Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/afbb62-0098-42b3-81ae-f0bb2e15f6d0/1/orFnLXI1TH7Jt_MUuyCNlezlJcQ.roa
File: orFnLXI1TH7Jt_MUuyCNlezlJcQ.roa (raw, json)
Hash identifier: hsQhpxV8CsTitmZs0YwImGnMA+twiLDEhUnDv5rariM=
Subject key identifier: A2:B1:67:2D:72:35:4C:7E:C9:B7:F3:14:BB:20:8D:95:EC:E5:25:C4
Certificate issuer: /CN=e57731ea857b903aa40a8e5fd8d88446505b5233
Certificate serial: 019420D5C4498A9087E16776FC98595C5FEB
Authority key identifier: E5:77:31:EA:85:7B:90:3A:A4:0A:8E:5F:D8:D8:84:46:50:5B:52:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5Xcx6oV7kDqkCo5f2NiERlBbUjM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/afbb62-0098-42b3-81ae-f0bb2e15f6d0/1/orFnLXI1TH7Jt_MUuyCNlezlJcQ.roa
Signing time: Wed 01 Jan 2025 07:47:47 +0000
ROA not before: Wed 01 Jan 2025 07:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7046
IP address blocks: 193.67.192.0/20 maxlen: 20
193.67.192.0/22 maxlen: 22
193.67.200.0/24 maxlen: 24
193.67.201.0/24 maxlen: 24
193.67.206.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/afbb62-0098-42b3-81ae-f0bb2e15f6d0/1/5Xcx6oV7kDqkCo5f2NiERlBbUjM.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/afbb62-0098-42b3-81ae-f0bb2e15f6d0/1/5Xcx6oV7kDqkCo5f2NiERlBbUjM.mft
rsync://rpki.ripe.net/repository/DEFAULT/5Xcx6oV7kDqkCo5f2NiERlBbUjM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 16:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:c4:49:8a:90:87:e1:67:76:fc:98:59:5c:5f:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e57731ea857b903aa40a8e5fd8d88446505b5233
Validity
Not Before: Jan 1 07:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a2b1672d72354c7ec9b7f314bb208d95ece525c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:40:d4:f9:fa:df:ec:ad:be:fb:ea:e7:60:73:
10:c7:4d:09:50:84:54:4c:8e:85:f3:b8:e0:b7:0d:
be:21:a5:0a:08:44:1c:ab:33:74:77:72:1d:8c:41:
64:4b:ef:56:3a:0f:a0:f0:c6:fd:1e:71:62:1c:47:
5b:68:88:72:a3:56:49:1d:c8:3a:14:f2:9a:3d:ab:
51:3c:9b:50:d8:cf:f9:ea:9f:38:fc:9e:0c:3b:96:
aa:e5:a2:c3:82:8a:07:ee:18:5a:48:1e:dc:a3:a4:
23:7b:72:0d:e9:2c:54:5c:ab:12:1c:12:4b:a4:b7:
c8:d5:7f:ba:9c:3e:75:9b:1f:35:30:ae:ad:d2:c9:
dc:aa:70:a0:95:42:8a:e2:bb:50:ee:74:c3:da:40:
ee:0a:68:21:8e:cf:98:f6:2c:93:71:ef:84:47:40:
4c:3b:61:ad:0a:0b:e2:75:d9:db:86:c3:52:c9:b1:
85:f6:92:e0:ca:2a:f9:1b:6d:04:55:1c:90:67:fa:
bb:62:41:7f:71:1c:98:a5:73:62:a6:a0:a6:e3:12:
5f:31:b2:74:68:29:eb:5a:1c:5b:21:a3:2c:b9:07:
fc:10:d8:43:75:f7:c3:98:5e:07:e2:05:23:10:49:
30:c1:55:ca:72:bb:23:56:39:e8:11:08:2e:49:ec:
d1:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:B1:67:2D:72:35:4C:7E:C9:B7:F3:14:BB:20:8D:95:EC:E5:25:C4
X509v3 Authority Key Identifier:
