Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/e7c762-d79e-46dc-af19-d7f78ac20707/1/RPcZgGGV6x_O2v93PF_KdiXOCls.roa
File: RPcZgGGV6x_O2v93PF_KdiXOCls.roa (raw, json)
Hash identifier: zudz6ArhADUJ+zH91d1CGuKo9XvGzdpHdTulI/kePX0=
Subject key identifier: 44:F7:19:80:61:95:EB:1F:CE:DA:FF:77:3C:5F:CA:76:25:CE:0A:5B
Certificate issuer: /CN=c32cc7a964f4f370929291e19fff7de53f19be44
Certificate serial: 0194228D2DA8A3CDD2E43481C47860671625
Authority key identifier: C3:2C:C7:A9:64:F4:F3:70:92:92:91:E1:9F:FF:7D:E5:3F:19:BE:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wyzHqWT083CSkpHhn_995T8ZvkQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/e7c762-d79e-46dc-af19-d7f78ac20707/1/RPcZgGGV6x_O2v93PF_KdiXOCls.roa
Signing time: Wed 01 Jan 2025 15:47:44 +0000
ROA not before: Wed 01 Jan 2025 15:47:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48037
IP address blocks: 193.176.222.0/24 maxlen: 24
193.176.223.0/24 maxlen: 24
193.176.224.0/24 maxlen: 24
193.176.225.0/24 maxlen: 24
193.176.226.0/24 maxlen: 24
193.176.234.0/24 maxlen: 24
193.177.248.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/e7c762-d79e-46dc-af19-d7f78ac20707/1/wyzHqWT083CSkpHhn_995T8ZvkQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/e7c762-d79e-46dc-af19-d7f78ac20707/1/wyzHqWT083CSkpHhn_995T8ZvkQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/wyzHqWT083CSkpHhn_995T8ZvkQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:2d:a8:a3:cd:d2:e4:34:81:c4:78:60:67:16:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c32cc7a964f4f370929291e19fff7de53f19be44
Validity
Not Before: Jan 1 15:47:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=44f719806195eb1fcedaff773c5fca7625ce0a5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:c8:dc:d2:5e:e9:cb:5b:47:90:f7:57:00:38:
37:8d:4b:4d:73:7a:ac:d9:e2:b2:89:38:a3:b9:44:
dc:f7:92:9a:97:e5:bc:61:bf:3f:b9:88:74:33:59:
cc:9a:40:1d:53:3b:0c:f5:50:02:10:64:c2:b4:03:
8d:7b:35:51:68:c1:29:52:57:c7:f9:9e:91:93:1f:
b6:e5:ee:52:23:a8:d5:8a:71:c4:f4:86:34:bd:e7:
0d:a0:bf:83:c5:19:d5:93:40:d4:d9:1a:c8:96:1e:
a6:ea:0f:eb:08:e3:7a:c8:bd:cf:43:89:9e:35:37:
65:a2:81:d0:b6:e3:dc:36:94:bc:15:0e:13:ff:85:
46:66:6b:a0:e0:11:b0:3b:3a:7a:e1:85:9e:fd:d2:
5d:fa:fd:e9:ca:90:70:9f:15:7b:db:92:32:c2:77:
3f:b8:af:ed:7c:c6:18:d4:19:5a:9c:d5:e1:e0:2e:
8f:fe:b9:95:13:62:c2:4f:72:56:9d:78:a0:00:43:
ec:82:44:44:82:f1:ff:64:b4:cb:bc:7e:54:d7:5d:
4e:d9:d0:66:ed:4c:5a:76:96:f8:87:24:3e:d6:61:
cc:cb:73:dd:9e:30:a1:db:cb:97:e2:7c:b6:6c:a7:
62:ce:aa:cb:10:a3:8d:cd:d9:b0:fc:e4:e2:77:72:
20:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:F7:19:80:61:95:EB:1F:CE:DA:FF:77:3C:5F:CA:76:25:CE:0A:5B
X509v3 Authority Key Identifier:
keyid:C3:2C:C7:A9:64:F4:F3:70:92:92:91:E1:9F:FF:7D:E5:3F:19:BE:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wyzHqWT083CSkpHhn_995T8ZvkQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/e7c762-d79e-46dc-af19-d7f78ac20707/1/RPcZgGGV6x_O2v93PF_KdiXOCls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/e7c762-d79e-46dc-af19-d7f78ac20707/1/wyzHqWT083CSkpHhn_995T8ZvkQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.176.222.0-193.176.226.255
193.176.234.0/24
193.177.248.0/21
Signature Algorithm: sha256WithRSAEncryption
5f:22:78:d7:ce:93:61:f3:0c:86:be:e0:78:b8:f3:74:a2:15:
e5:8b:b4:3a:32:88:04:2f:b3:9c:6d:35:91:10:5b:a9:1c:4c:
03:d4:5b:2c:15:84:6d:45:7e:22:fc:7e:1f:9f:0f:d3:6b:03:
95:34:5f:ae:72:3c:3e:17:1e:35:35:f3:1c:58:af:55:82:cb:
37:66:44:e0:94:0f:e7:26:b9:30:b7:fd:c6:21:58:47:02:e6:
43:d0:22:d3:e3:65:78:f8:35:74:9a:72:eb:bb:1c:32:84:96:
84:63:a8:e3:2c:12:e8:28:d7:4b:d3:80:58:4d:5c:33:dc:6e:
76:03:22:ed:1b:9a:2d:96:9c:97:6d:ea:1d:39:1f:b0:d2:72:
83:d9:3b:09:47:29:db:e5:ef:3f:76:2f:a7:05:f7:4e:38:24:
bc:66:f9:c7:55:4e:08:8c:ca:9c:b2:78:f1:a0:72:e7:64:68:
6d:1f:47:d1:75:35:e4:e6:4c:8d:e0:0b:9f:01:df:db:de:9e:
13:44:4c:4f:fb:0a:04:27:2e:be:40:9f:e8:19:95:01:6b:2d:
d5:75:81:5e:91:a7:5b:c4:9c:e7:fa:7e:b7:90:c3:d4:09:e6:
c2:61:96:37:f6:23:8d:f3:f8:74:78:37:ee:b8:d0:f0:8b:aa:
42:3e:25:f3
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQijS2oo83S5DSBxHhgZxYlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzMmNjN2E5NjRmNGYzNzA5MjkyOTFlMTlmZmY3ZGU1M2Yx
OWJlNDQwHhcNMjUwMTAxMTU0NzQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGY3MTk4MDYxOTVlYjFmY2VkYWZmNzczYzVmY2E3NjI1Y2UwYTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz8jc0l7py1tHkPdXADg3jUtNc3qs
2eKyiTijuUTc95Kal+W8Yb8/uYh0M1nMmkAdUzsM9VACEGTCtAONezVRaMEpUlfH
+Z6Rkx+25e5SI6jVinHE9IY0vecNoL+DxRnVk0DU2RrIlh6m6g/rCON6yL3PQ4me
NTdlooHQtuPcNpS8FQ4T/4VGZmug4BGwOzp64YWe/dJd+v3pypBwnxV725Iywnc/
uK/tfMYY1BlanNXh4C6P/rmVE2LCT3JWnXigAEPsgkREgvH/ZLTLvH5U111O2dBm
7Uxadpb4hyQ+1mHMy3PdnjCh28uX4ny2bKdizqrLEKONzdmw/OTid3IgIQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFET3GYBhlesfztr/dzxfynYlzgpbMB8GA1UdIwQY
MBaAFMMsx6lk9PNwkpKR4Z//feU/Gb5EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3l6SHFXVDA4M0NTa3BIaG5fOTk1VDhadmtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9lN2M3NjItZDc5ZS00NmRjLWFmMTkt
ZDdmNzhhYzIwNzA3LzEvUlBjWmdHR1Y2eF9PMnY5M1BGX0tkaVhPQ2xzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9lN2M3NjItZDc5ZS00NmRjLWFmMTktZDdmNzhhYzIwNzA3
LzEvd3l6SHFXVDA4M0NTa3BIaG5fOTk1VDhadmtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAHBsN4D
BADBsOIDBADBsOoDBAPBsfgwDQYJKoZIhvcNAQELBQADggEBAF8ieNfOk2HzDIa+
4Hi483SiFeWLtDoyiAQvs5xtNZEQW6kcTAPUWywVhG1FfiL8fh+fD9NrA5U0X65y
PD4XHjU18xxYr1WCyzdmROCUD+cmuTC3/cYhWEcC5kPQItPjZXj4NXSacuu7HDKE
loRjqOMsEugo10vTgFhNXDPcbnYDIu0bmi2WnJdt6h05H7DScoPZOwlHKdvl7z92
L6cF9044JLxm+cdVTgiMypyyePGgcudkaG0fR9F1NeTmTI3gC58B39venhNETE/7
CgQnLr5An+gZlQFrLdV1gV6Rp1vEnOf6freQw9QJ5sJhljf2I43z+HR4N+640PCL
qkI+JfM=
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:01:12 2025 by rpki-client