Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/5cf9a5-11e0-4876-9fe4-f50f71d5e0c8/1/11lEAhEOetLxn95SvRSXh-Lluqw.roa
File: 11lEAhEOetLxn95SvRSXh-Lluqw.roa (raw, json)
Hash identifier: ReOSLE0b85HJRKU+RZhB6Hf7GgBYtQi4K1hsRO89zys=
Subject key identifier: D7:59:44:02:11:0E:7A:D2:F1:9F:DE:52:BD:14:97:87:E2:E5:BA:AC
Certificate issuer: /CN=c60ffca9d8ca08f213e60a0048c17fbb0bf60e7c
Certificate serial: 0194266C4359DB08BA445CA4512FDCD2C760
Authority key identifier: C6:0F:FC:A9:D8:CA:08:F2:13:E6:0A:00:48:C1:7F:BB:0B:F6:0E:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xg_8qdjKCPIT5goASMF_uwv2Dnw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/5cf9a5-11e0-4876-9fe4-f50f71d5e0c8/1/11lEAhEOetLxn95SvRSXh-Lluqw.roa
Signing time: Thu 02 Jan 2025 09:50:16 +0000
ROA not before: Thu 02 Jan 2025 09:50:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50628
IP address blocks: 193.35.98.0/24 maxlen: 24
193.35.101.0/24 maxlen: 24
193.35.145.0/24 maxlen: 24
193.35.156.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/5cf9a5-11e0-4876-9fe4-f50f71d5e0c8/1/xg_8qdjKCPIT5goASMF_uwv2Dnw.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/5cf9a5-11e0-4876-9fe4-f50f71d5e0c8/1/xg_8qdjKCPIT5goASMF_uwv2Dnw.mft
rsync://rpki.ripe.net/repository/DEFAULT/xg_8qdjKCPIT5goASMF_uwv2Dnw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:43:59:db:08:ba:44:5c:a4:51:2f:dc:d2:c7:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c60ffca9d8ca08f213e60a0048c17fbb0bf60e7c
Validity
Not Before: Jan 2 09:50:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d7594402110e7ad2f19fde52bd149787e2e5baac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:5a:d0:ad:d6:75:09:6a:9c:00:fb:f4:32:63:
90:91:9a:fe:65:14:e6:c7:0f:bc:98:bf:13:6c:99:
08:9f:52:7c:e6:d5:23:f8:31:dc:c7:96:43:58:ec:
97:7f:4c:18:9d:9d:e5:ef:a2:3f:2e:36:bc:60:82:
65:16:b9:33:ce:60:5b:55:13:c7:97:0d:56:c3:da:
ed:23:3e:bf:0d:73:e2:0f:67:2c:98:32:9e:da:63:
c7:f9:20:a3:f8:fb:84:32:05:c5:f9:ec:bd:4f:82:
ea:87:72:fc:41:65:12:ca:8d:dd:c7:60:47:d5:aa:
16:84:66:ca:5f:58:27:af:88:d7:6c:2b:3d:ea:ac:
e4:4d:4c:10:25:38:db:dd:d9:ba:cf:93:9c:03:89:
02:35:42:5d:18:3b:71:0b:7c:8b:fc:26:4f:a3:52:
8c:5d:73:57:b1:cc:f3:20:88:3f:53:89:fa:ea:39:
57:48:54:70:40:fb:3b:15:06:0a:f9:e2:be:1b:36:
c2:00:bb:77:cb:bb:f4:0d:40:2b:7f:33:b8:ff:24:
50:fb:87:b2:b5:20:b1:12:a3:59:91:1b:0a:66:83:
0c:76:6e:ce:7a:73:fe:35:cc:8c:e2:4b:c2:d6:b6:
73:54:df:04:43:66:f5:98:18:d9:e2:2d:f4:80:8b:
af:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:59:44:02:11:0E:7A:D2:F1:9F:DE:52:BD:14:97:87:E2:E5:BA:AC
X509v3 Authority Key Identifier:
keyid:C6:0F:FC:A9:D8:CA:08:F2:13:E6:0A:00:48:C1:7F:BB:0B:F6:0E:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xg_8qdjKCPIT5goASMF_uwv2Dnw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/5cf9a5-11e0-4876-9fe4-f50f71d5e0c8/1/11lEAhEOetLxn95SvRSXh-Lluqw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/5cf9a5-11e0-4876-9fe4-f50f71d5e0c8/1/xg_8qdjKCPIT5goASMF_uwv2Dnw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.35.98.0/24
