Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/b11980-1f7b-4ee7-a88e-a5899cee655f/1/dVmeU4wC0TgcJ1mLjCj6WUgRoKU.roa
File: dVmeU4wC0TgcJ1mLjCj6WUgRoKU.roa (raw, json)
Hash identifier: Tr7wmryEwMRa1UVn0iohUCcmRld2nTxoTKpz/4davog=
Subject key identifier: 75:59:9E:53:8C:02:D1:38:1C:27:59:8B:8C:28:FA:59:48:11:A0:A5
Certificate issuer: /CN=367070b169d11a96291004e3000f9b04d4e112d3
Certificate serial: 019427488587418912A96EF233D8DFFC9ECE
Authority key identifier: 36:70:70:B1:69:D1:1A:96:29:10:04:E3:00:0F:9B:04:D4:E1:12:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NnBwsWnRGpYpEATjAA-bBNThEtM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/b11980-1f7b-4ee7-a88e-a5899cee655f/1/dVmeU4wC0TgcJ1mLjCj6WUgRoKU.roa
Signing time: Thu 02 Jan 2025 13:50:51 +0000
ROA not before: Thu 02 Jan 2025 13:50:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202315
IP address blocks: 194.49.80.0/24 maxlen: 24
194.49.81.0/24 maxlen: 24
194.49.82.0/24 maxlen: 24
194.49.83.0/24 maxlen: 24
2a0c:c8c0::/48 maxlen: 48
2a0c:c8c0:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d6/b11980-1f7b-4ee7-a88e-a5899cee655f/1/NnBwsWnRGpYpEATjAA-bBNThEtM.crl
rsync://rpki.ripe.net/repository/DEFAULT/d6/b11980-1f7b-4ee7-a88e-a5899cee655f/1/NnBwsWnRGpYpEATjAA-bBNThEtM.mft
rsync://rpki.ripe.net/repository/DEFAULT/NnBwsWnRGpYpEATjAA-bBNThEtM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:85:87:41:89:12:a9:6e:f2:33:d8:df:fc:9e:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=367070b169d11a96291004e3000f9b04d4e112d3
Validity
Not Before: Jan 2 13:50:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=75599e538c02d1381c27598b8c28fa594811a0a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ee:38:57:d4:3f:13:21:1c:fa:c7:b1:c9:1c:
ed:da:76:94:2f:c9:ff:83:9f:a7:27:86:b0:5b:22:
d6:c2:19:60:32:ab:18:e5:e5:83:c2:8e:43:12:b7:
48:64:3f:3c:df:f0:61:4d:c5:d6:8e:71:e7:d6:b6:
73:f5:16:5c:44:23:dd:bd:84:71:41:d0:e2:06:29:
e2:2e:fc:a6:b3:e0:e2:80:94:1a:ae:ee:3b:d4:b5:
53:b5:31:4a:1f:06:94:97:98:65:bf:80:9e:de:61:
86:f6:26:01:64:20:27:0f:27:26:7d:84:2b:c2:56:
3e:1f:68:7e:42:e0:8f:b8:8c:bc:79:1b:f5:d8:e0:
56:1f:81:b1:a8:a1:f9:3e:41:9d:dd:89:77:0b:e8:
03:e2:df:ea:e7:3d:53:35:ef:94:8d:bc:08:03:a2:
94:2e:8b:61:3b:c8:9c:4f:82:05:ac:a6:3a:a1:9f:
d0:22:c1:e2:ed:01:ea:12:38:a6:7a:24:33:e8:d5:
d1:a2:af:be:15:b4:53:c8:5c:4b:4e:c8:c9:07:54:
f6:75:0c:0a:7c:0c:62:4d:d1:04:26:ff:15:3b:c4:
f6:7a:2f:40:92:f3:03:8f:5a:07:21:27:d5:69:63:
31:ac:76:30:12:de:6a:e0:53:c6:b1:b3:c8:aa:2d:
6f:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:59:9E:53:8C:02:D1:38:1C:27:59:8B:8C:28:FA:59:48:11:A0:A5
X509v3 Authority Key Identifier:
