Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/c5c1b3-e5ca-4a83-8390-917933b1502e/1/r-ygRbjtxxgO3t3aGjdEJ1nnCcw.roa
File: r-ygRbjtxxgO3t3aGjdEJ1nnCcw.roa (raw, json)
Hash identifier: WR2yF8mNXvC7JDBK3ZnnxThACZnLlRj8L9WEQd6jnY4=
Subject key identifier: AF:EC:A0:45:B8:ED:C7:18:0E:DE:DD:DA:1A:37:44:27:59:E7:09:CC
Certificate issuer: /CN=abc45b658b1ec0fdeb459e6ff2577db8ca6a9330
Certificate serial: 019420D5BE132D0847E09016244EF22591B5
Authority key identifier: AB:C4:5B:65:8B:1E:C0:FD:EB:45:9E:6F:F2:57:7D:B8:CA:6A:93:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q8RbZYsewP3rRZ5v8ld9uMpqkzA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/c5c1b3-e5ca-4a83-8390-917933b1502e/1/r-ygRbjtxxgO3t3aGjdEJ1nnCcw.roa
Signing time: Wed 01 Jan 2025 07:47:45 +0000
ROA not before: Wed 01 Jan 2025 07:47:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210788
IP address blocks: 193.41.47.0/24 maxlen: 24
193.41.82.0/24 maxlen: 24
2a0f:7ec0:1::/48 maxlen: 48
2a0f:7ec0:100::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/c5c1b3-e5ca-4a83-8390-917933b1502e/1/q8RbZYsewP3rRZ5v8ld9uMpqkzA.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/c5c1b3-e5ca-4a83-8390-917933b1502e/1/q8RbZYsewP3rRZ5v8ld9uMpqkzA.mft
rsync://rpki.ripe.net/repository/DEFAULT/q8RbZYsewP3rRZ5v8ld9uMpqkzA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:be:13:2d:08:47:e0:90:16:24:4e:f2:25:91:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abc45b658b1ec0fdeb459e6ff2577db8ca6a9330
Validity
Not Before: Jan 1 07:47:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=afeca045b8edc7180ededdda1a37442759e709cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:6e:1b:11:b2:cf:87:74:98:5a:d9:ec:62:8b:
cb:fe:c7:12:4d:ad:27:a1:78:06:2f:ef:34:0a:a8:
d2:e4:3b:34:38:08:ac:f2:31:ed:60:06:59:c5:a4:
ef:fb:d7:22:6a:50:3d:12:80:e3:6f:46:d3:65:e8:
3e:3b:8d:b4:fe:b5:ce:5d:30:1d:05:f8:aa:b7:0a:
de:70:2e:45:19:b1:84:44:1f:7e:ac:27:88:2d:5f:
e0:d4:20:bc:01:f4:a7:b5:d7:d5:b8:36:2a:1a:34:
d0:fa:74:1f:75:99:0b:0a:cf:b1:f2:04:4c:4e:f7:
ff:24:4b:32:fd:bf:d1:69:d5:3c:57:c0:48:21:24:
44:32:e1:1a:f1:89:6c:94:63:0b:86:ca:fa:dc:e6:
65:5f:dd:96:e4:88:ca:24:19:36:e8:b4:62:b3:f3:
bd:19:8f:4d:f7:ff:2e:6a:cd:5b:84:5e:f5:80:8e:
14:9f:01:aa:87:15:d2:fc:9f:f6:74:83:93:a3:e1:
b1:11:fa:0c:3e:f5:fd:a8:58:95:af:15:c3:1a:46:
ff:0b:bd:c3:0c:5b:87:c4:16:16:95:25:6c:ba:dc:
70:a1:83:94:55:55:5e:cf:11:bf:a8:2d:8a:30:7f:
60:f5:ae:08:b3:5b:17:15:75:e1:39:df:76:d7:bc:
f7:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:EC:A0:45:B8:ED:C7:18:0E:DE:DD:DA:1A:37:44:27:59:E7:09:CC
X509v3 Authority Key Identifier:
keyid:AB:C4:5B:65:8B:1E:C0:FD:EB:45:9E:6F:F2:57:7D:B8:CA:6A:93:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q8RbZYsewP3rRZ5v8ld9uMpqkzA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/c5c1b3-e5ca-4a83-8390-917933b1502e/1/r-ygRbjtxxgO3t3aGjdEJ1nnCcw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/c5c1b3-e5ca-4a83-8390-917933b1502e/1/q8RbZYsewP3rRZ5v8ld9uMpqkzA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.41.47.0/24
