Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/sucSe0eC1r3sihXi_iaR2SOp89U.roa
File: sucSe0eC1r3sihXi_iaR2SOp89U.roa (raw, json)
Hash identifier: /HwnUsqpfauRDshlfSmbLyvgIlTpLPydMX0GwSKwT/o=
Subject key identifier: B2:E7:12:7B:47:82:D6:BD:EC:8A:15:E2:FE:26:91:D9:23:A9:F3:D5
Certificate issuer: /CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Certificate serial: 0194228DFF2DEFAA0E5CECCDA066CF64F862
Authority key identifier: BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/sucSe0eC1r3sihXi_iaR2SOp89U.roa
Signing time: Wed 01 Jan 2025 15:48:38 +0000
ROA not before: Wed 01 Jan 2025 15:48:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 193.68.92.0/24 maxlen: 24
213.21.226.0/24 maxlen: 24
213.21.230.0/24 maxlen: 24
213.21.234.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.mft
rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 19:01:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:ff:2d:ef:aa:0e:5c:ec:cd:a0:66:cf:64:f8:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Validity
Not Before: Jan 1 15:48:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b2e7127b4782d6bdec8a15e2fe2691d923a9f3d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:2f:69:b4:19:02:22:d7:df:5f:8b:e5:8f:27:
74:f9:6a:65:98:ef:5c:c6:39:bc:7f:39:0c:7c:dd:
5a:d3:e0:48:e7:1e:1e:ef:e7:ce:39:5a:7d:64:ac:
e3:3c:1a:57:11:0a:78:46:ec:59:11:01:de:2a:5d:
dc:53:c2:71:e8:40:bd:61:16:b3:f0:f6:90:ad:06:
29:7b:3c:ac:9a:f2:84:a6:46:3a:65:0f:6e:c3:81:
59:08:22:d8:29:9e:03:ac:2c:3e:3b:65:f7:26:76:
7e:5a:6a:76:9b:dc:96:66:d7:8f:7e:6e:ba:79:de:
32:60:4d:fe:78:2f:48:86:ff:41:0d:a9:b8:56:9b:
0f:f1:bf:2d:32:d1:f3:27:b9:a3:c2:f7:86:fb:a0:
fd:e7:c9:65:e9:16:78:d9:57:2f:ed:1c:15:ed:9a:
98:47:2b:cd:6f:ba:a5:1a:20:e4:75:60:1f:03:b3:
06:19:ef:21:bc:28:73:b6:b0:39:c6:5d:e7:0b:0a:
b3:d0:6f:e0:80:a2:03:2f:21:20:cc:ec:7c:e4:ed:
09:ee:53:d8:a9:fe:ce:31:c0:7a:db:37:50:7b:db:
5e:87:f6:c6:e0:11:33:cf:40:52:15:81:8a:c4:6e:
06:7c:fc:1b:14:db:19:27:f3:61:d4:af:b1:ce:3c:
4f:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:E7:12:7B:47:82:D6:BD:EC:8A:15:E2:FE:26:91:D9:23:A9:F3:D5
X509v3 Authority Key Identifier:
keyid:BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/sucSe0eC1r3sihXi_iaR2SOp89U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.68.92.0/24
213.21.226.0/24
213.21.230.0/24
213.21.234.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:07:d9:99:d6:d9:51:d7:c7:0d:cd:e6:12:79:f5:ca:19:32:
59:bf:f5:e3:40:3a:43:fc:cd:5c:7c:7c:7b:98:f4:2a:c6:9b:
88:8e:29:02:d9:9c:87:0b:d2:3c:bb:76:db:15:90:b5:d5:7d:
1e:02:de:9d:c9:2a:ff:47:a7:5f:8e:3c:55:6b:8a:bf:fc:b1:
17:57:bc:04:7c:90:57:34:f8:86:f5:7e:70:dc:c0:c6:b3:42:
fc:f7:37:75:49:e0:aa:e8:94:7c:0a:6b:c1:db:23:2f:9a:6e:
34:a7:ed:0a:5f:ff:62:bc:b0:50:a2:f4:9a:c0:5f:ae:55:d9:
7e:c1:a2:16:9e:a8:ab:eb:c9:2b:ad:10:e2:f8:b7:d7:e2:94:
ee:1f:0d:cf:4a:f4:80:64:40:fb:62:48:05:da:75:94:5d:00:
41:71:a1:3d:33:6c:20:60:e8:8e:de:80:12:1b:c9:9a:f9:7b:
7d:89:78:0c:60:16:77:52:33:bb:82:97:60:72:f3:bf:d0:59:
a4:47:be:7a:5b:1b:26:94:4c:f8:ff:3b:b1:2e:8d:27:7d:3e:
d2:9e:be:6e:95:93:88:b7:e5:d2:44:2e:a7:db:49:dd:d1:15:
a1:15:69:91:63:4c:17:b6:96:32:cd:8d:87:15:d0:5d:a0:cf:
b3:62:f3:cd
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQijf8t76oOXOzNoGbPZPhiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZmRmZTZkY2E4YWM3YmZhMWE5NDUwZWY5OWZkMzE1ZWQw
MmFjZDkwHhcNMjUwMTAxMTU0ODM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmU3MTI3YjQ3ODJkNmJkZWM4YTE1ZTJmZTI2OTFkOTIzYTlmM2Q1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxC9ptBkCItffX4vljyd0+WplmO9c
xjm8fzkMfN1a0+BI5x4e7+fOOVp9ZKzjPBpXEQp4RuxZEQHeKl3cU8Jx6EC9YRaz
8PaQrQYpezysmvKEpkY6ZQ9uw4FZCCLYKZ4DrCw+O2X3JnZ+Wmp2m9yWZtePfm66
ed4yYE3+eC9Ihv9BDam4VpsP8b8tMtHzJ7mjwveG+6D958ll6RZ42Vcv7RwV7ZqY
RyvNb7qlGiDkdWAfA7MGGe8hvChztrA5xl3nCwqz0G/ggKIDLyEgzOx85O0J7lPY
qf7OMcB62zdQe9teh/bG4BEzz0BSFYGKxG4GfPwbFNsZJ/Nh1K+xzjxPawIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLLnEntHgta97IoV4v4mkdkjqfPVMB8GA1UdIwQY
MBaAFLz9/m3Kise/oalFDvmf0xXtAqzZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmIt
MWFmMjQ2NWE4ZWVjLzEvc3VjU2UwZUMxcjNzaWhYaV9pYVIyU09wODlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmItMWFmMjQ2NWE4ZWVj
LzEvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwURcAwQA
1RXiAwQA1RXmAwQA1RXqMA0GCSqGSIb3DQEBCwUAA4IBAQAdB9mZ1tlR18cNzeYS
efXKGTJZv/XjQDpD/M1cfHx7mPQqxpuIjikC2ZyHC9I8u3bbFZC11X0eAt6dySr/
R6dfjjxVa4q//LEXV7wEfJBXNPiG9X5w3MDGs0L89zd1SeCq6JR8CmvB2yMvmm40
p+0KX/9ivLBQovSawF+uVdl+waIWnqir68krrRDi+LfX4pTuHw3PSvSAZED7YkgF
2nWUXQBBcaE9M2wgYOiO3oASG8ma+Xt9iXgMYBZ3UjO7gpdgcvO/0FmkR756Wxsm
lEz4/zuxLo0nfT7Snr5ulZOIt+XSRC6n20nd0RWhFWmRY0wXtpYyzY2HFdBdoM+z
YvPN
-----END CERTIFICATE-----
Generated at Sat Apr 12 02:26:40 2025 by rpki-client