Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/du_h3WrA0m1xhUnyJPLIuGO4kpA.roa
File: du_h3WrA0m1xhUnyJPLIuGO4kpA.roa (raw, json)
Hash identifier: JDpeOD7xV2ekG+eEesG9qUfLmZmSMWruOGhX64DbBEc=
Subject key identifier: 76:EF:E1:DD:6A:C0:D2:6D:71:85:49:F2:24:F2:C8:B8:63:B8:92:90
Certificate issuer: /CN=04a2ae2cd094333018c41daafb474c6cfa80d07d
Certificate serial: 0194934F2A93A94F67ABB9430CADBA2C0E37
Authority key identifier: 04:A2:AE:2C:D0:94:33:30:18:C4:1D:AA:FB:47:4C:6C:FA:80:D0:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BKKuLNCUMzAYxB2q-0dMbPqA0H0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/du_h3WrA0m1xhUnyJPLIuGO4kpA.roa
Signing time: Thu 23 Jan 2025 13:17:06 +0000
ROA not before: Thu 23 Jan 2025 13:17:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8778
IP address blocks: 193.93.74.0/24 maxlen: 24
195.28.64.0/19 maxlen: 19
195.80.160.0/19 maxlen: 19
2a02:dd8::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/BKKuLNCUMzAYxB2q-0dMbPqA0H0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/BKKuLNCUMzAYxB2q-0dMbPqA0H0.mft
rsync://rpki.ripe.net/repository/DEFAULT/BKKuLNCUMzAYxB2q-0dMbPqA0H0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 22:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:93:4f:2a:93:a9:4f:67:ab:b9:43:0c:ad:ba:2c:0e:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04a2ae2cd094333018c41daafb474c6cfa80d07d
Validity
Not Before: Jan 23 13:17:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=76efe1dd6ac0d26d718549f224f2c8b863b89290
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:08:09:7b:1c:ef:52:68:f2:2f:b7:bb:37:fa:
87:05:19:60:72:d2:50:96:f9:d2:00:c6:29:1f:8e:
9a:47:a1:f0:01:91:dd:8f:4d:62:f9:58:d6:6f:e7:
66:ec:2b:62:5f:9e:88:3c:ba:e2:32:56:33:ee:e3:
a5:ae:ce:2d:b9:eb:11:03:31:6d:94:78:dd:ff:8d:
10:ef:eb:15:73:fe:d6:f9:47:c0:0a:8a:a1:04:1b:
d0:38:01:ea:6d:c4:21:eb:15:ee:c5:56:3e:1c:7b:
47:06:8b:f7:72:1b:42:3e:34:96:aa:f4:fb:07:97:
20:93:8f:d7:4c:77:f1:78:97:a0:60:de:24:a3:84:
56:1f:bc:55:7c:75:3e:6e:0c:33:5b:f6:de:0f:4b:
24:88:48:e4:00:ef:88:2c:e4:cc:c0:74:37:d9:d3:
61:f5:b6:71:c7:e5:cc:bc:e1:21:c6:5f:ff:89:88:
42:2b:11:ce:87:20:3a:7b:99:a2:66:bc:a5:3d:42:
e5:1a:35:ea:51:d2:55:b4:86:5d:8c:60:34:75:ac:
a2:d3:19:03:da:a7:e6:cd:e2:e7:5e:bb:4e:8c:4d:
c8:60:a8:57:17:4f:c2:45:aa:3a:75:e7:40:3f:d1:
f1:4e:d8:b2:b3:da:ea:60:a0:bc:bc:9f:93:c9:f6:
a2:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:EF:E1:DD:6A:C0:D2:6D:71:85:49:F2:24:F2:C8:B8:63:B8:92:90
X509v3 Authority Key Identifier:
keyid:04:A2:AE:2C:D0:94:33:30:18:C4:1D:AA:FB:47:4C:6C:FA:80:D0:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BKKuLNCUMzAYxB2q-0dMbPqA0H0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/du_h3WrA0m1xhUnyJPLIuGO4kpA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/BKKuLNCUMzAYxB2q-0dMbPqA0H0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.93.74.0/24