keyid:E5:77:31:EA:85:7B:90:3A:A4:0A:8E:5F:D8:D8:84:46:50:5B:52:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5Xcx6oV7kDqkCo5f2NiERlBbUjM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/afbb62-0098-42b3-81ae-f0bb2e15f6d0/1/orFnLXI1TH7Jt_MUuyCNlezlJcQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/afbb62-0098-42b3-81ae-f0bb2e15f6d0/1/5Xcx6oV7kDqkCo5f2NiERlBbUjM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.67.192.0/20
Signature Algorithm: sha256WithRSAEncryption
2b:70:ea:80:80:73:1a:8d:6c:7f:70:75:57:c5:e5:1e:47:d5:
77:39:75:99:21:31:60:ee:8f:93:83:eb:6c:8c:2c:cc:84:89:
10:d4:64:c3:75:c8:35:0d:1f:7d:4c:2e:d3:95:a1:a9:d7:33:
68:4c:50:5b:84:85:74:a3:38:ca:b3:15:f4:2e:e6:33:a3:a6:
40:76:ce:f1:bf:32:1f:39:ba:00:c0:c3:39:fd:47:9c:d1:d1:
43:69:a9:00:f0:09:60:4c:0e:df:26:85:b2:80:34:3c:6a:69:
b4:25:72:d8:f1:45:f8:56:6e:53:67:a6:62:14:92:27:c6:2c:
cf:35:72:8a:e4:9b:bb:2f:c3:52:6f:71:49:55:bc:4b:f2:78:
32:bb:97:a0:72:a4:07:cd:53:e6:a5:05:f5:48:a3:e6:60:ca:
76:3b:fa:dd:1c:87:94:54:9d:b9:09:33:2b:de:bd:6d:d5:58:
3e:ce:93:99:d8:ed:1d:a1:e4:95:0d:bc:fc:7a:09:47:80:54:
ef:53:9b:ff:21:fa:26:38:ff:b9:57:13:f1:6a:68:cd:30:cc:
56:05:5e:bf:eb:8e:a0:1c:8a:90:dc:84:40:47:22:b1:87:d5:
88:b8:f2:c5:c8:cc:55:09:91:f4:11:ad:b7:62:7e:b4:e0:03:
e2:57:70:19
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1cRJipCH4Wd2/JhZXF/rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1NzczMWVhODU3YjkwM2FhNDBhOGU1ZmQ4ZDg4NDQ2NTA1
YjUyMzMwHhcNMjUwMTAxMDc0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmIxNjcyZDcyMzU0YzdlYzliN2YzMTRiYjIwOGQ5NWVjZTUyNWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukDU+frf7K2+++rnYHMQx00JUIRU
TI6F87jgtw2+IaUKCEQcqzN0d3IdjEFkS+9WOg+g8Mb9HnFiHEdbaIhyo1ZJHcg6
FPKaPatRPJtQ2M/56p84/J4MO5aq5aLDgooH7hhaSB7co6Qje3IN6SxUXKsSHBJL
pLfI1X+6nD51mx81MK6t0sncqnCglUKK4rtQ7nTD2kDuCmghjs+Y9iyTce+ER0BM
O2GtCgviddnbhsNSybGF9pLgyir5G20EVRyQZ/q7YkF/cRyYpXNipqCm4xJfMbJ0
aCnrWhxbIaMsuQf8ENhDdffDmF4H4gUjEEkwwVXKcrsjVjnoEQguSezRVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKKxZy1yNUx+ybfzFLsgjZXs5SXEMB8GA1UdIwQY
MBaAFOV3MeqFe5A6pAqOX9jYhEZQW1IzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVhjeDZvVjdrRHFrQ281ZjJOaUVSbEJiVWpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9hZmJiNjItMDA5OC00MmIzLTgxYWUt
ZjBiYjJlMTVmNmQwLzEvb3JGbkxYSTFUSDdKdF9NVXV5Q05sZXpsSmNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9hZmJiNjItMDA5OC00MmIzLTgxYWUtZjBiYjJlMTVmNmQw
LzEvNVhjeDZvVjdrRHFrQ281ZjJOaUVSbEJiVWpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEwUPAMA0G
CSqGSIb3DQEBCwUAA4IBAQArcOqAgHMajWx/cHVXxeUeR9V3OXWZITFg7o+Tg+ts
jCzMhIkQ1GTDdcg1DR99TC7TlaGp1zNoTFBbhIV0ozjKsxX0LuYzo6ZAds7xvzIf
OboAwMM5/Uec0dFDaakA8AlgTA7fJoWygDQ8amm0JXLY8UX4Vm5TZ6ZiFJInxizP
NXKK5Ju7L8NSb3FJVbxL8ngyu5egcqQHzVPmpQX1SKPmYMp2O/rdHIeUVJ25CTMr
3r1t1Vg+zpOZ2O0doeSVDbz8eglHgFTvU5v/IfomOP+5VxPxamjNMMxWBV6/646g
HIqQ3IRARyKxh9WIuPLFyMxVCZH0Ea23Yn604APiV3AZ
-----END CERTIFICATE-----
Generated at Mon Apr 7 01:21:31 2025 by rpki-client