Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/5d7bc4-e0c5-4a48-90e6-752516890d3d/1/b9QaepP0oxMTo3a9H8MxgSOF6ZM.roa
File: b9QaepP0oxMTo3a9H8MxgSOF6ZM.roa (raw, json)
Hash identifier: 1vtB6IOZEJek+700nGKVkQQxvbkoR7RDVA9c6BbAbEM=
Subject key identifier: 6F:D4:1A:7A:93:F4:A3:13:13:A3:76:BD:1F:C3:31:81:23:85:E9:93
Certificate issuer: /CN=9e02e064c98b3231c3f2148a1c3d9c387d489ee9
Certificate serial: 019427B5FF2DD3E4C25C889C49F5E79240E0
Authority key identifier: 9E:02:E0:64:C9:8B:32:31:C3:F2:14:8A:1C:3D:9C:38:7D:48:9E:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ngLgZMmLMjHD8hSKHD2cOH1Inuk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/5d7bc4-e0c5-4a48-90e6-752516890d3d/1/b9QaepP0oxMTo3a9H8MxgSOF6ZM.roa
Signing time: Thu 02 Jan 2025 15:50:26 +0000
ROA not before: Thu 02 Jan 2025 15:50:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1759
IP address blocks: 193.143.99.0/24 maxlen: 24
193.143.100.0/24 maxlen: 24
193.143.101.0/24 maxlen: 24
193.143.102.0/23 maxlen: 23
193.143.104.0/21 maxlen: 21
193.143.112.0/23 maxlen: 23
193.143.114.0/24 maxlen: 24
193.143.116.0/23 maxlen: 23
193.143.118.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/5d7bc4-e0c5-4a48-90e6-752516890d3d/1/ngLgZMmLMjHD8hSKHD2cOH1Inuk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/5d7bc4-e0c5-4a48-90e6-752516890d3d/1/ngLgZMmLMjHD8hSKHD2cOH1Inuk.mft
rsync://rpki.ripe.net/repository/DEFAULT/ngLgZMmLMjHD8hSKHD2cOH1Inuk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 08:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:ff:2d:d3:e4:c2:5c:88:9c:49:f5:e7:92:40:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e02e064c98b3231c3f2148a1c3d9c387d489ee9
Validity
Not Before: Jan 2 15:50:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6fd41a7a93f4a31313a376bd1fc331812385e993
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:31:74:b5:65:cf:d9:94:fb:db:60:c5:b5:4c:
f2:c2:40:f8:3f:b1:7c:b1:ef:f4:22:20:1c:2d:01:
6f:ab:ed:06:0e:ef:5f:36:78:7e:45:78:27:18:76:
6d:1c:af:29:4a:b4:b1:62:e6:04:cd:7a:08:87:de:
c3:4f:3c:b2:33:78:6b:70:20:69:a1:d7:d2:be:00:
5a:64:4a:8f:99:f8:79:f0:5e:db:c9:27:4a:5d:80:
fc:b5:27:7b:ad:d9:81:04:97:43:da:31:0d:6b:61:
d6:f1:b1:22:3c:15:71:70:ab:a8:1a:65:bd:e3:2f:
82:64:06:9c:15:17:5a:6f:30:af:82:4a:3c:cc:eb:
67:83:c6:e1:1e:0d:6a:30:37:2b:25:31:e4:97:17:
3d:8d:22:d8:f8:90:56:cb:f6:7a:47:42:4a:89:e8:
55:c4:31:f8:39:11:1d:3f:80:5b:6b:6b:87:96:78:
e1:c0:2b:2a:dc:c0:ce:33:33:d0:9c:b1:fc:e3:7e:
70:67:04:ea:59:a3:ef:12:14:54:f1:5d:89:44:8d:
2a:c4:c7:65:eb:21:b1:16:c0:b9:16:25:ac:51:85:
23:d4:c1:17:22:eb:e5:15:04:ab:fb:8b:5b:a8:67:
58:52:a4:c3:de:b7:08:cc:77:c7:1c:9a:6c:55:73:
e7:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:D4:1A:7A:93:F4:A3:13:13:A3:76:BD:1F:C3:31:81:23:85:E9:93
X509v3 Authority Key Identifier:
