Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/126755-eedd-40b1-95e8-a4ca8b9c205b/1/yrzeBwHo_JY3uAiU3A6eIPTuRXg.roa
File: yrzeBwHo_JY3uAiU3A6eIPTuRXg.roa (raw, json)
Hash identifier: dv8LiYPBUfzT2p96Wuw5GO6tksFCH10p7DE/YsklOiY=
Subject key identifier: CA:BC:DE:07:01:E8:FC:96:37:B8:08:94:DC:0E:9E:20:F4:EE:45:78
Certificate issuer: /CN=9da140e8028e6d537600e0888a9af5a971c5db46
Certificate serial: 01941FFA4089CCECD2335BEC30A0FE1E2899
Authority key identifier: 9D:A1:40:E8:02:8E:6D:53:76:00:E0:88:8A:9A:F5:A9:71:C5:DB:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/naFA6AKObVN2AOCIipr1qXHF20Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/126755-eedd-40b1-95e8-a4ca8b9c205b/1/yrzeBwHo_JY3uAiU3A6eIPTuRXg.roa
Signing time: Wed 01 Jan 2025 03:48:01 +0000
ROA not before: Wed 01 Jan 2025 03:48:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29601
IP address blocks: 192.130.31.0/24 maxlen: 24
192.130.157.0/24 maxlen: 24
192.194.132.0/22 maxlen: 22
192.194.136.0/21 maxlen: 21
192.194.144.0/20 maxlen: 24
192.194.160.0/24 maxlen: 24
194.252.225.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/126755-eedd-40b1-95e8-a4ca8b9c205b/1/naFA6AKObVN2AOCIipr1qXHF20Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/126755-eedd-40b1-95e8-a4ca8b9c205b/1/naFA6AKObVN2AOCIipr1qXHF20Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/naFA6AKObVN2AOCIipr1qXHF20Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 15:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:40:89:cc:ec:d2:33:5b:ec:30:a0:fe:1e:28:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9da140e8028e6d537600e0888a9af5a971c5db46
Validity
Not Before: Jan 1 03:48:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cabcde0701e8fc9637b80894dc0e9e20f4ee4578
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:09:3b:ee:b2:ba:45:cd:b3:ff:62:e3:32:e3:
3c:e1:ac:85:57:87:ce:f1:8d:2e:58:97:d3:11:b5:
0c:e8:45:54:91:0e:b0:87:12:18:55:28:7f:4a:b2:
88:bc:80:b8:fa:29:59:cb:f7:d5:e2:09:15:71:34:
2a:2d:9d:cf:7c:a2:76:84:1e:73:28:8a:80:22:77:
14:79:95:d5:e2:41:6c:cf:f2:93:fa:2d:ed:6e:25:
49:d4:47:af:8b:6a:ef:43:64:7f:f6:13:b3:c3:f7:
1a:c8:c8:03:2d:55:4e:06:1f:8b:8f:50:57:84:25:
72:41:8b:33:16:ab:3b:8e:40:c6:ba:06:58:e2:7a:
a6:d2:63:85:cd:fc:d5:f8:51:f2:94:cc:09:1f:a5:
d7:aa:79:5e:8b:62:b5:d4:d4:c5:63:be:5f:66:e0:
8d:68:b8:32:46:11:a3:66:76:6b:5a:36:64:eb:4e:
8f:c7:cb:82:87:31:f3:07:72:3d:a6:a4:ba:d1:9d:
47:a0:04:1d:03:13:79:c0:48:06:e0:51:bb:e7:a4:
54:91:6d:73:db:b8:b6:c9:12:1e:99:38:04:56:ec:
30:4c:20:df:73:ef:0c:68:85:6f:c3:1e:43:06:92:
6c:62:13:a1:a5:83:ca:99:10:f7:7e:17:2e:53:25:
8c:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:BC:DE:07:01:E8:FC:96:37:B8:08:94:DC:0E:9E:20:F4:EE:45:78
X509v3 Authority Key Identifier:
