Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/aBIcj7LI1O3BVRyy53HUAdRQ4rQ.roa
File: aBIcj7LI1O3BVRyy53HUAdRQ4rQ.roa (raw, json)
Hash identifier: nT20CQKkYN64iOm6t823f2honFQ1k9KcdmyR7BtejZM=
Subject key identifier: 68:12:1C:8F:B2:C8:D4:ED:C1:55:1C:B2:E7:71:D4:01:D4:50:E2:B4
Certificate issuer: /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial: 0194282425350AF510E901361745EA9554F8
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/aBIcj7LI1O3BVRyy53HUAdRQ4rQ.roa
Signing time: Thu 02 Jan 2025 17:50:45 +0000
ROA not before: Thu 02 Jan 2025 17:50:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 53107
IP address blocks: 82.118.233.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.mft
rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 16:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:25:35:0a:f5:10:e9:01:36:17:45:ea:95:54:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Validity
Not Before: Jan 2 17:50:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=68121c8fb2c8d4edc1551cb2e771d401d450e2b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:40:38:d1:b1:af:5e:ef:e0:6a:93:c5:58:f5:
76:55:fd:24:ac:df:bb:1f:72:ee:8e:a1:0a:2e:db:
bf:fa:d8:ab:67:fc:8e:fe:b9:21:e1:6a:91:c0:e3:
2b:60:c1:d3:4e:71:37:e0:39:4d:ca:aa:96:60:2c:
fe:4e:8e:0a:e6:47:f3:f6:7f:0c:ca:8e:1d:c2:c0:
52:6f:7c:ab:4e:63:d0:1f:8b:22:5e:1c:80:7a:ba:
db:0a:57:21:9c:40:08:33:6f:2b:73:97:46:45:c0:
b6:d2:e3:f8:30:24:b0:f8:ea:5c:e1:2d:46:9b:b3:
d6:a0:c2:3f:15:6a:72:92:a7:a4:d2:77:ec:a0:90:
60:5f:ab:fe:e8:44:91:dd:71:c4:00:01:6e:28:00:
ca:39:34:85:cd:a0:65:ee:b5:3a:7c:14:e6:ea:4d:
37:04:bb:f2:72:16:ab:98:ad:af:6e:90:46:c8:72:
23:00:52:c6:bf:d3:e8:ea:b4:55:69:42:f2:8a:3d:
c8:10:87:57:3b:cc:de:2e:e6:32:9d:58:31:7e:64:
b4:bc:07:f1:16:bc:fd:c9:7e:a6:40:4a:ac:00:fa:
88:03:a9:f4:94:3c:9b:cf:d2:0f:43:1c:94:bd:fa:
85:b2:be:3c:1c:c2:61:d9:27:b4:fe:25:bc:b2:d4:
43:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:12:1C:8F:B2:C8:D4:ED:C1:55:1C:B2:E7:71:D4:01:D4:50:E2:B4
X509v3 Authority Key Identifier:
keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/aBIcj7LI1O3BVRyy53HUAdRQ4rQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.118.233.0/24
Signature Algorithm: sha256WithRSAEncryption
c1:e8:74:fd:9a:8a:55:fd:0e:fd:74:47:e0:e6:62:03:64:c2:
26:c5:a4:90:31:fc:68:9d:e8:0d:b8:c9:a4:68:22:38:90:54:
93:3d:d7:10:d4:2f:7f:e5:03:8c:ba:ac:f9:96:56:3d:86:da:
82:4a:30:17:00:c2:32:c3:dd:7d:38:ab:32:3e:83:11:3f:56:
e2:f6:f3:12:28:a6:d3:f1:92:39:0f:cb:ed:0b:4f:8e:a1:67:
8b:94:3b:29:32:0a:51:fa:d8:de:b6:70:f1:65:d2:02:13:34:
16:72:4a:25:c7:57:0d:d5:a6:78:1f:5b:ed:cf:e8:ad:d0:bd:
2a:a7:ae:cb:31:d5:a3:58:aa:da:fb:1f:e1:b9:34:c8:7d:4f:
52:1a:a1:2f:59:df:30:51:35:7f:fb:1b:d6:48:cb:97:5d:d1:
ba:b9:20:36:f8:0d:c3:b1:96:b5:95:52:50:4b:45:b0:3e:ba:
b8:34:ac:db:e7:6c:50:c4:4b:e8:74:eb:69:ce:bb:48:da:85:
68:17:ba:05:df:bf:ac:c4:c1:08:c6:37:c6:fc:a0:33:de:93:
57:09:2e:b3:c2:b6:65:99:ee:c6:57:cd:dc:cb:ee:ff:5f:e1:
39:70:57:8b:e4:91:46:60:b6:cd:29:fa:d5:d1:17:03:56:6a:
fd:d7:1c:ca
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJCU1CvUQ6QE2F0XqlVT4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1
Y2IyYWEwHhcNMjUwMTAyMTc1MDQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODEyMWM4ZmIyYzhkNGVkYzE1NTFjYjJlNzcxZDQwMWQ0NTBlMmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkEA40bGvXu/gapPFWPV2Vf0krN+7
H3LujqEKLtu/+tirZ/yO/rkh4WqRwOMrYMHTTnE34DlNyqqWYCz+To4K5kfz9n8M
yo4dwsBSb3yrTmPQH4siXhyAerrbClchnEAIM28rc5dGRcC20uP4MCSw+Opc4S1G
m7PWoMI/FWpykqek0nfsoJBgX6v+6ESR3XHEAAFuKADKOTSFzaBl7rU6fBTm6k03
BLvycharmK2vbpBGyHIjAFLGv9Po6rRVaULyij3IEIdXO8zeLuYynVgxfmS0vAfx
Frz9yX6mQEqsAPqIA6n0lDybz9IPQxyUvfqFsr48HMJh2Se0/iW8stRDIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGgSHI+yyNTtwVUcsudx1AHUUOK0MB8GA1UdIwQY
MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt
ZGFjYjVmMzU2ZWEzLzEvYUJJY2o3TEkxTzNCVlJ5eTUzSFVBZFJRNHJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz
LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUnbpMA0G
CSqGSIb3DQEBCwUAA4IBAQDB6HT9mopV/Q79dEfg5mIDZMImxaSQMfxonegNuMmk
aCI4kFSTPdcQ1C9/5QOMuqz5llY9htqCSjAXAMIyw919OKsyPoMRP1bi9vMSKKbT
8ZI5D8vtC0+OoWeLlDspMgpR+tjetnDxZdICEzQWckolx1cN1aZ4H1vtz+it0L0q
p67LMdWjWKra+x/huTTIfU9SGqEvWd8wUTV/+xvWSMuXXdG6uSA2+A3DsZa1lVJQ
S0WwPrq4NKzb52xQxEvodOtpzrtI2oVoF7oF37+sxMEIxjfG/KAz3pNXCS6zwrZl
me7GV83cy+7/X+E5cFeL5JFGYLbNKfrV0RcDVmr91xzK
-----END CERTIFICATE-----
Generated at Mon Apr 7 00:11:45 2025 by rpki-client