Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/OrB13yHYot_uIXf_gXlQc8xI_hE.roa
File: OrB13yHYot_uIXf_gXlQc8xI_hE.roa (raw, json)
Hash identifier: FMQdsecZx+s70UXzEHExqDx9Jcs+3DRJcI4Unl+IGvY=
Subject key identifier: 3A:B0:75:DF:21:D8:A2:DF:EE:21:77:FF:81:79:50:73:CC:48:FE:11
Certificate issuer: /CN=adac830ccaa74783dd961fab241a228d7cc6f808
Certificate serial: 0194282316DF21E911A3401B237B6AAFC30A
Authority key identifier: AD:AC:83:0C:CA:A7:47:83:DD:96:1F:AB:24:1A:22:8D:7C:C6:F8:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rayDDMqnR4Pdlh-rJBoijXzG-Ag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/OrB13yHYot_uIXf_gXlQc8xI_hE.roa
Signing time: Thu 02 Jan 2025 17:49:35 +0000
ROA not before: Thu 02 Jan 2025 17:49:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15974
IP address blocks: 83.234.164.0/22 maxlen: 32
93.157.208.0/21 maxlen: 32
185.44.120.0/22 maxlen: 32
193.22.6.0/24 maxlen: 32
213.80.128.0/17 maxlen: 32
217.23.64.0/19 maxlen: 32
2a02:e840::/32 maxlen: 128
2a02:e841::/32 maxlen: 128
2a02:e842::/32 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/rayDDMqnR4Pdlh-rJBoijXzG-Ag.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/rayDDMqnR4Pdlh-rJBoijXzG-Ag.mft
rsync://rpki.ripe.net/repository/DEFAULT/rayDDMqnR4Pdlh-rJBoijXzG-Ag.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:16:df:21:e9:11:a3:40:1b:23:7b:6a:af:c3:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adac830ccaa74783dd961fab241a228d7cc6f808
Validity
Not Before: Jan 2 17:49:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3ab075df21d8a2dfee2177ff81795073cc48fe11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:81:c1:57:28:18:49:5c:f2:3b:3b:86:80:af:
15:04:f2:d2:43:79:eb:35:2e:d9:cd:a6:90:3e:75:
64:43:2a:ba:aa:28:84:17:80:86:a5:71:37:0d:72:
21:fe:e3:33:e9:3e:e5:0f:4b:ee:0b:32:31:03:4b:
8e:eb:d9:9e:46:a7:96:7c:fa:43:d6:fa:e9:32:2f:
29:d1:50:aa:3e:86:a4:6a:e1:a6:1d:98:5c:83:8b:
8a:50:d1:73:76:97:74:21:a6:9b:01:0f:61:4b:a7:
65:f6:8e:2b:df:a8:96:94:b4:ec:af:d6:30:a0:ad:
04:f3:1b:b4:0e:d6:69:e3:bb:6e:5b:f9:6c:d1:96:
9b:23:db:0b:da:29:40:24:14:1b:85:ab:a8:b1:c2:
88:fe:c4:6d:ef:1e:53:83:c7:6a:70:03:c6:69:52:
13:e1:1f:31:d9:7f:bb:bf:75:10:74:c8:fb:c9:98:
88:b4:3b:af:29:ee:e8:ff:60:66:22:77:54:22:5a:
41:97:96:9c:5c:6b:72:8e:d0:ff:85:b5:0c:97:b4:
95:c3:aa:5a:a8:fd:4b:34:44:2c:de:5c:2d:ee:21:
63:f8:8d:70:0c:86:38:e4:1e:6b:6a:9d:f9:64:c9:
15:dc:4d:f9:dc:87:1c:83:b5:38:f6:74:e6:9a:a9:
41:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:B0:75:DF:21:D8:A2:DF:EE:21:77:FF:81:79:50:73:CC:48:FE:11
X509v3 Authority Key Identifier:
keyid:AD:AC:83:0C:CA:A7:47:83:DD:96:1F:AB:24:1A:22:8D:7C:C6:F8:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rayDDMqnR4Pdlh-rJBoijXzG-Ag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/OrB13yHYot_uIXf_gXlQc8xI_hE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/rayDDMqnR4Pdlh-rJBoijXzG-Ag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.234.164.0/22
