Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/aca4ad-1df0-4797-9a90-fbe5fdcf0ed3/1/Y8bxmFfpWoR5ksX0Qq13ZOagVPo.roa
File: Y8bxmFfpWoR5ksX0Qq13ZOagVPo.roa (raw, json)
Hash identifier: C0DVCgE5f6/2s7WXTWOG0D5IiTtwmNwV6icT5/Rn4Qg=
Subject key identifier: 63:C6:F1:98:57:E9:5A:84:79:92:C5:F4:42:AD:77:64:E6:A0:54:FA
Certificate issuer: /CN=aee1d3a425edbd9d8adad04106ab12d7c76ac132
Certificate serial: 01941FFA1FAC8B1095F6BA00ECBE378493EA
Authority key identifier: AE:E1:D3:A4:25:ED:BD:9D:8A:DA:D0:41:06:AB:12:D7:C7:6A:C1:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ruHTpCXtvZ2K2tBBBqsS18dqwTI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/aca4ad-1df0-4797-9a90-fbe5fdcf0ed3/1/Y8bxmFfpWoR5ksX0Qq13ZOagVPo.roa
Signing time: Wed 01 Jan 2025 03:47:53 +0000
ROA not before: Wed 01 Jan 2025 03:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30962
IP address blocks: 193.200.128.0/24 maxlen: 24
2001:67c:208::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/aca4ad-1df0-4797-9a90-fbe5fdcf0ed3/1/ruHTpCXtvZ2K2tBBBqsS18dqwTI.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/aca4ad-1df0-4797-9a90-fbe5fdcf0ed3/1/ruHTpCXtvZ2K2tBBBqsS18dqwTI.mft
rsync://rpki.ripe.net/repository/DEFAULT/ruHTpCXtvZ2K2tBBBqsS18dqwTI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 08:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:1f:ac:8b:10:95:f6:ba:00:ec:be:37:84:93:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aee1d3a425edbd9d8adad04106ab12d7c76ac132
Validity
Not Before: Jan 1 03:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=63c6f19857e95a847992c5f442ad7764e6a054fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ea:28:62:13:1d:46:e6:ea:0c:05:9b:e3:46:
36:7a:fe:b9:df:02:21:71:1e:53:2c:70:ff:b3:89:
d3:1e:6a:07:40:b5:20:55:29:3a:ed:c0:85:9b:6c:
dd:2c:f1:db:62:20:32:69:5e:22:6d:d8:05:1b:a4:
8e:d9:64:4f:20:cf:59:ab:d3:b0:3e:5e:31:af:a5:
5d:16:6a:a8:fd:64:12:d9:a3:92:4b:a7:bc:4a:10:
c3:f5:d9:6a:f5:09:20:ae:12:d6:30:23:ad:fd:05:
fc:51:4f:de:c4:1f:e5:df:05:35:90:20:a8:04:7d:
fa:2c:7a:fb:92:99:6c:8b:6f:18:0e:72:56:92:2c:
53:b1:15:ad:7f:44:5f:94:63:3c:bf:26:a5:9b:c0:
dd:5d:df:c2:b9:3c:42:bc:19:ed:45:48:f9:89:f9:
0c:52:2e:70:d0:52:6d:ba:5a:64:eb:22:df:8e:fd:
11:eb:64:bb:e5:8d:53:b2:f5:84:b3:91:cc:6d:87:
46:9a:36:47:42:6f:54:74:d4:20:6b:fa:d9:70:13:
86:ca:f5:06:88:e9:64:12:c4:ef:71:0f:8b:33:5a:
3d:e1:65:e7:ba:b3:9a:1c:41:72:14:08:1b:b5:8f:
de:5f:30:53:da:3e:df:e2:47:d5:97:52:6a:95:29:
e3:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:C6:F1:98:57:E9:5A:84:79:92:C5:F4:42:AD:77:64:E6:A0:54:FA
X509v3 Authority Key Identifier:
keyid:AE:E1:D3:A4:25:ED:BD:9D:8A:DA:D0:41:06:AB:12:D7:C7:6A:C1:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ruHTpCXtvZ2K2tBBBqsS18dqwTI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/aca4ad-1df0-4797-9a90-fbe5fdcf0ed3/1/Y8bxmFfpWoR5ksX0Qq13ZOagVPo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/aca4ad-1df0-4797-9a90-fbe5fdcf0ed3/1/ruHTpCXtvZ2K2tBBBqsS18dqwTI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.200.128.0/24
IPv6:
2001:67c:208::/48
Signature Algorithm: sha256WithRSAEncryption
1e:6e:37:e7:f8:8f:23:77:64:e2:c9:0b:56:04:dd:79:56:81:
d1:dd:49:8d:0c:8f:b3:6d:d3:df:f2:3c:97:a9:a0:5c:7e:ad:
b0:ea:52:12:9a:72:2c:b7:88:18:eb:09:77:25:be:28:0b:68:
6d:aa:30:88:51:2b:98:76:e2:f3:4d:6c:7d:7d:6f:f8:33:e1:
17:62:02:41:19:df:1b:78:a0:dd:fc:22:86:6d:a9:a7:51:8d:
15:48:50:80:b9:ab:39:94:34:4c:74:8d:0e:f3:f3:95:ab:15:
a0:52:bb:33:63:ee:15:47:03:33:10:d6:2f:9a:ec:51:bc:08:
54:42:29:92:9b:d0:b9:e4:21:4e:f4:f0:22:63:7f:a2:36:f0:
d9:2e:f6:91:49:75:53:6d:f9:67:6a:ac:31:43:48:fd:82:1d:
14:19:b7:f7:87:59:bd:8d:73:9d:d6:9b:b1:b0:0d:fc:a5:d6:
7f:89:20:5d:ba:32:e1:4c:33:bd:13:db:b0:63:fd:ab:bb:0a:
4a:65:31:c7:41:36:21:40:4b:84:49:b5:62:9c:4b:9f:36:33:
d4:53:24:91:97:c7:2d:0e:d2:30:43:7a:e6:29:c8:bf:ec:d0:
2e:17:8a:27:30:b8:86:52:88:19:9c:57:3e:f0:9f:85:50:d1:
12:e6:74:19
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQf+h+sixCV9roA7L43hJPqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZTFkM2E0MjVlZGJkOWQ4YWRhZDA0MTA2YWIxMmQ3Yzc2
YWMxMzIwHhcNMjUwMTAxMDM0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2M2ZjE5ODU3ZTk1YTg0Nzk5MmM1ZjQ0MmFkNzc2NGU2YTA1NGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAouooYhMdRubqDAWb40Y2ev653wIh
cR5TLHD/s4nTHmoHQLUgVSk67cCFm2zdLPHbYiAyaV4ibdgFG6SO2WRPIM9Zq9Ow
Pl4xr6VdFmqo/WQS2aOSS6e8ShDD9dlq9QkgrhLWMCOt/QX8UU/exB/l3wU1kCCo
BH36LHr7kplsi28YDnJWkixTsRWtf0RflGM8vyalm8DdXd/CuTxCvBntRUj5ifkM
Ui5w0FJtulpk6yLfjv0R62S75Y1TsvWEs5HMbYdGmjZHQm9UdNQga/rZcBOGyvUG
iOlkEsTvcQ+LM1o94WXnurOaHEFyFAgbtY/eXzBT2j7f4kfVl1JqlSnj0QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGPG8ZhX6VqEeZLF9EKtd2TmoFT6MB8GA1UdIwQY
MBaAFK7h06Ql7b2ditrQQQarEtfHasEyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnVIVHBDWHR2WjJLMnRCQkJxc1MxOGRxd1RJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9hY2E0YWQtMWRmMC00Nzk3LTlhOTAt
ZmJlNWZkY2YwZWQzLzEvWThieG1GZnBXb1I1a3NYMFFxMTNaT2FnVlBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9hY2E0YWQtMWRmMC00Nzk3LTlhOTAtZmJlNWZkY2YwZWQz
LzEvcnVIVHBDWHR2WjJLMnRCQkJxc1MxOGRxd1RJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwciAMA8E
AgACMAkDBwAgAQZ8AggwDQYJKoZIhvcNAQELBQADggEBAB5uN+f4jyN3ZOLJC1YE
3XlWgdHdSY0Mj7Nt09/yPJepoFx+rbDqUhKaciy3iBjrCXclvigLaG2qMIhRK5h2
4vNNbH19b/gz4RdiAkEZ3xt4oN38IoZtqadRjRVIUIC5qzmUNEx0jQ7z85WrFaBS
uzNj7hVHAzMQ1i+a7FG8CFRCKZKb0LnkIU708CJjf6I28Nku9pFJdVNt+WdqrDFD
SP2CHRQZt/eHWb2Nc53Wm7GwDfyl1n+JIF26MuFMM70T27Bj/au7CkplMcdBNiFA
S4RJtWKcS582M9RTJJGXxy0O0jBDeuYpyL/s0C4XiicwuIZSiBmcVz7wn4VQ0RLm
dBk=
-----END CERTIFICATE-----
Generated at Sun Apr 13 14:08:54 2025 by rpki-client