Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/2UrKpNpXwQRG_RCEBy6jwKiUGY0.roa
File: 2UrKpNpXwQRG_RCEBy6jwKiUGY0.roa (raw, json)
Hash identifier: ga3NEHKHpZo6kUdfR8ZMTo0qgNot+btN7z+ZQk3zhiI=
Subject key identifier: D9:4A:CA:A4:DA:57:C1:04:46:FD:10:84:07:2E:A3:C0:A8:94:19:8D
Certificate issuer: /CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Certificate serial: 0194266B659C445BAB50177B6FDFCFCBEFE6
Authority key identifier: 35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/2UrKpNpXwQRG_RCEBy6jwKiUGY0.roa
Signing time: Thu 02 Jan 2025 09:49:19 +0000
ROA not before: Thu 02 Jan 2025 09:49:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207886
IP address blocks: 193.104.7.0/24 maxlen: 24
193.104.12.0/24 maxlen: 24
193.104.41.0/24 maxlen: 24
193.104.67.0/24 maxlen: 24
2a10:8140::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.crl
rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.mft
rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:65:9c:44:5b:ab:50:17:7b:6f:df:cf:cb:ef:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Validity
Not Before: Jan 2 09:49:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d94acaa4da57c10446fd1084072ea3c0a894198d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:46:dc:3c:c5:f0:48:63:58:71:20:13:09:8c:
4b:13:67:a6:89:a3:04:f7:9f:aa:8a:bb:2c:e6:a0:
80:01:ce:bf:53:17:1d:ac:06:40:00:a2:d4:11:fe:
37:41:e3:e1:23:b3:85:13:f1:46:44:b9:c7:95:fe:
d8:26:d0:91:28:dd:7b:3d:39:c8:8c:5c:a0:8e:03:
cb:51:9d:9d:82:d0:1b:b7:1c:8d:b2:5c:18:f0:e5:
97:7e:da:1c:27:13:d8:e0:bb:08:87:e7:d0:47:1d:
d4:90:e0:d7:bb:d0:4c:63:a3:bb:5c:b1:a6:c3:47:
7c:16:0b:5c:ba:2c:35:79:3d:73:38:5f:9d:72:d7:
81:a6:63:bc:71:e5:7c:e1:15:09:0b:70:85:c5:fc:
f4:f3:a0:26:ae:52:d2:60:5c:2b:27:a6:6a:c0:17:
a6:25:37:2b:a1:3f:85:36:e9:58:67:fd:2a:bf:80:
d9:f3:a0:73:3d:3b:6d:76:b7:22:c2:08:e1:db:d8:
12:90:7e:7f:16:ee:a8:89:3f:b1:a1:19:06:59:ed:
bb:69:35:c4:e4:e5:a8:8d:92:69:1e:4e:e5:d6:e8:
9d:41:ec:51:8f:d6:7a:6a:4e:86:48:10:76:1b:44:
74:1f:b5:9e:09:54:47:a4:6a:13:22:1d:81:bb:80:
0b:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:4A:CA:A4:DA:57:C1:04:46:FD:10:84:07:2E:A3:C0:A8:94:19:8D
X509v3 Authority Key Identifier:
keyid:35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/2UrKpNpXwQRG_RCEBy6jwKiUGY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.104.7.0/24
193.104.12.0/24
193.104.41.0/24
193.104.67.0/24
IPv6:
2a10:8140::/29
