Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/c98434-decc-404f-8049-4aa2eeb5267c/1/1-CBPCQEhah96ufyUbT9Pgx0vfDA.roa
File: 1-CBPCQEhah96ufyUbT9Pgx0vfDA.roa (raw, json)
Hash identifier: a/E265pRySYxwfkb5CZMhMIiUvhNhX2eZiajI2HOkkM=
Subject key identifier: F8:20:4F:09:01:21:6A:1F:7A:B9:FC:94:6D:3F:4F:83:1D:2F:7C:30
Certificate issuer: /CN=72673058859cfd7012941d8963adccf6300a19ef
Certificate serial: 01942143C3E1D6D67779F08C3BEBFF63D7B2
Authority key identifier: 72:67:30:58:85:9C:FD:70:12:94:1D:89:63:AD:CC:F6:30:0A:19:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cmcwWIWc_XASlB2JY63M9jAKGe8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/c98434-decc-404f-8049-4aa2eeb5267c/1/1-CBPCQEhah96ufyUbT9Pgx0vfDA.roa
Signing time: Wed 01 Jan 2025 09:47:56 +0000
ROA not before: Wed 01 Jan 2025 09:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20805
IP address blocks: 213.167.160.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/c98434-decc-404f-8049-4aa2eeb5267c/1/cmcwWIWc_XASlB2JY63M9jAKGe8.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/c98434-decc-404f-8049-4aa2eeb5267c/1/cmcwWIWc_XASlB2JY63M9jAKGe8.mft
rsync://rpki.ripe.net/repository/DEFAULT/cmcwWIWc_XASlB2JY63M9jAKGe8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 10 Mar 2025 15:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:c3:e1:d6:d6:77:79:f0:8c:3b:eb:ff:63:d7:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72673058859cfd7012941d8963adccf6300a19ef
Validity
Not Before: Jan 1 09:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f8204f0901216a1f7ab9fc946d3f4f831d2f7c30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:66:02:15:8e:4e:ca:ee:54:f3:a9:eb:b3:54:
38:f7:47:1c:9f:c3:97:b4:bc:8b:ab:72:17:13:68:
df:f6:5f:08:4f:4b:eb:0a:80:68:e6:a7:9a:2f:4a:
76:e2:01:b3:93:dd:50:dc:c1:4e:a4:2b:f7:63:c0:
11:5c:78:3c:7f:6b:d2:3a:77:0b:8a:2a:35:b3:6c:
7c:e5:2a:d0:35:3e:d1:d9:46:7e:36:9c:55:71:e4:
52:b5:2f:54:2b:82:71:4c:79:10:0d:a8:9f:73:fe:
e2:74:e4:a1:b1:ec:76:67:75:37:c9:f1:08:46:d3:
f6:f5:ba:9f:32:7b:ec:ef:37:46:a4:bc:cf:8f:2a:
b6:6a:ed:1d:31:63:f2:27:bd:ca:56:b0:5d:ec:6f:
65:bb:0f:a7:e8:2d:c6:d3:a2:0c:1a:9b:8d:ef:fe:
8d:0e:be:ed:27:6c:75:58:49:50:80:e5:9f:32:a7:
a4:f4:7f:c6:78:9b:28:19:ef:d4:71:6d:0e:4d:de:
96:87:0b:dc:e3:fb:0c:f5:0f:8c:45:a8:e7:7a:21:
48:a0:8b:50:48:c9:5f:8c:60:c0:15:38:5e:95:44:
cf:49:1d:b7:8f:4f:ca:94:49:26:42:2d:41:7b:05:
20:5d:54:6e:1f:b1:56:f6:06:e9:b4:6a:f2:33:ae:
1a:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:20:4F:09:01:21:6A:1F:7A:B9:FC:94:6D:3F:4F:83:1D:2F:7C:30
X509v3 Authority Key Identifier:
