Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/dUZucVhNQiA4_H9f7QEsnWcOeB0.roa
File: dUZucVhNQiA4_H9f7QEsnWcOeB0.roa (raw, json)
Hash identifier: Y8Hh9nx1c9OjjVtaLg+Hiz7r4Upn8J/+8NQ1Px/kj0M=
Subject key identifier: 75:46:6E:71:58:4D:42:20:38:FC:7F:5F:ED:01:2C:9D:67:0E:78:1D
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 0195CDC53C4BF7219E361F7F4987DC83E731
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/dUZucVhNQiA4_H9f7QEsnWcOeB0.roa
Signing time: Tue 25 Mar 2025 14:46:50 +0000
ROA not before: Tue 25 Mar 2025 14:46:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13347
IP address blocks: 194.238.44.0/22 maxlen: 24
194.238.72.0/22 maxlen: 24
213.18.192.0/22 maxlen: 24
213.18.216.0/22 maxlen: 24
217.181.88.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.mft
rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:cd:c5:3c:4b:f7:21:9e:36:1f:7f:49:87:dc:83:e7:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Mar 25 14:46:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=75466e71584d422038fc7f5fed012c9d670e781d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:b8:79:a7:c0:19:69:73:4c:47:25:3c:84:17:
6f:14:ff:70:1b:1d:c0:f0:12:5c:68:51:5a:60:92:
82:94:3e:3c:19:38:97:2a:5f:71:51:cb:a0:81:3e:
de:c8:b0:68:02:a4:c8:7d:df:7d:cf:0a:a6:e9:82:
49:39:dd:e1:14:69:01:90:a6:a1:23:3b:87:fc:cf:
03:19:ed:95:30:31:b7:ac:00:b4:17:65:21:a4:69:
0e:02:16:44:49:e8:35:04:e9:b7:f7:76:3e:8c:0d:
1c:67:bb:07:5a:90:33:43:3a:71:22:c3:93:40:e2:
9f:95:89:87:2b:6e:da:33:e2:84:a6:dd:19:ec:d1:
15:1f:d7:b2:df:9f:11:b0:59:ab:98:e3:4e:c4:57:
c9:60:bb:08:39:4c:a1:a4:f3:69:8e:89:d5:74:56:
25:cd:c1:34:41:da:25:2f:19:70:ee:fb:51:91:e0:
73:ce:ac:29:08:3f:22:03:cf:ce:34:30:a6:f7:c8:
94:02:c9:30:25:ae:fb:a6:2a:0f:5b:2c:9f:e1:4b:
33:44:a5:9e:e1:6c:01:b8:36:6d:da:94:60:5f:76:
7e:27:6f:d9:af:19:04:6a:17:b3:ae:b7:50:0e:1c:
87:ae:1c:8f:d3:86:10:b3:26:ed:88:60:e1:1e:ab:
b7:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:46:6E:71:58:4D:42:20:38:FC:7F:5F:ED:01:2C:9D:67:0E:78:1D
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/dUZucVhNQiA4_H9f7QEsnWcOeB0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.238.44.0/22
194.238.72.0/22
213.18.192.0/22
213.18.216.0/22
217.181.88.0/22
Signature Algorithm: sha256WithRSAEncryption
14:8e:f7:7d:4b:ff:71:db:a9:57:83:24:b6:e7:88:90:09:15:
92:c5:1c:9d:61:5d:fb:c6:a1:8e:f0:fe:b1:00:a2:c6:ed:ce:
89:c5:fc:14:20:c6:b4:f3:68:d6:09:7a:23:e6:3f:4b:6f:2b:
a1:5a:01:23:e6:06:0b:da:df:41:78:56:e1:bb:d7:4d:a3:9c:
8d:97:03:39:a6:2b:40:20:aa:4d:e9:e6:fd:b9:f9:24:ee:79:
b3:b1:ce:f4:8f:e2:53:89:e8:ca:24:d9:e4:d2:e9:b6:6a:53:
d9:a3:eb:8a:8f:aa:6e:89:d2:0c:92:1b:59:44:13:96:0d:92:
d1:1d:34:26:c6:aa:9c:f6:5f:06:b0:a4:8c:c2:9e:2c:ad:cb:
c3:3c:6e:41:f9:4d:3e:e3:d5:a0:ab:94:40:29:62:28:b9:1f:
c4:d4:34:7c:c9:c3:8a:57:48:e2:16:24:40:2a:84:e0:72:f7:
7a:3c:24:da:60:8c:f4:9f:f3:fa:c4:88:35:d1:af:38:6e:07:
ae:7f:75:76:45:fb:d0:0c:2f:8b:e9:74:d4:a8:fe:ad:ed:8f:
2f:d3:ea:79:f4:05:55:c3:fa:1b:50:03:dd:02:31:25:27:6e:
5a:22:e7:89:67:c1:02:10:63:a3:a1:58:3b:1c:b8:b1:fb:15:
15:e7:c8:cf
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZXNxTxL9yGeNh9/SYfcg+cxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjUwMzI1MTQ0NjUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTQ2NmU3MTU4NGQ0MjIwMzhmYzdmNWZlZDAxMmM5ZDY3MGU3ODFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA37h5p8AZaXNMRyU8hBdvFP9wGx3A
8BJcaFFaYJKClD48GTiXKl9xUcuggT7eyLBoAqTIfd99zwqm6YJJOd3hFGkBkKah
IzuH/M8DGe2VMDG3rAC0F2UhpGkOAhZESeg1BOm393Y+jA0cZ7sHWpAzQzpxIsOT
QOKflYmHK27aM+KEpt0Z7NEVH9ey358RsFmrmONOxFfJYLsIOUyhpPNpjonVdFYl
zcE0QdolLxlw7vtRkeBzzqwpCD8iA8/ONDCm98iUAskwJa77pioPWyyf4UszRKWe
4WwBuDZt2pRgX3Z+J2/ZrxkEahezrrdQDhyHrhyP04YQsybtiGDhHqu3BwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHVGbnFYTUIgOPx/X+0BLJ1nDngdMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvZFVadWNWaE5RaUE0X0g5ZjdRRXNuV2NPZUIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCwu4sAwQC
wu5IAwQC1RLAAwQC1RLYAwQC2bVYMA0GCSqGSIb3DQEBCwUAA4IBAQAUjvd9S/9x
26lXgyS254iQCRWSxRydYV37xqGO8P6xAKLG7c6JxfwUIMa082jWCXoj5j9Lbyuh
WgEj5gYL2t9BeFbhu9dNo5yNlwM5pitAIKpN6eb9ufkk7nmzsc70j+JTiejKJNnk
0um2alPZo+uKj6puidIMkhtZRBOWDZLRHTQmxqqc9l8GsKSMwp4srcvDPG5B+U0+
49Wgq5RAKWIouR/E1DR8ycOKV0jiFiRAKoTgcvd6PCTaYIz0n/P6xIg10a84bgeu
f3V2RfvQDC+L6XTUqP6t7Y8v0+p59AVVw/obUAPdAjElJ25aIueJZ8ECEGOjoVg7
HLix+xUV58jP
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:28:11 2025 by rpki-client