Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/1-YLitnkBbXXsQAFgwq_VXNT0JiU.roa
File: 1-YLitnkBbXXsQAFgwq_VXNT0JiU.roa (raw, json)
Hash identifier: AJ3gimUDCGBcWcTGkG9GHuWdzHVsFaaNIwm4c/UaNKI=
Subject key identifier: F9:82:E2:B6:79:01:6D:75:EC:40:01:60:C2:AF:D5:5C:D4:F4:26:25
Certificate issuer: /CN=2ef957aba2ef00352850e202464c71d33ca81448
Certificate serial: 0194258F8B711F1B846792448355C339A8E0
Authority key identifier: 2E:F9:57:AB:A2:EF:00:35:28:50:E2:02:46:4C:71:D3:3C:A8:14:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LvlXq6LvADUoUOICRkxx0zyoFEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/1-YLitnkBbXXsQAFgwq_VXNT0JiU.roa
Signing time: Thu 02 Jan 2025 05:49:11 +0000
ROA not before: Thu 02 Jan 2025 05:49:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2198
IP address blocks: 193.51.249.0/24 maxlen: 24
194.214.55.0/24 maxlen: 24
194.254.189.0/24 maxlen: 24
195.221.84.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/LvlXq6LvADUoUOICRkxx0zyoFEg.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/LvlXq6LvADUoUOICRkxx0zyoFEg.mft
rsync://rpki.ripe.net/repository/DEFAULT/LvlXq6LvADUoUOICRkxx0zyoFEg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 20:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:8b:71:1f:1b:84:67:92:44:83:55:c3:39:a8:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ef957aba2ef00352850e202464c71d33ca81448
Validity
Not Before: Jan 2 05:49:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f982e2b679016d75ec400160c2afd55cd4f42625
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:00:4c:f4:c3:4b:df:9f:03:d6:de:5a:56:10:
68:29:54:de:3b:fd:fe:0a:bc:59:50:25:86:5d:67:
2d:72:51:36:92:06:57:ef:a2:5f:d7:ad:f9:6e:98:
a5:f6:00:dc:94:ca:ca:c6:6b:3a:ee:59:fe:c5:5f:
b4:ab:7a:44:7e:4d:dd:9b:7f:0c:44:58:1f:17:fd:
70:45:02:8e:34:79:c3:f5:41:b9:ad:d3:47:15:28:
74:e4:cd:82:d9:95:e0:c4:b3:d4:a5:d3:7d:3d:6d:
04:83:00:13:00:2c:0e:5b:32:84:71:ee:7a:2c:26:
a4:8c:62:42:a2:64:e1:3d:c2:16:92:d7:9e:7d:b7:
cf:0b:49:78:ce:ab:07:81:12:fd:27:93:d6:92:30:
47:a3:60:18:8e:c6:a1:1b:5d:94:87:d9:da:60:30:
0c:2a:69:33:69:a4:ac:97:03:c9:a7:4e:cd:ad:b9:
01:27:97:94:c0:d7:75:16:29:99:2f:ed:df:f7:c3:
09:8f:19:5d:e5:4e:1e:a4:ff:aa:1f:03:e5:00:05:
0f:eb:02:da:56:48:43:25:17:c3:4c:71:2b:d0:52:
e2:f5:f0:02:b4:27:19:39:9b:a7:3e:61:bd:4d:ca:
8a:76:d8:96:64:c8:f1:33:28:62:9b:01:09:6b:be:
d9:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:82:E2:B6:79:01:6D:75:EC:40:01:60:C2:AF:D5:5C:D4:F4:26:25
X509v3 Authority Key Identifier:
keyid:2E:F9:57:AB:A2:EF:00:35:28:50:E2:02:46:4C:71:D3:3C:A8:14:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LvlXq6LvADUoUOICRkxx0zyoFEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/1-YLitnkBbXXsQAFgwq_VXNT0JiU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/LvlXq6LvADUoUOICRkxx0zyoFEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.51.249.0/24