195.28.64.0/19
195.80.160.0/19
IPv6:
2a02:dd8::/29
Signature Algorithm: sha256WithRSAEncryption
2a:bf:27:8a:a4:1b:3d:50:eb:5b:d1:00:a5:b4:c8:3b:5e:5f:
76:42:51:d1:15:88:b5:a5:c7:8c:a8:d5:a4:37:5c:21:17:0f:
7c:b3:98:17:a1:a8:9e:a6:eb:9d:a7:07:e7:7b:0a:6a:00:b3:
b7:ab:71:06:d5:a8:d6:02:b4:4b:bf:6e:6e:59:30:f7:3a:dd:
64:e5:9a:73:d0:a3:bf:71:ee:e5:6c:0c:14:8f:90:a9:53:09:
a1:f6:59:cf:6c:89:de:ff:a2:dc:99:e4:22:0c:39:62:20:56:
78:d6:d4:25:29:cf:aa:9e:b4:09:3a:76:fe:fd:c5:47:ee:1d:
40:85:32:bd:b3:2c:26:78:9e:83:bd:df:9d:74:e0:1f:6b:82:
49:f0:11:16:49:00:e4:dd:11:37:db:35:bf:50:bd:f4:4b:b6:
45:ed:f7:84:11:e4:89:4b:2b:c2:95:47:2c:f6:e8:f5:6c:ee:
f4:95:55:4d:b7:ba:19:b9:f2:af:97:eb:15:dd:33:a1:a9:32:
ba:e0:ce:2f:76:fd:08:9f:62:8b:a3:4f:1c:96:19:22:dc:f2:
48:c6:12:e5:60:bb:6d:9f:f2:e5:76:01:4a:15:d7:96:91:69:
49:ed:67:b4:1d:2c:f2:2f:fb:d1:bb:25:3d:07:1b:8c:80:7d:
ab:7f:e8:24
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZSTTyqTqU9nq7lDDK26LA43MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0YTJhZTJjZDA5NDMzMzAxOGM0MWRhYWZiNDc0YzZjZmE4
MGQwN2QwHhcNMjUwMTIzMTMxNzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmVmZTFkZDZhYzBkMjZkNzE4NTQ5ZjIyNGYyYzhiODYzYjg5MjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnAgJexzvUmjyL7e7N/qHBRlgctJQ
lvnSAMYpH46aR6HwAZHdj01i+VjWb+dm7CtiX56IPLriMlYz7uOlrs4tuesRAzFt
lHjd/40Q7+sVc/7W+UfACoqhBBvQOAHqbcQh6xXuxVY+HHtHBov3chtCPjSWqvT7
B5cgk4/XTHfxeJegYN4ko4RWH7xVfHU+bgwzW/beD0skiEjkAO+ILOTMwHQ32dNh
9bZxx+XMvOEhxl//iYhCKxHOhyA6e5miZrylPULlGjXqUdJVtIZdjGA0dayi0xkD
2qfmzeLnXrtOjE3IYKhXF0/CRao6dedAP9HxTtiys9rqYKC8vJ+TyfaijQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFHbv4d1qwNJtcYVJ8iTyyLhjuJKQMB8GA1UdIwQY
MBaAFASirizQlDMwGMQdqvtHTGz6gNB9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQktLdUxOQ1VNekFZeEIycS0wZE1iUHFBMEgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS82MzRhMTItZTU4Yy00NTVjLTg5MzMt
NmU2ZThkOTMwM2U5LzEvZHVfaDNXckEwbTF4aFVueUpQTEl1R080a3BBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS82MzRhMTItZTU4Yy00NTVjLTg5MzMtNmU2ZThkOTMwM2U5
LzEvQktLdUxOQ1VNekFZeEIycS0wZE1iUHFBMEgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAwV1KAwQF
wxxAAwQFw1CgMA0EAgACMAcDBQMqAg3YMA0GCSqGSIb3DQEBCwUAA4IBAQAqvyeK
pBs9UOtb0QCltMg7Xl92QlHRFYi1pceMqNWkN1whFw98s5gXoaiepuudpwfnewpq
ALO3q3EG1ajWArRLv25uWTD3Ot1k5Zpz0KO/ce7lbAwUj5CpUwmh9lnPbIne/6Lc
meQiDDliIFZ41tQlKc+qnrQJOnb+/cVH7h1AhTK9sywmeJ6Dvd+ddOAfa4JJ8BEW
SQDk3RE32zW/UL30S7ZF7feEEeSJSyvClUcs9uj1bO70lVVNt7oZufKvl+sV3TOh
qTK64M4vdv0In2KLo08clhki3PJIxhLlYLttn/LldgFKFdeWkWlJ7We0HSzyL/vR
uyU9BxuMgH2rf+gk
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:16:40 2025 by rpki-client