Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/k3GYEwZrwJkW-baldqVZ7OTdkWA.roa
File: k3GYEwZrwJkW-baldqVZ7OTdkWA.roa (raw, json)
Hash identifier: SOugPNU0MpLV4vs9l4k/+IOUodPd9tsDih8LciRdYpU=
Subject key identifier: 93:71:98:13:06:6B:C0:99:16:F9:B6:A5:76:A5:59:EC:E4:DD:91:60
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 0194ACE3F17B08D865D8A9952C1AB99C7A73
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/k3GYEwZrwJkW-baldqVZ7OTdkWA.roa
Signing time: Tue 28 Jan 2025 12:30:06 +0000
ROA not before: Tue 28 Jan 2025 12:30:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 399471
IP address blocks: 194.85.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.mft
rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Mar 2025 03:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ac:e3:f1:7b:08:d8:65:d8:a9:95:2c:1a:b9:9c:7a:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jan 28 12:30:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=93719813066bc09916f9b6a576a559ece4dd9160
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:7c:d9:4b:79:94:9b:32:c7:5f:6d:1d:d3:78:
c3:f6:ea:a1:c3:73:c1:47:0b:50:59:ce:06:fb:a2:
e8:a3:8e:29:29:57:4a:1d:01:15:f2:10:56:85:4e:
c5:6e:ef:19:5f:06:6e:31:fd:bb:ad:5f:ed:99:d5:
7e:89:5c:de:87:97:d9:b9:29:6d:76:ae:c2:e6:be:
98:30:69:d0:86:b9:d3:07:e1:78:17:62:b9:52:15:
a7:d8:25:c6:1d:76:8b:d5:6f:6b:24:44:99:83:f3:
82:a0:57:6f:a3:1c:a4:88:76:bf:12:e1:ec:c6:c5:
db:a2:de:8c:57:56:1c:83:79:32:28:17:2b:15:18:
08:02:5c:92:12:d5:72:ec:b4:8d:c3:56:86:da:dc:
71:c2:ab:20:e4:c9:6f:96:87:83:d9:4f:e9:88:01:
8f:fc:5a:cb:a3:73:7b:f6:d6:43:ba:e6:91:d9:f9:
e7:83:5d:a6:f2:ac:71:c0:41:5c:1d:29:f2:16:2a:
ee:4e:7c:27:02:be:bf:b8:80:c3:b5:52:74:81:85:
d7:4e:9f:5a:b4:cf:b1:c0:c7:6c:b3:ea:c0:bc:2a:
59:b2:90:0a:1f:79:e4:27:b9:b2:59:67:bf:57:93:
2d:80:49:1d:06:f1:b1:62:c9:49:83:26:1b:42:fb:
12:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:71:98:13:06:6B:C0:99:16:F9:B6:A5:76:A5:59:EC:E4:DD:91:60
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/k3GYEwZrwJkW-baldqVZ7OTdkWA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.85.250.0/24
Signature Algorithm: sha256WithRSAEncryption
04:9f:5c:b8:e7:4f:a9:50:85:62:f7:24:80:5e:b4:3c:15:31:
ee:ed:e5:7b:04:e0:f0:20:a3:fa:79:3f:6a:96:70:86:d1:f2:
b4:f5:2c:4f:55:b7:6a:7a:7a:e0:3f:fe:bc:ca:aa:08:fb:49:
1d:a6:65:32:0f:c8:b0:59:78:f3:1b:3d:6a:31:e9:63:d7:09:
22:0d:60:4a:76:52:d3:48:00:ab:ec:f6:5b:32:dd:35:05:70:
74:a9:66:b4:93:04:48:e8:0c:f8:91:ef:6d:ba:f8:86:fa:e6:
3f:1d:47:e8:72:a6:9a:9d:4a:59:11:d8:af:2c:62:3c:62:a4:
4f:66:a9:ef:28:43:45:86:91:03:31:0f:e0:e1:e9:e9:30:50:
6e:9b:8d:98:5b:76:0c:4f:1b:5e:1a:b1:24:b9:ce:35:a3:66:
44:7d:43:ba:7f:fc:f4:51:88:34:b2:81:6e:eb:cb:04:d9:56:
d1:a8:2d:cc:77:c5:35:18:26:ea:9a:1a:0b:9b:1c:ec:a2:df:
af:0a:34:8a:f6:c0:ef:d1:ed:4f:59:b9:42:aa:ca:f9:c1:2b:
b9:14:e1:67:ca:bc:81:de:85:61:5c:72:0c:94:2a:52:eb:8d:
24:10:72:a2:a0:4d:42:2b:30:a8:16:0f:08:4a:44:49:f9:c7:
2c:21:2f:bb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZSs4/F7CNhl2KmVLBq5nHpzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjUwMTI4MTIzMDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzcxOTgxMzA2NmJjMDk5MTZmOWI2YTU3NmE1NTllY2U0ZGQ5MTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxnzZS3mUmzLHX20d03jD9uqhw3PB
RwtQWc4G+6Loo44pKVdKHQEV8hBWhU7Fbu8ZXwZuMf27rV/tmdV+iVzeh5fZuSlt
dq7C5r6YMGnQhrnTB+F4F2K5UhWn2CXGHXaL1W9rJESZg/OCoFdvoxykiHa/EuHs
xsXbot6MV1Ycg3kyKBcrFRgIAlySEtVy7LSNw1aG2txxwqsg5MlvloeD2U/piAGP
/FrLo3N79tZDuuaR2fnng12m8qxxwEFcHSnyFiruTnwnAr6/uIDDtVJ0gYXXTp9a
tM+xwMdss+rAvCpZspAKH3nkJ7myWWe/V5MtgEkdBvGxYslJgyYbQvsSFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJNxmBMGa8CZFvm2pXalWezk3ZFgMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvazNHWUV3WnJ3SmtXLWJhbGRxVlo3T1Rka1dBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwlX6MA0G
CSqGSIb3DQEBCwUAA4IBAQAEn1y450+pUIVi9ySAXrQ8FTHu7eV7BODwIKP6eT9q
lnCG0fK09SxPVbdqenrgP/68yqoI+0kdpmUyD8iwWXjzGz1qMelj1wkiDWBKdlLT
SACr7PZbMt01BXB0qWa0kwRI6Az4ke9tuviG+uY/HUfocqaanUpZEdivLGI8YqRP
ZqnvKENFhpEDMQ/g4enpMFBum42YW3YMTxteGrEkuc41o2ZEfUO6f/z0UYg0soFu
68sE2VbRqC3Md8U1GCbqmhoLmxzsot+vCjSK9sDv0e1PWblCqsr5wSu5FOFnyryB
3oVhXHIMlCpS640kEHKioE1CKzCoFg8ISkRJ+ccsIS+7
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:42:45 2025 by rpki-client