Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/b4c085-9b8b-430f-a377-0a7f6cca6bea/1/v258OvpTjeTGa9nj7XVSV8d0bA0.roa
File: v258OvpTjeTGa9nj7XVSV8d0bA0.roa (raw, json)
Hash identifier: zeqjbwUFGVgiPWTdMolQ6HqxRrkUBi59wIsSlb2gw2I=
Subject key identifier: BF:6E:7C:3A:FA:53:8D:E4:C6:6B:D9:E3:ED:75:52:57:C7:74:6C:0D
Certificate issuer: /CN=bb24311c1ec0673c50497924c202a13d212659b6
Certificate serial: 0194228D0F7CF900FFAA57C2DBC1A68945A8
Authority key identifier: BB:24:31:1C:1E:C0:67:3C:50:49:79:24:C2:02:A1:3D:21:26:59:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uyQxHB7AZzxQSXkkwgKhPSEmWbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/b4c085-9b8b-430f-a377-0a7f6cca6bea/1/v258OvpTjeTGa9nj7XVSV8d0bA0.roa
Signing time: Wed 01 Jan 2025 15:47:37 +0000
ROA not before: Wed 01 Jan 2025 15:47:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49990
IP address blocks: 193.104.73.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/b4c085-9b8b-430f-a377-0a7f6cca6bea/1/uyQxHB7AZzxQSXkkwgKhPSEmWbY.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/b4c085-9b8b-430f-a377-0a7f6cca6bea/1/uyQxHB7AZzxQSXkkwgKhPSEmWbY.mft
rsync://rpki.ripe.net/repository/DEFAULT/uyQxHB7AZzxQSXkkwgKhPSEmWbY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:0f:7c:f9:00:ff:aa:57:c2:db:c1:a6:89:45:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb24311c1ec0673c50497924c202a13d212659b6
Validity
Not Before: Jan 1 15:47:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bf6e7c3afa538de4c66bd9e3ed755257c7746c0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:95:c8:52:b2:b7:a3:de:46:8b:c7:64:e3:c5:
9e:15:2f:0f:40:16:60:16:c5:3f:fb:a2:ae:36:5c:
91:18:50:68:39:a9:63:f5:04:b7:a7:be:39:f2:bf:
64:a2:74:2a:16:ea:64:2e:a0:61:d7:e7:18:ed:6a:
b2:81:f0:3b:e3:d5:a0:d4:5a:b4:34:2e:ad:79:38:
bc:be:61:5a:05:e1:cd:92:8b:17:ad:86:99:9f:b3:
33:ce:66:90:e5:49:0f:30:19:7c:5d:4a:a7:df:76:
70:57:e3:0b:eb:f8:92:ae:5b:c7:18:26:6a:5b:6e:
48:ea:74:c7:8f:85:10:81:9f:89:a7:5f:45:6a:fe:
35:a8:2d:d0:16:cc:ab:9d:77:ad:9b:64:fd:47:3d:
09:3a:7c:5a:6c:3a:83:5f:1e:93:0f:67:49:c4:68:
2b:5f:1b:98:54:07:3b:8d:a9:83:b1:6b:1e:68:3c:
f8:0d:11:a0:8a:63:94:40:10:87:f0:db:69:fc:0f:
48:07:a2:8d:5f:ec:e9:b2:b7:9b:ce:9e:6c:80:6a:
c5:8c:3e:d4:3e:95:64:a0:8e:a9:10:a1:f7:3a:b9:
07:48:0f:8f:38:3b:a8:85:5d:1a:51:6c:d7:9c:5d:
4c:f6:a1:f4:d7:ee:b7:d6:94:7f:5d:f8:4f:15:1f:
9a:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:6E:7C:3A:FA:53:8D:E4:C6:6B:D9:E3:ED:75:52:57:C7:74:6C:0D
X509v3 Authority Key Identifier:
keyid:BB:24:31:1C:1E:C0:67:3C:50:49:79:24:C2:02:A1:3D:21:26:59:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uyQxHB7AZzxQSXkkwgKhPSEmWbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b4c085-9b8b-430f-a377-0a7f6cca6bea/1/v258OvpTjeTGa9nj7XVSV8d0bA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b4c085-9b8b-430f-a377-0a7f6cca6bea/1/uyQxHB7AZzxQSXkkwgKhPSEmWbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.104.73.0/24
