Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/beb070-e129-44b6-a77c-2e7a8a394c45/1/DNwk8XqqsVx_0XVNBxGEv9s46iw.roa
File: DNwk8XqqsVx_0XVNBxGEv9s46iw.roa (raw, json)
Hash identifier: o1R3IO/6fSn30zcJzkwKmtL71+61TdQ+fmzf6z93EPU=
Subject key identifier: 0C:DC:24:F1:7A:AA:B1:5C:7F:D1:75:4D:07:11:84:BF:DB:38:EA:2C
Certificate issuer: /CN=0910af10067f5301fc8f60848f55b3c33c180f53
Certificate serial: 019423D7141CC78A66D15B4952EAD8F19C63
Authority key identifier: 09:10:AF:10:06:7F:53:01:FC:8F:60:84:8F:55:B3:C3:3C:18:0F:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CRCvEAZ_UwH8j2CEj1WzwzwYD1M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/beb070-e129-44b6-a77c-2e7a8a394c45/1/DNwk8XqqsVx_0XVNBxGEv9s46iw.roa
Signing time: Wed 01 Jan 2025 21:48:05 +0000
ROA not before: Wed 01 Jan 2025 21:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205201
IP address blocks: 188.120.121.0/24 maxlen: 24
188.120.122.0/23 maxlen: 23
188.120.122.0/24 maxlen: 24
188.120.123.0/24 maxlen: 24
188.120.126.0/24 maxlen: 24
194.28.130.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/beb070-e129-44b6-a77c-2e7a8a394c45/1/CRCvEAZ_UwH8j2CEj1WzwzwYD1M.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/beb070-e129-44b6-a77c-2e7a8a394c45/1/CRCvEAZ_UwH8j2CEj1WzwzwYD1M.mft
rsync://rpki.ripe.net/repository/DEFAULT/CRCvEAZ_UwH8j2CEj1WzwzwYD1M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 18:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:14:1c:c7:8a:66:d1:5b:49:52:ea:d8:f1:9c:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0910af10067f5301fc8f60848f55b3c33c180f53
Validity
Not Before: Jan 1 21:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0cdc24f17aaab15c7fd1754d071184bfdb38ea2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:82:20:b5:da:42:03:41:4c:bb:92:96:c5:40:
b4:c8:eb:85:33:6f:a9:ba:d5:8e:2b:50:2c:f2:28:
54:40:ed:78:cc:89:e0:3d:aa:a4:fe:e3:d7:f2:2d:
7f:b2:3a:e5:a6:2a:f3:6c:9f:fe:d7:6d:86:af:16:
71:99:37:72:bf:d8:6f:00:e0:ad:b7:69:fa:3c:78:
a3:de:6e:2e:12:c6:d2:6d:8e:b6:44:05:37:15:49:
ba:f6:e6:5f:bd:b8:a8:4f:e8:3f:f6:7d:4d:bc:1d:
ea:06:1a:64:a9:7e:f2:0f:64:37:0b:0e:85:34:67:
2d:1b:6d:22:33:02:a1:a8:31:de:df:d0:db:e2:dd:
b7:f5:82:7f:9a:7a:2e:de:dd:96:ab:e4:f7:c6:bf:
d9:ab:29:50:bb:fa:e5:1c:13:3d:64:ac:df:f5:e4:
61:c5:16:65:bd:21:9f:1b:87:c7:60:18:5d:a3:49:
82:1f:4e:47:1b:55:a1:1a:ed:c8:44:27:85:93:de:
42:de:89:19:e4:86:f5:97:e3:41:35:31:12:d7:6f:
06:eb:b1:fc:df:55:25:4d:b9:75:00:1c:ed:ba:c2:
0d:41:e4:8b:87:87:f4:b2:3c:97:bd:58:22:c5:96:
56:02:84:a9:4e:82:19:23:24:01:b5:8b:7c:9e:22:
18:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:DC:24:F1:7A:AA:B1:5C:7F:D1:75:4D:07:11:84:BF:DB:38:EA:2C
X509v3 Authority Key Identifier:
keyid:09:10:AF:10:06:7F:53:01:FC:8F:60:84:8F:55:B3:C3:3C:18:0F:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CRCvEAZ_UwH8j2CEj1WzwzwYD1M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/beb070-e129-44b6-a77c-2e7a8a394c45/1/DNwk8XqqsVx_0XVNBxGEv9s46iw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/beb070-e129-44b6-a77c-2e7a8a394c45/1/CRCvEAZ_UwH8j2CEj1WzwzwYD1M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.120.121.0-188.120.123.255
188.120.126.0/24
194.28.130.0/24
Signature Algorithm: sha256WithRSAEncryption
34:e9:70:74:fa:a3:be:97:28:3f:14:3e:67:80:d7:e1:2f:ef:
dd:c9:ec:76:5f:11:15:03:1b:b5:51:c5:c7:64:6d:25:bd:bc:
2e:4b:26:20:80:f6:85:69:85:ed:a6:25:f7:07:e5:81:d2:27:
ba:87:ed:a2:a1:f7:59:9c:60:a5:30:f4:c7:3c:18:02:d2:3e:
dc:85:0a:88:3b:35:aa:cb:2a:f9:62:45:17:06:65:09:27:3b:
b6:69:21:77:cf:c4:5e:7c:c6:db:cf:45:a4:30:ef:90:e0:2b:
75:cb:52:a6:44:95:a0:0f:93:e8:96:0b:75:41:06:72:a4:80:
8f:22:1b:45:d0:be:b9:03:8a:c3:e7:2b:0a:d6:f6:11:8b:bb:
48:96:a4:15:79:2f:b9:25:0a:20:bc:87:43:a8:c6:0b:34:50:
1b:ea:2f:06:15:24:2c:b5:ad:0d:14:8b:de:74:d4:80:eb:11:
83:97:35:91:30:53:ea:a1:98:5b:71:f0:da:ad:22:3a:9f:fb:
6f:10:bb:a9:ba:45:ef:17:fc:4f:6f:af:55:db:0d:be:b1:b1:
d1:e1:31:0c:eb:3a:84:7e:e2:af:6f:f8:af:4a:93:8c:99:fa:
fb:4f:94:5d:35:0e:54:ac:db:c2:7f:e3:ad:ff:0f:67:f6:b7:
5e:f6:19:8b
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQj1xQcx4pm0VtJUurY8ZxjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MTBhZjEwMDY3ZjUzMDFmYzhmNjA4NDhmNTViM2MzM2Mx
ODBmNTMwHhcNMjUwMTAxMjE0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2RjMjRmMTdhYWFiMTVjN2ZkMTc1NGQwNzExODRiZmRiMzhlYTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxIIgtdpCA0FMu5KWxUC0yOuFM2+p
utWOK1As8ihUQO14zIngPaqk/uPX8i1/sjrlpirzbJ/+122GrxZxmTdyv9hvAOCt
t2n6PHij3m4uEsbSbY62RAU3FUm69uZfvbioT+g/9n1NvB3qBhpkqX7yD2Q3Cw6F
NGctG20iMwKhqDHe39Db4t239YJ/mnou3t2Wq+T3xr/ZqylQu/rlHBM9ZKzf9eRh
xRZlvSGfG4fHYBhdo0mCH05HG1WhGu3IRCeFk95C3okZ5Ib1l+NBNTES128G67H8
31UlTbl1ABztusINQeSLh4f0sjyXvVgixZZWAoSpToIZIyQBtYt8niIYCQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFAzcJPF6qrFcf9F1TQcRhL/bOOosMB8GA1UdIwQY
MBaAFAkQrxAGf1MB/I9ghI9Vs8M8GA9TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1JDdkVBWl9Vd0g4ajJDRWoxV3p3endZRDFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9iZWIwNzAtZTEyOS00NGI2LWE3N2Mt
MmU3YThhMzk0YzQ1LzEvRE53azhYcXFzVnhfMFhWTkJ4R0V2OXM0Nml3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9iZWIwNzAtZTEyOS00NGI2LWE3N2MtMmU3YThhMzk0YzQ1
LzEvQ1JDdkVBWl9Vd0g4ajJDRWoxV3p3endZRDFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAC8eHkD
BAK8eHgDBAC8eH4DBADCHIIwDQYJKoZIhvcNAQELBQADggEBADTpcHT6o76XKD8U
PmeA1+Ev793J7HZfERUDG7VRxcdkbSW9vC5LJiCA9oVphe2mJfcH5YHSJ7qH7aKh
91mcYKUw9Mc8GALSPtyFCog7NarLKvliRRcGZQknO7ZpIXfPxF58xtvPRaQw75Dg
K3XLUqZElaAPk+iWC3VBBnKkgI8iG0XQvrkDisPnKwrW9hGLu0iWpBV5L7klCiC8
h0Ooxgs0UBvqLwYVJCy1rQ0Ui9501IDrEYOXNZEwU+qhmFtx8NqtIjqf+28Qu6m6
Re8X/E9vr1XbDb6xsdHhMQzrOoR+4q9v+K9Kk4yZ+vtPlF01DlSs28J/463/D2f2
t172GYs=
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:16:05 2025 by rpki-client