Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/057a69-e68e-4004-8625-9177b14ee633/1/EsduMUwM_I8I9QBhuMSlNVS-Wi4.roa
File: EsduMUwM_I8I9QBhuMSlNVS-Wi4.roa (raw, json)
Hash identifier: RsxXFAy4vLF5L/pTYoeAN6hWsbZx1lCA8MFJDhAYUDI=
Subject key identifier: 12:C7:6E:31:4C:0C:FC:8F:08:F5:00:61:B8:C4:A5:35:54:BE:5A:2E
Certificate issuer: /CN=b945085995f3cb7c7dbd05e41774da624b1af2e9
Certificate serial: 01941F8C9180E3C3BB39844616D80BF87C74
Authority key identifier: B9:45:08:59:95:F3:CB:7C:7D:BD:05:E4:17:74:DA:62:4B:1A:F2:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uUUIWZXzy3x9vQXkF3TaYksa8uk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/057a69-e68e-4004-8625-9177b14ee633/1/EsduMUwM_I8I9QBhuMSlNVS-Wi4.roa
Signing time: Wed 01 Jan 2025 01:48:13 +0000
ROA not before: Wed 01 Jan 2025 01:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207425
IP address blocks: 193.105.96.0/24 maxlen: 24
193.105.102.0/24 maxlen: 27
193.105.117.0/24 maxlen: 27
193.105.121.0/24 maxlen: 27
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/057a69-e68e-4004-8625-9177b14ee633/1/uUUIWZXzy3x9vQXkF3TaYksa8uk.crl
rsync://rpki.ripe.net/repository/DEFAULT/6d/057a69-e68e-4004-8625-9177b14ee633/1/uUUIWZXzy3x9vQXkF3TaYksa8uk.mft
rsync://rpki.ripe.net/repository/DEFAULT/uUUIWZXzy3x9vQXkF3TaYksa8uk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Mar 2025 01:01:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:91:80:e3:c3:bb:39:84:46:16:d8:0b:f8:7c:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b945085995f3cb7c7dbd05e41774da624b1af2e9
Validity
Not Before: Jan 1 01:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=12c76e314c0cfc8f08f50061b8c4a53554be5a2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:6a:62:76:f6:05:88:49:e6:22:13:70:4f:cf:
67:95:49:93:3d:7c:0a:aa:03:a8:4e:1c:c3:8b:e1:
a5:69:5d:64:d9:99:04:f1:2a:fb:ef:49:5b:11:4d:
0f:fb:2e:c9:99:e1:ba:50:22:01:0b:9c:a1:ec:04:
e9:e3:d9:7c:36:51:8e:06:84:35:55:55:db:0c:b1:
7a:b3:72:07:ed:26:4d:1f:ce:e8:28:7d:23:19:bc:
c7:2b:83:6c:3d:e2:57:09:a3:61:be:5f:7e:6a:4a:
e5:0b:ff:4d:10:43:e8:e8:5c:44:57:31:1b:00:bd:
9a:cc:d2:4b:29:30:83:53:fd:dc:05:bc:70:8b:54:
6d:6c:ed:a8:bd:12:c5:07:b1:d9:41:43:12:e4:51:
d1:c0:d6:c4:7c:ae:54:ee:16:80:83:4b:f7:ca:6c:
83:c0:e3:c4:29:e3:40:a2:c4:ff:d9:ff:e9:2a:71:
d0:21:1a:f7:41:4c:b7:79:0a:39:66:7f:d0:ac:5a:
b7:f3:07:88:72:3a:4f:77:fb:e3:79:c3:8e:7c:1e:
9c:53:3b:51:f3:9f:3a:3e:d7:db:22:6d:d0:ce:fa:
4c:0b:55:8a:8f:80:3c:63:bf:ac:93:f1:46:73:6c:
40:62:93:cd:e8:42:de:af:2c:f0:89:96:90:c1:b8:
d5:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:C7:6E:31:4C:0C:FC:8F:08:F5:00:61:B8:C4:A5:35:54:BE:5A:2E
X509v3 Authority Key Identifier:
