Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/ff5ffc-22ff-46a1-8d2b-d34d120287d3/1/llQmZ7ox31md1xrVsOBux0Zjo94.roa
File: llQmZ7ox31md1xrVsOBux0Zjo94.roa (raw, json)
Hash identifier: zilK3SjPa7if6qVjP4zB4BrLdTd+JnUFnl8CYZtGV0I=
Subject key identifier: 96:54:26:67:BA:31:DF:59:9D:D7:1A:D5:B0:E0:6E:C7:46:63:A3:DE
Certificate issuer: /CN=c8c6892a68ce50a186c0d60cd5c9e4c988ce16c5
Certificate serial: 01946A3418237F086826B4D407182C23E944
Authority key identifier: C8:C6:89:2A:68:CE:50:A1:86:C0:D6:0C:D5:C9:E4:C9:88:CE:16:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yMaJKmjOUKGGwNYM1cnkyYjOFsU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/ff5ffc-22ff-46a1-8d2b-d34d120287d3/1/llQmZ7ox31md1xrVsOBux0Zjo94.roa
Signing time: Wed 15 Jan 2025 13:43:06 +0000
ROA not before: Wed 15 Jan 2025 13:43:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29335
IP address blocks: 193.19.152.0/23 maxlen: 32
193.19.152.0/24 maxlen: 32
193.19.153.0/24 maxlen: 32
193.19.154.0/23 maxlen: 32
193.19.154.0/24 maxlen: 32
193.19.155.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/ff5ffc-22ff-46a1-8d2b-d34d120287d3/1/yMaJKmjOUKGGwNYM1cnkyYjOFsU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/ff5ffc-22ff-46a1-8d2b-d34d120287d3/1/yMaJKmjOUKGGwNYM1cnkyYjOFsU.mft
rsync://rpki.ripe.net/repository/DEFAULT/yMaJKmjOUKGGwNYM1cnkyYjOFsU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:6a:34:18:23:7f:08:68:26:b4:d4:07:18:2c:23:e9:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8c6892a68ce50a186c0d60cd5c9e4c988ce16c5
Validity
Not Before: Jan 15 13:43:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=96542667ba31df599dd71ad5b0e06ec74663a3de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:3c:a9:9f:87:d6:93:ef:00:a5:72:49:63:a7:
d0:c9:20:d1:aa:40:80:4c:36:77:27:03:0a:16:ef:
08:cc:12:e2:54:12:c2:98:12:59:ee:54:22:d3:ea:
89:c2:ec:ae:e8:30:bb:fa:05:e9:f1:65:d0:09:4f:
a6:2d:96:b3:20:46:ff:2a:9d:99:14:e4:6a:0c:42:
21:36:40:4e:44:d9:16:5a:30:c6:2e:f0:90:0f:c8:
8d:1c:77:8e:67:92:c2:ed:e2:35:ad:03:51:83:2d:
9d:b4:ee:9c:b6:f6:5e:08:76:8b:31:4b:46:74:93:
88:70:77:13:5e:a5:f9:c8:9c:b1:fc:28:b8:8a:76:
a5:c9:02:c5:0e:35:28:14:ac:e1:19:6a:55:33:99:
9b:9a:76:c2:9d:54:76:a9:82:f4:04:17:6c:7d:e9:
4f:ae:4e:0e:00:6c:a0:18:b1:58:1c:7a:81:31:a9:
ee:19:a5:1b:a1:97:42:57:a2:f3:1c:c3:80:88:32:
cf:4a:ea:07:10:51:1c:3a:4c:71:32:0f:8e:0d:bd:
46:89:45:50:6f:86:57:a2:8d:ad:56:15:12:09:3b:
81:e5:e7:d7:1f:d0:85:48:97:b6:2c:4c:a4:36:b6:
e8:59:4a:af:93:81:ac:0f:f0:80:0d:81:1d:3b:d7:
6a:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:54:26:67:BA:31:DF:59:9D:D7:1A:D5:B0:E0:6E:C7:46:63:A3:DE
X509v3 Authority Key Identifier:
keyid:C8:C6:89:2A:68:CE:50:A1:86:C0:D6:0C:D5:C9:E4:C9:88:CE:16:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yMaJKmjOUKGGwNYM1cnkyYjOFsU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/ff5ffc-22ff-46a1-8d2b-d34d120287d3/1/llQmZ7ox31md1xrVsOBux0Zjo94.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/ff5ffc-22ff-46a1-8d2b-d34d120287d3/1/yMaJKmjOUKGGwNYM1cnkyYjOFsU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.19.152.0/22
Signature Algorithm: sha256WithRSAEncryption
12:be:f0:c1:e4:8f:6a:74:9b:42:61:b9:da:94:5f:bc:03:07:
fd:66:75:96:a9:86:1d:31:a5:90:9e:02:da:6e:cb:18:9c:7d:
85:2d:74:2f:9e:ed:01:1a:b5:cd:88:bf:c0:45:a9:10:31:1c:
af:24:ff:30:e7:ff:1c:3b:eb:f7:98:8d:73:44:25:df:59:e6:
2b:f8:0c:02:4d:3a:ed:80:69:89:94:a1:84:98:06:fe:9b:53:
66:76:26:9e:3e:ea:f7:6e:40:9c:70:38:8b:90:ee:5b:46:ed:
2e:c0:1b:93:c8:ee:77:21:eb:47:9e:d3:a8:aa:1e:8d:9f:a5:
31:27:9f:0a:a9:86:7e:3a:6e:ab:82:2f:fe:1b:c0:d1:3c:b4:
db:95:65:1f:f7:ad:fc:73:13:7b:d5:6e:9c:17:f2:ee:14:83:
c1:39:61:d1:7d:e2:d0:b8:5d:f3:b4:d8:28:7a:18:c8:d5:46:
84:e1:fc:5b:80:de:6e:9b:1e:b8:df:70:a7:d2:8d:f7:15:08:
3d:3b:8d:35:15:22:dd:fc:ca:32:41:de:20:72:c6:88:ab:b4:
3f:77:85:c3:81:50:e7:de:16:6e:df:10:a2:6d:89:a4:17:ff:
ff:fe:2a:19:dd:03:99:7b:c1:cd:29:c8:21:9d:23:22:d9:38:
8f:0c:b1:fd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZRqNBgjfwhoJrTUBxgsI+lEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4YzY4OTJhNjhjZTUwYTE4NmMwZDYwY2Q1YzllNGM5ODhj
ZTE2YzUwHhcNMjUwMTE1MTM0MzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjU0MjY2N2JhMzFkZjU5OWRkNzFhZDViMGUwNmVjNzQ2NjNhM2RlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Dypn4fWk+8ApXJJY6fQySDRqkCA
TDZ3JwMKFu8IzBLiVBLCmBJZ7lQi0+qJwuyu6DC7+gXp8WXQCU+mLZazIEb/Kp2Z
FORqDEIhNkBORNkWWjDGLvCQD8iNHHeOZ5LC7eI1rQNRgy2dtO6ctvZeCHaLMUtG
dJOIcHcTXqX5yJyx/Ci4inalyQLFDjUoFKzhGWpVM5mbmnbCnVR2qYL0BBdsfelP
rk4OAGygGLFYHHqBManuGaUboZdCV6LzHMOAiDLPSuoHEFEcOkxxMg+ODb1GiUVQ
b4ZXoo2tVhUSCTuB5efXH9CFSJe2LEykNrboWUqvk4GsD/CADYEdO9dqfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJZUJme6Md9Zndca1bDgbsdGY6PeMB8GA1UdIwQY
MBaAFMjGiSpozlChhsDWDNXJ5MmIzhbFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU1hSkttak9VS0dHd05ZTTFjbmt5WWpPRnNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9mZjVmZmMtMjJmZi00NmExLThkMmIt
ZDM0ZDEyMDI4N2QzLzEvbGxRbVo3b3gzMW1kMXhyVnNPQnV4MFpqbzk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9mZjVmZmMtMjJmZi00NmExLThkMmItZDM0ZDEyMDI4N2Qz
LzEveU1hSkttak9VS0dHd05ZTTFjbmt5WWpPRnNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwROYMA0G
CSqGSIb3DQEBCwUAA4IBAQASvvDB5I9qdJtCYbnalF+8Awf9ZnWWqYYdMaWQngLa
bssYnH2FLXQvnu0BGrXNiL/ARakQMRyvJP8w5/8cO+v3mI1zRCXfWeYr+AwCTTrt
gGmJlKGEmAb+m1NmdiaePur3bkCccDiLkO5bRu0uwBuTyO53IetHntOoqh6Nn6Ux
J58KqYZ+Om6rgi/+G8DRPLTblWUf9638cxN71W6cF/LuFIPBOWHRfeLQuF3ztNgo
ehjI1UaE4fxbgN5umx6433Cn0o33FQg9O401FSLd/MoyQd4gcsaIq7Q/d4XDgVDn
3hZu3xCibYmkF////ioZ3QOZe8HNKcghnSMi2TiPDLH9
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:02:00 2025 by rpki-client