Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/2edf41-48e0-40ad-8e7c-5e954af1d80e/1/zXRn6qUdykmyNBlVs8F5lijyofI.roa
File: zXRn6qUdykmyNBlVs8F5lijyofI.roa (raw, json)
Hash identifier: ocGQIF9V1x5fsDLwah9aysnQL0wM33g0zDeGg9Z68IM=
Subject key identifier: CD:74:67:EA:A5:1D:CA:49:B2:34:19:55:B3:C1:79:96:28:F2:A1:F2
Certificate issuer: /CN=2af0fb4b9adcb2eca2b106de0a893961596ccd18
Certificate serial: 01941FFA5950FDC16738C76C3D622258420D
Authority key identifier: 2A:F0:FB:4B:9A:DC:B2:EC:A2:B1:06:DE:0A:89:39:61:59:6C:CD:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KvD7S5rcsuyisQbeCok5YVlszRg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/2edf41-48e0-40ad-8e7c-5e954af1d80e/1/zXRn6qUdykmyNBlVs8F5lijyofI.roa
Signing time: Wed 01 Jan 2025 03:48:08 +0000
ROA not before: Wed 01 Jan 2025 03:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57132
IP address blocks: 193.22.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/2edf41-48e0-40ad-8e7c-5e954af1d80e/1/KvD7S5rcsuyisQbeCok5YVlszRg.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/2edf41-48e0-40ad-8e7c-5e954af1d80e/1/KvD7S5rcsuyisQbeCok5YVlszRg.mft
rsync://rpki.ripe.net/repository/DEFAULT/KvD7S5rcsuyisQbeCok5YVlszRg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:59:50:fd:c1:67:38:c7:6c:3d:62:22:58:42:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2af0fb4b9adcb2eca2b106de0a893961596ccd18
Validity
Not Before: Jan 1 03:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cd7467eaa51dca49b2341955b3c1799628f2a1f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:f8:ba:a3:71:2c:e0:d0:b2:1d:3f:0c:fe:63:
9f:ac:1a:e0:50:ec:c3:9c:a7:ba:3e:96:51:49:be:
3b:57:73:b6:e2:df:e4:7e:0a:74:f6:e0:99:e5:db:
eb:54:45:5a:55:0c:21:90:e5:40:60:72:ed:d6:fb:
41:69:0b:34:33:5c:33:55:b6:e3:95:1e:22:29:01:
a1:91:1a:7b:f6:77:4b:ce:1f:b9:f6:81:a5:e9:e4:
4c:4b:a5:a5:f9:a3:24:48:5a:62:ca:48:ab:b4:7b:
a8:96:14:26:1e:06:5d:a1:e2:c1:5b:98:3f:a2:57:
34:3d:e3:78:ad:c9:fa:09:04:5a:58:7d:08:c1:79:
4d:40:46:e5:3b:1d:0f:5e:03:87:07:e4:29:15:7f:
0b:cf:5b:ef:d8:b8:d5:a7:2b:13:05:98:2e:df:36:
17:d0:4a:10:c8:46:af:fd:49:7a:90:d5:cf:f8:85:
f7:aa:8c:c1:ea:ba:b2:cb:1c:52:a5:42:3a:8d:12:
ae:aa:be:1f:12:ae:42:be:81:4c:70:d2:be:c4:64:
f6:a4:c9:02:10:99:2a:58:09:6b:5e:08:38:a5:da:
c4:d5:96:6f:fd:7b:8f:2c:86:2a:d6:06:8d:78:e5:
ed:fe:52:f7:5d:28:f9:da:04:00:f2:7d:75:b5:e8:
af:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:74:67:EA:A5:1D:CA:49:B2:34:19:55:B3:C1:79:96:28:F2:A1:F2
X509v3 Authority Key Identifier:
keyid:2A:F0:FB:4B:9A:DC:B2:EC:A2:B1:06:DE:0A:89:39:61:59:6C:CD:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KvD7S5rcsuyisQbeCok5YVlszRg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/2edf41-48e0-40ad-8e7c-5e954af1d80e/1/zXRn6qUdykmyNBlVs8F5lijyofI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/2edf41-48e0-40ad-8e7c-5e954af1d80e/1/KvD7S5rcsuyisQbeCok5YVlszRg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.22.95.0/24