Signature Algorithm: sha256WithRSAEncryption
c6:2c:fc:33:9d:18:18:bd:3f:66:8b:0d:51:72:83:66:2a:9b:
94:99:51:2d:2f:21:e9:40:84:53:bf:4b:90:13:80:89:bb:2f:
79:c3:61:66:79:ec:a3:35:e3:95:c3:8c:c8:45:42:02:92:a6:
fd:b8:f7:00:fd:35:6c:e4:77:d9:3c:70:8a:85:bb:2f:6a:fd:
41:3c:27:c7:a2:55:6c:6e:50:7e:be:2c:f2:2d:12:17:d4:7f:
29:14:1b:15:64:c8:0d:fe:5b:b3:2c:24:1c:b9:f0:6a:77:e1:
c8:fd:51:c2:1e:1e:47:06:66:c8:b0:f0:9c:bc:ad:14:0c:3e:
19:2b:28:5d:00:56:5e:f1:b9:8e:86:55:81:82:ce:65:79:93:
c4:84:fa:e8:29:54:0a:92:df:f1:18:10:33:1e:36:79:2b:28:
2a:15:97:65:b9:19:35:d1:23:24:5b:35:2b:ee:c9:bb:0d:66:
f3:95:4d:c2:82:4e:53:a0:a0:5e:91:4c:c0:6e:67:e1:d0:7e:
d5:90:f4:b7:c5:82:9f:42:48:a4:b1:ef:02:87:26:4a:b6:69:
ca:7e:4a:90:58:3b:06:4c:b9:f4:98:b3:84:6e:67:d0:9e:f5:
4b:d0:dd:fb:88:25:0c:fa:c5:a5:81:9c:1d:a4:77:ca:76:34:
fb:2d:03:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijQ98+QD/qlfC28GmiUWoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiMjQzMTFjMWVjMDY3M2M1MDQ5NzkyNGMyMDJhMTNkMjEy
NjU5YjYwHhcNMjUwMTAxMTU0NzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjZlN2MzYWZhNTM4ZGU0YzY2YmQ5ZTNlZDc1NTI1N2M3NzQ2YzBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZXIUrK3o95Gi8dk48WeFS8PQBZg
FsU/+6KuNlyRGFBoOalj9QS3p7458r9konQqFupkLqBh1+cY7WqygfA749Wg1Fq0
NC6teTi8vmFaBeHNkosXrYaZn7MzzmaQ5UkPMBl8XUqn33ZwV+ML6/iSrlvHGCZq
W25I6nTHj4UQgZ+Jp19Fav41qC3QFsyrnXetm2T9Rz0JOnxabDqDXx6TD2dJxGgr
XxuYVAc7jamDsWseaDz4DRGgimOUQBCH8Ntp/A9IB6KNX+zpsrebzp5sgGrFjD7U
PpVkoI6pEKH3OrkHSA+PODuohV0aUWzXnF1M9qH01+631pR/XfhPFR+aaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL9ufDr6U43kxmvZ4+11UlfHdGwNMB8GA1UdIwQY
MBaAFLskMRwewGc8UEl5JMICoT0hJlm2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXlReEhCN0FaenhRU1hra3dnS2hQU0VtV2JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9iNGMwODUtOWI4Yi00MzBmLWEzNzct
MGE3ZjZjY2E2YmVhLzEvdjI1OE92cFRqZVRHYTluajdYVlNWOGQwYkEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9iNGMwODUtOWI4Yi00MzBmLWEzNzctMGE3ZjZjY2E2YmVh
LzEvdXlReEhCN0FaenhRU1hra3dnS2hQU0VtV2JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwWhJMA0G
CSqGSIb3DQEBCwUAA4IBAQDGLPwznRgYvT9miw1RcoNmKpuUmVEtLyHpQIRTv0uQ
E4CJuy95w2FmeeyjNeOVw4zIRUICkqb9uPcA/TVs5HfZPHCKhbsvav1BPCfHolVs
blB+vizyLRIX1H8pFBsVZMgN/luzLCQcufBqd+HI/VHCHh5HBmbIsPCcvK0UDD4Z
KyhdAFZe8bmOhlWBgs5leZPEhProKVQKkt/xGBAzHjZ5KygqFZdluRk10SMkWzUr
7sm7DWbzlU3Cgk5ToKBekUzAbmfh0H7VkPS3xYKfQkikse8ChyZKtmnKfkqQWDsG
TLn0mLOEbmfQnvVL0N37iCUM+sWlgZwdpHfKdjT7LQNQ
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:47:57 2025 by rpki-client