Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/70b33b-d1eb-4bbb-97d6-0592453df7d2/1/rLCMQEvNZKScfiZ6xzabxSP9S3Q.roa
File: rLCMQEvNZKScfiZ6xzabxSP9S3Q.roa (raw, json)
Hash identifier: pzK0hpbuvro5D5X8t6Q8snrn8GpjD/ysREOxL+vWCA8=
Subject key identifier: AC:B0:8C:40:4B:CD:64:A4:9C:7E:26:7A:C7:36:9B:C5:23:FD:4B:74
Certificate issuer: /CN=04c5f1d1779eb709090365db982917adfd0f8049
Certificate serial: 01952F66368392C3A66459EF833582956135
Authority key identifier: 04:C5:F1:D1:77:9E:B7:09:09:03:65:DB:98:29:17:AD:FD:0F:80:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BMXx0XeetwkJA2XbmCkXrf0PgEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/70b33b-d1eb-4bbb-97d6-0592453df7d2/1/rLCMQEvNZKScfiZ6xzabxSP9S3Q.roa
Signing time: Sat 22 Feb 2025 20:43:02 +0000
ROA not before: Sat 22 Feb 2025 20:43:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19905
IP address blocks: 194.126.231.0/24 maxlen: 24
195.114.106.0/24 maxlen: 24
195.114.107.0/24 maxlen: 24
2001:67c:3e8::/48 maxlen: 48
2001:67c:3e9::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/70b33b-d1eb-4bbb-97d6-0592453df7d2/1/BMXx0XeetwkJA2XbmCkXrf0PgEk.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/70b33b-d1eb-4bbb-97d6-0592453df7d2/1/BMXx0XeetwkJA2XbmCkXrf0PgEk.mft
rsync://rpki.ripe.net/repository/DEFAULT/BMXx0XeetwkJA2XbmCkXrf0PgEk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 08:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:2f:66:36:83:92:c3:a6:64:59:ef:83:35:82:95:61:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04c5f1d1779eb709090365db982917adfd0f8049
Validity
Not Before: Feb 22 20:43:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=acb08c404bcd64a49c7e267ac7369bc523fd4b74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:80:f5:dd:fb:e3:d1:19:64:03:c9:5e:f1:6c:
72:36:a0:c5:ac:c7:48:e6:0c:35:5e:15:89:d8:46:
11:86:c4:41:95:ca:33:56:1d:fa:23:56:7e:94:f7:
bd:13:08:1e:61:b9:5e:6d:87:52:96:ae:af:ac:c0:
16:d1:2e:22:d9:99:45:ea:9e:b8:26:ec:38:f5:d7:
3e:c7:54:c9:38:a6:5b:12:f3:5c:78:a7:0e:d2:f5:
37:51:89:b0:19:06:86:19:49:6b:ac:15:98:61:a9:
7d:98:5d:6d:b6:48:52:13:3c:65:ac:36:39:f7:3a:
e7:da:21:f7:83:33:09:f4:7d:ba:b8:a0:33:02:16:
84:7e:b8:ee:ec:58:d7:50:57:9d:e2:28:17:0b:49:
e3:34:5c:0d:68:ff:05:9f:a1:50:a4:36:2a:0e:6e:
ab:a1:6f:68:62:ec:c6:f5:a1:34:ee:7b:ca:e4:a5:
f9:cf:53:1a:be:0a:30:72:39:36:ee:9d:52:94:a7:
49:35:d5:55:eb:28:12:1a:f0:3d:5e:d3:96:b2:b2:
f6:0f:cf:4e:56:76:af:54:9d:2f:47:53:75:cf:db:
99:59:24:92:9f:9f:08:dc:55:f1:d7:ce:ce:fa:c2:
4f:01:b8:1d:6b:0e:db:ed:f2:9f:c0:5a:12:9c:9a:
85:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:B0:8C:40:4B:CD:64:A4:9C:7E:26:7A:C7:36:9B:C5:23:FD:4B:74
X509v3 Authority Key Identifier:
