Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/712b40-53ae-4953-aff5-56a33057497b/1/AL-L8asVgI-s4USXW1Jxulz_8Sg.roa
File: AL-L8asVgI-s4USXW1Jxulz_8Sg.roa (raw, json)
Hash identifier: UF0FyApaz9L8VccFK4e4NgnphNtboD57IyF8hP0doDc=
Subject key identifier: 00:BF:8B:F1:AB:15:80:8F:AC:E1:44:97:5B:52:71:BA:5C:FF:F1:28
Certificate issuer: /CN=dcc2004a1af030ba99fcf451f3bd88efc53846a9
Certificate serial: 0194274837DADCB6797C2DEBFD201785986B
Authority key identifier: DC:C2:00:4A:1A:F0:30:BA:99:FC:F4:51:F3:BD:88:EF:C5:38:46:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3MIAShrwMLqZ_PRR872I78U4Rqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/712b40-53ae-4953-aff5-56a33057497b/1/AL-L8asVgI-s4USXW1Jxulz_8Sg.roa
Signing time: Thu 02 Jan 2025 13:50:31 +0000
ROA not before: Thu 02 Jan 2025 13:50:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14630
IP address blocks: 193.23.124.0/24 maxlen: 24
194.35.32.0/24 maxlen: 24
194.35.33.0/24 maxlen: 24
194.35.34.0/24 maxlen: 24
194.35.35.0/24 maxlen: 24
2a0d:fd40::/29 maxlen: 48
2a0d:fd40:56::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/712b40-53ae-4953-aff5-56a33057497b/1/3MIAShrwMLqZ_PRR872I78U4Rqk.crl
rsync://rpki.ripe.net/repository/DEFAULT/71/712b40-53ae-4953-aff5-56a33057497b/1/3MIAShrwMLqZ_PRR872I78U4Rqk.mft
rsync://rpki.ripe.net/repository/DEFAULT/3MIAShrwMLqZ_PRR872I78U4Rqk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 01:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:37:da:dc:b6:79:7c:2d:eb:fd:20:17:85:98:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcc2004a1af030ba99fcf451f3bd88efc53846a9
Validity
Not Before: Jan 2 13:50:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=00bf8bf1ab15808face144975b5271ba5cfff128
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:b4:5f:e9:f5:aa:fe:d0:b8:c8:8c:5a:86:4e:
3a:2b:bb:29:ac:b6:d1:59:7a:41:3a:58:e6:74:bb:
ed:23:69:cf:93:51:a2:2f:3d:4b:a6:1c:74:1c:03:
a8:3b:1f:46:78:c8:96:a4:ab:7d:5e:56:9d:07:3c:
4e:b1:82:eb:9c:d7:3d:85:e5:13:8e:2a:fa:f6:6b:
48:5b:ed:8b:31:8b:26:b5:4c:b9:43:99:7e:31:fb:
6a:33:6f:13:62:c3:d8:3f:da:53:56:cc:ba:68:bd:
fa:49:4d:9b:25:e6:4f:88:59:b4:dc:71:d2:c3:6d:
e9:3c:1f:45:30:e6:0a:6e:da:16:e1:53:a2:75:94:
f2:31:26:2c:0f:da:94:64:92:aa:52:49:46:84:7d:
a7:ae:59:17:56:5d:65:53:07:5a:42:d3:55:cb:68:
93:ef:25:5d:62:bc:0b:c1:bb:6b:d1:87:1e:34:c2:
dc:a3:8d:93:d3:39:5a:a8:42:70:eb:2f:50:59:a1:
c8:61:bd:c3:6e:52:8a:7a:d8:1d:6c:be:ec:fc:df:
be:2b:b2:aa:dd:f8:89:7d:69:cb:0d:71:4c:bf:0a:
ca:01:f4:95:da:a5:d1:7d:76:fd:69:db:f9:4d:a4:
1a:a0:13:8f:13:88:4f:d2:85:d4:8e:03:b4:65:32:
99:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:BF:8B:F1:AB:15:80:8F:AC:E1:44:97:5B:52:71:BA:5C:FF:F1:28
X509v3 Authority Key Identifier:
keyid:DC:C2:00:4A:1A:F0:30:BA:99:FC:F4:51:F3:BD:88:EF:C5:38:46:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3MIAShrwMLqZ_PRR872I78U4Rqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/712b40-53ae-4953-aff5-56a33057497b/1/AL-L8asVgI-s4USXW1Jxulz_8Sg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/712b40-53ae-4953-aff5-56a33057497b/1/3MIAShrwMLqZ_PRR872I78U4Rqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.23.124.0/24
194.35.32.0/22
IPv6:
2a0d:fd40::/29
Signature Algorithm: sha256WithRSAEncryption
19:14:77:31:22:1c:b0:26:01:53:e3:4c:3c:f3:c1:3a:18:fc:
dd:7f:81:74:d3:5d:d3:f2:23:9c:9c:1c:70:97:6a:e8:68:c6:
9c:06:2b:89:77:24:94:db:bd:72:03:48:3a:04:7f:99:8b:77:
65:70:cb:bf:d2:23:27:e9:65:cd:6e:f7:2a:49:c4:f0:67:27:
56:58:8c:3a:d9:24:a3:90:e6:d6:f2:c4:dc:2e:2f:49:05:dc:
02:dd:cf:c1:11:c7:5e:fd:62:7d:5a:da:fc:a3:f6:19:32:50:
eb:b1:32:1b:e9:77:88:7f:57:d4:6b:81:33:53:9c:c5:4d:14:
30:ab:ed:82:58:8a:d5:d7:69:a6:4d:33:8e:8b:40:4f:8c:4b:
9a:6f:9f:ec:94:d8:8c:c3:c9:ea:28:90:7a:32:68:d7:2f:58:
05:94:f0:5a:13:20:84:61:e4:09:5a:60:fd:fb:5c:f7:36:51:
46:63:09:ca:11:4e:0d:b3:4c:ad:b5:bf:c7:41:38:94:6b:98:
b5:2e:3c:08:ce:3f:6b:9d:b1:19:fd:f2:07:37:d8:72:7a:74:
5b:17:81:5b:bb:d1:03:b3:ac:b4:89:82:ee:61:92:9e:ef:11:
9e:a1:0e:a8:07:97:ce:56:5c:13:03:43:e6:da:fe:65:5a:8c:
28:73:2b:f3
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQnSDfa3LZ5fC3r/SAXhZhrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjYzIwMDRhMWFmMDMwYmE5OWZjZjQ1MWYzYmQ4OGVmYzUz
ODQ2YTkwHhcNMjUwMTAyMTM1MDMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGJmOGJmMWFiMTU4MDhmYWNlMTQ0OTc1YjUyNzFiYTVjZmZmMTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2bRf6fWq/tC4yIxahk46K7sprLbR
WXpBOljmdLvtI2nPk1GiLz1Lphx0HAOoOx9GeMiWpKt9XladBzxOsYLrnNc9heUT
jir69mtIW+2LMYsmtUy5Q5l+MftqM28TYsPYP9pTVsy6aL36SU2bJeZPiFm03HHS
w23pPB9FMOYKbtoW4VOidZTyMSYsD9qUZJKqUklGhH2nrlkXVl1lUwdaQtNVy2iT
7yVdYrwLwbtr0YceNMLco42T0zlaqEJw6y9QWaHIYb3DblKKetgdbL7s/N++K7Kq
3fiJfWnLDXFMvwrKAfSV2qXRfXb9adv5TaQaoBOPE4hP0oXUjgO0ZTKZiQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAC/i/GrFYCPrOFEl1tScbpc//EoMB8GA1UdIwQY
MBaAFNzCAEoa8DC6mfz0UfO9iO/FOEapMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM01JQVNocndNTHFaX1BSUjg3Mkk3OFU0UnFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS83MTJiNDAtNTNhZS00OTUzLWFmZjUt
NTZhMzMwNTc0OTdiLzEvQUwtTDhhc1ZnSS1zNFVTWFcxSnh1bHpfOFNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS83MTJiNDAtNTNhZS00OTUzLWFmZjUtNTZhMzMwNTc0OTdi
LzEvM01JQVNocndNTHFaX1BSUjg3Mkk3OFU0UnFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAwRd8AwQC
wiMgMA0EAgACMAcDBQMqDf1AMA0GCSqGSIb3DQEBCwUAA4IBAQAZFHcxIhywJgFT
40w888E6GPzdf4F0013T8iOcnBxwl2roaMacBiuJdySU271yA0g6BH+Zi3dlcMu/
0iMn6WXNbvcqScTwZydWWIw62SSjkObW8sTcLi9JBdwC3c/BEcde/WJ9Wtr8o/YZ
MlDrsTIb6XeIf1fUa4EzU5zFTRQwq+2CWIrV12mmTTOOi0BPjEuab5/slNiMw8nq
KJB6MmjXL1gFlPBaEyCEYeQJWmD9+1z3NlFGYwnKEU4Ns0yttb/HQTiUa5i1LjwI
zj9rnbEZ/fIHN9hyenRbF4Fbu9EDs6y0iYLuYZKe7xGeoQ6oB5fOVlwTA0Pm2v5l
Wowocyvz
-----END CERTIFICATE-----
Generated at Mon Apr 7 11:01:21 2025 by rpki-client