Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/1a134f-030a-43e7-b041-6c7856ef7b31/1/ALsU0GmL8xBEdnC3KhGcFcVEzLI.roa
File: ALsU0GmL8xBEdnC3KhGcFcVEzLI.roa (raw, json)
Hash identifier: kjJSdr3ASA1w2olBsUagT4Dg4lrINRn84aknrRD9LYQ=
Subject key identifier: 00:BB:14:D0:69:8B:F3:10:44:76:70:B7:2A:11:9C:15:C5:44:CC:B2
Certificate issuer: /CN=e9e4dc968ed52935a04dee3b229c21ca9bfdbd7e
Certificate serial: 0194228D6D2F3CA743FEC523CAD17F85ED29
Authority key identifier: E9:E4:DC:96:8E:D5:29:35:A0:4D:EE:3B:22:9C:21:CA:9B:FD:BD:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6eTclo7VKTWgTe47Ipwhypv9vX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/1a134f-030a-43e7-b041-6c7856ef7b31/1/ALsU0GmL8xBEdnC3KhGcFcVEzLI.roa
Signing time: Wed 01 Jan 2025 15:48:01 +0000
ROA not before: Wed 01 Jan 2025 15:48:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62240
IP address blocks: 93.183.100.0/22 maxlen: 24
93.183.120.0/22 maxlen: 24
176.106.136.0/21 maxlen: 24
176.123.184.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/1a134f-030a-43e7-b041-6c7856ef7b31/1/6eTclo7VKTWgTe47Ipwhypv9vX4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/1a134f-030a-43e7-b041-6c7856ef7b31/1/6eTclo7VKTWgTe47Ipwhypv9vX4.mft
rsync://rpki.ripe.net/repository/DEFAULT/6eTclo7VKTWgTe47Ipwhypv9vX4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:6d:2f:3c:a7:43:fe:c5:23:ca:d1:7f:85:ed:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9e4dc968ed52935a04dee3b229c21ca9bfdbd7e
Validity
Not Before: Jan 1 15:48:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=00bb14d0698bf310447670b72a119c15c544ccb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:7d:b8:50:ea:67:f7:a5:f0:e6:b0:0e:f0:9f:
48:08:f3:ee:8a:55:e8:81:cc:88:e7:35:ef:c4:83:
ae:ca:02:d6:80:c5:95:d5:f7:d6:60:5b:46:18:c6:
05:a9:35:54:77:23:4b:b1:ee:90:d3:a7:da:15:90:
ff:76:a2:0e:e5:ce:d4:1c:f4:76:88:ad:86:64:3c:
ec:7c:7c:c7:2f:4b:f0:49:1b:96:96:65:a6:6e:af:
8f:54:d4:34:dc:eb:75:19:69:5b:42:1d:eb:a3:8b:
8e:5e:68:9d:9c:66:5e:ca:74:13:87:78:ad:df:c8:
61:08:78:19:1f:2a:f3:48:9c:ed:f6:f0:66:25:3c:
9b:a5:34:01:0e:93:74:78:2d:f3:ce:9e:be:d2:02:
94:b2:ce:5b:85:20:ab:81:d9:64:e2:ac:b5:8a:0c:
f7:70:d8:6a:d4:91:3b:31:a5:2d:6f:8e:99:40:63:
51:94:6e:e3:33:ea:d1:e0:b5:09:e1:75:36:d1:ed:
0a:5f:8a:81:36:17:d4:2f:95:9f:d2:a6:52:ef:3c:
c5:1d:5c:a3:5e:ab:12:30:dd:11:f7:2a:cc:3c:d7:
a6:28:29:ca:a9:31:e8:92:ce:fa:11:a0:d9:1c:52:
e0:0c:78:82:04:04:f0:1a:9d:3a:89:38:82:72:b2:
41:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:BB:14:D0:69:8B:F3:10:44:76:70:B7:2A:11:9C:15:C5:44:CC:B2
X509v3 Authority Key Identifier:
keyid:E9:E4:DC:96:8E:D5:29:35:A0:4D:EE:3B:22:9C:21:CA:9B:FD:BD:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6eTclo7VKTWgTe47Ipwhypv9vX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/1a134f-030a-43e7-b041-6c7856ef7b31/1/ALsU0GmL8xBEdnC3KhGcFcVEzLI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/1a134f-030a-43e7-b041-6c7856ef7b31/1/6eTclo7VKTWgTe47Ipwhypv9vX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.183.100.0/22
