Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/3fd910-78bc-442a-88ac-8c52de6fa888/1/sCXtdqp4cXaJS2Ln-_IeOocxpNc.roa
File: sCXtdqp4cXaJS2Ln-_IeOocxpNc.roa (raw, json)
Hash identifier: J4ntkjmuAU7zZwkkuhYRl8vaQJj+FqwqLBhEct+ihHA=
Subject key identifier: B0:25:ED:76:AA:78:71:76:89:4B:62:E7:FB:F2:1E:3A:87:31:A4:D7
Certificate issuer: /CN=519e97470c63fda14c3265eb741a70e3a8b69aff
Certificate serial: 01942824453431E86746748627B35D481582
Authority key identifier: 51:9E:97:47:0C:63:FD:A1:4C:32:65:EB:74:1A:70:E3:A8:B6:9A:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UZ6XRwxj_aFMMmXrdBpw46i2mv8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/3fd910-78bc-442a-88ac-8c52de6fa888/1/sCXtdqp4cXaJS2Ln-_IeOocxpNc.roa
Signing time: Thu 02 Jan 2025 17:50:53 +0000
ROA not before: Thu 02 Jan 2025 17:50:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42708
IP address blocks: 194.50.181.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/3fd910-78bc-442a-88ac-8c52de6fa888/1/UZ6XRwxj_aFMMmXrdBpw46i2mv8.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/3fd910-78bc-442a-88ac-8c52de6fa888/1/UZ6XRwxj_aFMMmXrdBpw46i2mv8.mft
rsync://rpki.ripe.net/repository/DEFAULT/UZ6XRwxj_aFMMmXrdBpw46i2mv8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 13:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:45:34:31:e8:67:46:74:86:27:b3:5d:48:15:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=519e97470c63fda14c3265eb741a70e3a8b69aff
Validity
Not Before: Jan 2 17:50:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b025ed76aa787176894b62e7fbf21e3a8731a4d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:b5:ee:50:06:a2:a0:c6:60:41:2f:22:84:b6:
61:5a:4c:bb:44:4a:f2:09:86:8d:15:ef:79:b9:23:
07:96:ee:29:08:a9:7f:0f:78:37:7c:26:ca:2a:d2:
d6:4f:26:be:21:08:e3:65:67:82:33:92:34:69:54:
41:e5:55:8c:9f:cb:60:9f:da:6f:2e:a1:4d:50:11:
0f:91:3f:fe:a3:2f:d4:21:e1:09:e6:57:11:f2:1c:
06:80:c8:b8:00:bc:25:bb:5b:54:d2:fe:b7:81:da:
3d:06:e4:28:31:9a:0f:f5:0b:fc:fe:fb:74:8b:d0:
8a:20:bb:19:7c:74:8f:a4:9e:dc:9e:d1:b1:80:17:
28:91:74:93:4b:d8:fe:54:5e:c4:e2:fd:15:0c:8b:
a7:c4:a3:18:76:41:96:70:ea:1a:83:67:5e:b3:a8:
e4:fb:a5:9f:0c:77:b4:de:41:14:29:48:81:7f:a6:
e2:31:42:5a:c9:d4:6e:a4:f2:6e:6d:d4:26:01:fc:
ab:23:b1:b3:69:4a:c0:87:71:03:77:d3:3f:12:92:
a9:f7:03:2f:7e:2f:26:bf:62:5c:00:03:4d:bd:cf:
02:d5:a2:6d:6e:e7:48:c2:61:2f:b3:e4:74:0a:1e:
b5:4a:8d:2a:e1:b0:e6:17:fc:16:90:90:f9:3e:db:
d5:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:25:ED:76:AA:78:71:76:89:4B:62:E7:FB:F2:1E:3A:87:31:A4:D7
X509v3 Authority Key Identifier:
keyid:51:9E:97:47:0C:63:FD:A1:4C:32:65:EB:74:1A:70:E3:A8:B6:9A:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UZ6XRwxj_aFMMmXrdBpw46i2mv8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/3fd910-78bc-442a-88ac-8c52de6fa888/1/sCXtdqp4cXaJS2Ln-_IeOocxpNc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/3fd910-78bc-442a-88ac-8c52de6fa888/1/UZ6XRwxj_aFMMmXrdBpw46i2mv8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.50.181.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:ac:7b:7b:5d:b7:57:af:a9:1a:96:06:92:12:72:a2:fe:51:
62:4e:1e:e6:1c:52:3d:7f:80:76:1a:e0:d3:59:70:77:7c:dc:
7b:a4:14:60:94:84:b9:4f:ec:b8:df:6a:a6:ca:4d:fa:0b:62:
3f:05:49:5c:7f:a6:ef:91:3a:cf:82:f5:5f:2d:fa:8a:3e:7f:
73:f3:a1:04:9e:df:67:b7:87:e3:7b:ca:35:83:8d:0b:00:d0:
96:8d:ad:62:65:b3:78:4e:02:4e:c8:26:f8:35:63:23:a1:e5:
ed:27:74:db:6c:11:fb:26:5a:9d:4c:4f:f6:38:08:80:ae:bd:
be:d2:21:5c:9e:59:61:f2:03:a6:53:01:b9:20:ad:50:16:d8:
a6:27:f4:c3:0d:ed:bd:61:8f:0c:45:c0:4e:1c:cd:03:37:c4:
be:6e:3f:ec:24:75:a9:80:8f:40:9c:80:20:29:93:cc:a1:7e:
a8:f2:13:d1:89:ed:4e:b2:54:86:13:7b:5b:fb:61:d3:03:e9:
03:b6:59:6e:68:eb:fc:05:dc:5d:25:f0:9b:00:d8:d2:78:2c:
fd:29:54:d6:eb:8e:87:c3:d1:08:7d:6e:de:45:6a:51:bc:95:
a6:d1:2b:bc:75:bb:06:42:bd:d7:27:48:a2:78:39:e0:05:28:
61:24:7c:5d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJEU0MehnRnSGJ7NdSBWCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxOWU5NzQ3MGM2M2ZkYTE0YzMyNjVlYjc0MWE3MGUzYThi
NjlhZmYwHhcNMjUwMTAyMTc1MDUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDI1ZWQ3NmFhNzg3MTc2ODk0YjYyZTdmYmYyMWUzYTg3MzFhNGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAubXuUAaioMZgQS8ihLZhWky7REry
CYaNFe95uSMHlu4pCKl/D3g3fCbKKtLWTya+IQjjZWeCM5I0aVRB5VWMn8tgn9pv
LqFNUBEPkT/+oy/UIeEJ5lcR8hwGgMi4ALwlu1tU0v63gdo9BuQoMZoP9Qv8/vt0
i9CKILsZfHSPpJ7cntGxgBcokXSTS9j+VF7E4v0VDIunxKMYdkGWcOoag2des6jk
+6WfDHe03kEUKUiBf6biMUJaydRupPJubdQmAfyrI7GzaUrAh3EDd9M/EpKp9wMv
fi8mv2JcAANNvc8C1aJtbudIwmEvs+R0Ch61So0q4bDmF/wWkJD5PtvV1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLAl7XaqeHF2iUti5/vyHjqHMaTXMB8GA1UdIwQY
MBaAFFGel0cMY/2hTDJl63QacOOotpr/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVo2WFJ3eGpfYUZNTW1YcmRCcHc0NmkybXY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS8zZmQ5MTAtNzhiYy00NDJhLTg4YWMt
OGM1MmRlNmZhODg4LzEvc0NYdGRxcDRjWGFKUzJMbi1fSWVPb2N4cE5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS8zZmQ5MTAtNzhiYy00NDJhLTg4YWMtOGM1MmRlNmZhODg4
LzEvVVo2WFJ3eGpfYUZNTW1YcmRCcHc0NmkybXY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwjK1MA0G
CSqGSIb3DQEBCwUAA4IBAQCbrHt7XbdXr6kalgaSEnKi/lFiTh7mHFI9f4B2GuDT
WXB3fNx7pBRglIS5T+y432qmyk36C2I/BUlcf6bvkTrPgvVfLfqKPn9z86EEnt9n
t4fje8o1g40LANCWja1iZbN4TgJOyCb4NWMjoeXtJ3TbbBH7JlqdTE/2OAiArr2+
0iFcnllh8gOmUwG5IK1QFtimJ/TDDe29YY8MRcBOHM0DN8S+bj/sJHWpgI9AnIAg
KZPMoX6o8hPRie1OslSGE3tb+2HTA+kDtlluaOv8BdxdJfCbANjSeCz9KVTW646H
w9EIfW7eRWpRvJWm0Su8dbsGQr3XJ0iieDngBShhJHxd
-----END CERTIFICATE-----
Generated at Sat Apr 5 21:22:23 2025 by rpki-client