Signature Algorithm: sha256WithRSAEncryption
78:f9:9d:4a:86:8f:bb:ad:61:4c:98:0e:11:f0:11:1a:9b:b3:
20:09:6f:39:5b:91:88:85:cd:c2:ed:62:ad:aa:43:78:4a:a5:
33:35:80:23:5d:49:40:9d:75:d2:dc:0f:fb:8f:16:c9:6c:49:
ea:e0:d0:70:d8:b1:39:1b:49:35:bf:31:2c:c2:f6:2b:0d:03:
0c:0a:3b:bf:db:64:52:ba:23:c1:11:ea:32:b7:28:91:83:73:
38:5d:35:1a:62:e5:ae:73:c7:aa:83:40:f8:2d:c8:cf:ed:40:
d8:f0:4d:cf:aa:38:f2:3e:aa:e9:12:78:fe:03:cc:2e:9d:d0:
51:b7:ba:d0:e4:55:6c:f4:ca:80:05:73:ce:a6:ca:5e:d9:b6:
99:a9:07:55:b8:60:a2:61:c1:38:96:3a:b9:56:a1:0f:31:7d:
7d:a5:4a:dc:b2:9e:cc:7b:ce:10:0b:18:c9:67:46:f0:2e:69:
90:c8:bf:29:90:5a:54:75:4c:4f:b6:a3:90:7b:71:d2:71:ad:
ff:0f:63:cb:1c:61:fd:27:01:fd:12:81:d9:c1:a6:4a:f5:2a:
22:33:46:0f:a4:4a:74:fd:75:6a:65:e7:72:35:a4:14:de:52:
fe:a9:ee:58:c6:87:0b:bd:36:35:5d:b8:17:40:c3:de:55:81:
f4:2b:50:5d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+llQ/cFnOMdsPWIiWEINMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhZjBmYjRiOWFkY2IyZWNhMmIxMDZkZTBhODkzOTYxNTk2
Y2NkMTgwHhcNMjUwMTAxMDM0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDc0NjdlYWE1MWRjYTQ5YjIzNDE5NTViM2MxNzk5NjI4ZjJhMWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmfi6o3Es4NCyHT8M/mOfrBrgUOzD
nKe6PpZRSb47V3O24t/kfgp09uCZ5dvrVEVaVQwhkOVAYHLt1vtBaQs0M1wzVbbj
lR4iKQGhkRp79ndLzh+59oGl6eRMS6Wl+aMkSFpiykirtHuolhQmHgZdoeLBW5g/
olc0PeN4rcn6CQRaWH0IwXlNQEblOx0PXgOHB+QpFX8Lz1vv2LjVpysTBZgu3zYX
0EoQyEav/Ul6kNXP+IX3qozB6rqyyxxSpUI6jRKuqr4fEq5CvoFMcNK+xGT2pMkC
EJkqWAlrXgg4pdrE1ZZv/XuPLIYq1gaNeOXt/lL3XSj52gQA8n11teivvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM10Z+qlHcpJsjQZVbPBeZYo8qHyMB8GA1UdIwQY
MBaAFCrw+0ua3LLsorEG3gqJOWFZbM0YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3ZEN1M1cmNzdXlpc1FiZUNvazVZVmxzelJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC8yZWRmNDEtNDhlMC00MGFkLThlN2Mt
NWU5NTRhZjFkODBlLzEvelhSbjZxVWR5a215TkJsVnM4RjVsaWp5b2ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC8yZWRmNDEtNDhlMC00MGFkLThlN2MtNWU5NTRhZjFkODBl
LzEvS3ZEN1M1cmNzdXlpc1FiZUNvazVZVmxzelJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwRZfMA0G
CSqGSIb3DQEBCwUAA4IBAQB4+Z1Kho+7rWFMmA4R8BEam7MgCW85W5GIhc3C7WKt
qkN4SqUzNYAjXUlAnXXS3A/7jxbJbEnq4NBw2LE5G0k1vzEswvYrDQMMCju/22RS
uiPBEeoytyiRg3M4XTUaYuWuc8eqg0D4LcjP7UDY8E3PqjjyPqrpEnj+A8wundBR
t7rQ5FVs9MqABXPOpspe2baZqQdVuGCiYcE4ljq5VqEPMX19pUrcsp7Me84QCxjJ
Z0bwLmmQyL8pkFpUdUxPtqOQe3HSca3/D2PLHGH9JwH9EoHZwaZK9SoiM0YPpEp0
/XVqZedyNaQU3lL+qe5YxocLvTY1XbgXQMPeVYH0K1Bd
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:46:00 2025 by rpki-client