Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/325b84-2ed4-4092-906c-100eed812c40/1/thsewX5m5QEbqC1hk05OepLePSE.roa
File: thsewX5m5QEbqC1hk05OepLePSE.roa (raw, json)
Hash identifier: Qec8TVM/3O2FwTtHE6+SXRB/S0VWZFEK7seQA4WOq3A=
Subject key identifier: B6:1B:1E:C1:7E:66:E5:01:1B:A8:2D:61:93:4E:4E:7A:92:DE:3D:21
Certificate issuer: /CN=a62f2d3c269d935227690b28b7fbdd953e1e9edc
Certificate serial: 0194221F5C3253772425B6AF704264A9430A
Authority key identifier: A6:2F:2D:3C:26:9D:93:52:27:69:0B:28:B7:FB:DD:95:3E:1E:9E:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pi8tPCadk1InaQsot_vdlT4entw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/325b84-2ed4-4092-906c-100eed812c40/1/thsewX5m5QEbqC1hk05OepLePSE.roa
Signing time: Wed 01 Jan 2025 13:47:48 +0000
ROA not before: Wed 01 Jan 2025 13:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15557
IP address blocks: 194.88.222.0/24 maxlen: 24
194.88.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/325b84-2ed4-4092-906c-100eed812c40/1/pi8tPCadk1InaQsot_vdlT4entw.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/325b84-2ed4-4092-906c-100eed812c40/1/pi8tPCadk1InaQsot_vdlT4entw.mft
rsync://rpki.ripe.net/repository/DEFAULT/pi8tPCadk1InaQsot_vdlT4entw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 07:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:5c:32:53:77:24:25:b6:af:70:42:64:a9:43:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a62f2d3c269d935227690b28b7fbdd953e1e9edc
Validity
Not Before: Jan 1 13:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b61b1ec17e66e5011ba82d61934e4e7a92de3d21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:b2:7d:ad:1f:67:f0:35:21:df:0f:84:db:5f:
43:2a:66:38:d9:bb:a1:5f:48:52:4c:bb:13:de:1d:
fe:3b:e4:21:80:b7:90:97:63:dc:ce:7f:49:95:de:
87:91:0e:09:7d:78:1c:2c:b5:0f:6f:bd:32:b8:aa:
42:ca:d4:a0:c5:4f:13:89:e7:97:4f:76:46:04:32:
9f:d9:82:c2:39:25:c5:06:8e:43:9a:fc:b7:8a:b4:
eb:cd:65:7e:4f:ff:54:3a:af:41:15:35:8a:37:e3:
a8:95:3a:b4:6a:70:91:bb:09:fe:32:0e:c4:69:90:
bd:32:79:64:ad:50:d7:52:b0:e9:1b:ed:41:8b:03:
0c:b3:a9:af:01:2f:6e:e1:c3:07:13:91:ea:ea:17:
e8:1c:ce:44:b2:82:46:bf:71:00:77:ee:7c:02:2f:
f7:49:ee:8c:bb:22:9a:9d:04:bd:61:25:e0:df:00:
e5:a6:73:51:2f:fc:4b:2c:10:d8:5d:20:4a:cc:4c:
a7:3e:60:1b:b5:cf:c9:ca:05:26:71:42:76:f7:7a:
04:e1:4a:82:72:10:91:ae:1b:82:43:d5:40:36:8d:
aa:26:8d:63:37:5d:36:50:65:5d:c2:e5:13:aa:06:
67:1e:96:c4:0d:c9:66:6b:c1:9a:6c:59:a4:01:06:
bd:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:1B:1E:C1:7E:66:E5:01:1B:A8:2D:61:93:4E:4E:7A:92:DE:3D:21
X509v3 Authority Key Identifier:
keyid:A6:2F:2D:3C:26:9D:93:52:27:69:0B:28:B7:FB:DD:95:3E:1E:9E:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pi8tPCadk1InaQsot_vdlT4entw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/325b84-2ed4-4092-906c-100eed812c40/1/thsewX5m5QEbqC1hk05OepLePSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/325b84-2ed4-4092-906c-100eed812c40/1/pi8tPCadk1InaQsot_vdlT4entw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.88.222.0/23
Signature Algorithm: sha256WithRSAEncryption
bc:05:4f:4a:8b:04:14:ec:4c:dd:95:bc:96:61:2e:42:88:2f:
be:78:f4:82:d4:a7:01:b7:18:be:0c:b6:f0:84:71:00:ee:c1:
12:e5:90:42:31:0a:67:fa:26:9c:6e:49:0f:06:af:bb:e2:c2:
3b:b4:b0:0a:0e:58:ce:9b:61:a5:59:e0:70:7c:ef:fc:6b:a4:
fa:95:e4:04:ad:e1:72:e9:c7:9e:f6:0b:75:1e:c9:06:67:4e:
73:d4:2c:93:34:6d:b3:f6:ed:84:3a:6a:f7:11:0d:d7:bf:68:
91:fd:99:31:2b:f0:e6:4d:b5:89:a3:d4:97:fb:dc:22:37:3c:
77:1c:5a:eb:61:fe:08:c7:fe:96:0c:f6:9d:c6:12:47:0b:b5:
24:df:48:0b:9f:80:4f:73:d4:89:e6:d7:ee:92:2d:5d:03:b3:
07:02:25:56:64:6d:ad:ab:93:9c:47:5e:1b:37:07:94:e4:ef:
5b:96:91:1d:05:0f:2c:ec:52:23:10:f3:59:71:71:70:d6:c4:
e8:0a:a6:22:9d:96:47:4d:11:6b:c9:58:af:55:00:f3:f4:9f:
f8:3e:4d:d6:08:22:38:eb:43:fd:bd:12:9c:b2:2f:a3:06:fe:
62:a0:f0:26:06:29:16:0a:6f:2f:5d:63:fc:03:66:a6:ce:12:
7b:60:d4:92
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH1wyU3ckJbavcEJkqUMKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2MmYyZDNjMjY5ZDkzNTIyNzY5MGIyOGI3ZmJkZDk1M2Ux
ZTllZGMwHhcNMjUwMTAxMTM0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjFiMWVjMTdlNjZlNTAxMWJhODJkNjE5MzRlNGU3YTkyZGUzZDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0LJ9rR9n8DUh3w+E219DKmY42buh
X0hSTLsT3h3+O+QhgLeQl2Pczn9Jld6HkQ4JfXgcLLUPb70yuKpCytSgxU8TieeX
T3ZGBDKf2YLCOSXFBo5Dmvy3irTrzWV+T/9UOq9BFTWKN+OolTq0anCRuwn+Mg7E
aZC9MnlkrVDXUrDpG+1BiwMMs6mvAS9u4cMHE5Hq6hfoHM5EsoJGv3EAd+58Ai/3
Se6MuyKanQS9YSXg3wDlpnNRL/xLLBDYXSBKzEynPmAbtc/JygUmcUJ293oE4UqC
chCRrhuCQ9VANo2qJo1jN102UGVdwuUTqgZnHpbEDclma8GabFmkAQa9qwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLYbHsF+ZuUBG6gtYZNOTnqS3j0hMB8GA1UdIwQY
MBaAFKYvLTwmnZNSJ2kLKLf73ZU+Hp7cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGk4dFBDYWRrMUluYVFzb3RfdmRsVDRlbnR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8zMjViODQtMmVkNC00MDkyLTkwNmMt
MTAwZWVkODEyYzQwLzEvdGhzZXdYNW01UUVicUMxaGswNU9lcExlUFNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8zMjViODQtMmVkNC00MDkyLTkwNmMtMTAwZWVkODEyYzQw
LzEvcGk4dFBDYWRrMUluYVFzb3RfdmRsVDRlbnR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwljeMA0G
CSqGSIb3DQEBCwUAA4IBAQC8BU9KiwQU7EzdlbyWYS5CiC++ePSC1KcBtxi+DLbw
hHEA7sES5ZBCMQpn+iacbkkPBq+74sI7tLAKDljOm2GlWeBwfO/8a6T6leQEreFy
6cee9gt1HskGZ05z1CyTNG2z9u2EOmr3EQ3Xv2iR/ZkxK/DmTbWJo9SX+9wiNzx3
HFrrYf4Ix/6WDPadxhJHC7Uk30gLn4BPc9SJ5tfuki1dA7MHAiVWZG2tq5OcR14b
NweU5O9blpEdBQ8s7FIjEPNZcXFw1sToCqYinZZHTRFryVivVQDz9J/4Pk3WCCI4
60P9vRKcsi+jBv5ioPAmBikWCm8vXWP8A2amzhJ7YNSS
-----END CERTIFICATE-----
Generated at Tue Apr 8 14:07:30 2025 by rpki-client