Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/dd543d-d1f5-4f49-890f-5944d8ec273c/1/rB2uaCwrLsHd8QP3gzLrvvAfPiA.roa
File: rB2uaCwrLsHd8QP3gzLrvvAfPiA.roa (raw, json)
Hash identifier: rFl9lkx1744U+43ipMxs7m2ICQoiTAYXwAH+fMGwgoo=
Subject key identifier: AC:1D:AE:68:2C:2B:2E:C1:DD:F1:03:F7:83:32:EB:BE:F0:1F:3E:20
Certificate issuer: /CN=503f73fefe9dbd165614375a18a34cdcfb4a31ee
Certificate serial: 019420D65FB50874AB745A8444DC6556D482
Authority key identifier: 50:3F:73:FE:FE:9D:BD:16:56:14:37:5A:18:A3:4C:DC:FB:4A:31:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UD9z_v6dvRZWFDdaGKNM3PtKMe4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/dd543d-d1f5-4f49-890f-5944d8ec273c/1/rB2uaCwrLsHd8QP3gzLrvvAfPiA.roa
Signing time: Wed 01 Jan 2025 07:48:27 +0000
ROA not before: Wed 01 Jan 2025 07:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48659
IP address blocks: 195.8.52.0/23 maxlen: 23
195.8.52.0/24 maxlen: 24
195.8.53.0/24 maxlen: 24
195.46.36.0/23 maxlen: 23
195.46.36.0/24 maxlen: 24
195.46.37.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/dd543d-d1f5-4f49-890f-5944d8ec273c/1/UD9z_v6dvRZWFDdaGKNM3PtKMe4.crl
rsync://rpki.ripe.net/repository/DEFAULT/7d/dd543d-d1f5-4f49-890f-5944d8ec273c/1/UD9z_v6dvRZWFDdaGKNM3PtKMe4.mft
rsync://rpki.ripe.net/repository/DEFAULT/UD9z_v6dvRZWFDdaGKNM3PtKMe4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 07:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:5f:b5:08:74:ab:74:5a:84:44:dc:65:56:d4:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=503f73fefe9dbd165614375a18a34cdcfb4a31ee
Validity
Not Before: Jan 1 07:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ac1dae682c2b2ec1ddf103f78332ebbef01f3e20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:a6:a2:64:a5:34:e8:a5:58:53:12:5d:66:5a:
7d:3f:c1:42:5f:e6:0f:82:91:f7:47:bf:b7:42:fc:
68:0e:21:e8:3a:fe:00:5b:05:e7:38:44:69:fd:ad:
6c:0e:45:cb:a4:75:b1:31:a3:63:99:3f:a1:93:e9:
ec:27:38:49:67:02:02:a1:d9:76:e4:2a:07:27:19:
ad:58:af:57:5b:0e:5c:63:d4:8d:53:20:f3:ef:fa:
cd:c9:9b:26:fc:1a:df:5d:81:8d:a8:80:f1:c8:bd:
0e:05:28:93:72:0d:cc:9c:3f:f6:f8:85:a8:4f:ba:
30:fe:ca:03:cd:a6:34:c9:dd:5f:34:b0:52:73:ff:
9d:c4:8e:7e:09:42:b0:86:dd:8a:99:20:ce:ef:d7:
d0:3a:8d:ad:0c:c0:56:d5:3c:f0:3e:f1:ec:12:c9:
cf:cb:ca:6b:5a:f3:1e:4b:c1:f1:3f:be:98:e6:e1:
4e:b1:94:ba:34:70:47:51:7a:f4:5a:94:cc:65:66:
bc:0f:ac:65:c4:18:86:f5:d7:ca:7f:b1:e4:65:a7:
f6:06:ad:c8:1a:c6:41:6b:25:b5:ee:25:8a:3a:f3:
1b:73:f2:78:7e:f6:33:b2:6d:31:84:d2:20:23:f4:
a3:20:02:b1:74:c7:12:d0:93:27:eb:f0:eb:dd:42:
2a:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:1D:AE:68:2C:2B:2E:C1:DD:F1:03:F7:83:32:EB:BE:F0:1F:3E:20
X509v3 Authority Key Identifier:
keyid:50:3F:73:FE:FE:9D:BD:16:56:14:37:5A:18:A3:4C:DC:FB:4A:31:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UD9z_v6dvRZWFDdaGKNM3PtKMe4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/dd543d-d1f5-4f49-890f-5944d8ec273c/1/rB2uaCwrLsHd8QP3gzLrvvAfPiA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/dd543d-d1f5-4f49-890f-5944d8ec273c/1/UD9z_v6dvRZWFDdaGKNM3PtKMe4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.8.52.0/23
195.46.36.0/23
Signature Algorithm: sha256WithRSAEncryption
58:a1:d8:21:32:52:27:e3:1b:4a:28:f1:c9:f1:c0:9b:4b:0c:
6f:36:3e:88:b5:18:2c:07:cf:83:eb:9d:31:fc:fb:2d:50:b2:
05:16:69:68:9c:e8:44:0c:4a:8b:71:b8:e9:23:00:39:66:bf:
b2:4c:f7:2d:cd:e4:6f:4d:2e:c9:74:e1:02:ce:29:bc:11:ad:
bb:6e:3a:35:76:41:4c:09:5c:fb:c4:b6:b2:1a:66:4e:98:37:
bc:86:ee:6c:1b:5f:d6:76:8d:7f:a3:bb:63:aa:0d:af:04:f7:
f1:30:02:55:7f:5a:39:00:a8:5a:e1:dd:ea:77:c2:90:29:50:
6d:44:11:98:f1:13:68:cb:0e:ac:03:60:7b:7c:da:1b:54:0d:
0f:b4:8a:d8:6a:0c:c2:cb:73:c1:3c:df:e9:55:c4:87:23:7c:
f4:ab:34:47:3a:e6:50:d5:39:ee:a2:26:bb:b4:33:7e:76:72:
10:dc:26:d4:35:9a:e4:ee:3e:cc:7f:12:bd:58:7c:b3:48:c5:
07:10:a0:a5:29:75:70:27:dd:72:75:e3:4b:a6:86:51:78:4e:
97:24:e3:02:33:7b:1f:ae:41:11:c1:85:75:5f:ba:12:a1:33:
a3:88:76:bd:52:b7:a3:7b:7f:3a:0a:fd:27:d1:de:c7:41:6a:
e2:6f:33:c2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQg1l+1CHSrdFqERNxlVtSCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwM2Y3M2ZlZmU5ZGJkMTY1NjE0Mzc1YTE4YTM0Y2RjZmI0
YTMxZWUwHhcNMjUwMTAxMDc0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzFkYWU2ODJjMmIyZWMxZGRmMTAzZjc4MzMyZWJiZWYwMWYzZTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyaaiZKU06KVYUxJdZlp9P8FCX+YP
gpH3R7+3QvxoDiHoOv4AWwXnOERp/a1sDkXLpHWxMaNjmT+hk+nsJzhJZwICodl2
5CoHJxmtWK9XWw5cY9SNUyDz7/rNyZsm/BrfXYGNqIDxyL0OBSiTcg3MnD/2+IWo
T7ow/soDzaY0yd1fNLBSc/+dxI5+CUKwht2KmSDO79fQOo2tDMBW1TzwPvHsEsnP
y8prWvMeS8HxP76Y5uFOsZS6NHBHUXr0WpTMZWa8D6xlxBiG9dfKf7HkZaf2Bq3I
GsZBayW17iWKOvMbc/J4fvYzsm0xhNIgI/SjIAKxdMcS0JMn6/Dr3UIqkQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKwdrmgsKy7B3fED94My677wHz4gMB8GA1UdIwQY
MBaAFFA/c/7+nb0WVhQ3WhijTNz7SjHuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUQ5el92NmR2UlpXRkRkYUdLTk0zUHRLTWU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9kZDU0M2QtZDFmNS00ZjQ5LTg5MGYt
NTk0NGQ4ZWMyNzNjLzEvckIydWFDd3JMc0hkOFFQM2d6THJ2dkFmUGlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9kZDU0M2QtZDFmNS00ZjQ5LTg5MGYtNTk0NGQ4ZWMyNzNj
LzEvVUQ5el92NmR2UlpXRkRkYUdLTk0zUHRLTWU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwwg0AwQB
wy4kMA0GCSqGSIb3DQEBCwUAA4IBAQBYodghMlIn4xtKKPHJ8cCbSwxvNj6ItRgs
B8+D650x/PstULIFFmlonOhEDEqLcbjpIwA5Zr+yTPctzeRvTS7JdOECzim8Ea27
bjo1dkFMCVz7xLayGmZOmDe8hu5sG1/Wdo1/o7tjqg2vBPfxMAJVf1o5AKha4d3q
d8KQKVBtRBGY8RNoyw6sA2B7fNobVA0PtIrYagzCy3PBPN/pVcSHI3z0qzRHOuZQ
1Tnuoia7tDN+dnIQ3CbUNZrk7j7MfxK9WHyzSMUHEKClKXVwJ91ydeNLpoZReE6X
JOMCM3sfrkERwYV1X7oSoTOjiHa9Ureje386Cv0n0d7HQWribzPC
-----END CERTIFICATE-----
Generated at Wed Apr 16 13:03:03 2025 by rpki-client