193.35.101.0/24
193.35.145.0/24
193.35.156.0/24
Signature Algorithm: sha256WithRSAEncryption
38:a0:73:80:c1:d1:9c:c0:4d:c2:f0:fa:48:16:80:c3:3a:a4:
53:8f:5b:90:89:32:b0:2f:df:94:bc:0b:8f:4e:38:b3:e7:40:
cb:43:a6:45:92:20:35:a4:02:fe:7f:cc:18:2b:01:c1:ca:c4:
c6:22:71:fe:4f:48:b9:52:a2:16:4d:5a:f0:65:7e:72:cc:35:
f9:5b:16:6f:d8:61:9a:2b:29:bd:e3:3c:90:88:4c:8d:ba:fd:
ab:04:96:cd:0c:eb:9a:02:c4:88:37:3d:df:a1:de:f9:1d:28:
de:60:03:48:08:ba:b4:bc:4e:ac:d8:9b:85:d2:ee:20:71:85:
a3:8b:89:72:9b:bc:64:e8:f0:8e:91:a0:3a:50:b6:60:27:94:
f7:7d:f3:65:61:00:70:e0:a4:e3:66:a2:3d:a7:b8:31:fe:6c:
f3:64:9b:1b:dc:cc:68:95:b0:2e:3c:26:58:b7:56:e2:2d:8c:
32:4f:91:8b:29:93:72:90:41:da:10:d2:ef:f7:30:f9:5f:10:
aa:db:6c:d1:a4:93:82:91:c5:f1:5b:52:f7:20:00:78:d1:c7:
80:9b:92:55:3d:cc:65:cd:e4:f7:9d:ce:d4:86:97:74:d0:ca:
57:77:2f:b2:cf:db:c9:39:3c:2f:e2:0c:61:85:d8:93:31:88:
75:72:f2:18
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQmbENZ2wi6RFykUS/c0sdgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MGZmY2E5ZDhjYTA4ZjIxM2U2MGEwMDQ4YzE3ZmJiMGJm
NjBlN2MwHhcNMjUwMTAyMDk1MDE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzU5NDQwMjExMGU3YWQyZjE5ZmRlNTJiZDE0OTc4N2UyZTViYWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1rQrdZ1CWqcAPv0MmOQkZr+ZRTm
xw+8mL8TbJkIn1J85tUj+DHcx5ZDWOyXf0wYnZ3l76I/Lja8YIJlFrkzzmBbVRPH
lw1Ww9rtIz6/DXPiD2csmDKe2mPH+SCj+PuEMgXF+ey9T4Lqh3L8QWUSyo3dx2BH
1aoWhGbKX1gnr4jXbCs96qzkTUwQJTjb3dm6z5OcA4kCNUJdGDtxC3yL/CZPo1KM
XXNXsczzIIg/U4n66jlXSFRwQPs7FQYK+eK+GzbCALt3y7v0DUArfzO4/yRQ+4ey
tSCxEqNZkRsKZoMMdm7OenP+NcyM4kvC1rZzVN8EQ2b1mBjZ4i30gIuv3QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNdZRAIRDnrS8Z/eUr0Ul4fi5bqsMB8GA1UdIwQY
MBaAFMYP/KnYygjyE+YKAEjBf7sL9g58MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGdfOHFkaktDUElUNWdvQVNNRl91d3YyRG53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS81Y2Y5YTUtMTFlMC00ODc2LTlmZTQt
ZjUwZjcxZDVlMGM4LzEvMTFsRUFoRU9ldEx4bjk1U3ZSU1hoLUxsdXF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS81Y2Y5YTUtMTFlMC00ODc2LTlmZTQtZjUwZjcxZDVlMGM4
LzEveGdfOHFkaktDUElUNWdvQVNNRl91d3YyRG53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwSNiAwQA
wSNlAwQAwSORAwQAwSOcMA0GCSqGSIb3DQEBCwUAA4IBAQA4oHOAwdGcwE3C8PpI
FoDDOqRTj1uQiTKwL9+UvAuPTjiz50DLQ6ZFkiA1pAL+f8wYKwHBysTGInH+T0i5
UqIWTVrwZX5yzDX5WxZv2GGaKym94zyQiEyNuv2rBJbNDOuaAsSINz3fod75HSje
YANICLq0vE6s2JuF0u4gcYWji4lym7xk6PCOkaA6ULZgJ5T3ffNlYQBw4KTjZqI9
p7gx/mzzZJsb3MxolbAuPCZYt1biLYwyT5GLKZNykEHaENLv9zD5XxCq22zRpJOC
kcXxW1L3IAB40ceAm5JVPcxlzeT3nc7Uhpd00MpXdy+yz9vJOTwv4gxhhdiTMYh1
cvIY
-----END CERTIFICATE-----
Generated at Fri Apr 18 20:15:50 2025 by rpki-client