Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/a3df81-2096-493d-b106-46d6cea20342/1/BEsMLWTZET1iCxcF6Yr9DbU-sOY.roa
File: BEsMLWTZET1iCxcF6Yr9DbU-sOY.roa (raw, json)
Hash identifier: lrX59TnlMsRdeVpivsyzgLMhZv4xei7A/LZNbKN1beE=
Subject key identifier: 04:4B:0C:2D:64:D9:11:3D:62:0B:17:05:E9:8A:FD:0D:B5:3E:B0:E6
Certificate issuer: /CN=191ee3af820563494647551a5206ef0c45cf95c9
Certificate serial: 019426D9D7E8683F8A34145D7EFB371E152C
Authority key identifier: 19:1E:E3:AF:82:05:63:49:46:47:55:1A:52:06:EF:0C:45:CF:95:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GR7jr4IFY0lGR1UaUgbvDEXPlck.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/a3df81-2096-493d-b106-46d6cea20342/1/BEsMLWTZET1iCxcF6Yr9DbU-sOY.roa
Signing time: Thu 02 Jan 2025 11:49:58 +0000
ROA not before: Thu 02 Jan 2025 11:49:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204645
IP address blocks: 95.131.20.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/a3df81-2096-493d-b106-46d6cea20342/1/GR7jr4IFY0lGR1UaUgbvDEXPlck.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/a3df81-2096-493d-b106-46d6cea20342/1/GR7jr4IFY0lGR1UaUgbvDEXPlck.mft
rsync://rpki.ripe.net/repository/DEFAULT/GR7jr4IFY0lGR1UaUgbvDEXPlck.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 08:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:d7:e8:68:3f:8a:34:14:5d:7e:fb:37:1e:15:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=191ee3af820563494647551a5206ef0c45cf95c9
Validity
Not Before: Jan 2 11:49:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=044b0c2d64d9113d620b1705e98afd0db53eb0e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:e5:28:62:0e:c0:23:5a:f5:33:dc:f7:ca:8f:
20:95:6a:9d:82:28:19:32:ec:dc:57:23:5d:3d:77:
c9:01:b6:7c:24:d9:37:b6:0b:9e:39:71:43:0c:d1:
bc:73:54:a4:40:72:49:52:51:73:1a:1c:a2:7d:c7:
bd:d3:b8:c7:08:84:ae:68:f9:cf:99:01:3e:ee:fc:
83:cf:fc:4b:e8:25:98:6e:e5:e0:5b:4f:2d:a1:ad:
fd:c7:d9:40:fb:88:49:4a:87:86:6b:a4:a0:9e:b9:
bd:53:b7:9b:99:b1:71:31:cd:be:7c:22:e7:52:d3:
f8:55:cf:5e:da:9a:e0:8c:45:25:f9:d1:a9:c6:f2:
19:f5:e9:13:8e:98:00:27:99:dd:38:ba:b7:41:10:
89:03:14:ee:f0:3d:98:4d:94:89:7d:d4:e0:fd:73:
4f:f0:85:43:0f:71:5a:31:29:7d:56:c7:34:d0:38:
c7:44:0d:62:48:04:20:2f:42:e5:68:45:8f:88:7d:
07:3c:11:b6:50:8f:db:3a:38:28:4f:99:58:90:bb:
a8:7c:05:fd:bf:30:e5:eb:df:98:87:a1:e1:fc:58:
85:13:f6:9c:44:cc:22:15:26:24:29:c2:71:a0:16:
02:33:ef:d6:fb:12:59:df:b2:21:a5:29:a6:53:50:
d2:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:4B:0C:2D:64:D9:11:3D:62:0B:17:05:E9:8A:FD:0D:B5:3E:B0:E6
X509v3 Authority Key Identifier:
keyid:19:1E:E3:AF:82:05:63:49:46:47:55:1A:52:06:EF:0C:45:CF:95:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GR7jr4IFY0lGR1UaUgbvDEXPlck.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/a3df81-2096-493d-b106-46d6cea20342/1/BEsMLWTZET1iCxcF6Yr9DbU-sOY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/a3df81-2096-493d-b106-46d6cea20342/1/GR7jr4IFY0lGR1UaUgbvDEXPlck.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.131.20.0/22
Signature Algorithm: sha256WithRSAEncryption
53:41:81:7a:ec:ce:0a:4d:15:b2:8f:97:1c:76:94:a5:b5:b4:
aa:e9:a4:5b:29:9a:93:e8:df:f4:f9:71:12:82:03:12:82:71:
e7:b2:6a:b8:d6:88:98:0d:6f:af:e6:5c:58:e9:53:a4:7e:7f:
54:a1:c3:e1:38:97:cf:f5:12:80:48:5f:73:79:e2:f1:2f:55:
c4:81:01:15:6c:5c:7b:05:fc:7d:f1:f4:0d:71:a7:c7:51:15:
d3:67:08:b4:88:ab:b8:98:4c:35:9d:ec:e1:a0:c4:46:f3:66:
97:21:86:1d:50:a9:97:be:00:37:90:cb:d8:8a:e8:c9:4f:33:
8f:6e:2d:d5:fb:f5:2d:74:97:81:0e:b6:be:19:58:a2:37:b5:
36:55:b8:6a:88:31:ca:5e:47:fc:f5:2e:0e:b3:f9:a5:bc:90:
97:20:ab:23:13:5b:9d:c7:a7:8b:b0:44:7e:1e:ff:ff:10:fc:
26:f3:46:48:7c:a7:bd:4c:46:fd:7a:27:a5:51:7a:d9:e9:85:
e0:35:53:03:6f:6b:d7:d5:ff:8c:72:54:4d:91:1c:3a:fd:c0:
92:1f:46:9c:5a:ce:39:48:c8:e5:62:bb:4e:eb:85:62:e5:a6:
01:4a:ff:43:9f:a4:ab:c8:32:e3:01:09:71:7a:30:1e:9b:a9:
2c:48:78:da
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2dfoaD+KNBRdfvs3HhUsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5MWVlM2FmODIwNTYzNDk0NjQ3NTUxYTUyMDZlZjBjNDVj
Zjk1YzkwHhcNMjUwMTAyMTE0OTU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDRiMGMyZDY0ZDkxMTNkNjIwYjE3MDVlOThhZmQwZGI1M2ViMGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1uUoYg7AI1r1M9z3yo8glWqdgigZ
MuzcVyNdPXfJAbZ8JNk3tgueOXFDDNG8c1SkQHJJUlFzGhyifce907jHCISuaPnP
mQE+7vyDz/xL6CWYbuXgW08toa39x9lA+4hJSoeGa6Sgnrm9U7ebmbFxMc2+fCLn
UtP4Vc9e2prgjEUl+dGpxvIZ9ekTjpgAJ5ndOLq3QRCJAxTu8D2YTZSJfdTg/XNP
8IVDD3FaMSl9Vsc00DjHRA1iSAQgL0LlaEWPiH0HPBG2UI/bOjgoT5lYkLuofAX9
vzDl69+Yh6Hh/FiFE/acRMwiFSYkKcJxoBYCM+/W+xJZ37IhpSmmU1DSQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFARLDC1k2RE9YgsXBemK/Q21PrDmMB8GA1UdIwQY
MBaAFBke46+CBWNJRkdVGlIG7wxFz5XJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1I3anI0SUZZMGxHUjFVYVVnYnZERVhQbGNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9hM2RmODEtMjA5Ni00OTNkLWIxMDYt
NDZkNmNlYTIwMzQyLzEvQkVzTUxXVFpFVDFpQ3hjRjZZcjlEYlUtc09ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9hM2RmODEtMjA5Ni00OTNkLWIxMDYtNDZkNmNlYTIwMzQy
LzEvR1I3anI0SUZZMGxHUjFVYVVnYnZERVhQbGNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCX4MUMA0G
CSqGSIb3DQEBCwUAA4IBAQBTQYF67M4KTRWyj5ccdpSltbSq6aRbKZqT6N/0+XES
ggMSgnHnsmq41oiYDW+v5lxY6VOkfn9UocPhOJfP9RKASF9zeeLxL1XEgQEVbFx7
Bfx98fQNcafHURXTZwi0iKu4mEw1nezhoMRG82aXIYYdUKmXvgA3kMvYiujJTzOP
bi3V+/UtdJeBDra+GViiN7U2VbhqiDHKXkf89S4Os/mlvJCXIKsjE1udx6eLsER+
Hv//EPwm80ZIfKe9TEb9eielUXrZ6YXgNVMDb2vX1f+MclRNkRw6/cCSH0acWs45
SMjlYrtO64Vi5aYBSv9Dn6SryDLjAQlxejAem6ksSHja
-----END CERTIFICATE-----
Generated at Mon Apr 7 19:06:20 2025 by rpki-client