Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/421498-28d3-4376-b625-31af3e294671/1/xVwjRhSfq67xc9Qi_wrSVn11vY0.roa
File: xVwjRhSfq67xc9Qi_wrSVn11vY0.roa (raw, json)
Hash identifier: iJyeTnFvoMMSPwtJkLmVhK7+FVvlX6Jx0lnFlM/s3fE=
Subject key identifier: C5:5C:23:46:14:9F:AB:AE:F1:73:D4:22:FF:0A:D2:56:7D:75:BD:8D
Certificate issuer: /CN=1120a0ce013e2d52a6ff354a270894bb998e4547
Certificate serial: 0194214417735AE9626E5170CB2624CF9592
Authority key identifier: 11:20:A0:CE:01:3E:2D:52:A6:FF:35:4A:27:08:94:BB:99:8E:45:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ESCgzgE-LVKm_zVKJwiUu5mORUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/421498-28d3-4376-b625-31af3e294671/1/xVwjRhSfq67xc9Qi_wrSVn11vY0.roa
Signing time: Wed 01 Jan 2025 09:48:18 +0000
ROA not before: Wed 01 Jan 2025 09:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200520
IP address blocks: 193.17.96.0/21 maxlen: 30
2a03:35c0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/421498-28d3-4376-b625-31af3e294671/1/ESCgzgE-LVKm_zVKJwiUu5mORUc.crl
rsync://rpki.ripe.net/repository/DEFAULT/60/421498-28d3-4376-b625-31af3e294671/1/ESCgzgE-LVKm_zVKJwiUu5mORUc.mft
rsync://rpki.ripe.net/repository/DEFAULT/ESCgzgE-LVKm_zVKJwiUu5mORUc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 23:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:17:73:5a:e9:62:6e:51:70:cb:26:24:cf:95:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1120a0ce013e2d52a6ff354a270894bb998e4547
Validity
Not Before: Jan 1 09:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c55c2346149fabaef173d422ff0ad2567d75bd8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:21:21:4c:0d:fe:16:a3:00:a3:e7:a0:97:5d:
25:99:6f:7d:7d:fa:e7:06:96:19:a5:56:94:70:3b:
2f:9e:57:e7:8d:4d:61:ad:c1:c3:ec:e2:b3:68:11:
92:48:d9:74:f8:9c:ac:b1:5c:31:ff:70:67:5d:04:
18:d3:be:2b:96:52:db:f7:29:86:c6:a8:2b:31:8a:
2f:36:ba:d3:07:92:56:b7:5c:4a:be:d0:c3:03:1a:
11:4f:61:86:75:1a:68:9a:cc:bf:f0:12:62:94:8e:
87:bc:bd:72:10:a3:3c:51:a8:36:2d:91:4c:01:4e:
2b:83:66:2e:fc:0b:28:9d:6b:c5:5e:9c:5e:f7:ed:
1b:75:28:b8:40:7f:67:e2:27:2f:40:a4:91:4c:ca:
85:65:a6:62:98:86:e6:df:9a:cf:c5:15:e0:8c:53:
fe:cd:3e:4f:db:eb:5f:9d:45:53:a5:53:4f:f8:41:
05:1d:dd:ec:b9:99:d1:17:59:75:b0:ad:fc:40:3d:
56:3c:54:13:7c:52:73:27:ab:a6:ff:d4:9a:9b:18:
50:c4:b1:b7:ce:bf:fe:4a:8d:b8:b4:c6:1a:57:ca:
3e:f4:8e:9e:c2:2b:92:7d:4e:fc:85:16:0f:79:80:
22:6c:b9:31:83:07:9a:ed:7b:1b:44:79:2d:d5:fe:
27:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:5C:23:46:14:9F:AB:AE:F1:73:D4:22:FF:0A:D2:56:7D:75:BD:8D
X509v3 Authority Key Identifier:
keyid:11:20:A0:CE:01:3E:2D:52:A6:FF:35:4A:27:08:94:BB:99:8E:45:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ESCgzgE-LVKm_zVKJwiUu5mORUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/421498-28d3-4376-b625-31af3e294671/1/xVwjRhSfq67xc9Qi_wrSVn11vY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/421498-28d3-4376-b625-31af3e294671/1/ESCgzgE-LVKm_zVKJwiUu5mORUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.17.96.0/21
