Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/ceb187-7486-404c-a1dc-09129872e143/1/dvh6dEQn3L0Lue4PHisFZ5z30t4.roa
File: dvh6dEQn3L0Lue4PHisFZ5z30t4.roa (raw, json)
Hash identifier: YZ3UChYkMOxFSMlqaHDcH6csBlA5vkgT+POe5BlyoUo=
Subject key identifier: 76:F8:7A:74:44:27:DC:BD:0B:B9:EE:0F:1E:2B:05:67:9C:F7:D2:DE
Certificate issuer: /CN=a93616365693fb6502cb4d687bb66747b1a2fd74
Certificate serial: 019422FB005570A287A4C28BEB9DBB861EDD
Authority key identifier: A9:36:16:36:56:93:FB:65:02:CB:4D:68:7B:B6:67:47:B1:A2:FD:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qTYWNlaT-2UCy01oe7ZnR7Gi_XQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/ceb187-7486-404c-a1dc-09129872e143/1/dvh6dEQn3L0Lue4PHisFZ5z30t4.roa
Signing time: Wed 01 Jan 2025 17:47:42 +0000
ROA not before: Wed 01 Jan 2025 17:47:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5089
IP address blocks: 193.192.32.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/ceb187-7486-404c-a1dc-09129872e143/1/qTYWNlaT-2UCy01oe7ZnR7Gi_XQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/ceb187-7486-404c-a1dc-09129872e143/1/qTYWNlaT-2UCy01oe7ZnR7Gi_XQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/qTYWNlaT-2UCy01oe7ZnR7Gi_XQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 13:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:00:55:70:a2:87:a4:c2:8b:eb:9d:bb:86:1e:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a93616365693fb6502cb4d687bb66747b1a2fd74
Validity
Not Before: Jan 1 17:47:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=76f87a744427dcbd0bb9ee0f1e2b05679cf7d2de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:cf:10:07:a5:95:74:31:2b:12:65:02:9d:58:
be:ea:c7:bb:59:9d:9f:c3:0b:57:fe:85:b7:af:33:
d6:10:8c:72:d8:eb:74:00:27:09:47:00:47:c4:f9:
b9:92:75:8e:7f:93:e8:0b:7e:ac:9e:5c:b4:76:b7:
dc:a1:8f:3f:38:15:73:a9:69:20:6d:e5:41:ee:f4:
ab:3f:3a:6c:6d:5b:9f:1b:ca:ed:16:71:e9:af:6a:
b1:99:63:d3:3b:0e:2e:ac:68:ca:0c:97:73:d4:f8:
48:03:1a:68:c0:84:77:04:6d:53:0b:8a:0d:a2:36:
03:0c:ac:2d:bf:59:80:9e:27:8e:12:7c:6b:ef:f7:
61:2b:14:e2:a9:ec:3b:b3:46:bc:ed:c6:59:00:fc:
ed:f0:33:30:53:80:c0:fe:50:77:ab:61:8a:63:49:
85:eb:be:f8:04:1e:b6:32:5e:21:e8:e8:29:24:ca:
3f:d9:8e:22:c0:54:50:99:e6:5f:32:31:cb:94:41:
40:90:5e:57:6c:15:d5:bf:ce:6b:e8:b9:30:18:0a:
af:90:03:21:25:03:53:9c:e0:c4:32:ea:f3:c2:a0:
d4:f2:f7:49:e4:23:21:db:87:c8:89:d0:e8:0b:3e:
2f:a8:82:99:84:7e:80:e1:dd:d8:8f:14:e6:67:f9:
e6:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:F8:7A:74:44:27:DC:BD:0B:B9:EE:0F:1E:2B:05:67:9C:F7:D2:DE
X509v3 Authority Key Identifier:
keyid:A9:36:16:36:56:93:FB:65:02:CB:4D:68:7B:B6:67:47:B1:A2:FD:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qTYWNlaT-2UCy01oe7ZnR7Gi_XQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/ceb187-7486-404c-a1dc-09129872e143/1/dvh6dEQn3L0Lue4PHisFZ5z30t4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/ceb187-7486-404c-a1dc-09129872e143/1/qTYWNlaT-2UCy01oe7ZnR7Gi_XQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.192.32.0/23
Signature Algorithm: sha256WithRSAEncryption
6b:dc:84:e1:b2:fb:25:a9:c0:c8:96:6d:cf:85:d6:3a:06:23:
7b:56:c3:1f:3b:01:77:04:5a:64:02:4a:fb:26:d5:e0:6a:7c:
e3:9b:24:ce:6b:e8:d4:20:54:09:19:04:8f:80:09:0b:6e:3d:
ae:c5:49:50:e8:0f:75:2e:ca:26:a4:01:55:41:4a:10:f1:0d:
71:3b:d4:f6:8a:0b:5b:5b:26:97:15:b0:82:be:c1:d1:0f:0d:
b8:1a:44:73:15:d7:54:c7:24:d4:c2:85:37:8d:4e:c8:f6:6a:
c6:a6:80:07:8d:b0:4e:62:ed:dc:38:ad:e6:30:db:0e:6c:8f:
a5:66:3b:24:b6:f9:98:bc:20:bd:b3:c9:17:e2:99:18:d9:44:
df:d4:b3:6b:6d:ad:2d:fb:84:66:0a:8b:a2:9e:b2:fa:ed:52:
e6:eb:b9:4c:5c:b0:ef:f1:19:47:50:d9:e1:2e:5d:a4:33:81:
5d:eb:ff:56:16:92:1c:c7:40:56:ce:e9:b7:99:74:a6:3a:ee:
6b:cf:f3:7d:2d:66:1c:49:a6:37:3d:80:dc:04:63:ae:84:9c:
f7:72:09:79:8a:a6:e1:dc:ee:2d:f0:9a:77:27:5e:d5:bd:74:
98:0b:8e:54:4c:ac:d1:22:f0:40:9e:66:d6:26:e5:1a:84:63:
9c:50:df:a5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+wBVcKKHpMKL6527hh7dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5MzYxNjM2NTY5M2ZiNjUwMmNiNGQ2ODdiYjY2NzQ3YjFh
MmZkNzQwHhcNMjUwMTAxMTc0NzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmY4N2E3NDQ0MjdkY2JkMGJiOWVlMGYxZTJiMDU2NzljZjdkMmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy88QB6WVdDErEmUCnVi+6se7WZ2f
wwtX/oW3rzPWEIxy2Ot0ACcJRwBHxPm5knWOf5PoC36snly0drfcoY8/OBVzqWkg
beVB7vSrPzpsbVufG8rtFnHpr2qxmWPTOw4urGjKDJdz1PhIAxpowIR3BG1TC4oN
ojYDDKwtv1mAnieOEnxr7/dhKxTiqew7s0a87cZZAPzt8DMwU4DA/lB3q2GKY0mF
6774BB62Ml4h6OgpJMo/2Y4iwFRQmeZfMjHLlEFAkF5XbBXVv85r6LkwGAqvkAMh
JQNTnODEMurzwqDU8vdJ5CMh24fIidDoCz4vqIKZhH6A4d3YjxTmZ/nm1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHb4enREJ9y9C7nuDx4rBWec99LeMB8GA1UdIwQY
MBaAFKk2FjZWk/tlAstNaHu2Z0exov10MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVRZV05sYVQtMlVDeTAxb2U3Wm5SN0dpX1hRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9jZWIxODctNzQ4Ni00MDRjLWExZGMt
MDkxMjk4NzJlMTQzLzEvZHZoNmRFUW4zTDBMdWU0UEhpc0ZaNXozMHQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9jZWIxODctNzQ4Ni00MDRjLWExZGMtMDkxMjk4NzJlMTQz
LzEvcVRZV05sYVQtMlVDeTAxb2U3Wm5SN0dpX1hRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwcAgMA0G
CSqGSIb3DQEBCwUAA4IBAQBr3IThsvslqcDIlm3PhdY6BiN7VsMfOwF3BFpkAkr7
JtXganzjmyTOa+jUIFQJGQSPgAkLbj2uxUlQ6A91LsompAFVQUoQ8Q1xO9T2igtb
WyaXFbCCvsHRDw24GkRzFddUxyTUwoU3jU7I9mrGpoAHjbBOYu3cOK3mMNsObI+l
ZjsktvmYvCC9s8kX4pkY2UTf1LNrba0t+4RmCouinrL67VLm67lMXLDv8RlHUNnh
Ll2kM4Fd6/9WFpIcx0BWzum3mXSmOu5rz/N9LWYcSaY3PYDcBGOuhJz3cgl5iqbh
3O4t8Jp3J17VvXSYC45UTKzRIvBAnmbWJuUahGOcUN+l
-----END CERTIFICATE-----
Generated at Sat Apr 5 21:44:42 2025 by rpki-client