Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/bb9f65-49d8-41e3-9ebc-c82e158c012d/1/g8O-LxBDxPemkfnWTYdHDXGwokQ.roa
File: g8O-LxBDxPemkfnWTYdHDXGwokQ.roa (raw, json)
Hash identifier: 62+5Rr40UYD7j7xrWfzQh2M5veljI3mG5KafCJqpdBQ=
Subject key identifier: 83:C3:BE:2F:10:43:C4:F7:A6:91:F9:D6:4D:87:47:0D:71:B0:A2:44
Certificate issuer: /CN=45be271d6495293347465c69b97d7380e4bbb46d
Certificate serial: 0194228DDD4CFB77B23B445AF28624CF19BB
Authority key identifier: 45:BE:27:1D:64:95:29:33:47:46:5C:69:B9:7D:73:80:E4:BB:B4:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rb4nHWSVKTNHRlxpuX1zgOS7tG0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/bb9f65-49d8-41e3-9ebc-c82e158c012d/1/g8O-LxBDxPemkfnWTYdHDXGwokQ.roa
Signing time: Wed 01 Jan 2025 15:48:30 +0000
ROA not before: Wed 01 Jan 2025 15:48:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31113
IP address blocks: 193.23.58.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/bb9f65-49d8-41e3-9ebc-c82e158c012d/1/Rb4nHWSVKTNHRlxpuX1zgOS7tG0.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/bb9f65-49d8-41e3-9ebc-c82e158c012d/1/Rb4nHWSVKTNHRlxpuX1zgOS7tG0.mft
rsync://rpki.ripe.net/repository/DEFAULT/Rb4nHWSVKTNHRlxpuX1zgOS7tG0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 03:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:dd:4c:fb:77:b2:3b:44:5a:f2:86:24:cf:19:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=45be271d6495293347465c69b97d7380e4bbb46d
Validity
Not Before: Jan 1 15:48:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=83c3be2f1043c4f7a691f9d64d87470d71b0a244
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:12:10:5d:58:fd:18:91:66:8c:62:6b:9a:bf:
61:d7:2c:19:f0:85:a4:1c:0c:ab:f9:9b:70:1c:e6:
bf:3b:80:5c:3a:90:5e:28:8b:08:b2:9b:cb:30:1f:
4f:61:53:ff:e4:d3:0e:53:fa:53:36:dd:be:8f:8e:
ed:ad:b6:4c:fd:6e:ef:63:48:14:47:dd:b2:eb:c9:
d2:82:a1:8c:83:23:44:46:1c:80:45:f9:2d:36:88:
92:8c:62:a9:1b:49:09:24:0e:5a:87:0e:ff:89:1b:
96:47:92:66:67:21:cd:66:98:5d:52:0f:c4:c9:5c:
40:0f:c2:93:d9:33:3b:90:43:69:02:d5:31:6e:09:
7c:9a:6f:a4:27:c0:ce:08:27:48:73:9c:ad:ad:8d:
b9:3b:78:df:4d:36:37:39:1a:ac:fb:17:a7:65:6d:
2b:40:2d:f1:0b:75:5f:cc:6d:79:4b:d4:f8:e3:34:
a5:0a:e2:ce:8e:7e:86:97:9a:ba:87:bb:e3:bd:00:
fc:e3:11:34:86:dd:e6:86:8a:ad:48:ee:33:68:d4:
ee:3f:ef:0f:21:18:ec:e0:5b:02:08:fe:02:c6:b7:
b0:d5:ca:45:09:53:9f:1a:47:6c:4a:00:1d:ac:64:
cb:46:d9:66:ea:27:75:9e:2a:94:62:5b:50:62:c3:
cd:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:C3:BE:2F:10:43:C4:F7:A6:91:F9:D6:4D:87:47:0D:71:B0:A2:44
X509v3 Authority Key Identifier:
keyid:45:BE:27:1D:64:95:29:33:47:46:5C:69:B9:7D:73:80:E4:BB:B4:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rb4nHWSVKTNHRlxpuX1zgOS7tG0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/bb9f65-49d8-41e3-9ebc-c82e158c012d/1/g8O-LxBDxPemkfnWTYdHDXGwokQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/bb9f65-49d8-41e3-9ebc-c82e158c012d/1/Rb4nHWSVKTNHRlxpuX1zgOS7tG0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.23.58.0/24
Signature Algorithm: sha256WithRSAEncryption
44:56:30:ae:39:b4:83:63:45:b2:2a:e4:04:80:65:16:c2:fb:
af:72:42:eb:0b:1b:27:27:53:e0:cf:2d:5b:b1:e0:11:52:5b:
3a:5d:2a:3e:9e:a9:3c:ca:90:61:9a:0e:c7:c3:2c:83:87:5f:
ad:d9:91:48:c7:cf:3b:ef:ca:df:7d:44:e1:41:df:5b:a5:92:
b0:a2:8e:4f:dd:82:c1:04:4c:7e:69:0d:51:46:d9:49:80:46:
04:8b:a2:46:b0:98:8b:ba:21:e0:d3:86:e6:5b:7a:cd:c1:a6:
f7:f2:ff:cd:b1:20:14:d8:4c:8d:45:26:0b:7d:8d:03:34:f4:
8d:a6:79:90:89:9d:04:c3:93:f7:a6:36:b0:e2:89:88:59:1d:
3b:b4:be:44:10:68:c7:6b:b1:b9:5b:37:7b:7e:41:24:78:ee:
6d:c1:15:38:8f:3d:93:01:eb:a1:e5:f4:73:01:97:be:c9:17:
f1:62:e9:a0:95:aa:bc:5b:f9:ec:5d:32:ba:2a:5c:3b:38:5c:
1b:31:39:ac:9c:fb:ac:77:37:1d:c8:b2:6f:c3:1d:f8:9d:6c:
58:fd:b4:3c:83:fa:2b:37:19:62:35:ce:90:c0:b5:37:83:7b:
0b:04:9b:d0:22:26:5e:1e:e7:ab:38:02:84:ba:14:1b:1a:7c:
fd:db:60:92
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijd1M+3eyO0Ra8oYkzxm7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1YmUyNzFkNjQ5NTI5MzM0NzQ2NWM2OWI5N2Q3MzgwZTRi
YmI0NmQwHhcNMjUwMTAxMTU0ODMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2MzYmUyZjEwNDNjNGY3YTY5MWY5ZDY0ZDg3NDcwZDcxYjBhMjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArBIQXVj9GJFmjGJrmr9h1ywZ8IWk
HAyr+ZtwHOa/O4BcOpBeKIsIspvLMB9PYVP/5NMOU/pTNt2+j47trbZM/W7vY0gU
R92y68nSgqGMgyNERhyARfktNoiSjGKpG0kJJA5ahw7/iRuWR5JmZyHNZphdUg/E
yVxAD8KT2TM7kENpAtUxbgl8mm+kJ8DOCCdIc5ytrY25O3jfTTY3ORqs+xenZW0r
QC3xC3VfzG15S9T44zSlCuLOjn6Gl5q6h7vjvQD84xE0ht3mhoqtSO4zaNTuP+8P
IRjs4FsCCP4Cxrew1cpFCVOfGkdsSgAdrGTLRtlm6id1niqUYltQYsPNJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIPDvi8QQ8T3ppH51k2HRw1xsKJEMB8GA1UdIwQY
MBaAFEW+Jx1klSkzR0Zcabl9c4Dku7RtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmI0bkhXU1ZLVE5IUmx4cHVYMXpnT1M3dEcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9iYjlmNjUtNDlkOC00MWUzLTllYmMt
YzgyZTE1OGMwMTJkLzEvZzhPLUx4QkR4UGVta2ZuV1RZZEhEWEd3b2tRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9iYjlmNjUtNDlkOC00MWUzLTllYmMtYzgyZTE1OGMwMTJk
LzEvUmI0bkhXU1ZLVE5IUmx4cHVYMXpnT1M3dEcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwRc6MA0G
CSqGSIb3DQEBCwUAA4IBAQBEVjCuObSDY0WyKuQEgGUWwvuvckLrCxsnJ1Pgzy1b
seARUls6XSo+nqk8ypBhmg7HwyyDh1+t2ZFIx88778rffUThQd9bpZKwoo5P3YLB
BEx+aQ1RRtlJgEYEi6JGsJiLuiHg04bmW3rNwab38v/NsSAU2EyNRSYLfY0DNPSN
pnmQiZ0Ew5P3pjaw4omIWR07tL5EEGjHa7G5Wzd7fkEkeO5twRU4jz2TAeuh5fRz
AZe+yRfxYumglaq8W/nsXTK6Klw7OFwbMTmsnPusdzcdyLJvwx34nWxY/bQ8g/or
NxliNc6QwLU3g3sLBJvQIiZeHuerOAKEuhQbGnz922CS
-----END CERTIFICATE-----
Generated at Fri Apr 18 12:36:27 2025 by rpki-client