Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/b6824a-da61-4cb3-aa78-a0e2410f01e9/1/cWBtpv0lbtjjKIiQC4VphdrpJsI.roa
File: cWBtpv0lbtjjKIiQC4VphdrpJsI.roa (raw, json)
Hash identifier: 53d/EkPX5lZbgRgCOrdlmmeWh1Ezm+rcdsaRC9uISUI=
Subject key identifier: 71:60:6D:A6:FD:25:6E:D8:E3:28:88:90:0B:85:69:85:DA:E9:26:C2
Certificate issuer: /CN=e96d07d74cd14a5a439f483758c424dbad33977a
Certificate serial: 019423698C38A73EB356DB8CA0EA3AE9E2FC
Authority key identifier: E9:6D:07:D7:4C:D1:4A:5A:43:9F:48:37:58:C4:24:DB:AD:33:97:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W0H10zRSlpDn0g3WMQk260zl3o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/b6824a-da61-4cb3-aa78-a0e2410f01e9/1/cWBtpv0lbtjjKIiQC4VphdrpJsI.roa
Signing time: Wed 01 Jan 2025 19:48:27 +0000
ROA not before: Wed 01 Jan 2025 19:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211452
IP address blocks: 193.5.176.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/b6824a-da61-4cb3-aa78-a0e2410f01e9/1/6W0H10zRSlpDn0g3WMQk260zl3o.crl
rsync://rpki.ripe.net/repository/DEFAULT/71/b6824a-da61-4cb3-aa78-a0e2410f01e9/1/6W0H10zRSlpDn0g3WMQk260zl3o.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W0H10zRSlpDn0g3WMQk260zl3o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 07:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:8c:38:a7:3e:b3:56:db:8c:a0:ea:3a:e9:e2:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d07d74cd14a5a439f483758c424dbad33977a
Validity
Not Before: Jan 1 19:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=71606da6fd256ed8e32888900b856985dae926c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:25:15:d6:95:04:11:27:7a:f1:ee:78:fb:94:
d3:38:79:ba:0c:01:23:7b:18:5f:66:96:30:5e:35:
64:9f:03:ea:30:c0:ca:ea:ec:ef:31:cf:1e:a6:1a:
0a:35:19:ca:5a:12:e1:7f:ed:fd:8a:37:09:45:20:
d0:88:a6:63:72:de:8e:dd:f4:45:7b:e4:e5:bc:e3:
f5:1f:03:87:7c:dc:40:3d:cc:ca:77:52:42:e9:ab:
af:2f:46:83:cc:30:c5:ab:f9:56:00:6b:7d:5e:3a:
23:aa:8c:ae:6c:7d:bc:5f:a0:00:64:99:b1:a1:96:
44:f1:5d:3a:86:99:42:92:55:d5:89:58:48:47:00:
3b:18:ea:c3:53:47:a5:c2:a8:90:bf:90:b2:0e:6c:
a5:d5:c6:bc:bf:02:a4:cb:b6:53:c5:f5:07:1a:97:
cf:67:00:9c:4b:25:fd:df:b0:fc:1d:f8:3c:38:a5:
4d:26:0e:d4:76:2e:16:cd:17:27:0d:89:00:8d:6f:
91:bc:f4:b1:83:b4:03:96:bd:58:b1:ff:65:d2:3c:
2a:ce:78:0f:43:c2:7e:4c:77:2e:82:3b:a9:2c:fb:
82:6f:04:3f:d0:5a:cf:a4:31:80:18:f0:fb:35:10:
0d:45:8f:b4:db:6e:af:27:25:d4:e1:99:8c:92:ef:
b1:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:60:6D:A6:FD:25:6E:D8:E3:28:88:90:0B:85:69:85:DA:E9:26:C2
X509v3 Authority Key Identifier:
keyid:E9:6D:07:D7:4C:D1:4A:5A:43:9F:48:37:58:C4:24:DB:AD:33:97:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W0H10zRSlpDn0g3WMQk260zl3o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/b6824a-da61-4cb3-aa78-a0e2410f01e9/1/cWBtpv0lbtjjKIiQC4VphdrpJsI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/b6824a-da61-4cb3-aa78-a0e2410f01e9/1/6W0H10zRSlpDn0g3WMQk260zl3o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.5.176.0/23
Signature Algorithm: sha256WithRSAEncryption
b6:67:c1:c5:35:60:14:54:22:8c:fe:93:3e:de:76:3e:cd:73:
3a:49:bb:3a:da:a1:7e:4a:e8:8a:cf:46:78:a0:76:77:18:03:
fd:d7:7c:03:6c:29:2f:80:3e:83:99:1f:24:e9:67:0c:5d:3d:
c6:f9:40:79:09:6f:7a:e6:bf:3d:8e:9b:cc:55:e9:e7:f8:10:
da:94:2e:bb:8a:88:5c:fb:c5:32:dd:a6:0a:42:5d:1a:6b:f8:
d3:cf:e5:bb:99:a1:56:4a:44:88:29:15:b8:9a:c3:27:8e:0b:
d8:80:ce:bb:82:a4:58:b0:e5:ff:f5:6f:fc:58:76:2c:8a:04:
d2:b7:d6:b8:e6:26:25:93:de:9c:8a:43:fa:79:f1:c8:42:e7:
71:f5:e8:20:a4:fd:84:85:50:ce:80:2c:a9:b6:fc:b9:f6:aa:
14:d5:32:40:8b:14:96:e5:de:f7:52:9e:bc:96:10:ef:16:5d:
73:b3:5e:e0:21:1e:5c:a3:d8:f6:e5:4c:11:15:a2:16:ce:0e:
91:a7:cd:9b:26:f9:76:84:7f:e4:dc:7c:78:5c:22:e9:50:e3:
0a:95:18:35:c5:ea:02:5f:6c:98:f1:c5:d6:38:4e:d7:47:40:
53:cf:08:4d:82:69:1d:1c:a0:a6:82:65:f6:c5:29:4a:6f:10:
b1:fe:73:c3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjaYw4pz6zVtuMoOo66eL8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NmQwN2Q3NGNkMTRhNWE0MzlmNDgzNzU4YzQyNGRiYWQz
Mzk3N2EwHhcNMjUwMTAxMTk0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTYwNmRhNmZkMjU2ZWQ4ZTMyODg4OTAwYjg1Njk4NWRhZTkyNmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5iUV1pUEESd68e54+5TTOHm6DAEj
exhfZpYwXjVknwPqMMDK6uzvMc8ephoKNRnKWhLhf+39ijcJRSDQiKZjct6O3fRF
e+TlvOP1HwOHfNxAPczKd1JC6auvL0aDzDDFq/lWAGt9XjojqoyubH28X6AAZJmx
oZZE8V06hplCklXViVhIRwA7GOrDU0elwqiQv5CyDmyl1ca8vwKky7ZTxfUHGpfP
ZwCcSyX937D8Hfg8OKVNJg7Udi4WzRcnDYkAjW+RvPSxg7QDlr1Ysf9l0jwqzngP
Q8J+THcugjupLPuCbwQ/0FrPpDGAGPD7NRANRY+0226vJyXU4ZmMku+xSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHFgbab9JW7Y4yiIkAuFaYXa6SbCMB8GA1UdIwQY
MBaAFOltB9dM0UpaQ59IN1jEJNutM5d6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlcwSDEwelJTbHBEbjBnM1dNUWsyNjB6bDNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9iNjgyNGEtZGE2MS00Y2IzLWFhNzgt
YTBlMjQxMGYwMWU5LzEvY1dCdHB2MGxidGpqS0lpUUM0VnBoZHJwSnNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9iNjgyNGEtZGE2MS00Y2IzLWFhNzgtYTBlMjQxMGYwMWU5
LzEvNlcwSDEwelJTbHBEbjBnM1dNUWsyNjB6bDNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwQWwMA0G
CSqGSIb3DQEBCwUAA4IBAQC2Z8HFNWAUVCKM/pM+3nY+zXM6Sbs62qF+SuiKz0Z4
oHZ3GAP913wDbCkvgD6DmR8k6WcMXT3G+UB5CW965r89jpvMVenn+BDalC67iohc
+8Uy3aYKQl0aa/jTz+W7maFWSkSIKRW4msMnjgvYgM67gqRYsOX/9W/8WHYsigTS
t9a45iYlk96cikP6efHIQudx9eggpP2EhVDOgCyptvy59qoU1TJAixSW5d73Up68
lhDvFl1zs17gIR5co9j25UwRFaIWzg6Rp82bJvl2hH/k3Hx4XCLpUOMKlRg1xeoC
X2yY8cXWOE7XR0BTzwhNgmkdHKCmgmX2xSlKbxCx/nPD
-----END CERTIFICATE-----
Generated at Thu Apr 17 16:28:12 2025 by rpki-client