Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/736db2-0c64-45ed-833a-a94dd8ccaf9f/1/7vdGx51ck_YIgYpkt1SPNVfsVKE.roa
File: 7vdGx51ck_YIgYpkt1SPNVfsVKE.roa (raw, json)
Hash identifier: Nw+uAqY1I65YKmQSbXqROB23bDhd2atga2x/5hREPHM=
Subject key identifier: EE:F7:46:C7:9D:5C:93:F6:08:81:8A:64:B7:54:8F:35:57:EC:54:A1
Certificate issuer: /CN=64daba15d1d366cb53095412d06490e23498e170
Certificate serial: 01941F8C86F589D9428B7FB0B081FD4ADAC9
Authority key identifier: 64:DA:BA:15:D1:D3:66:CB:53:09:54:12:D0:64:90:E2:34:98:E1:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZNq6FdHTZstTCVQS0GSQ4jSY4XA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/736db2-0c64-45ed-833a-a94dd8ccaf9f/1/7vdGx51ck_YIgYpkt1SPNVfsVKE.roa
Signing time: Wed 01 Jan 2025 01:48:10 +0000
ROA not before: Wed 01 Jan 2025 01:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25115
IP address blocks: 193.23.243.0/24 maxlen: 24
193.201.236.0/22 maxlen: 22
194.15.176.0/23 maxlen: 23
2a09:20c0::/32 maxlen: 32
2a09:20c1::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/736db2-0c64-45ed-833a-a94dd8ccaf9f/1/ZNq6FdHTZstTCVQS0GSQ4jSY4XA.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/736db2-0c64-45ed-833a-a94dd8ccaf9f/1/ZNq6FdHTZstTCVQS0GSQ4jSY4XA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZNq6FdHTZstTCVQS0GSQ4jSY4XA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 10 Mar 2025 15:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:86:f5:89:d9:42:8b:7f:b0:b0:81:fd:4a:da:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64daba15d1d366cb53095412d06490e23498e170
Validity
Not Before: Jan 1 01:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eef746c79d5c93f608818a64b7548f3557ec54a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:7d:d0:6b:65:db:40:d2:7a:cb:e7:9d:c4:fe:
b4:26:32:7c:c4:2d:83:83:dd:7e:d3:2f:20:c2:9e:
93:05:66:e0:0d:cd:5b:f5:b3:94:d1:66:5d:b2:af:
69:59:e4:28:c5:1e:2e:54:9e:0c:30:23:5f:11:74:
67:ed:f8:d9:75:ab:c4:6d:ff:94:ed:48:5f:df:c5:
99:64:8b:e4:ac:2a:30:59:43:63:35:a1:5c:2e:a5:
fe:00:db:a6:7c:e1:01:a0:02:e3:47:1b:fd:b4:74:
dc:9b:66:74:45:07:f3:46:59:f4:cf:06:35:97:56:
d4:7e:8b:b2:bd:15:f5:17:df:74:6d:1e:53:4b:56:
b1:35:04:01:2e:4a:67:fd:99:7f:1c:42:4f:e9:2d:
0e:d9:3c:f5:5a:f2:4b:08:7a:6a:81:65:26:3c:9d:
f7:6d:e8:b4:e0:92:5c:74:75:d4:c1:e2:42:87:ac:
8f:61:4a:42:5f:4c:bd:e1:1c:b3:db:e9:c7:61:7f:
ac:b8:d6:76:46:91:84:d5:b9:0d:b3:39:eb:21:dc:
50:cc:5f:b0:85:87:39:86:88:0e:f8:b7:72:b6:f4:
d2:a2:f4:fd:c8:0f:d2:8f:78:9b:12:94:37:1f:7d:
aa:38:8e:bc:e4:38:80:7f:44:d5:51:b6:10:a2:a1:
55:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:F7:46:C7:9D:5C:93:F6:08:81:8A:64:B7:54:8F:35:57:EC:54:A1
X509v3 Authority Key Identifier:
keyid:64:DA:BA:15:D1:D3:66:CB:53:09:54:12:D0:64:90:E2:34:98:E1:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZNq6FdHTZstTCVQS0GSQ4jSY4XA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/736db2-0c64-45ed-833a-a94dd8ccaf9f/1/7vdGx51ck_YIgYpkt1SPNVfsVKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/736db2-0c64-45ed-833a-a94dd8ccaf9f/1/ZNq6FdHTZstTCVQS0GSQ4jSY4XA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.23.243.0/24
193.201.236.0/22
194.15.176.0/23
IPv6:
2a09:20c0::/31
Signature Algorithm: sha256WithRSAEncryption
89:aa:e3:74:c5:0c:bf:54:ed:0c:8b:ec:49:d0:d4:5d:47:06:
b3:7f:a1:c0:28:27:39:93:db:47:55:04:52:80:21:13:cd:5f:
3f:50:5f:ce:d3:60:e8:63:ca:24:3a:c3:9d:f1:35:18:9c:ea:
89:fb:d3:aa:6a:ad:bd:43:48:d2:33:b8:fe:3b:a3:ca:9c:67:
f9:9f:da:32:69:f9:47:4d:8a:1e:0d:34:01:aa:5a:19:0b:98:
a6:63:d1:5a:6d:99:08:88:b8:77:d8:11:fc:82:43:72:07:24:
e6:b8:6c:5a:6c:cc:e7:d2:12:ef:ae:8d:e9:01:23:e9:6b:69:
70:f5:fe:9e:c1:3b:3a:5d:57:12:ea:7b:05:40:40:76:be:0e:
85:04:0f:ab:8d:84:2f:26:f6:ed:54:3a:3d:fe:ed:20:d9:ea:
c4:a4:2f:44:2a:f5:2a:0e:d3:1d:1d:5f:9b:9b:7a:18:b6:79:
2e:5d:47:2c:d5:af:54:0f:f5:ca:16:ef:24:c2:b8:c2:7a:93:
57:72:e8:e3:aa:52:64:b8:cc:8e:0b:7c:20:3e:c4:62:4a:93:
45:49:72:a6:6c:3e:63:2a:52:b9:cf:b7:d5:87:6c:d4:41:95:
c9:15:4c:5d:c2:b0:25:17:8b:72:65:a3:91:06:36:54:b6:84:
17:da:82:f7
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQfjIb1idlCi3+wsIH9StrJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZGFiYTE1ZDFkMzY2Y2I1MzA5NTQxMmQwNjQ5MGUyMzQ5
OGUxNzAwHhcNMjUwMTAxMDE0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWY3NDZjNzlkNWM5M2Y2MDg4MThhNjRiNzU0OGYzNTU3ZWM1NGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnn3Qa2XbQNJ6y+edxP60JjJ8xC2D
g91+0y8gwp6TBWbgDc1b9bOU0WZdsq9pWeQoxR4uVJ4MMCNfEXRn7fjZdavEbf+U
7Uhf38WZZIvkrCowWUNjNaFcLqX+ANumfOEBoALjRxv9tHTcm2Z0RQfzRln0zwY1
l1bUfouyvRX1F990bR5TS1axNQQBLkpn/Zl/HEJP6S0O2Tz1WvJLCHpqgWUmPJ33
bei04JJcdHXUweJCh6yPYUpCX0y94Ryz2+nHYX+suNZ2RpGE1bkNsznrIdxQzF+w
hYc5hogO+LdytvTSovT9yA/Sj3ibEpQ3H32qOI685DiAf0TVUbYQoqFVwwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFO73RsedXJP2CIGKZLdUjzVX7FShMB8GA1UdIwQY
MBaAFGTauhXR02bLUwlUEtBkkOI0mOFwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk5xNkZkSFRac3RUQ1ZRUzBHU1E0alNZNFhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi83MzZkYjItMGM2NC00NWVkLTgzM2Et
YTk0ZGQ4Y2NhZjlmLzEvN3ZkR3g1MWNrX1lJZ1lwa3QxU1BOVmZzVktFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi83MzZkYjItMGM2NC00NWVkLTgzM2EtYTk0ZGQ4Y2NhZjlm
LzEvWk5xNkZkSFRac3RUQ1ZRUzBHU1E0alNZNFhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAwRfzAwQC
wcnsAwQBwg+wMA0EAgACMAcDBQEqCSDAMA0GCSqGSIb3DQEBCwUAA4IBAQCJquN0
xQy/VO0Mi+xJ0NRdRwazf6HAKCc5k9tHVQRSgCETzV8/UF/O02DoY8okOsOd8TUY
nOqJ+9Oqaq29Q0jSM7j+O6PKnGf5n9oyaflHTYoeDTQBqloZC5imY9FabZkIiLh3
2BH8gkNyByTmuGxabMzn0hLvro3pASPpa2lw9f6ewTs6XVcS6nsFQEB2vg6FBA+r
jYQvJvbtVDo9/u0g2erEpC9EKvUqDtMdHV+bm3oYtnkuXUcs1a9UD/XKFu8kwrjC
epNXcujjqlJkuMyOC3wgPsRiSpNFSXKmbD5jKlK5z7fVh2zUQZXJFUxdwrAlF4ty
ZaORBjZUtoQX2oL3
-----END CERTIFICATE-----
Generated at Mon Mar 10 00:42:30 2025 by rpki-client