Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/1e051e-3cf8-4763-b3cf-a746a8120e9b/1/setwbHKxCPa52Elr9rNK2rsq568.roa
File: setwbHKxCPa52Elr9rNK2rsq568.roa (raw, json)
Hash identifier: 02SvDqNnAJ5dRMEAMQRIAHSYXYUFEMZjO5nV2nUJjV0=
Subject key identifier: B1:EB:70:6C:72:B1:08:F6:B9:D8:49:6B:F6:B3:4A:DA:BB:2A:E7:AF
Certificate issuer: /CN=c637cccd5cda01895b189cca95f296b5cb30c7c8
Certificate serial: 01941F8C7E202B0AF5AD91965578AAA8005A
Authority key identifier: C6:37:CC:CD:5C:DA:01:89:5B:18:9C:CA:95:F2:96:B5:CB:30:C7:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xjfMzVzaAYlbGJzKlfKWtcswx8g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/1e051e-3cf8-4763-b3cf-a746a8120e9b/1/setwbHKxCPa52Elr9rNK2rsq568.roa
Signing time: Wed 01 Jan 2025 01:48:08 +0000
ROA not before: Wed 01 Jan 2025 01:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30791
IP address blocks: 193.7.168.0/21 maxlen: 21
2a0d:1700::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/1e051e-3cf8-4763-b3cf-a746a8120e9b/1/xjfMzVzaAYlbGJzKlfKWtcswx8g.crl
rsync://rpki.ripe.net/repository/DEFAULT/83/1e051e-3cf8-4763-b3cf-a746a8120e9b/1/xjfMzVzaAYlbGJzKlfKWtcswx8g.mft
rsync://rpki.ripe.net/repository/DEFAULT/xjfMzVzaAYlbGJzKlfKWtcswx8g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 13:01:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:7e:20:2b:0a:f5:ad:91:96:55:78:aa:a8:00:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c637cccd5cda01895b189cca95f296b5cb30c7c8
Validity
Not Before: Jan 1 01:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b1eb706c72b108f6b9d8496bf6b34adabb2ae7af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:c1:c1:a7:62:7f:c1:e1:ae:e1:a4:bb:17:c5:
0a:ca:87:1a:37:9f:13:4f:43:a1:6f:cd:5b:94:41:
da:7c:39:e8:66:83:12:43:1f:8a:17:25:4d:ed:82:
67:a6:3e:91:41:6f:30:56:59:88:86:a6:7d:97:66:
fc:c8:59:8b:4d:04:01:70:e0:27:4a:00:2a:ac:e3:
9f:e2:a2:46:63:18:bc:4c:ff:aa:bf:95:df:5b:9f:
fa:0f:61:48:3c:59:bd:52:f4:59:bc:2e:34:30:97:
1e:38:3f:a1:14:76:76:27:1b:12:20:29:fb:34:45:
cf:93:c4:3f:b6:73:c8:09:00:08:e2:75:5c:f1:01:
76:88:77:fa:7e:32:26:d5:5b:e8:9f:cc:d6:14:04:
69:b1:6e:5f:9f:8e:e7:30:a1:1f:c9:c1:2c:62:b0:
f8:80:16:5d:23:19:8e:0c:04:b7:eb:f1:72:72:ee:
f9:90:27:87:97:85:6f:dc:69:3e:a0:fe:2c:71:0b:
a1:85:5d:56:3c:8c:1c:fd:bb:d0:a5:63:3f:e7:1b:
21:77:c3:e3:30:66:96:83:8a:f2:04:ef:ef:56:3f:
3a:f3:a9:dd:bf:85:b9:a0:7e:8b:f5:0a:55:f9:e8:
12:3c:52:fb:73:7d:a4:6e:30:d1:43:31:50:aa:1f:
9f:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:EB:70:6C:72:B1:08:F6:B9:D8:49:6B:F6:B3:4A:DA:BB:2A:E7:AF
X509v3 Authority Key Identifier:
keyid:C6:37:CC:CD:5C:DA:01:89:5B:18:9C:CA:95:F2:96:B5:CB:30:C7:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xjfMzVzaAYlbGJzKlfKWtcswx8g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/1e051e-3cf8-4763-b3cf-a746a8120e9b/1/setwbHKxCPa52Elr9rNK2rsq568.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/1e051e-3cf8-4763-b3cf-a746a8120e9b/1/xjfMzVzaAYlbGJzKlfKWtcswx8g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.7.168.0/21
IPv6:
2a0d:1700::/29
Signature Algorithm: sha256WithRSAEncryption
2d:83:f3:c8:ed:e2:63:88:dd:ed:b8:e4:29:bd:57:79:11:0e:
da:b6:f6:6e:98:78:a9:d9:45:5a:a9:23:df:6b:33:6e:6b:c1:
86:49:ee:3e:bc:92:0f:ff:fa:da:21:c0:12:05:9c:f6:f6:65:
bc:e3:28:7e:c5:4b:8a:b4:58:69:52:42:de:b8:af:5b:33:9d:
36:dd:48:fe:e4:7c:a8:ae:b4:63:8c:f6:32:59:d9:a4:e3:5e:
0f:12:e8:2b:69:ad:72:ba:a8:27:b6:53:e2:1b:13:72:b9:52:
1a:eb:a2:64:f4:ad:90:c1:3d:09:00:5a:11:7e:4b:c7:55:73:
9f:ad:da:ef:79:ec:23:16:4c:dd:2a:bd:fc:cc:02:bf:16:17:
52:f1:d9:49:2c:6b:a2:5d:bd:cd:8d:ab:2c:d0:dc:d9:8c:c8:
05:88:c1:c7:82:4a:2d:85:7b:1b:7a:53:37:fa:0d:92:75:e3:
8f:33:c7:fb:75:ed:2a:77:56:6a:34:db:ed:a1:34:27:d5:43:
0b:5a:ba:4e:a7:72:e8:d6:e3:d5:b3:c8:c2:7b:f1:14:a9:e4:
0d:37:d5:5a:c5:52:87:8d:b8:ed:10:c6:6f:d2:0b:ae:97:62:
99:d2:3f:ac:87:76:d8:95:b0:33:7b:65:5a:13:b4:e8:33:60:
00:71:6d:d2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQfjH4gKwr1rZGWVXiqqABaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MzdjY2NkNWNkYTAxODk1YjE4OWNjYTk1ZjI5NmI1Y2Iz
MGM3YzgwHhcNMjUwMTAxMDE0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWViNzA2YzcyYjEwOGY2YjlkODQ5NmJmNmIzNGFkYWJiMmFlN2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqcHBp2J/weGu4aS7F8UKyocaN58T
T0Ohb81blEHafDnoZoMSQx+KFyVN7YJnpj6RQW8wVlmIhqZ9l2b8yFmLTQQBcOAn
SgAqrOOf4qJGYxi8TP+qv5XfW5/6D2FIPFm9UvRZvC40MJceOD+hFHZ2JxsSICn7
NEXPk8Q/tnPICQAI4nVc8QF2iHf6fjIm1Vvon8zWFARpsW5fn47nMKEfycEsYrD4
gBZdIxmODAS36/Fycu75kCeHl4Vv3Gk+oP4scQuhhV1WPIwc/bvQpWM/5xshd8Pj
MGaWg4ryBO/vVj8686ndv4W5oH6L9QpV+egSPFL7c32kbjDRQzFQqh+fOwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLHrcGxysQj2udhJa/azStq7KuevMB8GA1UdIwQY
MBaAFMY3zM1c2gGJWxicypXylrXLMMfIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGpmTXpWemFBWWxiR0p6S2xmS1d0Y3N3eDhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8xZTA1MWUtM2NmOC00NzYzLWIzY2Yt
YTc0NmE4MTIwZTliLzEvc2V0d2JIS3hDUGE1MkVscjlyTksycnNxNTY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My8xZTA1MWUtM2NmOC00NzYzLWIzY2YtYTc0NmE4MTIwZTli
LzEveGpmTXpWemFBWWxiR0p6S2xmS1d0Y3N3eDhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDwQeoMA0E
AgACMAcDBQMqDRcAMA0GCSqGSIb3DQEBCwUAA4IBAQAtg/PI7eJjiN3tuOQpvVd5
EQ7atvZumHip2UVaqSPfazNua8GGSe4+vJIP//raIcASBZz29mW84yh+xUuKtFhp
UkLeuK9bM5023Uj+5HyorrRjjPYyWdmk414PEugraa1yuqgntlPiGxNyuVIa66Jk
9K2QwT0JAFoRfkvHVXOfrdrveewjFkzdKr38zAK/FhdS8dlJLGuiXb3Njass0NzZ
jMgFiMHHgkothXsbelM3+g2SdeOPM8f7de0qd1ZqNNvtoTQn1UMLWrpOp3Lo1uPV
s8jCe/EUqeQNN9VaxVKHjbjtEMZv0guul2KZ0j+sh3bYlbAze2VaE7ToM2AAcW3S
-----END CERTIFICATE-----
Generated at Sun Apr 20 20:03:52 2025 by rpki-client