Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/ee66fb-5dc0-4122-9bc7-b27d8730a270/1/i4pBlijYu7sjz616Su8j6sEp0KM.roa
File: i4pBlijYu7sjz616Su8j6sEp0KM.roa (raw, json)
Hash identifier: uHKnyOrHeN8Niu67x/4Qi3vMRGo0ABBXAuttwGbGRuk=
Subject key identifier: 8B:8A:41:96:28:D8:BB:BB:23:CF:AD:7A:4A:EF:23:EA:C1:29:D0:A3
Certificate issuer: /CN=81a7ce8bacbeceeb16f600b607d1bfd08033b302
Certificate serial: 019420D5ED5B28EDE7AC95BB6997EF86F8C3
Authority key identifier: 81:A7:CE:8B:AC:BE:CE:EB:16:F6:00:B6:07:D1:BF:D0:80:33:B3:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gafOi6y-zusW9gC2B9G_0IAzswI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/ee66fb-5dc0-4122-9bc7-b27d8730a270/1/i4pBlijYu7sjz616Su8j6sEp0KM.roa
Signing time: Wed 01 Jan 2025 07:47:58 +0000
ROA not before: Wed 01 Jan 2025 07:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 196763
IP address blocks: 93.190.232.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/ee66fb-5dc0-4122-9bc7-b27d8730a270/1/gafOi6y-zusW9gC2B9G_0IAzswI.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/ee66fb-5dc0-4122-9bc7-b27d8730a270/1/gafOi6y-zusW9gC2B9G_0IAzswI.mft
rsync://rpki.ripe.net/repository/DEFAULT/gafOi6y-zusW9gC2B9G_0IAzswI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 08:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:ed:5b:28:ed:e7:ac:95:bb:69:97:ef:86:f8:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81a7ce8bacbeceeb16f600b607d1bfd08033b302
Validity
Not Before: Jan 1 07:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8b8a419628d8bbbb23cfad7a4aef23eac129d0a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:c0:e8:83:c7:cd:45:9e:bd:dc:7e:51:e7:b2:
13:63:c5:e7:4f:5b:3c:c6:89:dd:0e:90:65:67:82:
72:0e:02:fa:c9:ee:ce:06:cd:12:35:5b:6f:5d:91:
ac:0a:79:3b:86:ed:ad:a7:94:18:dd:96:7e:63:b9:
e5:ab:61:7b:5b:29:56:37:97:ba:92:05:33:0d:48:
49:dd:ad:78:37:6d:11:e0:31:28:e8:7b:a1:4a:00:
1b:9c:6d:f7:22:23:1f:04:2e:31:2a:73:b5:15:04:
c7:b2:db:2d:ae:be:cc:c7:cb:76:08:77:f2:9b:f5:
a0:84:86:95:13:95:d2:ed:c1:07:03:fa:d7:23:e5:
6b:52:4d:24:0b:09:44:b0:5b:29:c5:31:48:bb:cb:
4a:97:e9:b7:f7:00:47:9c:11:82:e1:4a:e4:6c:45:
56:0f:1f:b7:b7:76:74:ab:95:06:c3:a9:0a:29:5f:
a4:6f:64:a8:3f:3e:f0:07:76:45:62:49:d4:87:db:
e2:fa:69:a9:7f:f9:83:79:e0:54:41:cd:48:ba:0a:
95:c1:c1:f3:3a:15:e3:26:c2:49:21:bb:54:24:40:
1e:be:ef:90:e2:db:27:f2:43:9d:b5:52:ab:5c:11:
57:08:7f:c4:3e:42:1d:11:1d:96:27:3d:fb:06:f4:
06:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:8A:41:96:28:D8:BB:BB:23:CF:AD:7A:4A:EF:23:EA:C1:29:D0:A3
X509v3 Authority Key Identifier:
