Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/b01290-d76d-42d8-a234-f9512499e05c/1/4eUjU3FviKAA-8zjNHUXmCGN0-k.roa
File: 4eUjU3FviKAA-8zjNHUXmCGN0-k.roa (raw, json)
Hash identifier: cYvBww/EyQVYauVbE6pk42UaaR9Wj899DGdPG2LUf3g=
Subject key identifier: E1:E5:23:53:71:6F:88:A0:00:FB:CC:E3:34:75:17:98:21:8D:D3:E9
Certificate issuer: /CN=323ab5ba98bef5d0d9bd0cea031a1fe13777a486
Certificate serial: 01942444B16260D07772EBD2A453D035DB95
Authority key identifier: 32:3A:B5:BA:98:BE:F5:D0:D9:BD:0C:EA:03:1A:1F:E1:37:77:A4:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mjq1upi-9dDZvQzqAxof4Td3pIY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/b01290-d76d-42d8-a234-f9512499e05c/1/4eUjU3FviKAA-8zjNHUXmCGN0-k.roa
Signing time: Wed 01 Jan 2025 23:47:49 +0000
ROA not before: Wed 01 Jan 2025 23:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201622
IP address blocks: 188.126.96.0/19 maxlen: 19
188.126.96.0/20 maxlen: 20
188.126.112.0/21 maxlen: 21
188.126.120.0/21 maxlen: 21
188.126.120.0/22 maxlen: 22
188.126.124.0/22 maxlen: 22
2a09:f400::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/b01290-d76d-42d8-a234-f9512499e05c/1/Mjq1upi-9dDZvQzqAxof4Td3pIY.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/b01290-d76d-42d8-a234-f9512499e05c/1/Mjq1upi-9dDZvQzqAxof4Td3pIY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Mjq1upi-9dDZvQzqAxof4Td3pIY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Mar 2025 03:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:b1:62:60:d0:77:72:eb:d2:a4:53:d0:35:db:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=323ab5ba98bef5d0d9bd0cea031a1fe13777a486
Validity
Not Before: Jan 1 23:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e1e52353716f88a000fbcce334751798218dd3e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:3f:51:fb:13:51:96:ab:5f:62:d8:10:f0:45:
85:c4:a1:98:fa:0a:d5:1e:95:ee:d2:3d:5e:52:08:
af:42:cc:29:d9:02:57:0f:1f:39:d6:01:21:e2:ea:
28:c0:31:ab:9c:4b:a5:94:2f:9b:6d:fc:b9:7f:34:
28:12:be:db:b6:39:fe:38:67:d8:19:fd:11:44:ca:
4a:d2:82:cd:18:65:42:90:b8:b6:47:2c:93:ed:c5:
bb:e0:6a:04:30:08:e3:96:6e:68:8b:28:e3:1f:96:
d7:ef:51:ff:e9:c6:68:37:6b:c8:76:c4:71:be:89:
6a:63:94:9e:c3:e0:8b:e2:aa:13:a3:02:3b:4a:40:
ff:28:fb:18:aa:e8:16:48:49:09:3a:00:87:1e:e4:
12:ec:3f:af:60:6e:37:0b:ee:17:59:cc:b0:70:71:
46:c2:51:6b:ac:7d:40:fb:29:3a:92:be:c9:9f:50:
e5:be:fc:b2:cd:77:fe:70:c2:ee:d2:fb:28:d0:17:
c1:95:28:31:1c:7a:c9:e2:ec:c3:e1:d9:af:1d:6e:
97:d9:c1:7d:b3:68:ff:90:32:2c:39:6f:a2:62:a7:
f2:b9:92:1f:d7:2a:e1:ad:45:89:4c:97:4b:97:aa:
39:65:8e:19:e0:02:9f:06:5b:5f:d4:4f:55:62:24:
9c:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:E5:23:53:71:6F:88:A0:00:FB:CC:E3:34:75:17:98:21:8D:D3:E9
X509v3 Authority Key Identifier:
keyid:32:3A:B5:BA:98:BE:F5:D0:D9:BD:0C:EA:03:1A:1F:E1:37:77:A4:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mjq1upi-9dDZvQzqAxof4Td3pIY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/b01290-d76d-42d8-a234-f9512499e05c/1/4eUjU3FviKAA-8zjNHUXmCGN0-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/b01290-d76d-42d8-a234-f9512499e05c/1/Mjq1upi-9dDZvQzqAxof4Td3pIY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.126.96.0/19
IPv6:
2a09:f400::/29
Signature Algorithm: sha256WithRSAEncryption
65:92:74:7e:69:9e:e1:ad:60:37:59:bf:0e:63:40:b6:7f:96:
95:5b:0b:41:86:49:18:36:28:76:ac:d5:28:c9:69:a2:7c:82:
75:d4:25:04:ad:4f:1c:25:8f:05:08:c1:84:e0:f7:fe:c0:19:
96:21:6e:19:10:d8:36:e7:78:d0:10:e4:de:d3:78:14:d9:e8:
7c:59:d6:ee:32:56:65:f4:83:05:c0:0e:7c:9d:3e:02:8c:9d:
b3:4a:d5:bf:88:86:38:cb:08:4b:81:3d:cf:cc:b8:d7:82:f3:
34:3b:fb:cc:ee:5a:c8:ca:50:0b:d3:d1:c5:76:d8:f3:3f:fb:
76:5f:c5:09:90:c0:90:3c:a7:d9:f7:0f:34:cd:ac:e9:6b:4f:
d8:82:e1:9b:c9:22:f8:fc:a5:20:70:14:ef:e7:bc:b4:3a:03:
a6:15:10:f9:f6:29:ac:f6:54:bb:f1:c2:a5:42:ea:e8:14:c6:
78:01:3c:65:49:47:36:7c:80:17:2d:24:91:70:ae:43:47:3e:
c9:36:80:cd:c8:7c:d2:5a:52:0a:24:76:29:d3:b5:83:56:1b:
2a:9d:b1:99:2b:77:55:75:fb:a5:dd:d8:98:98:f5:8e:2e:f8:
fd:21:a1:33:8d:ef:7b:c3:15:84:f3:4a:f3:44:3d:7b:cb:b6:
98:46:eb:cf
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQkRLFiYNB3cuvSpFPQNduVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyM2FiNWJhOThiZWY1ZDBkOWJkMGNlYTAzMWExZmUxMzc3
N2E0ODYwHhcNMjUwMTAxMjM0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWU1MjM1MzcxNmY4OGEwMDBmYmNjZTMzNDc1MTc5ODIxOGRkM2U5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArz9R+xNRlqtfYtgQ8EWFxKGY+grV
HpXu0j1eUgivQswp2QJXDx851gEh4uoowDGrnEullC+bbfy5fzQoEr7btjn+OGfY
Gf0RRMpK0oLNGGVCkLi2RyyT7cW74GoEMAjjlm5oiyjjH5bX71H/6cZoN2vIdsRx
volqY5Sew+CL4qoTowI7SkD/KPsYqugWSEkJOgCHHuQS7D+vYG43C+4XWcywcHFG
wlFrrH1A+yk6kr7Jn1DlvvyyzXf+cMLu0vso0BfBlSgxHHrJ4uzD4dmvHW6X2cF9
s2j/kDIsOW+iYqfyuZIf1yrhrUWJTJdLl6o5ZY4Z4AKfBltf1E9VYiScCQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOHlI1Nxb4igAPvM4zR1F5ghjdPpMB8GA1UdIwQY
MBaAFDI6tbqYvvXQ2b0M6gMaH+E3d6SGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWpxMXVwaS05ZERadlF6cUF4b2Y0VGQzcElZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9iMDEyOTAtZDc2ZC00MmQ4LWEyMzQt
Zjk1MTI0OTllMDVjLzEvNGVValUzRnZpS0FBLTh6ak5IVVhtQ0dOMC1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9iMDEyOTAtZDc2ZC00MmQ4LWEyMzQtZjk1MTI0OTllMDVj
LzEvTWpxMXVwaS05ZERadlF6cUF4b2Y0VGQzcElZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFvH5gMA0E
AgACMAcDBQMqCfQAMA0GCSqGSIb3DQEBCwUAA4IBAQBlknR+aZ7hrWA3Wb8OY0C2
f5aVWwtBhkkYNih2rNUoyWmifIJ11CUErU8cJY8FCMGE4Pf+wBmWIW4ZENg253jQ
EOTe03gU2eh8WdbuMlZl9IMFwA58nT4CjJ2zStW/iIY4ywhLgT3PzLjXgvM0O/vM
7lrIylAL09HFdtjzP/t2X8UJkMCQPKfZ9w80zazpa0/YguGbySL4/KUgcBTv57y0
OgOmFRD59ims9lS78cKlQuroFMZ4ATxlSUc2fIAXLSSRcK5DRz7JNoDNyHzSWlIK
JHYp07WDVhsqnbGZK3dVdful3diYmPWOLvj9IaEzje97wxWE80rzRD17y7aYRuvP
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:41:21 2025 by rpki-client