Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/2f33ee-5590-4a22-b8e2-2880612705ee/1/Y2gjl-Swzk92ryq3Z-Z6gp7HzLE.roa
File: Y2gjl-Swzk92ryq3Z-Z6gp7HzLE.roa (raw, json)
Hash identifier: PMTJytzI+iwFKg204deNXF6qN+csOXo8Jl+I9xD+TfM=
Subject key identifier: 63:68:23:97:E4:B0:CE:4F:76:AF:2A:B7:67:E6:7A:82:9E:C7:CC:B1
Certificate issuer: /CN=dd5f72f0facf52705727c039bdc1fbb7cc97d428
Certificate serial: 0194B60D84E5925DA95993F5BBBFA0190555
Authority key identifier: DD:5F:72:F0:FA:CF:52:70:57:27:C0:39:BD:C1:FB:B7:CC:97:D4:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3V9y8PrPUnBXJ8A5vcH7t8yX1Cg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/2f33ee-5590-4a22-b8e2-2880612705ee/1/Y2gjl-Swzk92ryq3Z-Z6gp7HzLE.roa
Signing time: Thu 30 Jan 2025 07:12:06 +0000
ROA not before: Thu 30 Jan 2025 07:12:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213490
IP address blocks: 193.141.183.0/24 maxlen: 24
193.141.188.0/24 maxlen: 24
2001:67c:d18::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/2f33ee-5590-4a22-b8e2-2880612705ee/1/3V9y8PrPUnBXJ8A5vcH7t8yX1Cg.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/2f33ee-5590-4a22-b8e2-2880612705ee/1/3V9y8PrPUnBXJ8A5vcH7t8yX1Cg.mft
rsync://rpki.ripe.net/repository/DEFAULT/3V9y8PrPUnBXJ8A5vcH7t8yX1Cg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 22:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:b6:0d:84:e5:92:5d:a9:59:93:f5:bb:bf:a0:19:05:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd5f72f0facf52705727c039bdc1fbb7cc97d428
Validity
Not Before: Jan 30 07:12:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=63682397e4b0ce4f76af2ab767e67a829ec7ccb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:1e:fe:15:bc:9d:e5:05:bb:a9:e5:7d:1a:f8:
77:81:64:3c:9e:51:17:ec:d7:4a:54:0b:8d:5e:fa:
d5:28:5e:cb:33:2d:2b:52:a1:65:bc:65:ca:bf:c8:
f0:2b:cf:4d:54:ab:a5:9d:61:07:5f:81:1d:76:b6:
72:76:94:c4:a3:23:e0:a5:e2:5e:06:09:80:8c:fc:
6a:6b:4c:80:61:c7:03:13:cf:32:b0:6a:35:9e:bb:
08:0d:32:ea:ec:5c:70:3a:22:c5:e3:dd:7c:38:9e:
18:6f:ff:66:2f:4e:95:fd:b7:fb:8e:44:41:f3:ed:
f7:be:05:4c:fc:0b:f5:66:69:a1:ab:e0:a1:c7:9b:
f2:98:30:8f:09:0a:87:c2:94:ac:59:b3:c6:76:ad:
f8:98:f1:3c:0a:61:18:3a:6d:2e:6d:59:5e:a0:a5:
8f:54:3f:57:4a:57:e9:05:38:f7:18:9c:27:f2:95:
26:49:31:44:51:48:30:26:e0:da:4a:f4:e3:15:62:
5a:d4:18:10:8c:f2:95:0b:d5:b1:cf:d5:e2:c5:43:
89:58:09:82:50:d0:64:d9:78:82:a4:55:af:f7:c0:
07:61:09:07:8c:3b:41:30:94:37:ad:c5:db:79:8e:
9b:65:82:b2:5b:70:3b:00:04:5d:61:04:72:51:0c:
7d:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:68:23:97:E4:B0:CE:4F:76:AF:2A:B7:67:E6:7A:82:9E:C7:CC:B1
X509v3 Authority Key Identifier:
keyid:DD:5F:72:F0:FA:CF:52:70:57:27:C0:39:BD:C1:FB:B7:CC:97:D4:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3V9y8PrPUnBXJ8A5vcH7t8yX1Cg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/2f33ee-5590-4a22-b8e2-2880612705ee/1/Y2gjl-Swzk92ryq3Z-Z6gp7HzLE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/2f33ee-5590-4a22-b8e2-2880612705ee/1/3V9y8PrPUnBXJ8A5vcH7t8yX1Cg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.141.183.0/24
193.141.188.0/24
IPv6:
2001:67c:d18::/48
Signature Algorithm: sha256WithRSAEncryption
d6:a2:1d:07:6c:16:48:30:06:fc:1b:4d:39:ab:81:f3:c7:c8:
fb:44:3d:7f:24:1f:0e:a1:da:30:a1:78:70:71:5f:e9:43:ad:
36:84:b7:d1:5e:47:4f:b2:5a:10:b0:19:9d:68:53:b7:56:31:
50:49:56:ef:d0:c0:66:05:fc:39:37:81:95:08:57:66:7e:b8:
2e:56:ad:e6:fb:1e:82:f3:3d:9f:04:c5:a5:94:6c:6d:33:37:
a5:51:e2:2a:5c:47:6b:be:46:2e:a0:a2:45:6a:ef:cb:77:0a:
66:6c:ce:0c:0b:6c:20:be:f9:7f:90:80:52:3c:42:ab:ae:30:
1f:21:93:8b:5e:c2:af:dc:93:f7:d7:0c:91:d5:07:84:b8:53:
8e:3c:3e:17:e3:12:37:fa:de:04:bd:ba:c7:96:be:1a:5d:cf:
34:c0:67:e7:52:66:62:6d:5c:29:6c:cb:09:f3:49:7f:33:6a:
bb:5e:e0:36:93:ea:1f:d0:68:24:ca:9c:30:9e:a1:90:fa:66:
f4:dd:eb:2f:d5:99:28:83:33:6c:a4:ae:aa:77:b3:35:81:92:
28:b5:1c:19:dc:a4:b5:b4:e8:55:93:6f:cb:17:25:19:e1:b8:
b7:38:b0:b6:d5:f5:65:ec:29:e5:91:fe:75:5a:27:4c:93:3f:
ef:c9:e5:ff
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZS2DYTlkl2pWZP1u7+gGQVVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNWY3MmYwZmFjZjUyNzA1NzI3YzAzOWJkYzFmYmI3Y2M5
N2Q0MjgwHhcNMjUwMTMwMDcxMjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzY4MjM5N2U0YjBjZTRmNzZhZjJhYjc2N2U2N2E4MjllYzdjY2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoh7+Fbyd5QW7qeV9Gvh3gWQ8nlEX
7NdKVAuNXvrVKF7LMy0rUqFlvGXKv8jwK89NVKulnWEHX4EddrZydpTEoyPgpeJe
BgmAjPxqa0yAYccDE88ysGo1nrsIDTLq7FxwOiLF4918OJ4Yb/9mL06V/bf7jkRB
8+33vgVM/Av1Zmmhq+Chx5vymDCPCQqHwpSsWbPGdq34mPE8CmEYOm0ubVleoKWP
VD9XSlfpBTj3GJwn8pUmSTFEUUgwJuDaSvTjFWJa1BgQjPKVC9Wxz9XixUOJWAmC
UNBk2XiCpFWv98AHYQkHjDtBMJQ3rcXbeY6bZYKyW3A7AARdYQRyUQx9XQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFGNoI5fksM5Pdq8qt2fmeoKex8yxMB8GA1UdIwQY
MBaAFN1fcvD6z1JwVyfAOb3B+7fMl9QoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1Y5eThQclBVbkJYSjhBNXZjSDd0OHlYMUNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi8yZjMzZWUtNTU5MC00YTIyLWI4ZTIt
Mjg4MDYxMjcwNWVlLzEvWTJnamwtU3d6azkycnlxM1otWjZncDdIekxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi8yZjMzZWUtNTU5MC00YTIyLWI4ZTItMjg4MDYxMjcwNWVl
LzEvM1Y5eThQclBVbkJYSjhBNXZjSDd0OHlYMUNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAwY23AwQA
wY28MA8EAgACMAkDBwAgAQZ8DRgwDQYJKoZIhvcNAQELBQADggEBANaiHQdsFkgw
BvwbTTmrgfPHyPtEPX8kHw6h2jCheHBxX+lDrTaEt9FeR0+yWhCwGZ1oU7dWMVBJ
Vu/QwGYF/Dk3gZUIV2Z+uC5Wreb7HoLzPZ8ExaWUbG0zN6VR4ipcR2u+Ri6gokVq
78t3CmZszgwLbCC++X+QgFI8QquuMB8hk4tewq/ck/fXDJHVB4S4U448PhfjEjf6
3gS9useWvhpdzzTAZ+dSZmJtXClsywnzSX8zarte4DaT6h/QaCTKnDCeoZD6ZvTd
6y/VmSiDM2ykrqp3szWBkii1HBncpLW06FWTb8sXJRnhuLc4sLbV9WXsKeWR/nVa
J0yTP+/J5f8=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:38:33 2025 by rpki-client