Signature Algorithm: sha256WithRSAEncryption
20:a3:7f:82:99:67:66:32:be:30:33:a7:f4:70:6c:a5:39:e1:
c2:2e:69:75:d5:5e:ea:0b:2c:3c:b1:20:6e:89:0c:88:5f:6c:
f4:23:87:60:e2:72:96:ea:fb:70:1d:64:b8:4a:03:a8:96:77:
8b:89:36:19:ed:a6:9a:61:e3:8e:7a:02:2e:51:e1:82:33:74:
fb:c3:71:ff:db:b2:2e:d5:19:d2:be:dc:a5:6d:55:80:f1:1b:
3e:b2:aa:24:7f:0d:03:c2:00:30:73:f3:2a:c6:ce:bc:c4:56:
37:ae:14:32:ec:8d:5c:4b:45:9f:ee:36:a0:7f:84:19:43:e6:
ce:89:01:46:5c:c9:97:27:cf:54:42:64:00:a8:02:a8:9c:36:
11:4b:93:ad:f2:99:30:dc:62:94:0b:dc:62:a6:50:60:8f:0f:
b4:22:8b:ea:43:74:33:ef:cf:9a:4b:27:2b:21:90:fd:b0:d2:
b0:7e:51:28:3d:eb:64:d2:91:a0:09:6a:e0:0a:44:22:8c:df:
3c:d8:74:d8:ee:71:17:a3:02:0e:3b:9c:13:bd:3b:34:4e:08:
bc:e8:5d:0c:dd:1a:24:94:7f:d2:ef:50:03:cf:b2:11:09:9f:
e3:ff:9d:d7:b1:f7:4a:f6:7e:71:08:ef:c4:43:76:11:e1:31:
f9:6b:91:9a
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQma2WcRFurUBd7b9/Py+/mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYwZjVmZjYyMGUwZGI1MzExZjY0NzM2OTA5OTczYWM2
MGY2ZjMwHhcNMjUwMTAyMDk0OTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTRhY2FhNGRhNTdjMTA0NDZmZDEwODQwNzJlYTNjMGE4OTQxOThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwkbcPMXwSGNYcSATCYxLE2emiaME
95+qirss5qCAAc6/UxcdrAZAAKLUEf43QePhI7OFE/FGRLnHlf7YJtCRKN17PTnI
jFygjgPLUZ2dgtAbtxyNslwY8OWXftocJxPY4LsIh+fQRx3UkODXu9BMY6O7XLGm
w0d8Fgtcuiw1eT1zOF+dcteBpmO8ceV84RUJC3CFxfz086AmrlLSYFwrJ6ZqwBem
JTcroT+FNulYZ/0qv4DZ86BzPTttdrciwgjh29gSkH5/Fu6oiT+xoRkGWe27aTXE
5OWojZJpHk7l1uidQexRj9Z6ak6GSBB2G0R0H7WeCVRHpGoTIh2Bu4AL3wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFNlKyqTaV8EERv0QhAcuo8ColBmNMB8GA1UdIwQY
MBaAFDWfD1/2IODbUxH2RzaQmXOsYPbzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2It
ZDFhYmY0ZWUzMmNiLzEvMlVyS3BOcFh3UVJHX1JDRUJ5Nmp3S2lVR1kwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2ItZDFhYmY0ZWUzMmNi
LzEvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAwWgHAwQA
wWgMAwQAwWgpAwQAwWhDMA0EAgACMAcDBQMqEIFAMA0GCSqGSIb3DQEBCwUAA4IB
AQAgo3+CmWdmMr4wM6f0cGylOeHCLml11V7qCyw8sSBuiQyIX2z0I4dg4nKW6vtw
HWS4SgOolneLiTYZ7aaaYeOOegIuUeGCM3T7w3H/27Iu1RnSvtylbVWA8Rs+sqok
fw0DwgAwc/Mqxs68xFY3rhQy7I1cS0Wf7jagf4QZQ+bOiQFGXMmXJ89UQmQAqAKo
nDYRS5Ot8pkw3GKUC9xiplBgjw+0IovqQ3Qz78+aSycrIZD9sNKwflEoPetk0pGg
CWrgCkQijN882HTY7nEXowIOO5wTvTs0Tgi86F0M3RoklH/S71ADz7IRCZ/j/53X
sfdK9n5xCO/EQ3YR4TH5a5Ga
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:32:49 2025 by rpki-client