keyid:36:70:70:B1:69:D1:1A:96:29:10:04:E3:00:0F:9B:04:D4:E1:12:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NnBwsWnRGpYpEATjAA-bBNThEtM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/b11980-1f7b-4ee7-a88e-a5899cee655f/1/dVmeU4wC0TgcJ1mLjCj6WUgRoKU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/b11980-1f7b-4ee7-a88e-a5899cee655f/1/NnBwsWnRGpYpEATjAA-bBNThEtM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.49.80.0/22
IPv6:
2a0c:c8c0::/47
Signature Algorithm: sha256WithRSAEncryption
8e:d7:5a:57:29:45:3d:b5:de:2e:4d:e0:c6:57:2e:62:2f:d9:
91:5c:74:53:4e:19:9c:c2:01:ab:88:e1:f7:a9:d2:a1:e8:48:
b8:26:24:36:61:bf:d3:e4:52:fd:e6:33:24:86:97:07:ee:03:
8c:8e:ff:e8:4f:bf:98:94:ed:42:25:9b:84:8b:43:46:97:22:
7a:a6:86:77:5c:a4:df:e9:2c:60:1f:29:77:6c:75:e7:a0:e4:
6c:26:61:81:16:b8:5b:18:7e:c5:4e:fe:46:22:c3:5f:71:86:
92:9d:32:66:c2:76:72:7d:8b:a7:73:9f:19:e7:e0:be:40:2e:
8b:e7:45:2a:64:92:8f:5f:bf:8f:57:1c:2e:aa:f4:0a:e6:b8:
9b:46:62:ef:06:b5:53:ae:ab:e5:ce:a9:e8:fb:9d:97:3d:fc:
5f:b6:f2:12:23:68:78:68:e7:e0:45:cb:42:4b:eb:6b:7c:c0:
38:3b:f6:b3:c6:52:aa:fb:bb:c8:51:7b:53:12:2a:54:da:96:
c1:9a:c2:29:f2:b1:bb:4b:ea:32:03:5a:e6:9f:36:6d:35:31:
b1:20:f7:36:aa:3d:7f:ea:e4:b4:df:a2:b5:2c:3e:2f:19:38:
3f:81:db:e3:dc:6b:54:cb:7b:d7:5f:da:b4:2a:88:2d:e0:ee:
9e:3a:c4:57
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQnSIWHQYkSqW7yM9jf/J7OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2NzA3MGIxNjlkMTFhOTYyOTEwMDRlMzAwMGY5YjA0ZDRl
MTEyZDMwHhcNMjUwMTAyMTM1MDUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTU5OWU1MzhjMDJkMTM4MWMyNzU5OGI4YzI4ZmE1OTQ4MTFhMGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+44V9Q/EyEc+sexyRzt2naUL8n/
g5+nJ4awWyLWwhlgMqsY5eWDwo5DErdIZD883/BhTcXWjnHn1rZz9RZcRCPdvYRx
QdDiBiniLvyms+DigJQaru471LVTtTFKHwaUl5hlv4Ce3mGG9iYBZCAnDycmfYQr
wlY+H2h+QuCPuIy8eRv12OBWH4GxqKH5PkGd3Yl3C+gD4t/q5z1TNe+UjbwIA6KU
LothO8icT4IFrKY6oZ/QIsHi7QHqEjimeiQz6NXRoq++FbRTyFxLTsjJB1T2dQwK
fAxiTdEEJv8VO8T2ei9AkvMDj1oHISfVaWMxrHYwEt5q4FPGsbPIqi1vVQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHVZnlOMAtE4HCdZi4wo+llIEaClMB8GA1UdIwQY
MBaAFDZwcLFp0RqWKRAE4wAPmwTU4RLTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm5Cd3NXblJHcFlwRUFUakFBLWJCTlRoRXRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9iMTE5ODAtMWY3Yi00ZWU3LWE4OGUt
YTU4OTljZWU2NTVmLzEvZFZtZVU0d0MwVGdjSjFtTGpDajZXVWdSb0tVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9iMTE5ODAtMWY3Yi00ZWU3LWE4OGUtYTU4OTljZWU2NTVm
LzEvTm5Cd3NXblJHcFlwRUFUakFBLWJCTlRoRXRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCwjFQMA8E
AgACMAkDBwEqDMjAAAAwDQYJKoZIhvcNAQELBQADggEBAI7XWlcpRT213i5N4MZX
LmIv2ZFcdFNOGZzCAauI4fep0qHoSLgmJDZhv9PkUv3mMySGlwfuA4yO/+hPv5iU
7UIlm4SLQ0aXInqmhndcpN/pLGAfKXdsdeeg5GwmYYEWuFsYfsVO/kYiw19xhpKd
MmbCdnJ9i6dznxnn4L5ALovnRSpkko9fv49XHC6q9ArmuJtGYu8GtVOuq+XOqej7
nZc9/F+28hIjaHho5+BFy0JL62t8wDg79rPGUqr7u8hRe1MSKlTalsGawinysbtL
6jIDWuafNm01MbEg9zaqPX/q5LTforUsPi8ZOD+B2+Pca1TLe9df2rQqiC3g7p46
xFc=
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:45:47 2025 by rpki-client