keyid:04:C5:F1:D1:77:9E:B7:09:09:03:65:DB:98:29:17:AD:FD:0F:80:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BMXx0XeetwkJA2XbmCkXrf0PgEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/70b33b-d1eb-4bbb-97d6-0592453df7d2/1/rLCMQEvNZKScfiZ6xzabxSP9S3Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/70b33b-d1eb-4bbb-97d6-0592453df7d2/1/BMXx0XeetwkJA2XbmCkXrf0PgEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.126.231.0/24
195.114.106.0/23
IPv6:
2001:67c:3e8::/47
Signature Algorithm: sha256WithRSAEncryption
29:72:48:18:f9:f1:ff:44:8a:22:dd:02:86:ba:68:30:3a:0e:
3c:a2:a0:78:a4:d7:96:89:2f:90:1f:c8:ba:d5:76:29:bc:45:
f4:91:08:ea:0c:02:b8:1d:aa:58:1d:e0:03:7c:98:73:8c:bb:
ad:03:bf:42:9f:de:37:f3:8e:0d:bf:36:f1:10:2e:50:07:b2:
53:1a:ea:38:07:2b:0d:88:18:e5:7a:51:bd:7d:42:24:27:8b:
86:81:df:33:af:5a:fc:b4:6f:47:4f:d2:25:ee:27:eb:bb:41:
b5:a1:50:69:54:c4:a0:c5:3c:a6:8c:88:7d:a6:53:63:2c:78:
32:90:79:3f:2b:37:c3:ef:6d:ed:db:bd:e4:65:5c:14:bc:e6:
24:9c:10:1f:cc:59:fe:b8:06:b2:fb:1a:84:24:54:8d:fd:71:
15:62:68:86:78:67:3e:db:0d:01:cd:cb:77:58:62:82:36:19:
0a:c3:11:a3:2c:be:86:83:c5:83:8e:16:92:87:d0:3e:2d:07:
f0:c7:f6:dd:3e:79:b6:f8:a7:83:b0:15:91:28:e5:49:3d:97:
1c:d4:4c:a8:4d:e3:2e:b9:d6:e0:cc:f9:84:16:9c:d7:89:82:
3d:24:76:76:24:63:a4:7c:b8:27:8b:f6:98:33:dd:82:fc:79:
8b:d4:45:dc
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZUvZjaDksOmZFnvgzWClWE1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0YzVmMWQxNzc5ZWI3MDkwOTAzNjVkYjk4MjkxN2FkZmQw
ZjgwNDkwHhcNMjUwMjIyMjA0MzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2IwOGM0MDRiY2Q2NGE0OWM3ZTI2N2FjNzM2OWJjNTIzZmQ0Yjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvoD13fvj0RlkA8le8WxyNqDFrMdI
5gw1XhWJ2EYRhsRBlcozVh36I1Z+lPe9EwgeYblebYdSlq6vrMAW0S4i2ZlF6p64
Juw49dc+x1TJOKZbEvNceKcO0vU3UYmwGQaGGUlrrBWYYal9mF1ttkhSEzxlrDY5
9zrn2iH3gzMJ9H26uKAzAhaEfrju7FjXUFed4igXC0njNFwNaP8Fn6FQpDYqDm6r
oW9oYuzG9aE07nvK5KX5z1Mavgowcjk27p1SlKdJNdVV6ygSGvA9XtOWsrL2D89O
VnavVJ0vR1N1z9uZWSSSn58I3FXx187O+sJPAbgdaw7b7fKfwFoSnJqFewIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFKywjEBLzWSknH4mesc2m8Uj/Ut0MB8GA1UdIwQY
MBaAFATF8dF3nrcJCQNl25gpF639D4BJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQk1YeDBYZWV0d2tKQTJYYm1Da1hyZjBQZ0VrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC83MGIzM2ItZDFlYi00YmJiLTk3ZDYt
MDU5MjQ1M2RmN2QyLzEvckxDTVFFdk5aS1NjZmlaNnh6YWJ4U1A5UzNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC83MGIzM2ItZDFlYi00YmJiLTk3ZDYtMDU5MjQ1M2RmN2Qy
LzEvQk1YeDBYZWV0d2tKQTJYYm1Da1hyZjBQZ0VrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAwn7nAwQB
w3JqMA8EAgACMAkDBwEgAQZ8A+gwDQYJKoZIhvcNAQELBQADggEBAClySBj58f9E
iiLdAoa6aDA6DjyioHik15aJL5AfyLrVdim8RfSRCOoMArgdqlgd4AN8mHOMu60D
v0Kf3jfzjg2/NvEQLlAHslMa6jgHKw2IGOV6Ub19QiQni4aB3zOvWvy0b0dP0iXu
J+u7QbWhUGlUxKDFPKaMiH2mU2MseDKQeT8rN8Pvbe3bveRlXBS85iScEB/MWf64
BrL7GoQkVI39cRViaIZ4Zz7bDQHNy3dYYoI2GQrDEaMsvoaDxYOOFpKH0D4tB/DH
9t0+ebb4p4OwFZEo5Uk9lxzUTKhN4y651uDM+YQWnNeJgj0kdnYkY6R8uCeL9pgz
3YL8eYvURdw=
-----END CERTIFICATE-----
Generated at Sat Apr 12 16:17:38 2025 by rpki-client