Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/t1xRr6zeiMtxYaGtbe-W72-oQS0.roa
File: t1xRr6zeiMtxYaGtbe-W72-oQS0.roa (raw, json)
Hash identifier: OyceZDHizIoFdT4fRa8zkuIKpKmh7T2n1xLe+VKJ1cQ=
Subject key identifier: B7:5C:51:AF:AC:DE:88:CB:71:61:A1:AD:6D:EF:96:EF:6F:A8:41:2D
Certificate issuer: /CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Certificate serial: 019421B1D0112B2A1448C01F5DD4DA9FE7CF
Authority key identifier: F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/t1xRr6zeiMtxYaGtbe-W72-oQS0.roa
Signing time: Wed 01 Jan 2025 11:48:08 +0000
ROA not before: Wed 01 Jan 2025 11:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16280
IP address blocks: 194.149.48.0/23 maxlen: 23
194.149.50.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.mft
rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 08:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:d0:11:2b:2a:14:48:c0:1f:5d:d4:da:9f:e7:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Validity
Not Before: Jan 1 11:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b75c51afacde88cb7161a1ad6def96ef6fa8412d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:8b:f4:26:07:ac:19:16:d3:52:d8:b8:9f:d7:
02:af:b4:d8:51:59:c4:07:5c:cb:a1:76:1f:67:b9:
55:54:2c:6f:40:7d:43:df:c2:c0:45:1f:d0:2b:1c:
02:30:4d:7a:c7:a4:dc:cd:b9:1e:7a:cb:65:a8:f3:
f8:99:b2:16:d9:85:90:04:3a:88:fc:9a:46:80:4a:
b7:15:ad:dc:73:4c:48:bd:1d:52:5c:ba:ea:13:69:
36:0f:4b:9b:c8:66:1c:fd:3b:6b:48:b7:0d:7c:e3:
f8:0b:24:25:98:b2:58:45:a1:14:08:8e:9c:cd:ef:
e7:1d:34:e5:da:ef:2a:1a:e5:fd:e0:2b:47:2d:d7:
62:5e:8c:21:b1:92:c6:5e:82:00:3d:a4:6f:bc:a7:
d0:54:a1:a3:10:5f:93:b1:cb:72:09:40:53:09:b5:
94:7b:05:86:75:6e:0a:66:b5:95:72:ec:6c:b1:6a:
ce:93:3c:1d:96:31:e1:ce:fa:a4:52:b3:5d:97:c2:
21:fb:74:05:11:ec:84:c1:a4:de:ad:83:bc:1e:cc:
69:49:2a:f5:09:8e:06:9f:19:4e:b2:76:11:3c:b8:
21:1d:c1:1a:b6:83:d7:63:be:8c:27:68:7e:2e:bd:
0f:41:1b:f3:3b:f2:4a:ca:26:4c:5c:14:81:7f:76:
64:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:5C:51:AF:AC:DE:88:CB:71:61:A1:AD:6D:EF:96:EF:6F:A8:41:2D
X509v3 Authority Key Identifier:
keyid:F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/t1xRr6zeiMtxYaGtbe-W72-oQS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.149.48.0-194.149.50.255
Signature Algorithm: sha256WithRSAEncryption
8b:c0:a5:50:43:87:4f:39:d9:19:20:c2:9b:c6:91:9f:41:77:
70:41:65:0e:bc:e4:60:7e:70:8e:90:13:86:b6:0c:a2:2f:f5:
b4:bd:00:1e:1e:77:c6:b8:d7:82:d1:60:aa:e8:4a:a9:7d:63:
29:4c:8d:3b:19:03:dd:b1:ed:07:f6:38:0c:bd:dc:86:48:04:
fd:ff:62:31:d4:cd:f6:81:cb:1d:38:21:ad:68:25:8b:2b:d7:
38:5c:d5:d1:8e:d0:6c:bd:ed:e4:b5:70:40:6d:09:62:3b:3e:
f9:b6:20:01:76:ea:7f:18:f3:72:96:46:4d:eb:14:7f:21:ab:
4d:59:67:12:09:32:03:50:58:7a:90:9a:08:35:dd:53:2b:5a:
5a:34:f4:70:db:67:5f:12:7b:03:9f:8a:90:3d:2d:62:a7:c9:
79:7a:45:16:08:52:c7:23:82:d0:d9:d0:9d:21:e5:4a:67:37:
4d:31:80:af:ae:74:07:e2:f5:cf:98:bd:f7:42:4d:a8:13:3c:
26:c6:be:c8:71:e4:20:4d:5e:d9:a4:bb:99:d6:fa:f9:44:8d:
cf:16:c0:4a:28:8e:7d:e0:e5:9a:97:31:02:f0:19:07:71:41:
28:79:f9:ec:1a:7d:10:4e:ee:4f:68:f2:fa:73:f0:95:64:99:
a8:b1:1c:9c
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQhsdARKyoUSMAfXdTan+fPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMmRhYzYwNWY0NjU5NzE4YzBhMTVlMWY3MzJjYmQ0ZjQ4
YWFlN2IwHhcNMjUwMTAxMTE0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzVjNTFhZmFjZGU4OGNiNzE2MWExYWQ2ZGVmOTZlZjZmYTg0MTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ov0JgesGRbTUti4n9cCr7TYUVnE
B1zLoXYfZ7lVVCxvQH1D38LARR/QKxwCME16x6TczbkeestlqPP4mbIW2YWQBDqI
/JpGgEq3Fa3cc0xIvR1SXLrqE2k2D0ubyGYc/TtrSLcNfOP4CyQlmLJYRaEUCI6c
ze/nHTTl2u8qGuX94CtHLddiXowhsZLGXoIAPaRvvKfQVKGjEF+TsctyCUBTCbWU
ewWGdW4KZrWVcuxssWrOkzwdljHhzvqkUrNdl8Ih+3QFEeyEwaTerYO8HsxpSSr1
CY4GnxlOsnYRPLghHcEatoPXY76MJ2h+Lr0PQRvzO/JKyiZMXBSBf3ZkMQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFLdcUa+s3ojLcWGhrW3vlu9vqEEtMB8GA1UdIwQY
MBaAFPAtrGBfRllxjAoV4fcyy9T0iq57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYt
MjkyYWU0NmU2MzAyLzEvdDF4UnI2emVpTXR4WWFHdGJlLVc3Mi1vUVMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYtMjkyYWU0NmU2MzAy
LzEvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBATClTAD
BADClTIwDQYJKoZIhvcNAQELBQADggEBAIvApVBDh0852RkgwpvGkZ9Bd3BBZQ68
5GB+cI6QE4a2DKIv9bS9AB4ed8a414LRYKroSql9YylMjTsZA92x7Qf2OAy93IZI
BP3/YjHUzfaByx04Ia1oJYsr1zhc1dGO0Gy97eS1cEBtCWI7Pvm2IAF26n8Y83KW
Rk3rFH8hq01ZZxIJMgNQWHqQmgg13VMrWlo09HDbZ18SewOfipA9LWKnyXl6RRYI
UscjgtDZ0J0h5UpnN00xgK+udAfi9c+YvfdCTagTPCbGvshx5CBNXtmku5nW+vlE
jc8WwEoojn3g5ZqXMQLwGQdxQSh5+ewafRBO7k9o8vpz8JVkmaixHJw=
-----END CERTIFICATE-----
Generated at Sun Apr 13 15:41:49 2025 by rpki-client