IPv6:
2a03:35c0::/32
Signature Algorithm: sha256WithRSAEncryption
2d:42:9f:e2:a7:b6:ab:a6:d6:b0:dd:09:18:10:41:74:06:a4:
4d:22:a7:11:aa:06:4e:13:fd:54:11:92:e3:9d:1a:f9:d6:5e:
b6:76:44:1c:44:c1:cb:85:60:5e:6e:0d:b6:2f:13:91:24:d1:
af:6c:fb:1c:85:51:bf:e3:fb:94:40:ad:42:5a:ab:40:89:17:
6b:07:7f:c4:40:3c:ad:6c:24:d3:5e:94:56:a2:6c:7f:6a:d4:
fb:ef:28:d2:7e:5d:27:84:f8:73:02:f7:9e:d6:d1:c2:93:8e:
26:92:89:0b:2d:77:1e:a4:b4:9f:61:8e:f1:fb:5e:6d:6f:ea:
b6:0a:0d:cf:1f:84:56:11:61:d9:01:3f:ab:2e:78:bc:52:4f:
7a:1b:56:58:8d:17:24:7a:aa:36:c1:a4:5f:9c:5d:c2:91:a6:
5b:7e:33:38:9c:17:05:9c:05:48:42:6c:70:2a:75:37:f9:8c:
0e:27:99:25:de:d5:c9:00:97:13:29:74:76:42:3b:3c:1d:4d:
e5:42:07:51:23:f2:79:28:48:2d:68:80:8b:0e:6d:a6:e3:0c:
5a:58:17:db:8a:fc:06:0c:e3:e4:be:47:fa:37:9f:47:66:4a:
31:3a:b2:03:45:86:aa:53:52:7d:53:91:d4:10:fd:17:b2:1f:
a0:8a:25:18
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQhRBdzWuliblFwyyYkz5WSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMjBhMGNlMDEzZTJkNTJhNmZmMzU0YTI3MDg5NGJiOTk4
ZTQ1NDcwHhcNMjUwMTAxMDk0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTVjMjM0NjE0OWZhYmFlZjE3M2Q0MjJmZjBhZDI1NjdkNzViZDhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0iEhTA3+FqMAo+egl10lmW99ffrn
BpYZpVaUcDsvnlfnjU1hrcHD7OKzaBGSSNl0+JyssVwx/3BnXQQY074rllLb9ymG
xqgrMYovNrrTB5JWt1xKvtDDAxoRT2GGdRpomsy/8BJilI6HvL1yEKM8Uag2LZFM
AU4rg2Yu/AsonWvFXpxe9+0bdSi4QH9n4icvQKSRTMqFZaZimIbm35rPxRXgjFP+
zT5P2+tfnUVTpVNP+EEFHd3suZnRF1l1sK38QD1WPFQTfFJzJ6um/9SamxhQxLG3
zr/+So24tMYaV8o+9I6ewiuSfU78hRYPeYAibLkxgwea7XsbRHkt1f4n2QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMVcI0YUn6uu8XPUIv8K0lZ9db2NMB8GA1UdIwQY
MBaAFBEgoM4BPi1Spv81SicIlLuZjkVHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVNDZ3pnRS1MVkttX3pWS0p3aVV1NW1PUlVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC80MjE0OTgtMjhkMy00Mzc2LWI2MjUt
MzFhZjNlMjk0NjcxLzEveFZ3alJoU2ZxNjd4YzlRaV93clNWbjExdlkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC80MjE0OTgtMjhkMy00Mzc2LWI2MjUtMzFhZjNlMjk0Njcx
LzEvRVNDZ3pnRS1MVkttX3pWS0p3aVV1NW1PUlVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDwRFgMA0E
AgACMAcDBQAqAzXAMA0GCSqGSIb3DQEBCwUAA4IBAQAtQp/ip7arptaw3QkYEEF0
BqRNIqcRqgZOE/1UEZLjnRr51l62dkQcRMHLhWBebg22LxORJNGvbPschVG/4/uU
QK1CWqtAiRdrB3/EQDytbCTTXpRWomx/atT77yjSfl0nhPhzAvee1tHCk44mkokL
LXcepLSfYY7x+15tb+q2Cg3PH4RWEWHZAT+rLni8Uk96G1ZYjRckeqo2waRfnF3C
kaZbfjM4nBcFnAVIQmxwKnU3+YwOJ5kl3tXJAJcTKXR2Qjs8HU3lQgdRI/J5KEgt
aICLDm2m4wxaWBfbivwGDOPkvkf6N59HZkoxOrIDRYaqU1J9U5HUEP0Xsh+giiUY
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:48:56 2025 by rpki-client