93.157.208.0/21
185.44.120.0/22
193.22.6.0/24
213.80.128.0/17
217.23.64.0/19
IPv6:
2a02:e840::-2a02:e842:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
93:70:69:70:ba:57:98:4d:17:4d:3d:7c:18:d2:0e:c4:51:20:
22:74:9c:60:a2:93:82:cc:e1:a5:e4:cc:93:7f:9c:4d:09:b1:
20:1f:22:d2:a1:c1:d2:04:66:05:f4:1c:0e:1d:94:46:20:1a:
76:26:a6:ac:d7:0f:e9:0d:5e:23:7b:03:d5:76:2c:b2:35:4c:
bc:27:ef:13:e8:0a:11:3c:3a:96:19:4c:33:bf:b7:ca:f0:8c:
86:3d:b1:78:3c:12:a3:40:e8:73:a6:17:78:a4:1a:a7:74:80:
b1:18:c0:fa:5a:77:54:b4:d4:40:bf:6e:dd:67:65:a4:e9:f9:
c1:06:04:e3:29:a1:53:f4:7e:a0:b1:71:33:01:b7:d3:01:db:
f7:0d:2d:81:bd:a3:c8:44:01:88:ea:2d:b5:c0:56:a8:81:54:
73:3c:ba:0b:b0:15:bb:65:1c:dc:49:82:03:e6:5f:66:b0:3b:
a7:ad:a5:d9:cf:b4:fb:73:60:8e:b1:ae:25:2f:8d:f5:22:ad:
b4:16:24:7a:db:bb:dd:7c:0d:3e:e1:53:49:1a:f0:fc:b5:e3:
a3:87:aa:25:e4:7c:a4:34:3c:6c:46:a2:ab:07:81:7d:d8:e5:
54:95:4a:d7:3e:c9:26:75:27:0a:c8:d1:af:13:2f:3d:a9:62:
16:f3:58:17
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZQoIxbfIekRo0AbI3tqr8MKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkYWM4MzBjY2FhNzQ3ODNkZDk2MWZhYjI0MWEyMjhkN2Nj
NmY4MDgwHhcNMjUwMTAyMTc0OTM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWIwNzVkZjIxZDhhMmRmZWUyMTc3ZmY4MTc5NTA3M2NjNDhmZTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6IHBVygYSVzyOzuGgK8VBPLSQ3nr
NS7ZzaaQPnVkQyq6qiiEF4CGpXE3DXIh/uMz6T7lD0vuCzIxA0uO69meRqeWfPpD
1vrpMi8p0VCqPoakauGmHZhcg4uKUNFzdpd0IaabAQ9hS6dl9o4r36iWlLTsr9Yw
oK0E8xu0DtZp47tuW/ls0ZabI9sL2ilAJBQbhauoscKI/sRt7x5Tg8dqcAPGaVIT
4R8x2X+7v3UQdMj7yZiItDuvKe7o/2BmIndUIlpBl5acXGtyjtD/hbUMl7SVw6pa
qP1LNEQs3lwt7iFj+I1wDIY45B5rap35ZMkV3E353Iccg7U49nTmmqlBuwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFDqwdd8h2KLf7iF3/4F5UHPMSP4RMB8GA1UdIwQY
MBaAFK2sgwzKp0eD3ZYfqyQaIo18xvgIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmF5RERNcW5SNFBkbGgtckpCb2lqWHpHLUFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8zMjVjOGQtZDM2OC00ZWVlLTljYTgt
OTI5ZjdkNjM1ZjRiLzEvT3JCMTN5SFlvdF91SVhmX2dYbFFjOHhJX2hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8zMjVjOGQtZDM2OC00ZWVlLTljYTgtOTI5ZjdkNjM1ZjRi
LzEvcmF5RERNcW5SNFBkbGgtckpCb2lqWHpHLUFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDAqBAIAATAkAwQCU+qkAwQD
XZ3QAwQCuSx4AwQAwRYGAwQH1VCAAwQF2RdAMBYEAgACMBAwDgMFBioC6EADBQAq
AuhCMA0GCSqGSIb3DQEBCwUAA4IBAQCTcGlwuleYTRdNPXwY0g7EUSAidJxgopOC
zOGl5MyTf5xNCbEgHyLSocHSBGYF9BwOHZRGIBp2Jqas1w/pDV4jewPVdiyyNUy8
J+8T6AoRPDqWGUwzv7fK8IyGPbF4PBKjQOhzphd4pBqndICxGMD6WndUtNRAv27d
Z2Wk6fnBBgTjKaFT9H6gsXEzAbfTAdv3DS2BvaPIRAGI6i21wFaogVRzPLoLsBW7
ZRzcSYID5l9msDunraXZz7T7c2COsa4lL431Iq20FiR627vdfA0+4VNJGvD8teOj
h6ol5HykNDxsRqKrB4F92OVUlUrXPskmdScKyNGvEy89qWIW81gX
-----END CERTIFICATE-----
Generated at Thu Mar 13 10:16:49 2025 by rpki-client