Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/a9a06e-69ac-45ce-badc-09dbd08cbe2d/1/4utseU6Q3hlSlIBKbVfQJ2ZOYjU.roa
File: 4utseU6Q3hlSlIBKbVfQJ2ZOYjU.roa (raw, json)
Hash identifier: rTdAUHdl5wiC79NgKtzrfB/hwpa04O/1YKALBUA/O1M=
Subject key identifier: E2:EB:6C:79:4E:90:DE:19:52:94:80:4A:6D:57:D0:27:66:4E:62:35
Certificate issuer: /CN=5b087d1dc98e26e4c959d09f6146d7fdf869e4fc
Certificate serial: 019428262C22878BDF0E7D1D804AA8BD6CD6
Authority key identifier: 5B:08:7D:1D:C9:8E:26:E4:C9:59:D0:9F:61:46:D7:FD:F8:69:E4:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wwh9HcmOJuTJWdCfYUbX_fhp5Pw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/a9a06e-69ac-45ce-badc-09dbd08cbe2d/1/4utseU6Q3hlSlIBKbVfQJ2ZOYjU.roa
Signing time: Thu 02 Jan 2025 17:52:57 +0000
ROA not before: Thu 02 Jan 2025 17:52:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208336
IP address blocks: 193.17.53.0/24 maxlen: 24
193.203.24.0/24 maxlen: 24
193.203.110.0/24 maxlen: 24
193.203.111.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/a9a06e-69ac-45ce-badc-09dbd08cbe2d/1/Wwh9HcmOJuTJWdCfYUbX_fhp5Pw.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/a9a06e-69ac-45ce-badc-09dbd08cbe2d/1/Wwh9HcmOJuTJWdCfYUbX_fhp5Pw.mft
rsync://rpki.ripe.net/repository/DEFAULT/Wwh9HcmOJuTJWdCfYUbX_fhp5Pw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 23:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:2c:22:87:8b:df:0e:7d:1d:80:4a:a8:bd:6c:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b087d1dc98e26e4c959d09f6146d7fdf869e4fc
Validity
Not Before: Jan 2 17:52:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e2eb6c794e90de195294804a6d57d027664e6235
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:43:05:99:3c:62:94:57:a3:19:63:ef:23:79:
eb:24:a6:4f:9f:3d:bc:82:68:32:ba:d5:de:9a:2c:
15:32:c1:31:9f:81:14:43:c3:0e:62:96:79:12:7d:
9e:cc:01:7a:73:0f:28:d4:af:53:11:2e:48:67:e1:
b3:12:e8:29:1c:9d:27:3e:8f:b7:e6:65:5a:76:10:
e7:ca:74:1a:86:2f:93:dd:a4:92:88:e5:d3:7e:9b:
42:60:6e:1b:98:f4:02:fc:f1:75:63:53:f6:84:74:
84:fd:49:07:bb:1c:79:82:6e:25:a3:3b:ad:82:90:
77:b7:3c:97:f8:1b:b3:6d:60:7c:03:b4:e8:a0:68:
41:9a:e6:9f:21:cf:f1:34:a4:53:0f:12:d4:f0:d8:
d8:6c:c2:a2:c0:64:96:d8:20:dd:02:db:97:84:c3:
cc:89:b6:21:44:16:97:a2:a4:11:d6:fc:e0:30:e5:
64:21:a5:3d:6e:ba:f4:3a:19:51:79:00:07:09:33:
09:e5:7e:0f:8c:24:9d:c7:06:e2:a5:a6:e8:9e:1f:
0b:d6:fc:13:bc:9a:69:c6:04:f4:de:79:9c:48:88:
15:c3:9c:f0:b8:99:a7:78:15:21:33:39:90:66:e4:
5e:51:06:6a:6d:b8:31:0f:00:8b:ba:71:48:04:70:
d1:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:EB:6C:79:4E:90:DE:19:52:94:80:4A:6D:57:D0:27:66:4E:62:35
X509v3 Authority Key Identifier:
keyid:5B:08:7D:1D:C9:8E:26:E4:C9:59:D0:9F:61:46:D7:FD:F8:69:E4:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wwh9HcmOJuTJWdCfYUbX_fhp5Pw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/a9a06e-69ac-45ce-badc-09dbd08cbe2d/1/4utseU6Q3hlSlIBKbVfQJ2ZOYjU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/a9a06e-69ac-45ce-badc-09dbd08cbe2d/1/Wwh9HcmOJuTJWdCfYUbX_fhp5Pw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.17.53.0/24
193.203.24.0/24
193.203.110.0/23
Signature Algorithm: sha256WithRSAEncryption
7e:ea:af:52:28:39:9f:6a:b2:8d:b8:e4:4d:bf:70:11:a3:70:
45:2d:f4:84:57:37:48:f9:e7:00:97:5b:20:ac:cb:5b:56:c7:
c5:f9:a7:06:50:2f:88:58:91:32:0f:0a:2e:9a:09:e6:5f:da:
7a:76:d4:b4:e5:ac:9a:7a:2b:b1:64:87:ab:86:66:ad:20:ad:
6c:b1:0c:6f:8e:20:e4:f4:f4:5b:3e:87:f6:10:bf:04:d1:9e:
9a:bd:dc:b1:7f:fb:d8:5e:c0:aa:67:e0:ef:23:90:1e:13:c5:
90:cc:43:a1:9f:46:e8:23:70:3a:a8:00:ac:ad:16:b2:ba:76:
8d:94:a4:a5:8f:f5:bb:fa:b4:f0:eb:36:b5:04:f5:d4:c8:7c:
19:8a:d7:11:f6:14:f8:da:88:80:61:b4:21:b1:0e:b0:fa:89:
af:39:18:05:d2:06:2c:72:3e:07:aa:3e:cc:dc:88:c7:ac:1a:
c9:c6:a6:ba:ef:24:86:1b:57:02:4c:25:c9:f7:8f:37:8c:34:
29:71:33:57:90:88:12:8d:96:42:46:9b:0c:49:b5:1f:70:3d:
63:63:81:32:6c:c8:74:e0:3b:61:e9:c6:6a:99:a6:02:e5:d9:
29:b6:75:fe:33:f3:76:0b:fd:f2:ab:96:7a:59:65:4c:a4:6b:
2c:59:c5:04
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQoJiwih4vfDn0dgEqovWzWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViMDg3ZDFkYzk4ZTI2ZTRjOTU5ZDA5ZjYxNDZkN2ZkZjg2
OWU0ZmMwHhcNMjUwMTAyMTc1MjU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmViNmM3OTRlOTBkZTE5NTI5NDgwNGE2ZDU3ZDAyNzY2NGU2MjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA00MFmTxilFejGWPvI3nrJKZPnz28
gmgyutXemiwVMsExn4EUQ8MOYpZ5En2ezAF6cw8o1K9TES5IZ+GzEugpHJ0nPo+3
5mVadhDnynQahi+T3aSSiOXTfptCYG4bmPQC/PF1Y1P2hHSE/UkHuxx5gm4lozut
gpB3tzyX+BuzbWB8A7TooGhBmuafIc/xNKRTDxLU8NjYbMKiwGSW2CDdAtuXhMPM
ibYhRBaXoqQR1vzgMOVkIaU9brr0OhlReQAHCTMJ5X4PjCSdxwbipabonh8L1vwT
vJppxgT03nmcSIgVw5zwuJmneBUhMzmQZuReUQZqbbgxDwCLunFIBHDRWQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOLrbHlOkN4ZUpSASm1X0CdmTmI1MB8GA1UdIwQY
MBaAFFsIfR3JjibkyVnQn2FG1/34aeT8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3doOUhjbU9KdVRKV2RDZllVYlhfZmhwNVB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9hOWEwNmUtNjlhYy00NWNlLWJhZGMt
MDlkYmQwOGNiZTJkLzEvNHV0c2VVNlEzaGxTbElCS2JWZlFKMlpPWWpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9hOWEwNmUtNjlhYy00NWNlLWJhZGMtMDlkYmQwOGNiZTJk
LzEvV3doOUhjbU9KdVRKV2RDZllVYlhfZmhwNVB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwRE1AwQA
wcsYAwQBwctuMA0GCSqGSIb3DQEBCwUAA4IBAQB+6q9SKDmfarKNuORNv3ARo3BF
LfSEVzdI+ecAl1sgrMtbVsfF+acGUC+IWJEyDwoumgnmX9p6dtS05ayaeiuxZIer
hmatIK1ssQxvjiDk9PRbPof2EL8E0Z6avdyxf/vYXsCqZ+DvI5AeE8WQzEOhn0bo
I3A6qACsrRayunaNlKSlj/W7+rTw6za1BPXUyHwZitcR9hT42oiAYbQhsQ6w+omv
ORgF0gYscj4Hqj7M3IjHrBrJxqa67ySGG1cCTCXJ9483jDQpcTNXkIgSjZZCRpsM
SbUfcD1jY4EybMh04Dth6cZqmaYC5dkptnX+M/N2C/3yq5Z6WWVMpGssWcUE
-----END CERTIFICATE-----
Generated at Sun Apr 13 08:39:17 2025 by rpki-client