Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/d54d2b-2126-4542-a5e4-c5493fe82e26/1/cGueQe1h8duehogXBQfbjMf187c.roa
File: cGueQe1h8duehogXBQfbjMf187c.roa (raw, json)
Hash identifier: SeygR9MEl7TBvHViQ7GiY7qErcMbLwgXcJ9lbMPWx3c=
Subject key identifier: 70:6B:9E:41:ED:61:F1:DB:9E:86:88:17:05:07:DB:8C:C7:F5:F3:B7
Certificate issuer: /CN=c59c41daf0092b703bc059ba1353f071ed12199b
Certificate serial: 0194266C040C6E9A5FB64EB7C25E0C5C3602
Authority key identifier: C5:9C:41:DA:F0:09:2B:70:3B:C0:59:BA:13:53:F0:71:ED:12:19:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xZxB2vAJK3A7wFm6E1Pwce0SGZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/d54d2b-2126-4542-a5e4-c5493fe82e26/1/cGueQe1h8duehogXBQfbjMf187c.roa
Signing time: Thu 02 Jan 2025 09:50:00 +0000
ROA not before: Thu 02 Jan 2025 09:50:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3303
IP address blocks: 195.8.108.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/d54d2b-2126-4542-a5e4-c5493fe82e26/1/xZxB2vAJK3A7wFm6E1Pwce0SGZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/d54d2b-2126-4542-a5e4-c5493fe82e26/1/xZxB2vAJK3A7wFm6E1Pwce0SGZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/xZxB2vAJK3A7wFm6E1Pwce0SGZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:04:0c:6e:9a:5f:b6:4e:b7:c2:5e:0c:5c:36:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c59c41daf0092b703bc059ba1353f071ed12199b
Validity
Not Before: Jan 2 09:50:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=706b9e41ed61f1db9e8688170507db8cc7f5f3b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:09:dc:27:86:da:f2:52:7f:a1:a5:03:ba:44:
68:df:11:1d:b8:a6:15:00:5d:a5:a4:07:44:0e:0b:
67:6b:46:10:76:ca:46:48:33:55:08:b3:ee:a3:f0:
0c:ed:da:08:f0:c3:ef:df:80:0e:da:82:6e:fd:93:
e1:32:89:c1:bb:56:c6:1e:f8:bf:45:fb:b3:e0:0c:
bb:75:4c:e9:5d:62:44:66:5a:f0:41:e6:f3:e0:4b:
95:db:29:5e:e0:4e:c7:d3:36:b0:76:23:31:72:68:
6b:94:9a:42:19:dc:43:20:52:29:6f:4a:1c:d9:6a:
9a:a5:9f:50:b3:b2:4c:25:88:40:76:a3:5a:ad:26:
ee:4a:fb:b4:0a:5e:27:f1:3c:10:e1:59:3a:12:14:
0b:45:49:a2:4f:bd:e7:d2:57:1c:2c:c3:98:21:60:
bf:b1:e5:0a:4b:06:dc:6c:94:3a:20:b8:db:f3:c0:
80:b1:84:38:ab:02:87:34:05:3d:98:89:6b:3e:4e:
5a:c7:1f:be:c5:d2:90:2a:3b:12:e0:8c:21:0a:2c:
66:84:a1:8c:6a:9c:6a:ae:09:c9:3c:81:86:3d:b7:
c1:0d:37:44:e0:39:27:5d:da:65:a3:74:e5:ea:29:
a9:a0:90:f6:18:e9:5e:d2:a9:c8:fa:ba:55:c1:55:
48:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:6B:9E:41:ED:61:F1:DB:9E:86:88:17:05:07:DB:8C:C7:F5:F3:B7
X509v3 Authority Key Identifier:
keyid:C5:9C:41:DA:F0:09:2B:70:3B:C0:59:BA:13:53:F0:71:ED:12:19:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xZxB2vAJK3A7wFm6E1Pwce0SGZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/d54d2b-2126-4542-a5e4-c5493fe82e26/1/cGueQe1h8duehogXBQfbjMf187c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/d54d2b-2126-4542-a5e4-c5493fe82e26/1/xZxB2vAJK3A7wFm6E1Pwce0SGZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.8.108.0/24
