Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/o033YbxU_4pqzhTYeW8KgBTyJFQ.roa
File: o033YbxU_4pqzhTYeW8KgBTyJFQ.roa (raw, json)
Hash identifier: dhvpupNA3tAu+C5YNjmZoQsdlwc5TGF6rdYGFnIKpdI=
Subject key identifier: A3:4D:F7:61:BC:54:FF:8A:6A:CE:14:D8:79:6F:0A:80:14:F2:24:54
Certificate issuer: /CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Certificate serial: 019424455C018D41D5099D90A199E56F07A4
Authority key identifier: 30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/o033YbxU_4pqzhTYeW8KgBTyJFQ.roa
Signing time: Wed 01 Jan 2025 23:48:32 +0000
ROA not before: Wed 01 Jan 2025 23:48:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2134
IP address blocks: 195.76.19.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.mft
rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 02:01:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:5c:01:8d:41:d5:09:9d:90:a1:99:e5:6f:07:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Validity
Not Before: Jan 1 23:48:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a34df761bc54ff8a6ace14d8796f0a8014f22454
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:53:0e:7f:f5:bd:10:a5:bd:0f:e8:6f:d0:b4:
ec:0f:14:82:ad:d3:75:d1:8f:19:d5:00:e0:00:b4:
b2:14:24:f8:cb:b9:80:52:97:3a:8e:b3:03:73:5f:
74:78:d0:21:54:ab:8a:6a:16:a9:8d:02:7c:e2:14:
7b:81:4a:b5:6c:85:4c:3d:e2:50:1a:ed:ec:89:55:
65:81:10:cd:07:c7:0f:d1:e4:1e:16:4d:88:fd:37:
ff:cb:c7:e4:54:bf:6a:32:63:84:0c:c3:c7:4d:20:
2f:7d:d3:6f:18:66:ac:48:9c:7b:ad:71:9d:cc:8f:
3a:0e:de:30:e8:ff:ba:ce:26:de:bd:eb:59:20:e3:
e0:ad:04:3f:06:6d:f6:b4:bc:3e:da:e2:24:bb:cf:
95:e6:b2:91:78:e0:9f:39:fa:bd:a0:c0:d5:86:cd:
49:5f:f7:4e:86:5e:e5:88:a0:bc:cf:fa:3e:d8:72:
0b:61:45:9c:60:f7:0e:0a:c1:4d:53:03:dd:9d:9c:
c4:99:c1:53:49:a0:74:98:91:68:b2:e6:6a:78:d7:
4d:4d:c6:ce:34:b4:2a:31:6c:21:df:ad:53:d3:c5:
bc:e8:f3:63:3f:75:e6:81:67:23:bb:d7:e4:29:60:
10:b0:cf:74:25:9f:fd:60:1b:80:a4:9d:41:32:e6:
65:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:4D:F7:61:BC:54:FF:8A:6A:CE:14:D8:79:6F:0A:80:14:F2:24:54
X509v3 Authority Key Identifier:
keyid:30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/o033YbxU_4pqzhTYeW8KgBTyJFQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.76.19.0/24
Signature Algorithm: sha256WithRSAEncryption
23:1d:e7:c0:9d:48:e7:6d:09:d0:2c:7c:fd:18:89:a2:4c:9b:
7b:22:fa:34:c8:c2:0e:cb:3b:01:62:bf:67:80:52:59:9d:e7:
34:55:89:f3:08:72:37:1a:22:4e:ef:a6:99:f0:91:f9:a6:a6:
a3:f4:2b:0e:ce:3e:80:c5:de:35:53:1c:ca:e7:21:13:e4:13:
99:72:a7:2a:52:fa:92:cb:da:34:d1:49:39:f5:d5:99:90:ee:
83:fb:c4:d6:68:d8:52:62:e3:eb:c6:f6:76:33:8b:75:3d:8c:
3d:17:81:94:ea:4a:87:b6:28:76:76:5c:7f:ba:e3:c4:70:0a:
2b:08:8a:ac:ec:d6:72:97:79:54:d5:6b:52:10:86:c5:a7:29:
2c:11:bf:a2:d1:6a:c1:33:93:f7:01:e8:07:f7:00:33:18:04:
bb:11:03:32:22:e8:97:cc:85:26:ff:46:54:bd:7b:1b:32:d5:
8d:dc:6c:66:0d:30:00:7c:9c:a1:8b:49:0e:71:21:4a:a2:39:
1f:bd:b5:6a:cf:d8:32:6a:8c:4c:a2:58:c3:d1:a6:95:e9:c5:
5b:c9:70:38:4e:e8:55:e1:d6:a3:70:c6:9e:a4:6a:d7:b5:14:
3a:de:c9:36:a4:43:8b:e3:4f:e0:6e:53:81:40:d4:ca:8e:91:
ff:90:67:ea
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRVwBjUHVCZ2QoZnlbwekMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2Y1ZmUyNzQwYTJiNmRlNGMzNzA5ZDI5NjQxMTViM2M5
NjdkYTEwHhcNMjUwMTAxMjM0ODMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzRkZjc2MWJjNTRmZjhhNmFjZTE0ZDg3OTZmMGE4MDE0ZjIyNDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxFMOf/W9EKW9D+hv0LTsDxSCrdN1
0Y8Z1QDgALSyFCT4y7mAUpc6jrMDc190eNAhVKuKahapjQJ84hR7gUq1bIVMPeJQ
Gu3siVVlgRDNB8cP0eQeFk2I/Tf/y8fkVL9qMmOEDMPHTSAvfdNvGGasSJx7rXGd
zI86Dt4w6P+6zibevetZIOPgrQQ/Bm32tLw+2uIku8+V5rKReOCfOfq9oMDVhs1J
X/dOhl7liKC8z/o+2HILYUWcYPcOCsFNUwPdnZzEmcFTSaB0mJFosuZqeNdNTcbO
NLQqMWwh361T08W86PNjP3XmgWcju9fkKWAQsM90JZ/9YBuApJ1BMuZl7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKNN92G8VP+Kas4U2HlvCoAU8iRUMB8GA1UdIwQY
MBaAFDB/X+J0Citt5MNwnSlkEVs8ln2hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQt
NGJhMmY4ZjFmODNiLzEvbzAzM1lieFVfNHBxemhUWWVXOEtnQlR5SkZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQtNGJhMmY4ZjFmODNi
LzEvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw0wTMA0G
CSqGSIb3DQEBCwUAA4IBAQAjHefAnUjnbQnQLHz9GImiTJt7Ivo0yMIOyzsBYr9n
gFJZnec0VYnzCHI3GiJO76aZ8JH5pqaj9CsOzj6Axd41UxzK5yET5BOZcqcqUvqS
y9o00Uk59dWZkO6D+8TWaNhSYuPrxvZ2M4t1PYw9F4GU6kqHtih2dlx/uuPEcAor
CIqs7NZyl3lU1WtSEIbFpyksEb+i0WrBM5P3AegH9wAzGAS7EQMyIuiXzIUm/0ZU
vXsbMtWN3GxmDTAAfJyhi0kOcSFKojkfvbVqz9gyaoxMoljD0aaV6cVbyXA4TuhV
4dajcMaepGrXtRQ63sk2pEOL40/gblOBQNTKjpH/kGfq
-----END CERTIFICATE-----
Generated at Tue Apr 8 12:37:05 2025 by rpki-client