Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/2dc136-400d-40e7-ad86-8ce60a5c8b1f/1/0cg-ABQ5F07wo1zUc9k0K5Ly8to.roa
File: 0cg-ABQ5F07wo1zUc9k0K5Ly8to.roa (raw, json)
Hash identifier: Rkj4lRwYBqE7QsZIcMHOzWOT71EQLWq7kKtekOL+dc8=
Subject key identifier: D1:C8:3E:00:14:39:17:4E:F0:A3:5C:D4:73:D9:34:2B:92:F2:F2:DA
Certificate issuer: /CN=f80e017cf1711519b0ff9f65858c491b2fa5d40b
Certificate serial: 01958AF38482B819DC8579D391BDB2343BD3
Authority key identifier: F8:0E:01:7C:F1:71:15:19:B0:FF:9F:65:85:8C:49:1B:2F:A5:D4:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-A4BfPFxFRmw_59lhYxJGy-l1As.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/2dc136-400d-40e7-ad86-8ce60a5c8b1f/1/0cg-ABQ5F07wo1zUc9k0K5Ly8to.roa
Signing time: Wed 12 Mar 2025 15:22:49 +0000
ROA not before: Wed 12 Mar 2025 15:22:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211448
IP address blocks: 94.176.160.0/23 maxlen: 23
94.176.160.0/24 maxlen: 24
94.176.161.0/24 maxlen: 24
193.30.126.0/24 maxlen: 24
193.30.127.0/24 maxlen: 24
194.33.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/2dc136-400d-40e7-ad86-8ce60a5c8b1f/1/1-A4BfPFxFRmw_59lhYxJGy-l1As.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/2dc136-400d-40e7-ad86-8ce60a5c8b1f/1/1-A4BfPFxFRmw_59lhYxJGy-l1As.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-A4BfPFxFRmw_59lhYxJGy-l1As.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 03:01:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8a:f3:84:82:b8:19:dc:85:79:d3:91:bd:b2:34:3b:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f80e017cf1711519b0ff9f65858c491b2fa5d40b
Validity
Not Before: Mar 12 15:22:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d1c83e001439174ef0a35cd473d9342b92f2f2da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:73:e1:6e:e3:71:09:1b:df:2e:81:bf:b9:af:
a8:d3:45:ad:13:c8:62:33:25:e3:95:40:d9:03:d9:
f5:a4:b8:bf:80:61:d9:16:88:8a:da:53:5a:f2:34:
ef:b2:8a:9e:ea:d5:db:33:69:39:09:6d:72:db:72:
fc:55:58:bc:0c:12:50:ac:18:ee:95:ba:d9:37:e3:
4c:6e:2b:1c:c8:16:63:5b:83:95:8f:81:0f:a5:2f:
88:38:b0:67:f8:39:40:da:96:e9:44:09:29:c8:98:
2d:60:4c:ad:1b:f9:98:c6:3c:f8:3f:37:15:34:00:
b5:fc:30:06:cc:84:9b:f5:51:d4:75:92:06:7d:d8:
e6:59:ed:4c:2b:55:53:b7:3a:5a:be:e3:f4:bc:e0:
8f:32:0f:7f:ca:97:d7:25:14:1d:40:40:92:53:93:
cc:ee:82:6e:5a:19:92:c9:79:bb:8e:1a:ba:1f:22:
7b:70:b8:98:34:9f:9a:6a:b7:f5:b5:81:26:de:6d:
b0:d3:43:25:95:0d:99:95:63:8a:a1:26:c9:ad:b8:
02:25:dd:df:64:59:6b:f4:82:f4:ea:02:39:f8:4f:
cc:fa:f8:3c:9e:51:32:9d:d1:e4:f3:e3:6f:9b:a2:
83:7e:66:2e:81:f5:0e:05:5b:28:9e:1c:7d:5e:57:
44:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:C8:3E:00:14:39:17:4E:F0:A3:5C:D4:73:D9:34:2B:92:F2:F2:DA
X509v3 Authority Key Identifier:
keyid:F8:0E:01:7C:F1:71:15:19:B0:FF:9F:65:85:8C:49:1B:2F:A5:D4:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-A4BfPFxFRmw_59lhYxJGy-l1As.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/2dc136-400d-40e7-ad86-8ce60a5c8b1f/1/0cg-ABQ5F07wo1zUc9k0K5Ly8to.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/2dc136-400d-40e7-ad86-8ce60a5c8b1f/1/1-A4BfPFxFRmw_59lhYxJGy-l1As.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.176.160.0/23
193.30.126.0/23
194.33.191.0/24
Signature Algorithm: sha256WithRSAEncryption
88:73:2d:4a:ce:79:76:79:68:8a:05:56:54:ff:9f:a6:ae:4f:
8a:13:e4:26:35:df:0b:35:c7:a4:66:c9:c9:4f:b7:68:7b:05:
bf:cb:b7:e4:47:61:d2:ef:3c:fc:ed:51:88:8b:02:b5:6e:9a:
92:50:38:32:9d:e8:d2:47:c5:da:26:a4:42:ff:d3:71:b6:21:
cb:a0:3c:92:22:de:63:fc:53:eb:f3:40:17:b5:51:7f:d9:ee:
f5:21:61:5d:31:ea:6e:2c:b0:98:97:7f:ed:03:36:49:2d:70:
4e:be:6e:9a:85:e1:66:33:a4:1b:12:41:b5:03:54:be:5b:4b:
3e:6b:79:49:e7:60:c8:6c:17:14:55:2c:b8:52:17:c8:4f:43:
85:5d:02:e8:6d:a4:06:fc:e6:38:68:7e:68:df:a5:e0:1d:37:
27:91:12:e9:2c:9d:7f:90:0f:bf:b3:c8:02:d3:59:7c:3b:14:
9a:53:e9:91:82:4d:82:06:75:7d:f1:f8:cc:55:46:06:d4:86:
4f:d0:42:33:d0:9c:6b:91:7a:d2:c2:f2:cc:02:6e:18:aa:44:
3c:b0:90:38:b5:fe:0c:eb:c7:e1:b0:97:1a:81:81:c6:00:3f:
a3:0a:e5:dd:3b:7e:42:b3:82:da:8a:ec:fd:6b:62:ca:26:a7:
d5:c9:87:99
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZWK84SCuBnchXnTkb2yNDvTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4MGUwMTdjZjE3MTE1MTliMGZmOWY2NTg1OGM0OTFiMmZh
NWQ0MGIwHhcNMjUwMzEyMTUyMjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWM4M2UwMDE0MzkxNzRlZjBhMzVjZDQ3M2Q5MzQyYjkyZjJmMmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHPhbuNxCRvfLoG/ua+o00WtE8hi
MyXjlUDZA9n1pLi/gGHZFoiK2lNa8jTvsoqe6tXbM2k5CW1y23L8VVi8DBJQrBju
lbrZN+NMbiscyBZjW4OVj4EPpS+IOLBn+DlA2pbpRAkpyJgtYEytG/mYxjz4PzcV
NAC1/DAGzISb9VHUdZIGfdjmWe1MK1VTtzpavuP0vOCPMg9/ypfXJRQdQECSU5PM
7oJuWhmSyXm7jhq6HyJ7cLiYNJ+aarf1tYEm3m2w00MllQ2ZlWOKoSbJrbgCJd3f
ZFlr9IL06gI5+E/M+vg8nlEyndHk8+Nvm6KDfmYugfUOBVsonhx9XldEiQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFNHIPgAUORdO8KNc1HPZNCuS8vLaMB8GA1UdIwQY
MBaAFPgOAXzxcRUZsP+fZYWMSRsvpdQLMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1BNEJmUEZ4RlJtd181OWxoWXhKR3ktbDFBcy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODcvMmRjMTM2LTQwMGQtNDBlNy1hZDg2
LThjZTYwYTVjOGIxZi8xLzBjZy1BQlE1RjA3d28xelVjOWswSzVMeTh0by5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvODcvMmRjMTM2LTQwMGQtNDBlNy1hZDg2LThjZTYwYTVjOGIx
Zi8xLzEtQTRCZlBGeEZSbXdfNTlsaFl4Skd5LWwxQXMuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBAFesKAD
BAHBHn4DBADCIb8wDQYJKoZIhvcNAQELBQADggEBAIhzLUrOeXZ5aIoFVlT/n6au
T4oT5CY13ws1x6RmyclPt2h7Bb/Lt+RHYdLvPPztUYiLArVumpJQODKd6NJHxdom
pEL/03G2IcugPJIi3mP8U+vzQBe1UX/Z7vUhYV0x6m4ssJiXf+0DNkktcE6+bpqF
4WYzpBsSQbUDVL5bSz5reUnnYMhsFxRVLLhSF8hPQ4VdAuhtpAb85jhofmjfpeAd
NyeREuksnX+QD7+zyALTWXw7FJpT6ZGCTYIGdX3x+MxVRgbUhk/QQjPQnGuRetLC
8swCbhiqRDywkDi1/gzrx+GwlxqBgcYAP6MK5d07fkKzgtqK7P1rYsomp9XJh5k=
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:18:51 2025 by rpki-client