keyid:B9:45:08:59:95:F3:CB:7C:7D:BD:05:E4:17:74:DA:62:4B:1A:F2:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uUUIWZXzy3x9vQXkF3TaYksa8uk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/057a69-e68e-4004-8625-9177b14ee633/1/EsduMUwM_I8I9QBhuMSlNVS-Wi4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/057a69-e68e-4004-8625-9177b14ee633/1/uUUIWZXzy3x9vQXkF3TaYksa8uk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.105.96.0/24
193.105.102.0/24
193.105.117.0/24
193.105.121.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:b4:cb:dc:9e:cf:6b:16:64:34:8c:90:52:e0:25:15:fa:ca:
84:50:c9:68:62:82:4b:6b:86:43:27:1c:8f:4c:bf:96:78:f0:
e0:ff:4c:d1:fb:23:8d:ed:0d:13:40:58:42:26:97:01:c1:8c:
06:50:ab:6d:b2:a2:4b:72:94:71:60:73:84:64:51:06:e1:b6:
ed:9d:a8:eb:cf:9c:a3:1f:4d:fc:18:ae:1f:9d:76:27:be:3d:
1f:eb:78:8d:b8:b0:06:fc:eb:64:4b:55:27:5f:fa:4c:b7:6c:
68:81:02:3f:ac:8b:5d:73:df:a9:23:0e:dc:07:1c:ab:d3:4f:
df:e2:e9:4c:7b:72:63:12:d6:75:76:27:ad:09:e7:4e:49:51:
3e:6b:f5:d6:d9:73:f0:68:e8:fc:78:c4:6f:ae:3a:a0:99:96:
1c:d5:02:43:97:27:9b:06:4e:55:e0:20:64:d9:78:5b:07:22:
4e:f3:d1:63:88:91:77:fc:dd:e5:39:d7:cf:30:1f:6d:26:37:
46:55:2e:97:63:35:ca:41:33:5f:b5:85:5d:96:5d:38:ee:9c:
4c:a4:72:19:41:ad:35:6f:66:d9:82:c8:d5:60:83:83:8e:84:
24:6c:35:9d:a5:a3:0d:f3:08:3a:ce:81:fe:98:c6:8b:34:cb:
70:87:45:3c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQfjJGA48O7OYRGFtgL+Hx0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5NDUwODU5OTVmM2NiN2M3ZGJkMDVlNDE3NzRkYTYyNGIx
YWYyZTkwHhcNMjUwMTAxMDE0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMmM3NmUzMTRjMGNmYzhmMDhmNTAwNjFiOGM0YTUzNTU0YmU1YTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmGpidvYFiEnmIhNwT89nlUmTPXwK
qgOoThzDi+GlaV1k2ZkE8Sr770lbEU0P+y7JmeG6UCIBC5yh7ATp49l8NlGOBoQ1
VVXbDLF6s3IH7SZNH87oKH0jGbzHK4NsPeJXCaNhvl9+akrlC/9NEEPo6FxEVzEb
AL2azNJLKTCDU/3cBbxwi1RtbO2ovRLFB7HZQUMS5FHRwNbEfK5U7haAg0v3ymyD
wOPEKeNAosT/2f/pKnHQIRr3QUy3eQo5Zn/QrFq38weIcjpPd/vjecOOfB6cUztR
8586PtfbIm3QzvpMC1WKj4A8Y7+sk/FGc2xAYpPN6ELeryzwiZaQwbjVswIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBLHbjFMDPyPCPUAYbjEpTVUvlouMB8GA1UdIwQY
MBaAFLlFCFmV88t8fb0F5Bd02mJLGvLpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVVVSVdaWHp5M3g5dlFYa0YzVGFZa3NhOHVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC8wNTdhNjktZTY4ZS00MDA0LTg2MjUt
OTE3N2IxNGVlNjMzLzEvRXNkdU1Vd01fSThJOVFCaHVNU2xOVlMtV2k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC8wNTdhNjktZTY4ZS00MDA0LTg2MjUtOTE3N2IxNGVlNjMz
LzEvdVVVSVdaWHp5M3g5dlFYa0YzVGFZa3NhOHVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwWlgAwQA
wWlmAwQAwWl1AwQAwWl5MA0GCSqGSIb3DQEBCwUAA4IBAQBdtMvcns9rFmQ0jJBS
4CUV+sqEUMloYoJLa4ZDJxyPTL+WePDg/0zR+yON7Q0TQFhCJpcBwYwGUKttsqJL
cpRxYHOEZFEG4bbtnajrz5yjH038GK4fnXYnvj0f63iNuLAG/OtkS1UnX/pMt2xo
gQI/rItdc9+pIw7cBxyr00/f4ulMe3JjEtZ1dietCedOSVE+a/XW2XPwaOj8eMRv
rjqgmZYc1QJDlyebBk5V4CBk2XhbByJO89FjiJF3/N3lOdfPMB9tJjdGVS6XYzXK
QTNftYVdll047pxMpHIZQa01b2bZgsjVYIODjoQkbDWdpaMN8wg6zoH+mMaLNMtw
h0U8
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:59:47 2025 by rpki-client