93.183.120.0/22
176.106.136.0/21
176.123.184.0/22
Signature Algorithm: sha256WithRSAEncryption
8e:9d:0f:10:de:fd:a7:9a:2a:a0:74:a4:41:7c:4d:7e:d8:82:
de:af:e3:be:2e:99:82:7f:cc:b9:d9:c6:b5:a7:09:c6:6f:3c:
e3:9e:05:d0:2a:29:a4:d5:af:fe:9a:bd:c2:70:72:81:02:40:
fa:ca:79:89:0a:4e:88:6b:51:f5:c4:21:9b:f1:a4:1d:fd:1e:
1a:4c:61:10:96:f1:8d:a9:ad:f3:27:91:1b:be:36:3c:3f:bf:
55:d0:a8:e5:a2:e0:d5:a6:5a:74:7c:06:2c:2c:68:1f:bf:bc:
9e:6c:71:f0:e0:88:3f:5b:7b:9c:e9:7f:82:63:0a:2b:5a:e9:
f1:ef:3e:ad:a8:ac:80:98:4d:c0:95:e1:88:2b:c0:74:5f:25:
56:8b:ab:f5:b8:2d:a6:1d:13:6f:1b:15:45:62:17:44:87:8c:
93:17:8a:ca:99:ab:6d:c8:f0:72:c7:0e:f9:89:0e:e9:6f:63:
1a:74:e5:3f:a0:76:bb:64:be:b1:b4:ac:a3:83:d2:23:89:a9:
7a:1f:5f:21:9f:db:8b:ec:0c:67:d5:4c:16:38:8d:b5:7b:40:
c8:39:a8:30:4a:2f:60:c3:25:ca:1d:2a:36:c2:19:81:ee:6d:
e0:76:3c:db:fb:58:a0:f1:a7:d6:78:f4:8f:76:c8:da:31:0b:
3f:7f:6d:b1
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQijW0vPKdD/sUjytF/he0pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5ZTRkYzk2OGVkNTI5MzVhMDRkZWUzYjIyOWMyMWNhOWJm
ZGJkN2UwHhcNMjUwMTAxMTU0ODAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGJiMTRkMDY5OGJmMzEwNDQ3NjcwYjcyYTExOWMxNWM1NDRjY2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6H24UOpn96Xw5rAO8J9ICPPuilXo
gcyI5zXvxIOuygLWgMWV1ffWYFtGGMYFqTVUdyNLse6Q06faFZD/dqIO5c7UHPR2
iK2GZDzsfHzHL0vwSRuWlmWmbq+PVNQ03Ot1GWlbQh3ro4uOXmidnGZeynQTh3it
38hhCHgZHyrzSJzt9vBmJTybpTQBDpN0eC3zzp6+0gKUss5bhSCrgdlk4qy1igz3
cNhq1JE7MaUtb46ZQGNRlG7jM+rR4LUJ4XU20e0KX4qBNhfUL5Wf0qZS7zzFHVyj
XqsSMN0R9yrMPNemKCnKqTHoks76EaDZHFLgDHiCBATwGp06iTiCcrJBIwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAC7FNBpi/MQRHZwtyoRnBXFRMyyMB8GA1UdIwQY
MBaAFOnk3JaO1Sk1oE3uOyKcIcqb/b1+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmVUY2xvN1ZLVFdnVGU0N0lwd2h5cHY5dlg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8xYTEzNGYtMDMwYS00M2U3LWIwNDEt
NmM3ODU2ZWY3YjMxLzEvQUxzVTBHbUw4eEJFZG5DM0toR2NGY1ZFekxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8xYTEzNGYtMDMwYS00M2U3LWIwNDEtNmM3ODU2ZWY3YjMx
LzEvNmVUY2xvN1ZLVFdnVGU0N0lwd2h5cHY5dlg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCXbdkAwQC
Xbd4AwQDsGqIAwQCsHu4MA0GCSqGSIb3DQEBCwUAA4IBAQCOnQ8Q3v2nmiqgdKRB
fE1+2ILer+O+LpmCf8y52ca1pwnGbzzjngXQKimk1a/+mr3CcHKBAkD6ynmJCk6I
a1H1xCGb8aQd/R4aTGEQlvGNqa3zJ5EbvjY8P79V0KjlouDVplp0fAYsLGgfv7ye
bHHw4Ig/W3uc6X+CYworWunx7z6tqKyAmE3AleGIK8B0XyVWi6v1uC2mHRNvGxVF
YhdEh4yTF4rKmattyPByxw75iQ7pb2MadOU/oHa7ZL6xtKyjg9Ijial6H18hn9uL
7Axn1UwWOI21e0DIOagwSi9gwyXKHSo2whmB7m3gdjzb+1ig8afWePSPdsjaMQs/
f22x
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:37:34 2025 by rpki-client