keyid:81:A7:CE:8B:AC:BE:CE:EB:16:F6:00:B6:07:D1:BF:D0:80:33:B3:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gafOi6y-zusW9gC2B9G_0IAzswI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/ee66fb-5dc0-4122-9bc7-b27d8730a270/1/i4pBlijYu7sjz616Su8j6sEp0KM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/ee66fb-5dc0-4122-9bc7-b27d8730a270/1/gafOi6y-zusW9gC2B9G_0IAzswI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.190.232.0/21
Signature Algorithm: sha256WithRSAEncryption
94:25:2b:c0:fa:19:8a:05:f1:90:8a:c1:a0:6d:b7:de:2b:f6:
43:61:55:28:ad:bc:a1:d1:b1:86:ce:ad:1a:f2:7f:df:da:7c:
07:f3:d1:c9:da:20:67:7a:3f:41:c9:bf:05:21:4b:71:e7:35:
97:1f:dd:72:3c:19:44:d8:f8:c3:01:c9:e7:b6:aa:ec:55:61:
40:62:6c:cc:69:a0:e9:9c:6a:d2:57:86:20:6d:1c:07:77:e6:
83:ca:0b:cc:3f:06:9d:9c:bc:5a:1a:ea:a1:74:68:87:8b:28:
8a:b5:20:99:0a:6d:4e:5b:e7:ed:1b:8e:fe:68:fb:3f:8e:a4:
eb:c5:cb:fb:7f:95:f8:64:f2:d9:4d:9b:92:97:c9:eb:2e:c0:
7e:35:40:9c:5f:f5:cb:ad:16:0a:26:28:e9:83:32:aa:cd:39:
f8:0e:1c:70:ce:66:52:82:13:ce:7c:66:5a:f5:74:bc:c8:93:
7c:98:51:e6:0d:f5:47:d6:7f:9f:56:04:79:d2:cb:a0:e9:30:
08:78:18:ce:77:42:9a:4e:54:7b:95:83:fe:30:53:e1:6e:b9:
1a:bc:99:80:be:96:c5:8f:6e:d7:76:6f:f9:f2:dc:a5:ee:ff:
ff:06:b9:fa:05:c5:a1:2e:12:3b:50:a8:4b:4e:06:cd:93:dd:
a6:c3:3b:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1e1bKO3nrJW7aZfvhvjDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxYTdjZThiYWNiZWNlZWIxNmY2MDBiNjA3ZDFiZmQwODAz
M2IzMDIwHhcNMjUwMTAxMDc0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjhhNDE5NjI4ZDhiYmJiMjNjZmFkN2E0YWVmMjNlYWMxMjlkMGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1MDog8fNRZ693H5R57ITY8XnT1s8
xondDpBlZ4JyDgL6ye7OBs0SNVtvXZGsCnk7hu2tp5QY3ZZ+Y7nlq2F7WylWN5e6
kgUzDUhJ3a14N20R4DEo6HuhSgAbnG33IiMfBC4xKnO1FQTHststrr7Mx8t2CHfy
m/WghIaVE5XS7cEHA/rXI+VrUk0kCwlEsFspxTFIu8tKl+m39wBHnBGC4UrkbEVW
Dx+3t3Z0q5UGw6kKKV+kb2SoPz7wB3ZFYknUh9vi+mmpf/mDeeBUQc1IugqVwcHz
OhXjJsJJIbtUJEAevu+Q4tsn8kOdtVKrXBFXCH/EPkIdER2WJz37BvQGJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIuKQZYo2Lu7I8+tekrvI+rBKdCjMB8GA1UdIwQY
MBaAFIGnzousvs7rFvYAtgfRv9CAM7MCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2FmT2k2eS16dXNXOWdDMkI5R18wSUF6c3dJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9lZTY2ZmItNWRjMC00MTIyLTliYzct
YjI3ZDg3MzBhMjcwLzEvaTRwQmxpall1N3NqejYxNlN1OGo2c0VwMEtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9lZTY2ZmItNWRjMC00MTIyLTliYzctYjI3ZDg3MzBhMjcw
LzEvZ2FmT2k2eS16dXNXOWdDMkI5R18wSUF6c3dJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDXb7oMA0G
CSqGSIb3DQEBCwUAA4IBAQCUJSvA+hmKBfGQisGgbbfeK/ZDYVUorbyh0bGGzq0a
8n/f2nwH89HJ2iBnej9Byb8FIUtx5zWXH91yPBlE2PjDAcnntqrsVWFAYmzMaaDp
nGrSV4YgbRwHd+aDygvMPwadnLxaGuqhdGiHiyiKtSCZCm1OW+ftG47+aPs/jqTr
xcv7f5X4ZPLZTZuSl8nrLsB+NUCcX/XLrRYKJijpgzKqzTn4DhxwzmZSghPOfGZa
9XS8yJN8mFHmDfVH1n+fVgR50sug6TAIeBjOd0KaTlR7lYP+MFPhbrkavJmAvpbF
j27Xdm/58tyl7v//Brn6BcWhLhI7UKhLTgbNk92mwzs2
-----END CERTIFICATE-----
Generated at Sat Apr 12 16:10:35 2025 by rpki-client