Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/25e17b-824e-4e7d-b3e8-27b87bfbee7b/1/aDRwFZp3Ye9nOga6oqU2-HxOi5Q.roa
File: aDRwFZp3Ye9nOga6oqU2-HxOi5Q.roa (raw, json)
Hash identifier: 55fN/khKAT7BHMTfK9zjOz/iWjkXrLDgvWhFUwURpbU=
Subject key identifier: 68:34:70:15:9A:77:61:EF:67:3A:06:BA:A2:A5:36:F8:7C:4E:8B:94
Certificate issuer: /CN=3432ba1c6d0b02befe68cc94ae9d2de3107a6046
Certificate serial: 019422FAF05A737C0F833C17565E6C7CCAD9
Authority key identifier: 34:32:BA:1C:6D:0B:02:BE:FE:68:CC:94:AE:9D:2D:E3:10:7A:60:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NDK6HG0LAr7-aMyUrp0t4xB6YEY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/25e17b-824e-4e7d-b3e8-27b87bfbee7b/1/aDRwFZp3Ye9nOga6oqU2-HxOi5Q.roa
Signing time: Wed 01 Jan 2025 17:47:38 +0000
ROA not before: Wed 01 Jan 2025 17:47:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2119
IP address blocks: 193.218.207.0/28 maxlen: 28
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a4/25e17b-824e-4e7d-b3e8-27b87bfbee7b/1/NDK6HG0LAr7-aMyUrp0t4xB6YEY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a4/25e17b-824e-4e7d-b3e8-27b87bfbee7b/1/NDK6HG0LAr7-aMyUrp0t4xB6YEY.mft
rsync://rpki.ripe.net/repository/DEFAULT/NDK6HG0LAr7-aMyUrp0t4xB6YEY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 23:01:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fa:f0:5a:73:7c:0f:83:3c:17:56:5e:6c:7c:ca:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3432ba1c6d0b02befe68cc94ae9d2de3107a6046
Validity
Not Before: Jan 1 17:47:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=683470159a7761ef673a06baa2a536f87c4e8b94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:6e:7a:00:80:5b:1e:e3:0b:b6:81:b1:f7:e8:
92:a3:c1:fc:6e:bc:e9:0e:5a:f6:b3:67:56:61:35:
d6:ef:42:3f:04:84:e3:a5:93:60:07:9f:1c:fd:76:
e7:a4:75:84:cd:d7:6d:9e:3c:8b:ac:25:d8:da:48:
a1:34:35:4e:5d:6b:60:f6:a7:52:d4:08:64:bc:ea:
68:a8:56:65:e0:be:2c:42:d4:14:e0:63:bb:d3:bc:
b2:8c:20:70:92:36:5c:ac:be:d0:7a:18:b3:11:d5:
5e:4e:6d:ea:0a:f5:c1:e3:94:5f:92:bd:51:3b:88:
21:3c:11:e2:d3:1e:8f:08:90:1b:83:cb:2b:47:4d:
ca:0f:d2:18:7e:66:9a:8c:95:00:ef:a8:bb:6a:80:
8d:a7:53:af:99:ba:6b:6b:26:47:6f:18:66:60:f5:
17:fd:54:21:ba:31:a5:3a:33:0b:6f:64:c9:89:c9:
d4:83:82:70:af:5c:69:44:10:73:a2:41:97:54:02:
3c:fa:cd:eb:f0:cf:f4:61:3e:38:c7:74:b9:82:ec:
91:ca:49:44:63:fe:46:59:de:e9:95:0e:af:f3:ee:
57:fa:b0:98:2e:56:ec:ba:df:00:7a:2f:4b:06:c5:
26:80:88:df:58:49:a4:a2:50:21:24:f6:1b:49:4a:
8b:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:34:70:15:9A:77:61:EF:67:3A:06:BA:A2:A5:36:F8:7C:4E:8B:94
X509v3 Authority Key Identifier:
keyid:34:32:BA:1C:6D:0B:02:BE:FE:68:CC:94:AE:9D:2D:E3:10:7A:60:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NDK6HG0LAr7-aMyUrp0t4xB6YEY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/25e17b-824e-4e7d-b3e8-27b87bfbee7b/1/aDRwFZp3Ye9nOga6oqU2-HxOi5Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/25e17b-824e-4e7d-b3e8-27b87bfbee7b/1/NDK6HG0LAr7-aMyUrp0t4xB6YEY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.218.207.0/28
Signature Algorithm: sha256WithRSAEncryption
cc:bd:05:c5:a2:b7:03:be:f0:9e:24:01:74:3a:1f:4b:41:5a:
38:11:0c:31:f6:f7:e7:e8:b7:f8:6a:6e:d1:26:56:53:ec:7c:
16:89:40:bf:66:0a:e4:2f:a3:e3:c8:09:b3:e8:3c:86:d6:17:
17:55:d8:40:f4:81:7d:c0:79:64:2c:59:30:e7:b4:13:69:71:
8a:5d:49:1d:6a:12:a7:aa:ba:f4:34:f9:45:bc:ef:27:3d:a6:
b2:d0:e1:fe:cd:11:94:e1:cd:71:df:fa:49:10:88:0f:09:a4:
de:2d:29:ae:80:32:69:fd:21:dd:4b:71:07:d6:2f:db:0c:6f:
f7:4e:4e:15:32:49:17:cf:35:33:59:7d:d9:ec:da:f7:7f:6b:
68:79:53:3b:20:e0:0c:fd:5f:a7:8a:9f:92:b2:10:81:33:b4:
4a:6d:a3:4c:ce:7d:c4:ae:f3:2b:e9:d8:2d:66:49:96:a7:ba:
04:c3:a1:d9:e4:df:d6:96:63:2b:c9:0a:22:28:65:0a:c9:4c:
01:bb:92:0c:c7:be:c1:c3:44:8a:52:f4:b3:33:8d:e5:d1:3f:
da:12:f3:0b:66:8b:11:ed:f1:e3:11:6d:87:e8:c4:85:85:66:
c2:08:49:c5:67:a1:b2:27:27:7d:7a:bf:88:9e:7b:af:5b:e8:
50:43:06:8f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQi+vBac3wPgzwXVl5sfMrZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MzJiYTFjNmQwYjAyYmVmZTY4Y2M5NGFlOWQyZGUzMTA3
YTYwNDYwHhcNMjUwMTAxMTc0NzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODM0NzAxNTlhNzc2MWVmNjczYTA2YmFhMmE1MzZmODdjNGU4Yjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6256AIBbHuMLtoGx9+iSo8H8brzp
Dlr2s2dWYTXW70I/BITjpZNgB58c/XbnpHWEzddtnjyLrCXY2kihNDVOXWtg9qdS
1AhkvOpoqFZl4L4sQtQU4GO707yyjCBwkjZcrL7QehizEdVeTm3qCvXB45Rfkr1R
O4ghPBHi0x6PCJAbg8srR03KD9IYfmaajJUA76i7aoCNp1OvmbprayZHbxhmYPUX
/VQhujGlOjMLb2TJicnUg4Jwr1xpRBBzokGXVAI8+s3r8M/0YT44x3S5guyRyklE
Y/5GWd7plQ6v8+5X+rCYLlbsut8Aei9LBsUmgIjfWEmkolAhJPYbSUqL7wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFGg0cBWad2HvZzoGuqKlNvh8TouUMB8GA1UdIwQY
MBaAFDQyuhxtCwK+/mjMlK6dLeMQemBGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkRLNkhHMExBcjctYU15VXJwMHQ0eEI2WUVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8yNWUxN2ItODI0ZS00ZTdkLWIzZTgt
MjdiODdiZmJlZTdiLzEvYURSd0ZacDNZZTluT2dhNm9xVTItSHhPaTVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC8yNWUxN2ItODI0ZS00ZTdkLWIzZTgtMjdiODdiZmJlZTdi
LzEvTkRLNkhHMExBcjctYU15VXJwMHQ0eEI2WUVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAATAHAwUEwdrPADAN
BgkqhkiG9w0BAQsFAAOCAQEAzL0FxaK3A77wniQBdDofS0FaOBEMMfb35+i3+Gpu
0SZWU+x8FolAv2YK5C+j48gJs+g8htYXF1XYQPSBfcB5ZCxZMOe0E2lxil1JHWoS
p6q69DT5RbzvJz2mstDh/s0RlOHNcd/6SRCIDwmk3i0proAyaf0h3UtxB9Yv2wxv
905OFTJJF881M1l92eza939raHlTOyDgDP1fp4qfkrIQgTO0Sm2jTM59xK7zK+nY
LWZJlqe6BMOh2eTf1pZjK8kKIihlCslMAbuSDMe+wcNEilL0szON5dE/2hLzC2aL
Ee3x4xFth+jEhYVmwghJxWehsicnfXq/iJ57r1voUEMGjw==
-----END CERTIFICATE-----
Generated at Mon Apr 7 07:08:27 2025 by rpki-client