Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/fe2d72-c2dd-46c1-9429-e66369649411/1/PLd2rwZg3BIFbLdVMuwtqawwJvA.roa
File: PLd2rwZg3BIFbLdVMuwtqawwJvA.roa (raw, json)
Hash identifier: gUsiRiMGcsZ6xvt9E4RkFX3vwnGKGG3T/EDvqaLktLs=
Subject key identifier: 3C:B7:76:AF:06:60:DC:12:05:6C:B7:55:32:EC:2D:A9:AC:30:26:F0
Certificate issuer: /CN=8817aafec61c3a6b024b6a9f54ffb764ca3df922
Certificate serial: 019428257FB744E65DDC5B9BD2F6C7DFD670
Authority key identifier: 88:17:AA:FE:C6:1C:3A:6B:02:4B:6A:9F:54:FF:B7:64:CA:3D:F9:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iBeq_sYcOmsCS2qfVP-3ZMo9-SI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/fe2d72-c2dd-46c1-9429-e66369649411/1/PLd2rwZg3BIFbLdVMuwtqawwJvA.roa
Signing time: Thu 02 Jan 2025 17:52:13 +0000
ROA not before: Thu 02 Jan 2025 17:52:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25152
IP address blocks: 193.0.14.0/23 maxlen: 23
193.0.14.0/24 maxlen: 24
193.0.15.0/24 maxlen: 24
193.0.16.0/23 maxlen: 24
2001:7fd::/32 maxlen: 32
2001:7fd::/48 maxlen: 48
2001:7fd:15::/48 maxlen: 48
2001:7fd:16::/48 maxlen: 48
2001:7fd:17::/48 maxlen: 48
2001:7fd:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/73/fe2d72-c2dd-46c1-9429-e66369649411/1/iBeq_sYcOmsCS2qfVP-3ZMo9-SI.crl
rsync://rpki.ripe.net/repository/DEFAULT/73/fe2d72-c2dd-46c1-9429-e66369649411/1/iBeq_sYcOmsCS2qfVP-3ZMo9-SI.mft
rsync://rpki.ripe.net/repository/DEFAULT/iBeq_sYcOmsCS2qfVP-3ZMo9-SI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:7f:b7:44:e6:5d:dc:5b:9b:d2:f6:c7:df:d6:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8817aafec61c3a6b024b6a9f54ffb764ca3df922
Validity
Not Before: Jan 2 17:52:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3cb776af0660dc12056cb75532ec2da9ac3026f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ab:ea:db:86:a0:9e:44:c5:ce:fa:97:6d:a9:
9f:6a:f6:f8:c8:18:cc:01:a8:27:3a:e6:aa:a0:8e:
f3:f9:85:eb:49:f9:78:7b:e0:7e:93:4e:96:28:f5:
ff:7c:63:b0:c6:8a:23:b2:88:04:af:6a:1a:2d:e2:
f5:11:d7:6c:fb:a3:f9:2b:5d:76:b5:f0:ab:7a:bc:
aa:ae:bd:6a:20:d8:da:d2:5a:79:4d:38:99:89:b1:
e1:45:05:1d:e0:84:17:4c:b4:d8:ab:a8:72:60:9f:
7b:26:5e:43:d6:c2:02:f8:06:e0:e4:27:dc:de:5f:
3c:4e:eb:ba:e6:e0:8f:4d:35:f0:0b:86:b0:63:dd:
29:68:a6:4f:2b:b8:0c:76:08:94:b1:a0:ae:4b:5e:
38:50:19:cd:18:dd:78:df:e1:62:f2:3d:39:f3:0d:
10:fe:ff:23:69:54:d0:b1:fb:cf:96:e2:ea:aa:98:
4a:8e:04:1a:f3:83:9f:78:51:32:28:c2:e2:dd:a6:
07:b5:e9:27:59:5c:cb:8b:95:09:f0:e0:8d:51:36:
d1:9a:26:51:6c:a3:27:f5:2a:02:1f:6a:8a:4c:8e:
fd:bd:70:2d:50:66:d2:6c:3d:36:bc:50:eb:81:7c:
bd:9a:57:89:24:57:68:f0:75:2d:a2:bc:0b:f7:7d:
48:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:B7:76:AF:06:60:DC:12:05:6C:B7:55:32:EC:2D:A9:AC:30:26:F0
X509v3 Authority Key Identifier:
keyid:88:17:AA:FE:C6:1C:3A:6B:02:4B:6A:9F:54:FF:B7:64:CA:3D:F9:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iBeq_sYcOmsCS2qfVP-3ZMo9-SI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/fe2d72-c2dd-46c1-9429-e66369649411/1/PLd2rwZg3BIFbLdVMuwtqawwJvA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/fe2d72-c2dd-46c1-9429-e66369649411/1/iBeq_sYcOmsCS2qfVP-3ZMo9-SI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.14.0-193.0.17.255
IPv6:
2001:7fd::/32
Signature Algorithm: sha256WithRSAEncryption
a9:31:37:20:cb:8d:b7:f3:fd:95:b8:1d:a2:50:7f:b0:78:b1:
72:f8:26:7c:2d:93:e7:23:cf:a6:4b:a5:ab:54:03:da:2c:a1:
c8:4f:33:66:e3:3c:22:1e:a1:fe:4e:ef:99:4f:7b:dc:28:1f:
3a:e3:df:8b:74:fd:7f:b4:76:94:63:01:33:d3:21:67:f5:15:
ff:8b:24:35:b8:e1:3a:e7:20:c8:bc:50:c2:50:3e:61:5b:e2:
ba:96:b7:4c:62:48:e7:a1:26:7f:3b:35:18:bd:5f:49:aa:96:
c8:15:10:a2:fb:2b:63:92:92:f3:f1:52:32:87:0d:32:ce:1a:
5f:73:87:90:55:fa:04:a5:bc:2f:7a:b7:14:a5:b6:1c:11:06:
bc:03:2a:3b:86:b0:25:73:eb:1a:f9:e4:4b:e4:86:80:76:2e:
d3:59:f7:95:a2:ee:02:01:56:3f:a2:33:4f:ce:60:30:92:6c:
51:fe:ee:d8:0e:49:a5:4d:b0:1d:7e:3c:5b:09:db:67:ab:ef:
37:a0:24:70:f0:1a:3f:6a:11:ed:93:49:6b:f1:8e:0b:3c:90:
91:80:2a:a9:41:50:85:19:21:2e:f7:b3:9f:2e:82:9e:14:fd:
49:75:4d:bc:3e:b5:a1:e8:0a:52:02:03:1b:72:c4:69:79:28:
21:a7:f2:52
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQoJX+3ROZd3Fub0vbH39ZwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MTdhYWZlYzYxYzNhNmIwMjRiNmE5ZjU0ZmZiNzY0Y2Ez
ZGY5MjIwHhcNMjUwMTAyMTc1MjEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2I3NzZhZjA2NjBkYzEyMDU2Y2I3NTUzMmVjMmRhOWFjMzAyNmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwKvq24agnkTFzvqXbamfavb4yBjM
AagnOuaqoI7z+YXrSfl4e+B+k06WKPX/fGOwxoojsogEr2oaLeL1Edds+6P5K112
tfCreryqrr1qINja0lp5TTiZibHhRQUd4IQXTLTYq6hyYJ97Jl5D1sIC+Abg5Cfc
3l88Tuu65uCPTTXwC4awY90paKZPK7gMdgiUsaCuS144UBnNGN143+Fi8j058w0Q
/v8jaVTQsfvPluLqqphKjgQa84OfeFEyKMLi3aYHteknWVzLi5UJ8OCNUTbRmiZR
bKMn9SoCH2qKTI79vXAtUGbSbD02vFDrgXy9mleJJFdo8HUtorwL931I3QIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFDy3dq8GYNwSBWy3VTLsLamsMCbwMB8GA1UdIwQY
MBaAFIgXqv7GHDprAktqn1T/t2TKPfkiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUJlcV9zWWNPbXNDUzJxZlZQLTNaTW85LVNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My9mZTJkNzItYzJkZC00NmMxLTk0Mjkt
ZTY2MzY5NjQ5NDExLzEvUExkMnJ3WmczQklGYkxkVk11d3RxYXd3SnZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My9mZTJkNzItYzJkZC00NmMxLTk0MjktZTY2MzY5NjQ5NDEx
LzEvaUJlcV9zWWNPbXNDUzJxZlZQLTNaTW85LVNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAHBAA4D
BAHBABAwDQQCAAIwBwMFACABB/0wDQYJKoZIhvcNAQELBQADggEBAKkxNyDLjbfz
/ZW4HaJQf7B4sXL4Jnwtk+cjz6ZLpatUA9osochPM2bjPCIeof5O75lPe9woHzrj
34t0/X+0dpRjATPTIWf1Ff+LJDW44TrnIMi8UMJQPmFb4rqWt0xiSOehJn87NRi9
X0mqlsgVEKL7K2OSkvPxUjKHDTLOGl9zh5BV+gSlvC96txSlthwRBrwDKjuGsCVz
6xr55EvkhoB2LtNZ95Wi7gIBVj+iM0/OYDCSbFH+7tgOSaVNsB1+PFsJ22er7zeg
JHDwGj9qEe2TSWvxjgs8kJGAKqlBUIUZIS73s58ugp4U/Ul1Tbw+taHoClICAxty
xGl5KCGn8lI=
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:59:39 2025 by rpki-client