Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dstBPnTWXp7Fcs3usW9gEcIgHpI.roa
File: dstBPnTWXp7Fcs3usW9gEcIgHpI.roa (raw, json)
Hash identifier: hmWI/5IW4Tx8hsjLaOelJJS0e+dzXYsUASnfPAl7Vwo=
Subject key identifier: 76:CB:41:3E:74:D6:5E:9E:C5:72:CD:EE:B1:6F:60:11:C2:20:1E:92
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0194258FE8C525E92FF1098FAB18FE517983
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dstBPnTWXp7Fcs3usW9gEcIgHpI.roa
Signing time: Thu 02 Jan 2025 05:49:35 +0000
ROA not before: Thu 02 Jan 2025 05:49:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201069
IP address blocks: 93.170.96.0/24 maxlen: 24
93.170.187.0/24 maxlen: 24
93.171.218.0/24 maxlen: 24
95.47.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:e8:c5:25:e9:2f:f1:09:8f:ab:18:fe:51:79:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 05:49:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=76cb413e74d65e9ec572cdeeb16f6011c2201e92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:51:73:c1:e0:a3:b9:b3:23:d4:2e:99:15:0f:
71:31:34:76:ed:f7:93:a9:9a:72:90:58:ab:44:46:
a8:25:7e:b5:3f:70:eb:8f:40:be:bd:d5:48:e5:16:
fc:e9:27:c6:90:f2:a4:ba:b8:10:b3:08:b6:3c:3f:
8b:62:94:c1:26:1f:91:5d:09:25:1b:70:39:d5:d9:
09:f5:a0:fc:4a:68:1a:f7:9d:21:d5:2a:05:6d:0e:
7d:af:52:50:6f:cf:95:ad:64:f5:19:80:9d:89:32:
10:ad:b7:db:f7:2d:be:0b:0e:c4:96:68:6c:79:f5:
77:7b:ae:28:80:92:fe:41:8a:af:ce:b4:bf:e9:4f:
af:11:a0:96:ff:d6:17:b7:6c:9b:90:e2:5e:71:f0:
0e:db:72:83:1d:31:fc:7a:f5:72:fc:97:44:4c:29:
fc:0a:5a:3c:2c:2e:5c:82:d6:8e:69:08:5a:4c:36:
3d:cf:80:ed:83:07:95:40:32:07:88:f6:61:69:38:
de:25:5d:29:73:27:35:ad:30:64:32:c6:18:bf:bf:
13:c0:c6:c2:fe:51:79:cc:b6:42:23:69:79:c0:e2:
1b:af:5e:05:d3:bc:30:9e:0f:67:66:0b:fa:7a:9b:
fa:28:59:62:a0:e5:4c:6b:ff:0d:24:4a:ca:f9:8f:
a4:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:CB:41:3E:74:D6:5E:9E:C5:72:CD:EE:B1:6F:60:11:C2:20:1E:92
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dstBPnTWXp7Fcs3usW9gEcIgHpI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.170.96.0/24
93.170.187.0/24
93.171.218.0/24
95.47.119.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:9a:71:d6:4d:84:2b:58:31:8b:df:e4:46:e3:3a:96:b1:a9:
00:84:ce:2c:e7:63:a9:e8:30:ed:8b:d9:04:49:71:f7:5e:f6:
8f:61:63:95:42:4f:84:52:4b:28:9c:be:48:97:52:ef:a7:a4:
0a:52:58:74:c2:b9:55:a1:64:c7:e4:57:bc:79:ed:42:e7:03:
47:20:3b:34:79:8e:f0:5f:d1:02:d6:51:9d:ea:89:11:19:60:
a9:75:fc:0e:5b:3e:27:6a:fa:7f:cf:6e:62:f3:37:df:dc:8a:
18:47:34:11:50:43:68:61:45:a0:9c:16:28:24:7e:c6:ab:98:
bc:ed:31:68:d7:d7:52:8f:87:d4:b4:c2:7d:ac:2c:a4:ab:5b:
04:6d:2e:a5:b6:30:3f:03:e8:f9:d8:a5:85:5c:34:ef:ce:9a:
69:28:eb:33:85:54:c3:36:f6:1e:79:bc:20:1f:20:f9:d7:7a:
06:5e:51:14:10:85:ad:63:00:6e:ae:50:2a:86:2d:30:2f:c1:
a7:24:fd:d0:3b:c2:60:ad:8b:af:e7:63:92:4d:ee:98:aa:49:
c2:0f:d0:1e:bb:21:01:4d:ba:f8:d8:f6:8c:50:bd:d1:07:a4:
fa:71:83:1f:b2:f6:6e:ae:15:ee:6c:a3:3a:fc:9a:6a:08:00:
38:6e:00:6f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQlj+jFJekv8QmPqxj+UXmDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwMTAyMDU0OTM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmNiNDEzZTc0ZDY1ZTllYzU3MmNkZWViMTZmNjAxMWMyMjAxZTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4FFzweCjubMj1C6ZFQ9xMTR27feT
qZpykFirREaoJX61P3Drj0C+vdVI5Rb86SfGkPKkurgQswi2PD+LYpTBJh+RXQkl
G3A51dkJ9aD8Smga950h1SoFbQ59r1JQb8+VrWT1GYCdiTIQrbfb9y2+Cw7Elmhs
efV3e64ogJL+QYqvzrS/6U+vEaCW/9YXt2ybkOJecfAO23KDHTH8evVy/JdETCn8
Clo8LC5cgtaOaQhaTDY9z4DtgweVQDIHiPZhaTjeJV0pcyc1rTBkMsYYv78TwMbC
/lF5zLZCI2l5wOIbr14F07wwng9nZgv6epv6KFlioOVMa/8NJErK+Y+k5wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHbLQT501l6exXLN7rFvYBHCIB6SMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvZHN0QlBuVFdYcDdGY3MzdXNXOWdFY0lnSHBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAXapgAwQA
Xaq7AwQAXavaAwQAXy93MA0GCSqGSIb3DQEBCwUAA4IBAQCqmnHWTYQrWDGL3+RG
4zqWsakAhM4s52Op6DDti9kESXH3XvaPYWOVQk+EUksonL5Il1Lvp6QKUlh0wrlV
oWTH5Fe8ee1C5wNHIDs0eY7wX9EC1lGd6okRGWCpdfwOWz4navp/z25i8zff3IoY
RzQRUENoYUWgnBYoJH7Gq5i87TFo19dSj4fUtMJ9rCykq1sEbS6ltjA/A+j52KWF
XDTvzpppKOszhVTDNvYeebwgHyD513oGXlEUEIWtYwBurlAqhi0wL8GnJP3QO8Jg
rYuv52OSTe6YqknCD9AeuyEBTbr42PaMUL3RB6T6cYMfsvZurhXubKM6/JpqCAA4
bgBv
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:34:15 2025 by rpki-client