keyid:72:67:30:58:85:9C:FD:70:12:94:1D:89:63:AD:CC:F6:30:0A:19:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cmcwWIWc_XASlB2JY63M9jAKGe8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c98434-decc-404f-8049-4aa2eeb5267c/1/1-CBPCQEhah96ufyUbT9Pgx0vfDA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c98434-decc-404f-8049-4aa2eeb5267c/1/cmcwWIWc_XASlB2JY63M9jAKGe8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.167.160.0/19
Signature Algorithm: sha256WithRSAEncryption
97:8f:b9:eb:05:3a:e8:2c:72:ec:12:10:2f:39:1a:f5:11:98:
20:c5:3f:59:7b:9a:0f:ec:fc:3d:8a:0e:37:85:7a:59:a3:64:
44:53:74:06:60:77:6e:42:b4:47:1c:db:81:9c:b5:9e:c7:78:
73:e6:ec:66:5e:b1:27:0d:be:59:44:df:31:a8:45:9c:9b:86:
d7:35:18:b8:69:c1:39:03:6d:0f:69:9a:6e:d0:1b:a0:91:47:
a6:f7:55:80:92:20:d9:54:0a:c5:03:b2:6a:39:16:36:4b:53:
85:a2:d3:da:9a:2d:34:11:c5:4e:8e:6c:23:a4:61:6a:90:32:
2d:03:7f:91:2d:f3:51:d0:c6:c0:12:4c:d9:0d:a2:25:08:51:
70:36:05:83:55:89:b0:50:74:a2:4c:d4:a0:42:90:6c:95:f4:
e8:01:84:be:55:c8:03:c3:87:e2:cc:c6:09:68:47:5a:ee:6a:
d0:f6:17:66:6e:0e:b4:ab:9d:43:93:3e:f4:ba:fa:41:df:9c:
b7:92:05:dd:9a:fa:64:67:ca:51:26:8a:da:15:2a:85:26:f1:
1f:58:91:9e:1b:9b:21:e8:8c:76:5e:db:f4:e1:8a:a0:a1:67:
cf:4e:9b:fb:0c:2d:4d:57:87:96:c9:c7:56:a3:79:9a:8c:b2:
95:53:af:f5
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQhQ8Ph1tZ3efCMO+v/Y9eyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNjczMDU4ODU5Y2ZkNzAxMjk0MWQ4OTYzYWRjY2Y2MzAw
YTE5ZWYwHhcNMjUwMTAxMDk0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODIwNGYwOTAxMjE2YTFmN2FiOWZjOTQ2ZDNmNGY4MzFkMmY3YzMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiGYCFY5Oyu5U86nrs1Q490ccn8OX
tLyLq3IXE2jf9l8IT0vrCoBo5qeaL0p24gGzk91Q3MFOpCv3Y8ARXHg8f2vSOncL
iio1s2x85SrQNT7R2UZ+NpxVceRStS9UK4JxTHkQDaifc/7idOShsex2Z3U3yfEI
RtP29bqfMnvs7zdGpLzPjyq2au0dMWPyJ73KVrBd7G9luw+n6C3G06IMGpuN7/6N
Dr7tJ2x1WElQgOWfMqek9H/GeJsoGe/UcW0OTd6Whwvc4/sM9Q+MRajneiFIoItQ
SMlfjGDAFThelUTPSR23j0/KlEkmQi1BewUgXVRuH7FW9gbptGryM64aQQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPggTwkBIWofern8lG0/T4MdL3wwMB8GA1UdIwQY
MBaAFHJnMFiFnP1wEpQdiWOtzPYwChnvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY21jd1dJV2NfWEFTbEIySlk2M005akFLR2U4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9jOTg0MzQtZGVjYy00MDRmLTgwNDkt
NGFhMmVlYjUyNjdjLzEvMS1DQlBDUUVoYWg5NnVmeVViVDlQZ3gwdmZEQS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYWMvYzk4NDM0LWRlY2MtNDA0Zi04MDQ5LTRhYTJlZWI1MjY3
Yy8xL2NtY3dXSVdjX1hBU2xCMkpZNjNNOWpBS0dlOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBdWnoDAN
BgkqhkiG9w0BAQsFAAOCAQEAl4+56wU66Cxy7BIQLzka9RGYIMU/WXuaD+z8PYoO
N4V6WaNkRFN0BmB3bkK0RxzbgZy1nsd4c+bsZl6xJw2+WUTfMahFnJuG1zUYuGnB
OQNtD2mabtAboJFHpvdVgJIg2VQKxQOyajkWNktThaLT2potNBHFTo5sI6RhapAy
LQN/kS3zUdDGwBJM2Q2iJQhRcDYFg1WJsFB0okzUoEKQbJX06AGEvlXIA8OH4szG
CWhHWu5q0PYXZm4OtKudQ5M+9Lr6Qd+ct5IF3Zr6ZGfKUSaK2hUqhSbxH1iRnhub
IeiMdl7b9OGKoKFnz06b+wwtTVeHlsnHVqN5moyylVOv9Q==
-----END CERTIFICATE-----
Generated at Mon Mar 10 00:39:17 2025 by rpki-client