Signature Algorithm: sha256WithRSAEncryption
25:30:1d:2a:18:0c:1e:fa:6e:bf:3f:fa:7a:a9:d6:4e:69:30:
8b:d1:bb:ec:70:19:1f:68:97:79:aa:25:b3:4e:2e:74:f5:5f:
14:5c:a0:13:41:58:39:1b:1e:42:e6:06:63:88:63:d1:8e:f3:
6c:92:46:57:16:ff:d0:61:2c:bb:d4:82:49:c3:58:50:8a:b4:
30:30:14:9d:16:02:5f:91:c7:9b:05:cb:e2:fe:76:0c:40:e1:
f0:1e:d5:ce:6a:0e:9c:6a:7c:bf:d5:8a:49:e9:e4:18:56:d1:
0b:a4:00:a6:07:a7:14:ef:c2:ec:c8:52:e3:ba:88:a3:d5:0a:
3b:07:aa:50:96:f3:65:71:a7:fa:0c:f9:6d:02:cb:6b:bd:5c:
f6:75:6c:9e:cc:25:45:b7:25:5a:5e:fa:a5:ec:1f:d2:c0:2e:
9f:9d:5d:c6:57:9e:2b:4d:fa:0f:3c:2d:35:fd:13:ec:4d:ba:
b0:13:a4:2f:29:37:4a:84:46:f3:19:fc:57:08:c2:fa:66:77:
b7:0e:30:18:d3:7a:15:d5:8b:08:c4:7e:e8:73:34:a6:d2:ce:
71:c1:55:11:0a:c7:58:cf:32:62:7d:1c:b4:f3:e4:76:79:22:
41:15:78:b7:a1:01:35:96:04:2e:ab:29:95:d9:4f:27:cf:c0:
e4:30:f6:cf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQmbAQMbppftk63wl4MXDYCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1OWM0MWRhZjAwOTJiNzAzYmMwNTliYTEzNTNmMDcxZWQx
MjE5OWIwHhcNMjUwMTAyMDk1MDAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDZiOWU0MWVkNjFmMWRiOWU4Njg4MTcwNTA3ZGI4Y2M3ZjVmM2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4wncJ4ba8lJ/oaUDukRo3xEduKYV
AF2lpAdEDgtna0YQdspGSDNVCLPuo/AM7doI8MPv34AO2oJu/ZPhMonBu1bGHvi/
Rfuz4Ay7dUzpXWJEZlrwQebz4EuV2yle4E7H0zawdiMxcmhrlJpCGdxDIFIpb0oc
2WqapZ9Qs7JMJYhAdqNarSbuSvu0Cl4n8TwQ4Vk6EhQLRUmiT73n0lccLMOYIWC/
seUKSwbcbJQ6ILjb88CAsYQ4qwKHNAU9mIlrPk5axx++xdKQKjsS4IwhCixmhKGM
apxqrgnJPIGGPbfBDTdE4DknXdplo3Tl6impoJD2GOle0qnI+rpVwVVIEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHBrnkHtYfHbnoaIFwUH24zH9fO3MB8GA1UdIwQY
MBaAFMWcQdrwCStwO8BZuhNT8HHtEhmbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFp4QjJ2QUpLM0E3d0ZtNkUxUHdjZTBTR1pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9kNTRkMmItMjEyNi00NTQyLWE1ZTQt
YzU0OTNmZTgyZTI2LzEvY0d1ZVFlMWg4ZHVlaG9nWEJRZmJqTWYxODdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9kNTRkMmItMjEyNi00NTQyLWE1ZTQtYzU0OTNmZTgyZTI2
LzEveFp4QjJ2QUpLM0E3d0ZtNkUxUHdjZTBTR1pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwwhsMA0G
CSqGSIb3DQEBCwUAA4IBAQAlMB0qGAwe+m6/P/p6qdZOaTCL0bvscBkfaJd5qiWz
Ti509V8UXKATQVg5Gx5C5gZjiGPRjvNskkZXFv/QYSy71IJJw1hQirQwMBSdFgJf
kcebBcvi/nYMQOHwHtXOag6cany/1YpJ6eQYVtELpACmB6cU78LsyFLjuoij1Qo7
B6pQlvNlcaf6DPltAstrvVz2dWyezCVFtyVaXvql7B/SwC6fnV3GV54rTfoPPC01
/RPsTbqwE6QvKTdKhEbzGfxXCML6Zne3DjAY03oV1YsIxH7oczSm0s5xwVURCsdY
zzJifRy08+R2eSJBFXi3oQE1lgQuqymV2U8nz8DkMPbP
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:10:16 2025 by rpki-client