Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/fba28c-6b17-4626-963c-058cc953e803/1/UO1KioDak-iT8kDHcohpIq9FtOw.roa
File: UO1KioDak-iT8kDHcohpIq9FtOw.roa (raw, json)
Hash identifier: c3Q9cGyrR1r4x1r6NclTtEj7o03+DJv3Ywm72vFkEgk=
Subject key identifier: 50:ED:4A:8A:80:DA:93:E8:93:F2:40:C7:72:88:69:22:AF:45:B4:EC
Certificate issuer: /CN=34e83f41e5d24254c90a86e3b2bb7a80af039721
Certificate serial: 019420D644B950AD53B3B3AE62A4BD2BB36A
Authority key identifier: 34:E8:3F:41:E5:D2:42:54:C9:0A:86:E3:B2:BB:7A:80:AF:03:97:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NOg_QeXSQlTJCobjsrt6gK8DlyE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/fba28c-6b17-4626-963c-058cc953e803/1/UO1KioDak-iT8kDHcohpIq9FtOw.roa
Signing time: Wed 01 Jan 2025 07:48:20 +0000
ROA not before: Wed 01 Jan 2025 07:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21257
IP address blocks: 193.109.240.0/24 maxlen: 24
194.106.216.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/fba28c-6b17-4626-963c-058cc953e803/1/NOg_QeXSQlTJCobjsrt6gK8DlyE.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/fba28c-6b17-4626-963c-058cc953e803/1/NOg_QeXSQlTJCobjsrt6gK8DlyE.mft
rsync://rpki.ripe.net/repository/DEFAULT/NOg_QeXSQlTJCobjsrt6gK8DlyE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 10 Mar 2025 09:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:44:b9:50:ad:53:b3:b3:ae:62:a4:bd:2b:b3:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34e83f41e5d24254c90a86e3b2bb7a80af039721
Validity
Not Before: Jan 1 07:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=50ed4a8a80da93e893f240c772886922af45b4ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:27:0a:61:df:0c:56:83:80:1d:1f:74:75:6e:
a7:1f:89:09:10:d4:aa:29:8d:c3:67:7b:e4:38:22:
60:2d:e7:55:54:2a:f9:d2:ad:61:b8:82:bf:39:b0:
b9:5c:a7:51:8c:ed:d6:03:d9:9e:a7:64:0d:2a:23:
6a:2a:84:94:0e:64:15:24:dc:18:5b:57:83:b3:c2:
7c:89:5e:a6:a3:aa:f6:ad:7c:8b:db:a7:90:3a:6b:
fd:43:05:05:4d:b7:2f:66:8f:1c:9f:3b:f6:cd:b4:
ef:eb:81:54:f9:1a:d1:9e:78:c9:ab:fe:8c:0a:6b:
f8:be:86:a3:ea:ae:80:99:1c:7a:b8:a6:29:65:9c:
ca:1e:0f:bf:2a:9e:e1:82:10:4b:52:d6:9b:c0:8e:
52:ed:27:7f:6f:9d:63:50:28:0a:47:1f:d3:c6:41:
dd:56:1f:38:80:31:e4:25:3c:d0:47:0a:9c:0e:24:
00:44:5f:c1:7d:2a:e9:55:80:62:03:0f:64:41:8c:
8c:76:c6:5f:53:df:62:06:5e:df:47:fd:99:21:69:
7b:c6:22:69:f6:6c:f1:fc:ad:1a:44:10:59:52:b0:
8b:8c:58:27:4a:7a:e9:c5:7c:6f:46:ac:f6:0c:ff:
c3:51:31:fb:aa:5d:7d:f4:b0:5d:4d:f2:54:89:8d:
29:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:ED:4A:8A:80:DA:93:E8:93:F2:40:C7:72:88:69:22:AF:45:B4:EC
X509v3 Authority Key Identifier:
keyid:34:E8:3F:41:E5:D2:42:54:C9:0A:86:E3:B2:BB:7A:80:AF:03:97:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NOg_QeXSQlTJCobjsrt6gK8DlyE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/fba28c-6b17-4626-963c-058cc953e803/1/UO1KioDak-iT8kDHcohpIq9FtOw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/fba28c-6b17-4626-963c-058cc953e803/1/NOg_QeXSQlTJCobjsrt6gK8DlyE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.109.240.0/24
194.106.216.0/23
Signature Algorithm: sha256WithRSAEncryption
c2:d7:30:1b:d0:ba:59:79:6a:47:9a:f2:e6:98:05:16:d8:46:
c8:14:81:6e:ce:b2:79:a6:e0:c1:08:2d:73:ac:0c:e6:33:e0:
b0:3c:b0:5c:a6:7c:14:19:06:fe:7c:db:11:9b:df:fc:b0:b0:
9e:40:67:0c:d0:f0:a6:ad:75:07:2e:39:99:4b:90:e9:1a:3e:
89:a5:c2:e8:fa:7c:d3:d9:be:32:bf:91:19:fc:a5:a1:d9:30:
f2:f5:c3:cf:97:e4:1f:0c:43:ba:59:77:3f:cf:33:ac:66:62:
ca:5f:4c:b1:1b:ce:a5:bf:bc:ca:a6:52:11:2e:a7:0b:97:7a:
3d:bd:09:5d:43:b3:fd:37:a7:81:cf:e1:76:24:6d:b4:72:cf:
0c:70:01:fa:f4:fd:40:67:c8:cd:a5:52:51:68:46:07:10:03:
2f:ec:12:24:42:0c:a7:30:42:5b:b4:2c:91:1b:07:6a:db:3f:
ca:2d:b0:90:f6:fc:e9:a3:76:cf:3f:b6:9a:fe:d2:12:4d:67:
e3:8f:5a:3f:18:c5:2c:a8:47:79:0e:64:be:ee:72:5f:4c:98:
fd:2c:9a:20:46:81:22:31:ab:e8:3e:ba:70:3a:66:6e:4f:98:
c4:b3:3b:80:09:db:16:f5:b1:e5:92:42:fa:c0:13:78:07:29:
52:4c:8b:66
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQg1kS5UK1Ts7OuYqS9K7NqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ZTgzZjQxZTVkMjQyNTRjOTBhODZlM2IyYmI3YTgwYWYw
Mzk3MjEwHhcNMjUwMTAxMDc0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGVkNGE4YTgwZGE5M2U4OTNmMjQwYzc3Mjg4NjkyMmFmNDViNGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6CcKYd8MVoOAHR90dW6nH4kJENSq
KY3DZ3vkOCJgLedVVCr50q1huIK/ObC5XKdRjO3WA9mep2QNKiNqKoSUDmQVJNwY
W1eDs8J8iV6mo6r2rXyL26eQOmv9QwUFTbcvZo8cnzv2zbTv64FU+RrRnnjJq/6M
Cmv4voaj6q6AmRx6uKYpZZzKHg+/Kp7hghBLUtabwI5S7Sd/b51jUCgKRx/TxkHd
Vh84gDHkJTzQRwqcDiQARF/BfSrpVYBiAw9kQYyMdsZfU99iBl7fR/2ZIWl7xiJp
9mzx/K0aRBBZUrCLjFgnSnrpxXxvRqz2DP/DUTH7ql199LBdTfJUiY0pQQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFDtSoqA2pPok/JAx3KIaSKvRbTsMB8GA1UdIwQY
MBaAFDToP0Hl0kJUyQqG47K7eoCvA5chMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTk9nX1FlWFNRbFRKQ29ianNydDZnSzhEbHlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9mYmEyOGMtNmIxNy00NjI2LTk2M2Mt
MDU4Y2M5NTNlODAzLzEvVU8xS2lvRGFrLWlUOGtESGNvaHBJcTlGdE93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9mYmEyOGMtNmIxNy00NjI2LTk2M2MtMDU4Y2M5NTNlODAz
LzEvTk9nX1FlWFNRbFRKQ29ianNydDZnSzhEbHlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwW3wAwQB
wmrYMA0GCSqGSIb3DQEBCwUAA4IBAQDC1zAb0LpZeWpHmvLmmAUW2EbIFIFuzrJ5
puDBCC1zrAzmM+CwPLBcpnwUGQb+fNsRm9/8sLCeQGcM0PCmrXUHLjmZS5DpGj6J
pcLo+nzT2b4yv5EZ/KWh2TDy9cPPl+QfDEO6WXc/zzOsZmLKX0yxG86lv7zKplIR
LqcLl3o9vQldQ7P9N6eBz+F2JG20cs8McAH69P1AZ8jNpVJRaEYHEAMv7BIkQgyn
MEJbtCyRGwdq2z/KLbCQ9vzpo3bPP7aa/tISTWfjj1o/GMUsqEd5DmS+7nJfTJj9
LJogRoEiMavoPrpwOmZuT5jEszuACdsW9bHlkkL6wBN4BylSTItm
-----END CERTIFICATE-----
Generated at Sun Mar 9 19:00:39 2025 by rpki-client