Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/73c3e3-81e6-4eb4-a946-609fa4e54067/1/dZV8dvdnA_9uSLTQkNXVl8a3FaI.roa
File: dZV8dvdnA_9uSLTQkNXVl8a3FaI.roa (raw, json)
Hash identifier: Krx07PHv8S1aDWSKbtOJAHlzZWfSCAV78WJWEmqXiPw=
Subject key identifier: 75:95:7C:76:F7:67:03:FF:6E:48:B4:D0:90:D5:D5:97:C6:B7:15:A2
Certificate issuer: /CN=1a753613b4220f68f2b546d092a230bed6edacb8
Certificate serial: 019423D6A14191D946B608E1FEECCE04B5C5
Authority key identifier: 1A:75:36:13:B4:22:0F:68:F2:B5:46:D0:92:A2:30:BE:D6:ED:AC:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GnU2E7QiD2jytUbQkqIwvtbtrLg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/73c3e3-81e6-4eb4-a946-609fa4e54067/1/dZV8dvdnA_9uSLTQkNXVl8a3FaI.roa
Signing time: Wed 01 Jan 2025 21:47:36 +0000
ROA not before: Wed 01 Jan 2025 21:47:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57247
IP address blocks: 194.116.230.0/24 maxlen: 24
2a02:4680::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/73c3e3-81e6-4eb4-a946-609fa4e54067/1/GnU2E7QiD2jytUbQkqIwvtbtrLg.crl
rsync://rpki.ripe.net/repository/DEFAULT/83/73c3e3-81e6-4eb4-a946-609fa4e54067/1/GnU2E7QiD2jytUbQkqIwvtbtrLg.mft
rsync://rpki.ripe.net/repository/DEFAULT/GnU2E7QiD2jytUbQkqIwvtbtrLg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 13:46:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:a1:41:91:d9:46:b6:08:e1:fe:ec:ce:04:b5:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a753613b4220f68f2b546d092a230bed6edacb8
Validity
Not Before: Jan 1 21:47:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=75957c76f76703ff6e48b4d090d5d597c6b715a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:5b:ae:84:c2:5e:d0:9b:db:a9:29:92:40:02:
f2:4f:e5:ff:d4:49:59:68:37:e1:da:79:e0:e6:a8:
24:bc:4e:6a:39:12:d5:fb:0f:a3:63:c8:90:2d:2c:
b3:c2:e1:cf:ac:1d:ad:64:53:9a:f3:0c:3c:2f:b7:
8b:9c:1b:c2:3f:57:98:6a:7d:80:b1:fb:71:02:b8:
7d:56:7e:79:96:3c:2f:19:bc:52:3f:32:a5:dc:de:
5b:3b:d5:5f:33:06:29:71:01:ee:98:ce:07:f2:ee:
9d:23:aa:2a:ab:18:f0:7d:41:1a:e8:9b:3f:16:a5:
c8:8d:a6:d7:18:15:53:91:57:0b:6f:21:1c:bb:cf:
a8:92:9a:b1:d8:c3:41:aa:c0:36:d1:74:ee:62:cd:
20:e5:d5:79:74:c4:45:7d:cb:f5:9c:7c:3b:f3:95:
40:a2:51:63:92:f6:43:f0:68:a8:7f:f2:da:c4:c1:
20:69:84:f7:ef:13:42:d2:5a:54:77:98:47:fd:6c:
38:1c:0f:ed:d7:9a:ff:66:41:12:14:9b:46:79:f3:
e8:4f:98:b4:4f:72:58:1b:a4:40:51:ce:0a:07:82:
2f:9b:30:c0:22:d7:be:ab:fa:18:df:88:e0:c0:f9:
e5:23:a1:6a:1b:f8:61:a4:10:89:bc:d5:8f:01:e6:
fd:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:95:7C:76:F7:67:03:FF:6E:48:B4:D0:90:D5:D5:97:C6:B7:15:A2
X509v3 Authority Key Identifier:
keyid:1A:75:36:13:B4:22:0F:68:F2:B5:46:D0:92:A2:30:BE:D6:ED:AC:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GnU2E7QiD2jytUbQkqIwvtbtrLg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/73c3e3-81e6-4eb4-a946-609fa4e54067/1/dZV8dvdnA_9uSLTQkNXVl8a3FaI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/73c3e3-81e6-4eb4-a946-609fa4e54067/1/GnU2E7QiD2jytUbQkqIwvtbtrLg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.116.230.0/24
IPv6:
2a02:4680::/29
Signature Algorithm: sha256WithRSAEncryption
29:18:99:37:58:ca:fe:a1:40:2a:64:ea:a0:ca:b5:55:4b:81:
5f:4f:7d:39:c9:c1:0b:df:4f:89:ef:d5:e2:ff:e1:54:18:dc:
82:14:06:8f:e6:5e:71:49:3b:3a:78:e3:d9:94:d9:96:03:c6:
79:e0:43:68:c2:da:6b:83:d4:fc:85:cd:19:58:66:c3:1c:66:
0a:3c:89:13:7e:c9:62:e6:f6:71:38:54:1a:6f:73:d7:51:46:
0e:0d:71:55:df:98:0c:9f:86:aa:65:32:f5:62:7c:4f:02:9b:
9d:a4:83:de:0b:a3:14:01:32:84:08:7b:30:08:de:52:94:65:
5a:0b:e9:11:be:f5:f2:c2:25:47:a5:cb:d4:1b:af:f2:46:0c:
bb:51:79:d8:d5:78:b0:2d:0d:f7:12:13:2f:7b:7f:8a:d3:9b:
84:d0:41:a6:6e:c7:6a:0b:2e:c4:b5:d9:bf:fa:80:ac:c5:83:
2a:d6:94:67:47:f6:58:09:b2:3a:3a:8b:1d:84:43:84:a7:2d:
bd:3c:0b:5f:91:9c:11:4e:e5:1b:d8:3e:71:fa:63:a1:e4:c9:
ab:fc:17:3a:27:a8:04:01:52:4d:c7:45:bd:d0:a1:70:34:e0:
a8:00:f1:77:b1:82:27:a7:af:4d:df:25:7f:33:d9:b9:75:e9:
91:e5:a7:24
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQj1qFBkdlGtgjh/uzOBLXFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhNzUzNjEzYjQyMjBmNjhmMmI1NDZkMDkyYTIzMGJlZDZl
ZGFjYjgwHhcNMjUwMTAxMjE0NzM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTk1N2M3NmY3NjcwM2ZmNmU0OGI0ZDA5MGQ1ZDU5N2M2YjcxNWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFuuhMJe0JvbqSmSQALyT+X/1ElZ
aDfh2nng5qgkvE5qORLV+w+jY8iQLSyzwuHPrB2tZFOa8ww8L7eLnBvCP1eYan2A
sftxArh9Vn55ljwvGbxSPzKl3N5bO9VfMwYpcQHumM4H8u6dI6oqqxjwfUEa6Js/
FqXIjabXGBVTkVcLbyEcu8+okpqx2MNBqsA20XTuYs0g5dV5dMRFfcv1nHw785VA
olFjkvZD8Giof/LaxMEgaYT37xNC0lpUd5hH/Ww4HA/t15r/ZkESFJtGefPoT5i0
T3JYG6RAUc4KB4IvmzDAIte+q/oY34jgwPnlI6FqG/hhpBCJvNWPAeb9KQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHWVfHb3ZwP/bki00JDV1ZfGtxWiMB8GA1UdIwQY
MBaAFBp1NhO0Ig9o8rVG0JKiML7W7ay4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR25VMkU3UWlEMmp5dFViUWtxSXd2dGJ0ckxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My83M2MzZTMtODFlNi00ZWI0LWE5NDYt
NjA5ZmE0ZTU0MDY3LzEvZFpWOGR2ZG5BXzl1U0xUUWtOWFZsOGEzRmFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My83M2MzZTMtODFlNi00ZWI0LWE5NDYtNjA5ZmE0ZTU0MDY3
LzEvR25VMkU3UWlEMmp5dFViUWtxSXd2dGJ0ckxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwnTmMA0E
AgACMAcDBQMqAkaAMA0GCSqGSIb3DQEBCwUAA4IBAQApGJk3WMr+oUAqZOqgyrVV
S4FfT305ycEL30+J79Xi/+FUGNyCFAaP5l5xSTs6eOPZlNmWA8Z54ENowtprg9T8
hc0ZWGbDHGYKPIkTfsli5vZxOFQab3PXUUYODXFV35gMn4aqZTL1YnxPApudpIPe
C6MUATKECHswCN5SlGVaC+kRvvXywiVHpcvUG6/yRgy7UXnY1XiwLQ33EhMve3+K
05uE0EGmbsdqCy7Etdm/+oCsxYMq1pRnR/ZYCbI6OosdhEOEpy29PAtfkZwRTuUb
2D5x+mOh5Mmr/Bc6J6gEAVJNx0W90KFwNOCoAPF3sYInp69N3yV/M9m5demR5ack
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:43:43 2025 by rpki-client