193.41.82.0/24
IPv6:
2a0f:7ec0:1::/48
2a0f:7ec0:100::/48
Signature Algorithm: sha256WithRSAEncryption
54:a4:b9:90:ea:0a:bd:2d:ea:c0:51:bd:cc:d9:e2:4d:e4:77:
71:7a:24:24:3a:b7:14:66:d8:50:bd:f6:b5:f4:20:09:c6:9d:
0f:65:37:a3:1a:ff:c0:33:cb:33:21:33:be:94:d0:c6:84:63:
f0:97:82:43:3a:68:74:bc:ed:5c:06:05:96:19:1f:67:3a:f1:
f1:60:56:50:96:5b:85:d4:02:73:73:26:0e:b4:fc:21:c6:bf:
da:a3:4b:df:98:22:71:27:0b:2a:fc:fa:e9:d6:d3:56:c9:35:
f5:32:3d:08:c0:76:06:1e:13:d6:3a:38:80:3e:90:cb:1e:ba:
d2:44:83:0f:3b:c5:2d:03:f5:d4:bb:21:c5:e8:13:21:83:97:
4b:7a:53:f4:d0:c6:33:11:d1:f1:03:41:f2:0b:05:a0:d5:88:
a5:9e:48:1c:38:69:53:7e:00:9d:56:3b:8a:e0:f2:00:cc:19:
97:dd:26:f2:f9:d3:47:2c:52:c2:96:65:50:26:84:04:94:c4:
44:ff:bc:d2:26:0b:8a:f3:5c:81:2e:f9:3b:cc:04:fc:c9:6c:
bb:a4:78:64:d9:9b:f9:9c:0f:fd:a2:1f:bf:fb:7b:51:15:0a:
38:c8:74:cd:b1:18:3b:39:e7:bf:59:4a:c5:99:81:2f:17:4c:
d0:1b:d9:8c
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZQg1b4TLQhH4JAWJE7yJZG1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYzQ1YjY1OGIxZWMwZmRlYjQ1OWU2ZmYyNTc3ZGI4Y2E2
YTkzMzAwHhcNMjUwMTAxMDc0NzQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmVjYTA0NWI4ZWRjNzE4MGVkZWRkZGExYTM3NDQyNzU5ZTcwOWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwm4bEbLPh3SYWtnsYovL/scSTa0n
oXgGL+80CqjS5Ds0OAis8jHtYAZZxaTv+9cialA9EoDjb0bTZeg+O420/rXOXTAd
BfiqtwrecC5FGbGERB9+rCeILV/g1CC8AfSntdfVuDYqGjTQ+nQfdZkLCs+x8gRM
Tvf/JEsy/b/RadU8V8BIISREMuEa8YlslGMLhsr63OZlX92W5IjKJBk26LRis/O9
GY9N9/8uas1bhF71gI4UnwGqhxXS/J/2dIOTo+GxEfoMPvX9qFiVrxXDGkb/C73D
DFuHxBYWlSVsutxwoYOUVVVezxG/qC2KMH9g9a4Is1sXFXXhOd9217z3KwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFK/soEW47ccYDt7d2ho3RCdZ5wnMMB8GA1UdIwQY
MBaAFKvEW2WLHsD960Web/JXfbjKapMwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcThSYlpZc2V3UDNyUlo1djhsZDl1TXBxa3pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS9jNWMxYjMtZTVjYS00YTgzLTgzOTAt
OTE3OTMzYjE1MDJlLzEvci15Z1JianR4eGdPM3QzYUdqZEVKMW5uQ2N3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS9jNWMxYjMtZTVjYS00YTgzLTgzOTAtOTE3OTMzYjE1MDJl
LzEvcThSYlpZc2V3UDNyUlo1djhsZDl1TXBxa3pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAwSkvAwQA
wSlSMBgEAgACMBIDBwAqD37AAAEDBwAqD37AAQAwDQYJKoZIhvcNAQELBQADggEB
AFSkuZDqCr0t6sBRvczZ4k3kd3F6JCQ6txRm2FC99rX0IAnGnQ9lN6Ma/8AzyzMh
M76U0MaEY/CXgkM6aHS87VwGBZYZH2c68fFgVlCWW4XUAnNzJg60/CHGv9qjS9+Y
InEnCyr8+unW01bJNfUyPQjAdgYeE9Y6OIA+kMseutJEgw87xS0D9dS7IcXoEyGD
l0t6U/TQxjMR0fEDQfILBaDViKWeSBw4aVN+AJ1WO4rg8gDMGZfdJvL500csUsKW
ZVAmhASUxET/vNImC4rzXIEu+TvMBPzJbLukeGTZm/mcD/2iH7/7e1EVCjjIdM2x
GDs5579ZSsWZgS8XTNAb2Yw=
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:50:19 2025 by rpki-client