf:38:df:79:e5:06:75:ee:72:ba:b8:21:66:36:72:b4:
71:95:43:c8:00:87:c5:08:f5:55:f3:ed:52:85:8c:40:66:14:
46:3a:22:85:8d:b9:b2:36:5b:19:af:2d:40:0b:47:dd:1a:a9:
26:49:c7:3e:12:22:0f:be:04:96:ce:a2:96:41:66:81:0f:ac:
35:09:9e:13:9c:37:5e:6d:67:dd:89:37:b3:9e:68:fa:dd:0e:
60:4d:27:77:67:28:70:51:27:8c:af:4f:1b:ee:6c:bb:46:96:
59:46:68:0b:41:87:41:26:36:e1:51:69:c0:01:aa:99:85:15:
75:1e:e1:ca:86:ce:48:2d:d6:fe:1b:82:ec:04:6e:a9:4c:59:
f9:01:92:d7:d0:08:6b:6a:d4:58:d7:bc:87:bc:42:94:85:d3:
22:ca:7e:46:c5:43:2a:cf:cf:30:1c:89:f3:66:46:c7:8c:27:
9a:be:3a:5e:1c:a5:31:73:a7:22:a7:35:de:59:6c:88:b8:12:
86:70:0f:6c:1f:25:bf:e6:09:17:b7:4a:fd:09:89:dd:23:76:
92:b1:1c:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIhV6dH+mkaMIIeCZ7eHNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYjg2OTgzNTQ3MTEzMzU5YmFkZTFmM2YzODEwNDA5MWUz
YTY0MzkwHhcNMjUwMTAyMDM0OTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGQ5NGNkMDQ4NzZkNzMwMDZmYmI5NmQ4YzQ5OGZlN2M3NzQ2MGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1skbzRIYa1Y+6I3y1l/4+81PJeME
QBJoDKwNGS1Y0ancx/acUCLEWAzYq5c/G7eY6OI2OSFRVCodXhwOOxZ328cGg7E2
nWdSPWYJo+36UIWTK14GYGwtobgd/+bOIu1T2IlCbLXWvupPlfG9UFzj9+nYK+lk
kvJgYwcmiGUEObazkeePkI1v0hE+NqhdTqoSO3q2maixjm7NfyX72FjTSvk6qKQU
RbRsy4jDCJcpa/sVGjzmg8tf+oN4cKT4gdRXLlhG9KBdvh9uKLU/mC3ptJxeecnU
hPucLBfCN8qovh1FHLzUWwzSA98qPYugJNUmqmPuWy53y9ds+Pz+BuRmhQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPDZTNBIdtcwBvu5bYxJj+fHdGD4MB8GA1UdIwQY
MBaAFM64aYNUcRM1m63h8/OBBAkeOmQ5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenJocGcxUnhFeldicmVIejg0RUVDUjQ2WkRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9mMzUzOWQtMzhjZC00NjVlLWE1N2Qt
ZGVlMmY2NTBkZDg2LzEvOE5sTTBFaDIxekFHLTdsdGpFbVA1OGQwWVBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9mMzUzOWQtMzhjZC00NjVlLWE1N2QtZGVlMmY2NTBkZDg2
LzEvenJocGcxUnhFeldicmVIejg0RUVDUjQ2WkRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEwc8gMA0G
CSqGSIb3DQEBCwUAA4IBAQArvqnSraq/YRCHj7d0+2od58z0Onds2bE3C6b+zYlw
wRHyE0Egr78433nlBnXucrq4IWY2crRxlUPIAIfFCPVV8+1ShYxAZhRGOiKFjbmy
NlsZry1AC0fdGqkmScc+EiIPvgSWzqKWQWaBD6w1CZ4TnDdebWfdiTeznmj63Q5g
TSd3ZyhwUSeMr08b7my7RpZZRmgLQYdBJjbhUWnAAaqZhRV1HuHKhs5ILdb+G4Ls
BG6pTFn5AZLX0AhratRY17yHvEKUhdMiyn5GxUMqz88wHInzZkbHjCeavjpeHKUx
c6cipzXeWWyIuBKGcA9sHyW/5gkXt0r9CYndI3aSsRwm
-----END CERTIFICATE-----
Generated at Sun Apr 13 07:44:10 2025 by rpki-client