Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/4444ab-3da3-418b-a105-f2fe0d04bfbf/1/R82wyiQ6WGXDZ2qmyfic2Rx16EQ.roa
File: R82wyiQ6WGXDZ2qmyfic2Rx16EQ.roa (raw, json)
Hash identifier: q3ADHp8TbEdc9vO2jFfoJST4ALm7hMCr9dPnLoGdV9o=
Subject key identifier: 47:CD:B0:CA:24:3A:58:65:C3:67:6A:A6:C9:F8:9C:D9:1C:75:E8:44
Certificate issuer: /CN=ddd9770c307ea3960c8da268a8865a4a9fa634c9
Certificate serial: 0194244587DAA8989DC46B44FF4E373FA340
Authority key identifier: DD:D9:77:0C:30:7E:A3:96:0C:8D:A2:68:A8:86:5A:4A:9F:A6:34:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3dl3DDB-o5YMjaJoqIZaSp-mNMk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/4444ab-3da3-418b-a105-f2fe0d04bfbf/1/R82wyiQ6WGXDZ2qmyfic2Rx16EQ.roa
Signing time: Wed 01 Jan 2025 23:48:44 +0000
ROA not before: Wed 01 Jan 2025 23:48:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41923
IP address blocks: 193.34.56.0/23 maxlen: 23
193.34.56.0/24 maxlen: 24
193.34.57.0/24 maxlen: 24
193.34.58.0/23 maxlen: 23
193.34.58.0/24 maxlen: 24
193.34.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/4444ab-3da3-418b-a105-f2fe0d04bfbf/1/3dl3DDB-o5YMjaJoqIZaSp-mNMk.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/4444ab-3da3-418b-a105-f2fe0d04bfbf/1/3dl3DDB-o5YMjaJoqIZaSp-mNMk.mft
rsync://rpki.ripe.net/repository/DEFAULT/3dl3DDB-o5YMjaJoqIZaSp-mNMk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:87:da:a8:98:9d:c4:6b:44:ff:4e:37:3f:a3:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddd9770c307ea3960c8da268a8865a4a9fa634c9
Validity
Not Before: Jan 1 23:48:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=47cdb0ca243a5865c3676aa6c9f89cd91c75e844
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:9f:41:87:c1:fe:e6:7a:db:b2:d2:13:5c:89:
ef:9a:0b:ba:fa:7b:4d:e6:cf:d2:89:c6:ae:f0:5a:
fa:7b:24:bd:ba:76:d4:8b:7e:af:15:f3:be:65:cf:
c0:f2:a2:a4:84:82:3c:c1:b1:bb:3e:23:f1:a9:55:
5a:e2:28:10:97:25:40:52:9d:28:c9:ab:28:ca:6f:
61:27:3e:ab:42:99:ed:73:7e:fb:25:87:2e:bc:a8:
cf:08:90:71:e7:47:8b:19:5a:ae:31:82:a3:78:e6:
3f:07:84:e2:88:1e:ab:c8:3d:a4:05:1f:34:e1:1b:
4e:aa:86:c9:9a:97:c5:d3:30:51:d7:00:6b:05:33:
a4:55:95:ef:a9:6b:49:15:42:b3:ab:7e:b5:43:97:
f9:68:57:26:0a:1d:53:ea:aa:30:97:74:5f:c1:1a:
ee:4a:08:4c:c6:c4:d8:c0:f4:e9:51:a4:f1:8a:83:
5c:6c:a7:57:80:d5:3f:bb:6b:47:72:95:d3:d8:84:
ea:70:f2:f3:0a:eb:38:2a:63:d1:39:28:68:9b:ea:
ff:da:18:d0:dc:00:c7:2f:b3:8b:4b:39:d4:2a:8a:
9d:3a:4f:c1:74:1e:b2:20:70:88:36:e8:9b:f4:d5:
8a:ed:f9:60:7f:c5:9a:ff:d6:37:b7:00:81:30:27:
cd:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:CD:B0:CA:24:3A:58:65:C3:67:6A:A6:C9:F8:9C:D9:1C:75:E8:44
X509v3 Authority Key Identifier:
keyid:DD:D9:77:0C:30:7E:A3:96:0C:8D:A2:68:A8:86:5A:4A:9F:A6:34:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3dl3DDB-o5YMjaJoqIZaSp-mNMk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/4444ab-3da3-418b-a105-f2fe0d04bfbf/1/R82wyiQ6WGXDZ2qmyfic2Rx16EQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/4444ab-3da3-418b-a105-f2fe0d04bfbf/1/3dl3DDB-o5YMjaJoqIZaSp-mNMk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.34.56.0/22
Signature Algorithm: sha256WithRSAEncryption
4b:ba:0e:33:43:d8:70:26:3a:87:50:eb:d8:d3:1f:5d:bb:b4:
83:d8:3c:47:73:a2:1b:01:e9:02:b3:9f:9b:e4:8f:00:0e:80:
a0:ec:0b:3a:1c:ed:e2:4e:99:e5:63:42:21:75:fb:dc:0e:a2:
14:ab:68:0d:e1:f1:fc:1c:30:fc:f8:a8:49:a7:c5:b9:3a:92:
0c:ce:4b:e5:e5:9b:f2:df:0a:a0:e5:ce:6d:94:cf:47:9b:e4:
11:90:d8:e7:d1:f6:aa:92:5b:99:a9:78:f4:df:a2:36:77:2a:
d9:1b:14:38:1a:a1:db:f7:11:3c:a8:00:a5:d0:4e:2d:54:5c:
b8:ff:95:1e:9c:da:ae:84:06:0c:ad:d2:de:f6:25:fd:a6:9b:
9f:4b:d0:f3:a5:7c:23:b5:5a:35:aa:16:59:1e:4b:eb:72:d0:
d5:f7:97:2b:8c:81:b9:27:ce:86:31:b6:f7:cd:67:3d:c2:ec:
e3:84:b4:1f:7d:89:06:42:b0:6d:aa:08:6c:5d:8a:6f:01:f7:
1b:97:cd:da:27:91:89:7b:88:3f:8f:0d:25:aa:dd:07:16:19:
35:9f:de:70:de:6f:6f:06:a6:1e:44:b0:5b:71:48:93:ac:59:
54:5f:0b:b7:7d:98:ad:c0:4a:9b:77:b3:b1:7b:ab:76:b2:a7:
ca:2b:b3:2b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRYfaqJidxGtE/043P6NAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZDk3NzBjMzA3ZWEzOTYwYzhkYTI2OGE4ODY1YTRhOWZh
NjM0YzkwHhcNMjUwMTAxMjM0ODQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2NkYjBjYTI0M2E1ODY1YzM2NzZhYTZjOWY4OWNkOTFjNzVlODQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxJ9Bh8H+5nrbstITXInvmgu6+ntN
5s/Sicau8Fr6eyS9unbUi36vFfO+Zc/A8qKkhII8wbG7PiPxqVVa4igQlyVAUp0o
yasoym9hJz6rQpntc377JYcuvKjPCJBx50eLGVquMYKjeOY/B4TiiB6ryD2kBR80
4RtOqobJmpfF0zBR1wBrBTOkVZXvqWtJFUKzq361Q5f5aFcmCh1T6qowl3RfwRru
SghMxsTYwPTpUaTxioNcbKdXgNU/u2tHcpXT2ITqcPLzCus4KmPROShom+r/2hjQ
3ADHL7OLSznUKoqdOk/BdB6yIHCINuib9NWK7flgf8Wa/9Y3twCBMCfNGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEfNsMokOlhlw2dqpsn4nNkcdehEMB8GA1UdIwQY
MBaAFN3ZdwwwfqOWDI2iaKiGWkqfpjTJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2RsM0REQi1vNVlNamFKb3FJWmFTcC1tTk1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My80NDQ0YWItM2RhMy00MThiLWExMDUt
ZjJmZTBkMDRiZmJmLzEvUjgyd3lpUTZXR1hEWjJxbXlmaWMyUngxNkVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My80NDQ0YWItM2RhMy00MThiLWExMDUtZjJmZTBkMDRiZmJm
LzEvM2RsM0REQi1vNVlNamFKb3FJWmFTcC1tTk1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwSI4MA0G
CSqGSIb3DQEBCwUAA4IBAQBLug4zQ9hwJjqHUOvY0x9du7SD2DxHc6IbAekCs5+b
5I8ADoCg7As6HO3iTpnlY0IhdfvcDqIUq2gN4fH8HDD8+KhJp8W5OpIMzkvl5Zvy
3wqg5c5tlM9Hm+QRkNjn0faqkluZqXj036I2dyrZGxQ4GqHb9xE8qACl0E4tVFy4
/5UenNquhAYMrdLe9iX9ppufS9DzpXwjtVo1qhZZHkvrctDV95crjIG5J86GMbb3
zWc9wuzjhLQffYkGQrBtqghsXYpvAfcbl83aJ5GJe4g/jw0lqt0HFhk1n95w3m9v
BqYeRLBbcUiTrFlUXwu3fZitwEqbd7Oxe6t2sqfKK7Mr
-----END CERTIFICATE-----
Generated at Thu Mar 13 07:47:28 2025 by rpki-client