Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/4c6e75-a800-4d4f-8ac7-4eaeb2a23b27/1/tDmGVhL-hfe86EtwqqFgtbugIGI.roa
File: tDmGVhL-hfe86EtwqqFgtbugIGI.roa (raw, json)
Hash identifier: yybIZyz2WHKbdDgnIhAh2oqd5wKR3WI3gpGpCQsuSFc=
Subject key identifier: B4:39:86:56:12:FE:85:F7:BC:E8:4B:70:AA:A1:60:B5:BB:A0:20:62
Certificate issuer: /CN=a6e8a25a93792a58b3a2d80fb1aad959e65aeddf
Certificate serial: 0194266B4E5A3039A86F31419EF919C3E87E
Authority key identifier: A6:E8:A2:5A:93:79:2A:58:B3:A2:D8:0F:B1:AA:D9:59:E6:5A:ED:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/puiiWpN5KlizotgPsarZWeZa7d8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/4c6e75-a800-4d4f-8ac7-4eaeb2a23b27/1/tDmGVhL-hfe86EtwqqFgtbugIGI.roa
Signing time: Thu 02 Jan 2025 09:49:14 +0000
ROA not before: Thu 02 Jan 2025 09:49:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35197
IP address blocks: 185.103.21.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/4c6e75-a800-4d4f-8ac7-4eaeb2a23b27/1/puiiWpN5KlizotgPsarZWeZa7d8.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/4c6e75-a800-4d4f-8ac7-4eaeb2a23b27/1/puiiWpN5KlizotgPsarZWeZa7d8.mft
rsync://rpki.ripe.net/repository/DEFAULT/puiiWpN5KlizotgPsarZWeZa7d8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 19:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:4e:5a:30:39:a8:6f:31:41:9e:f9:19:c3:e8:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a6e8a25a93792a58b3a2d80fb1aad959e65aeddf
Validity
Not Before: Jan 2 09:49:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b439865612fe85f7bce84b70aaa160b5bba02062
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:1e:eb:3e:c8:23:0a:34:72:22:72:f1:eb:47:
36:14:71:c6:70:2d:0a:3a:95:dc:76:a8:53:b9:a0:
c0:be:f5:7f:3b:73:eb:fd:6b:93:20:3c:6b:46:30:
c7:42:4d:6c:01:3b:00:a6:45:1a:3d:f0:51:4e:ed:
05:76:6d:43:4f:e9:da:c2:b0:b2:2c:e6:33:8f:44:
7b:87:74:cf:ee:5c:d4:b8:4f:29:b7:5a:4e:e6:39:
c6:31:19:ae:29:5f:8a:0a:7e:da:5a:be:af:fc:cf:
c1:54:f6:92:67:11:e5:74:7e:3b:85:43:ce:63:a6:
d3:83:67:8a:a3:18:26:3c:a1:7c:e6:ac:34:20:d2:
14:b2:f8:04:85:87:7f:07:17:a4:e8:d6:62:ac:97:
7c:fc:de:2e:e0:12:fd:8d:7c:ae:86:21:a6:81:97:
de:0e:e1:3e:7d:f1:5a:09:2e:4a:d7:b8:b2:53:10:
0e:84:78:22:58:27:cb:22:fa:68:d1:d3:0d:16:fd:
bf:dd:46:84:32:a8:a2:12:ef:53:4d:53:db:39:63:
1e:ed:17:3f:89:3d:aa:b5:e9:39:2a:1e:86:5c:ce:
4e:09:e2:28:bd:5c:f4:3c:0f:dc:57:21:ad:2a:9f:
d7:9f:5f:c6:d3:81:c7:1b:df:50:77:30:e4:41:51:
82:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:39:86:56:12:FE:85:F7:BC:E8:4B:70:AA:A1:60:B5:BB:A0:20:62
X509v3 Authority Key Identifier:
keyid:A6:E8:A2:5A:93:79:2A:58:B3:A2:D8:0F:B1:AA:D9:59:E6:5A:ED:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/puiiWpN5KlizotgPsarZWeZa7d8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/4c6e75-a800-4d4f-8ac7-4eaeb2a23b27/1/tDmGVhL-hfe86EtwqqFgtbugIGI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/4c6e75-a800-4d4f-8ac7-4eaeb2a23b27/1/puiiWpN5KlizotgPsarZWeZa7d8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.103.21.0/24
Signature Algorithm: sha256WithRSAEncryption
98:c3:34:e6:93:c8:d0:c8:d2:56:6b:b0:20:29:98:09:7c:fa:
4a:b5:0d:39:5b:e9:aa:5a:29:11:ec:57:83:6a:21:ab:e8:fc:
da:53:26:4f:3a:2e:0c:50:5d:a7:2f:55:e0:b6:c7:91:84:22:
a5:a5:87:7c:27:04:7d:72:5b:b9:16:a0:51:5e:d9:59:10:ce:
18:8e:06:d1:17:2b:bf:cf:90:3b:5a:9f:91:69:b9:3d:08:e0:
77:70:f9:72:fc:26:6f:31:08:e9:6a:b8:8e:99:a0:43:bd:b1:
21:53:ba:13:ae:0a:e1:23:94:8f:e1:a5:3e:36:60:eb:a1:ba:
f5:30:d5:64:2f:a9:80:7a:53:1e:f2:4d:2e:89:0d:ad:a5:cd:
5c:f3:de:fb:0c:9e:c4:46:3a:00:5c:dd:55:df:49:f6:ab:fa:
f6:c7:0d:2f:38:59:d0:08:63:e1:58:fa:5a:2c:cf:8c:4a:77:
ce:6c:eb:0f:6f:6a:e2:a5:41:b8:0e:38:35:c4:7b:f7:1a:f9:
26:ae:ff:41:71:35:14:00:fc:be:ef:f0:c2:f3:ce:e4:ca:09:
03:36:ee:d9:9c:f6:25:50:36:3a:3b:83:f7:52:4c:ee:c0:f7:
4e:c3:80:18:36:df:d3:d0:27:1d:11:ba:de:48:d4:74:7d:ff:
fb:27:e7:cd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQma05aMDmobzFBnvkZw+h+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2ZThhMjVhOTM3OTJhNThiM2EyZDgwZmIxYWFkOTU5ZTY1
YWVkZGYwHhcNMjUwMTAyMDk0OTE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDM5ODY1NjEyZmU4NWY3YmNlODRiNzBhYWExNjBiNWJiYTAyMDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvh7rPsgjCjRyInLx60c2FHHGcC0K
OpXcdqhTuaDAvvV/O3Pr/WuTIDxrRjDHQk1sATsApkUaPfBRTu0Fdm1DT+nawrCy
LOYzj0R7h3TP7lzUuE8pt1pO5jnGMRmuKV+KCn7aWr6v/M/BVPaSZxHldH47hUPO
Y6bTg2eKoxgmPKF85qw0INIUsvgEhYd/Bxek6NZirJd8/N4u4BL9jXyuhiGmgZfe
DuE+ffFaCS5K17iyUxAOhHgiWCfLIvpo0dMNFv2/3UaEMqiiEu9TTVPbOWMe7Rc/
iT2qtek5Kh6GXM5OCeIovVz0PA/cVyGtKp/Xn1/G04HHG99QdzDkQVGCFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLQ5hlYS/oX3vOhLcKqhYLW7oCBiMB8GA1UdIwQY
MBaAFKboolqTeSpYs6LYD7Gq2VnmWu3fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHVpaVdwTjVLbGl6b3RnUHNhclpXZVphN2Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS80YzZlNzUtYTgwMC00ZDRmLThhYzct
NGVhZWIyYTIzYjI3LzEvdERtR1ZoTC1oZmU4NkV0d3FxRmd0YnVnSUdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS80YzZlNzUtYTgwMC00ZDRmLThhYzctNGVhZWIyYTIzYjI3
LzEvcHVpaVdwTjVLbGl6b3RnUHNhclpXZVphN2Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuWcVMA0G
CSqGSIb3DQEBCwUAA4IBAQCYwzTmk8jQyNJWa7AgKZgJfPpKtQ05W+mqWikR7FeD
aiGr6PzaUyZPOi4MUF2nL1XgtseRhCKlpYd8JwR9clu5FqBRXtlZEM4YjgbRFyu/
z5A7Wp+Rabk9COB3cPly/CZvMQjpariOmaBDvbEhU7oTrgrhI5SP4aU+NmDrobr1
MNVkL6mAelMe8k0uiQ2tpc1c8977DJ7ERjoAXN1V30n2q/r2xw0vOFnQCGPhWPpa
LM+MSnfObOsPb2ripUG4Djg1xHv3Gvkmrv9BcTUUAPy+7/DC887kygkDNu7ZnPYl
UDY6O4P3UkzuwPdOw4AYNt/T0CcdEbreSNR0ff/7J+fN
-----END CERTIFICATE-----
Generated at Mon Apr 7 04:41:16 2025 by rpki-client