keyid:9D:A1:40:E8:02:8E:6D:53:76:00:E0:88:8A:9A:F5:A9:71:C5:DB:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/naFA6AKObVN2AOCIipr1qXHF20Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/126755-eedd-40b1-95e8-a4ca8b9c205b/1/yrzeBwHo_JY3uAiU3A6eIPTuRXg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/126755-eedd-40b1-95e8-a4ca8b9c205b/1/naFA6AKObVN2AOCIipr1qXHF20Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.130.31.0/24
192.130.157.0/24
192.194.132.0-192.194.160.255
194.252.225.0/24
Signature Algorithm: sha256WithRSAEncryption
47:69:36:56:a2:fe:51:86:df:8b:f8:ec:db:97:99:1d:d5:3c:
90:5b:00:c3:18:f0:47:13:f6:b2:b9:c2:2f:18:88:11:01:0e:
41:27:02:1b:69:63:10:fa:37:7f:67:dc:12:82:40:10:60:74:
98:52:af:83:3f:ff:66:41:1c:12:38:70:0b:0c:14:eb:86:33:
74:60:17:f0:10:54:22:f2:2e:08:72:64:15:9b:08:d1:83:4d:
ac:10:bb:30:04:8a:f3:50:cf:5f:79:94:b1:c3:8d:7d:b5:ad:
40:c5:30:f6:0f:8f:5f:ef:f9:60:1a:2d:98:44:1e:e9:7c:96:
25:28:69:69:60:d5:0c:24:8c:c2:f1:3c:07:e3:e8:e8:1e:af:
b4:1d:02:4e:6b:eb:47:2c:67:ae:0f:9d:ab:55:62:c6:a6:2d:
91:82:aa:92:bf:36:bf:a9:85:9c:f4:b7:19:0c:5c:e7:03:0f:
f6:94:a5:12:d7:50:42:31:c4:e9:af:20:50:86:83:10:2b:62:
37:ed:53:22:20:85:01:63:80:fb:eb:10:fe:80:c6:aa:f3:e7:
6d:6d:2e:f2:7a:dd:12:ce:4f:d6:04:08:55:5a:05:41:e1:9a:
d5:64:de:b4:9c:f0:7b:c6:39:42:59:e8:55:07:a3:eb:ab:ea:
f6:34:bd:64
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQf+kCJzOzSM1vsMKD+HiiZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkYTE0MGU4MDI4ZTZkNTM3NjAwZTA4ODhhOWFmNWE5NzFj
NWRiNDYwHhcNMjUwMTAxMDM0ODAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWJjZGUwNzAxZThmYzk2MzdiODA4OTRkYzBlOWUyMGY0ZWU0NTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwwk77rK6Rc2z/2LjMuM84ayFV4fO
8Y0uWJfTEbUM6EVUkQ6whxIYVSh/SrKIvIC4+ilZy/fV4gkVcTQqLZ3PfKJ2hB5z
KIqAIncUeZXV4kFsz/KT+i3tbiVJ1Eevi2rvQ2R/9hOzw/cayMgDLVVOBh+Lj1BX
hCVyQYszFqs7jkDGugZY4nqm0mOFzfzV+FHylMwJH6XXqnlei2K11NTFY75fZuCN
aLgyRhGjZnZrWjZk606Px8uChzHzB3I9pqS60Z1HoAQdAxN5wEgG4FG756RUkW1z
27i2yRIemTgEVuwwTCDfc+8MaIVvwx5DBpJsYhOhpYPKmRD3fhcuUyWMGQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFMq83gcB6PyWN7gIlNwOniD07kV4MB8GA1UdIwQY
MBaAFJ2hQOgCjm1TdgDgiIqa9alxxdtGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmFGQTZBS09iVk4yQU9DSWlwcjFxWEhGMjBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8xMjY3NTUtZWVkZC00MGIxLTk1ZTgt
YTRjYThiOWMyMDViLzEveXJ6ZUJ3SG9fSlkzdUFpVTNBNmVJUFR1UlhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8xMjY3NTUtZWVkZC00MGIxLTk1ZTgtYTRjYThiOWMyMDVi
LzEvbmFGQTZBS09iVk4yQU9DSWlwcjFxWEhGMjBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAwIIfAwQA
wIKdMAwDBALAwoQDBADAwqADBADC/OEwDQYJKoZIhvcNAQELBQADggEBAEdpNlai
/lGG34v47NuXmR3VPJBbAMMY8EcT9rK5wi8YiBEBDkEnAhtpYxD6N39n3BKCQBBg
dJhSr4M//2ZBHBI4cAsMFOuGM3RgF/AQVCLyLghyZBWbCNGDTawQuzAEivNQz195
lLHDjX21rUDFMPYPj1/v+WAaLZhEHul8liUoaWlg1QwkjMLxPAfj6Oger7QdAk5r
60csZ64PnatVYsamLZGCqpK/Nr+phZz0txkMXOcDD/aUpRLXUEIxxOmvIFCGgxAr
YjftUyIghQFjgPvrEP6Axqrz521tLvJ63RLOT9YECFVaBUHhmtVk3rSc8HvGOUJZ
6FUHo+ur6vY0vWQ=
-----END CERTIFICATE-----
Generated at Sat Apr 19 00:50:36 2025 by rpki-client