Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/kHAujIVnUhXMaoIyqu_bNaXJkeE.roa
File: kHAujIVnUhXMaoIyqu_bNaXJkeE.roa (raw, json)
Hash identifier: 0NooVy39J9es9E49t+LCx/RCaNX8dYs5nqWbl/+Agw4=
Subject key identifier: 90:70:2E:8C:85:67:52:15:CC:6A:82:32:AA:EF:DB:35:A5:C9:91:E1
Certificate issuer: /CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Certificate serial: 019421B20E94F97EF2B955A65D496D91C127
Authority key identifier: 54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/kHAujIVnUhXMaoIyqu_bNaXJkeE.roa
Signing time: Wed 01 Jan 2025 11:48:24 +0000
ROA not before: Wed 01 Jan 2025 11:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6778
IP address blocks: 194.183.56.0/23 maxlen: 23
194.183.62.0/24 maxlen: 24
195.136.0.0/18 maxlen: 18
195.136.71.0/24 maxlen: 24
195.136.192.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.mft
rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:0e:94:f9:7e:f2:b9:55:a6:5d:49:6d:91:c1:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Validity
Not Before: Jan 1 11:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=90702e8c85675215cc6a8232aaefdb35a5c991e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:33:f5:9b:4f:75:6a:3e:78:2a:32:6d:a9:40:
d9:ba:ec:3f:bc:d7:9e:0a:27:99:33:66:9e:f5:bc:
92:15:0a:23:06:49:fb:34:89:c1:2e:3a:e8:c6:fe:
cc:3f:20:2b:85:e9:4c:2f:79:c4:ac:e7:35:ae:0f:
67:03:ea:c1:9a:85:0c:7b:91:48:d8:2e:0e:c1:f6:
c8:be:5e:b9:48:b1:02:90:ce:68:41:79:03:96:bc:
41:2d:91:0e:d9:2f:1b:ae:02:e9:e4:b6:2e:6b:8f:
50:4b:6c:6a:df:52:49:d8:5a:ee:ab:4e:b5:c7:e0:
6c:c1:91:4c:0d:ee:a2:62:38:40:55:5a:1d:54:4e:
b7:f5:ad:dc:07:7a:1b:62:f2:ad:a8:35:a1:f2:c6:
b7:e3:d8:93:46:66:8f:ac:44:ee:02:c1:58:68:72:
7f:98:b3:b8:8c:c6:14:85:db:69:2b:fc:9c:a7:c3:
fe:65:4c:2d:60:00:f4:8b:60:78:06:17:e5:46:cc:
f5:8a:96:b3:44:4d:fa:a4:27:e4:39:3b:a0:57:b4:
42:fd:b6:6d:99:eb:c0:dc:de:80:a9:91:ee:36:dc:
63:58:45:6f:4a:f8:99:9d:29:04:e0:50:03:6c:f9:
8e:de:f8:c4:d8:d1:96:6b:4b:57:ae:83:d9:27:ab:
c2:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:70:2E:8C:85:67:52:15:CC:6A:82:32:AA:EF:DB:35:A5:C9:91:E1
X509v3 Authority Key Identifier:
keyid:54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/kHAujIVnUhXMaoIyqu_bNaXJkeE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.183.56.0/23
194.183.62.0/24
195.136.0.0/18
195.136.71.0/24
195.136.192.0/18
Signature Algorithm: sha256WithRSAEncryption
a9:ce:e6:c4:14:c1:67:f7:4f:15:5a:b0:69:20:9f:96:0c:8b:
93:fa:b4:77:54:5d:9a:19:cc:18:54:3b:52:b3:49:01:54:0b:
96:3e:30:f0:b5:4a:8e:38:86:ae:57:93:e4:7f:49:2f:7c:4e:
9b:3b:16:f7:45:a7:e8:f5:33:5a:f7:f7:0b:d0:71:ec:bf:b0:
fc:e4:e3:68:cb:31:ea:04:dc:62:20:2f:94:b3:f5:5d:dd:8b:
9a:17:76:1d:4a:be:8d:fb:68:82:bf:ed:b9:1c:1b:0d:eb:b5:
ee:73:08:1a:1e:2d:c4:71:f6:ab:0d:2b:75:b7:51:c3:46:3f:
f2:fe:7a:89:23:8a:d4:97:29:cc:1d:fe:94:59:6f:24:9e:68:
a7:5a:6d:09:6d:a8:c0:3c:43:2c:f4:88:05:48:09:a6:d4:4d:
74:dc:a0:27:cc:d3:98:7b:16:0f:e6:f2:5c:73:42:f5:b4:1b:
c7:e5:98:9b:38:1d:91:21:32:5d:80:aa:93:f6:ac:00:75:3a:
38:1c:c9:14:f3:a4:3f:b9:5c:61:f6:1d:e8:38:78:78:c3:bf:
98:c8:e5:35:f5:12:88:9c:09:d5:68:2f:4c:e7:c6:3d:c9:07:
4a:bb:66:7c:8a:42:4b:1a:a3:8a:ac:5e:da:46:c7:ca:c2:ea:
be:68:8d:15
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQhsg6U+X7yuVWmXUltkcEnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NjgzNGU2ODg5MGYzOTg2YTFiMDQ1N2NlMGY1NGFlMDNj
MmQ3NmIwHhcNMjUwMTAxMTE0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDcwMmU4Yzg1Njc1MjE1Y2M2YTgyMzJhYWVmZGIzNWE1Yzk5MWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDP1m091aj54KjJtqUDZuuw/vNee
CieZM2ae9bySFQojBkn7NInBLjroxv7MPyArhelML3nErOc1rg9nA+rBmoUMe5FI
2C4OwfbIvl65SLECkM5oQXkDlrxBLZEO2S8brgLp5LYua49QS2xq31JJ2Fruq061
x+BswZFMDe6iYjhAVVodVE639a3cB3obYvKtqDWh8sa349iTRmaPrETuAsFYaHJ/
mLO4jMYUhdtpK/ycp8P+ZUwtYAD0i2B4BhflRsz1ipazRE36pCfkOTugV7RC/bZt
mevA3N6AqZHuNtxjWEVvSviZnSkE4FADbPmO3vjE2NGWa0tXroPZJ6vCYQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJBwLoyFZ1IVzGqCMqrv2zWlyZHhMB8GA1UdIwQY
MBaAFFRoNOaIkPOYahsEV84PVK4DwtdrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQt
NTI3NjZiMjRiYWE0LzEva0hBdWpJVm5VaFhNYW9JeXF1X2JOYVhKa2VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQtNTI3NjZiMjRiYWE0
LzEvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBwrc4AwQA
wrc+AwQGw4gAAwQAw4hHAwQGw4jAMA0GCSqGSIb3DQEBCwUAA4IBAQCpzubEFMFn
908VWrBpIJ+WDIuT+rR3VF2aGcwYVDtSs0kBVAuWPjDwtUqOOIauV5Pkf0kvfE6b
Oxb3Rafo9TNa9/cL0HHsv7D85ONoyzHqBNxiIC+Us/Vd3YuaF3YdSr6N+2iCv+25
HBsN67XucwgaHi3EcfarDSt1t1HDRj/y/nqJI4rUlynMHf6UWW8knminWm0JbajA
PEMs9IgFSAmm1E103KAnzNOYexYP5vJcc0L1tBvH5ZibOB2RITJdgKqT9qwAdTo4
HMkU86Q/uVxh9h3oOHh4w7+YyOU19RKInAnVaC9M58Y9yQdKu2Z8ikJLGqOKrF7a
RsfKwuq+aI0V
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:07:03 2025 by rpki-client