194.214.55.0/24
194.254.189.0/24
195.221.84.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:d4:87:7c:cf:04:1a:b0:32:9b:85:ad:ce:77:ea:6d:8c:a4:
8f:78:db:d9:03:3b:20:37:c4:65:68:0d:a5:04:16:41:ea:d0:
0c:53:06:7f:be:fe:71:27:6a:5d:fb:5a:e8:ea:cf:dc:1c:af:
6c:b0:7d:af:b6:76:a2:fb:4a:9f:97:f1:7a:80:05:89:2e:bf:
21:a0:11:8e:fe:9d:f4:89:e4:55:88:5d:ca:76:b8:b6:5b:bb:
d9:1f:ac:78:79:6c:67:41:a5:8c:b3:e4:fc:75:bf:02:35:34:
b5:24:49:70:df:f9:f6:5f:c6:87:e9:d4:0f:6c:69:34:54:93:
dc:93:91:51:b1:b7:ff:17:65:c7:cb:b2:27:a4:18:4c:c3:38:
9a:e1:90:19:00:ba:36:71:7b:f3:06:79:d5:e0:47:56:07:27:
61:4a:b9:07:ad:c4:f8:0c:31:7c:b8:c2:ff:3e:c4:77:b0:ff:
3e:5e:08:d2:61:50:b1:2a:d1:14:da:b0:f1:90:36:0e:a1:3f:
b8:20:d8:3c:68:3b:8e:92:3a:25:30:41:f8:13:11:b4:f9:1c:
65:05:9d:fa:1b:32:15:c9:fb:0d:51:13:16:60:f4:a1:cd:d1:
a8:47:fb:c9:ec:13:8b:a7:4c:25:1b:9c:29:07:dc:ae:cf:ba:
5c:a8:58:34
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAZQlj4txHxuEZ5JEg1XDOajgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlZjk1N2FiYTJlZjAwMzUyODUwZTIwMjQ2NGM3MWQzM2Nh
ODE0NDgwHhcNMjUwMTAyMDU0OTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTgyZTJiNjc5MDE2ZDc1ZWM0MDAxNjBjMmFmZDU1Y2Q0ZjQyNjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7ABM9MNL358D1t5aVhBoKVTeO/3+
CrxZUCWGXWctclE2kgZX76Jf1635bpil9gDclMrKxms67ln+xV+0q3pEfk3dm38M
RFgfF/1wRQKONHnD9UG5rdNHFSh05M2C2ZXgxLPUpdN9PW0EgwATACwOWzKEce56
LCakjGJComThPcIWkteefbfPC0l4zqsHgRL9J5PWkjBHo2AYjsahG12Uh9naYDAM
KmkzaaSslwPJp07NrbkBJ5eUwNd1FimZL+3f98MJjxld5U4epP+qHwPlAAUP6wLa
VkhDJRfDTHEr0FLi9fACtCcZOZunPmG9TcqKdtiWZMjxMyhimwEJa77ZzQIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFPmC4rZ5AW117EABYMKv1VzU9CYlMB8GA1UdIwQY
MBaAFC75V6ui7wA1KFDiAkZMcdM8qBRIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHZsWHE2THZBRFVvVU9JQ1JreHgwenlvRkVnLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9hNTg0ZTQtY2NkNC00YzRmLTlkMTYt
MDRhMjdjNGQ1NDUzLzEvMS1ZTGl0bmtCYlhYc1FBRmd3cV9WWE5UMEppVS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzcvYTU4NGU0LWNjZDQtNGM0Zi05ZDE2LTA0YTI3YzRkNTQ1
My8xL0x2bFhxNkx2QURVb1VPSUNSa3h4MHp5b0ZFZy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAxBggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAMEz+QME
AMLWNwMEAML+vQMEAMPdVDANBgkqhkiG9w0BAQsFAAOCAQEAO9SHfM8EGrAym4Wt
znfqbYykj3jb2QM7IDfEZWgNpQQWQerQDFMGf77+cSdqXfta6OrP3ByvbLB9r7Z2
ovtKn5fxeoAFiS6/IaARjv6d9InkVYhdyna4tlu72R+seHlsZ0GljLPk/HW/AjU0
tSRJcN/59l/Gh+nUD2xpNFST3JORUbG3/xdlx8uyJ6QYTMM4muGQGQC6NnF78wZ5
1eBHVgcnYUq5B63E+AwxfLjC/z7Ed7D/Pl4I0mFQsSrRFNqw8ZA2DqE/uCDYPGg7
jpI6JTBB+BMRtPkcZQWd+hsyFcn7DVETFmD0oc3RqEf7yewTi6dMJRucKQfcrs+6
XKhYNA==
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:58:37 2025 by rpki-client