keyid:9E:02:E0:64:C9:8B:32:31:C3:F2:14:8A:1C:3D:9C:38:7D:48:9E:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ngLgZMmLMjHD8hSKHD2cOH1Inuk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/5d7bc4-e0c5-4a48-90e6-752516890d3d/1/b9QaepP0oxMTo3a9H8MxgSOF6ZM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/5d7bc4-e0c5-4a48-90e6-752516890d3d/1/ngLgZMmLMjHD8hSKHD2cOH1Inuk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.143.99.0-193.143.114.255
193.143.116.0-193.143.118.255
Signature Algorithm: sha256WithRSAEncryption
19:14:40:fc:99:78:b4:c7:98:32:3f:bb:54:d0:e5:6b:d8:3c:
23:db:04:ed:29:d9:db:f7:d8:cd:f2:8a:d5:73:a6:24:36:c7:
62:72:15:93:fd:61:33:a9:41:b5:e6:99:ea:5c:9d:ec:5c:93:
e2:2d:94:7c:c8:87:fa:3a:39:5f:1c:d2:35:bf:d7:56:f2:33:
f3:4f:c7:3a:a4:99:73:20:c1:10:c0:62:8f:7a:4c:3f:8c:8c:
76:cf:11:1e:1c:8c:e1:07:31:b5:55:3c:2f:22:1e:a2:02:f7:
09:f5:5a:00:04:df:38:fa:7c:4c:73:da:66:39:5d:5e:10:83:
2f:c8:36:66:1f:76:20:6b:3b:f8:65:7a:ad:88:09:ee:1c:93:
88:18:b2:c6:6e:ca:07:dc:57:31:39:57:5f:b5:4e:2f:3e:f6:
7f:35:46:fa:1f:59:2d:a8:c5:88:81:e4:08:97:a3:ef:52:69:
8f:7b:4a:9a:c8:39:09:e8:16:dd:fe:d7:4a:3e:d1:c7:f6:11:
05:fa:78:bd:6d:34:bd:98:38:c4:33:fb:76:16:00:b3:e8:d8:
4a:04:3b:67:a2:54:f5:67:7e:99:67:6f:35:d6:cf:fb:a9:c7:
34:31:72:08:63:ea:66:b3:0a:c7:16:72:60:5c:6e:cc:c4:f3:
7c:19:7b:0a
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZQntf8t0+TCXIicSfXnkkDgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllMDJlMDY0Yzk4YjMyMzFjM2YyMTQ4YTFjM2Q5YzM4N2Q0
ODllZTkwHhcNMjUwMTAyMTU1MDI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmQ0MWE3YTkzZjRhMzEzMTNhMzc2YmQxZmMzMzE4MTIzODVlOTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmjF0tWXP2ZT722DFtUzywkD4P7F8
se/0IiAcLQFvq+0GDu9fNnh+RXgnGHZtHK8pSrSxYuYEzXoIh97DTzyyM3hrcCBp
odfSvgBaZEqPmfh58F7bySdKXYD8tSd7rdmBBJdD2jENa2HW8bEiPBVxcKuoGmW9
4y+CZAacFRdabzCvgko8zOtng8bhHg1qMDcrJTHklxc9jSLY+JBWy/Z6R0JKiehV
xDH4OREdP4Bba2uHlnjhwCsq3MDOMzPQnLH8435wZwTqWaPvEhRU8V2JRI0qxMdl
6yGxFsC5FiWsUYUj1MEXIuvlFQSr+4tbqGdYUqTD3rcIzHfHHJpsVXPnEwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFG/UGnqT9KMTE6N2vR/DMYEjhemTMB8GA1UdIwQY
MBaAFJ4C4GTJizIxw/IUihw9nDh9SJ7pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmdMZ1pNbUxNakhEOGhTS0hEMmNPSDFJbnVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi81ZDdiYzQtZTBjNS00YTQ4LTkwZTYt
NzUyNTE2ODkwZDNkLzEvYjlRYWVwUDBveE1UbzNhOUg4TXhnU09GNlpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi81ZDdiYzQtZTBjNS00YTQ4LTkwZTYtNzUyNTE2ODkwZDNk
LzEvbmdMZ1pNbUxNakhEOGhTS0hEMmNPSDFJbnVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBADBj2MD
BADBj3IwDAMEAsGPdAMEAMGPdjANBgkqhkiG9w0BAQsFAAOCAQEAGRRA/Jl4tMeY
Mj+7VNDla9g8I9sE7SnZ2/fYzfKK1XOmJDbHYnIVk/1hM6lBteaZ6lyd7FyT4i2U
fMiH+jo5XxzSNb/XVvIz80/HOqSZcyDBEMBij3pMP4yMds8RHhyM4QcxtVU8LyIe
ogL3CfVaAATfOPp8THPaZjldXhCDL8g2Zh92IGs7+GV6rYgJ7hyTiBiyxm7KB9xX
MTlXX7VOLz72fzVG+h9ZLajFiIHkCJej71Jpj3tKmsg5CegW3f7XSj7Rx/YRBfp4
vW00vZg4xDP7dhYAs+jYSgQ7Z6JU9Wd+mWdvNdbP+6nHNDFyCGPqZrMKxxZyYFxu
zMTzfBl7Cg==
-----END CERTIFICATE-----
Generated at Tue Apr 15 12:50:28 2025 by rpki-client