Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/d95b2c-1e02-4e4e-8438-bbcae0df1f2f/1/BeOIJLd8_MIXUGufXTnw_YPsJgs.roa
File: BeOIJLd8_MIXUGufXTnw_YPsJgs.roa (raw, json)
Hash identifier: UFekJjmZxy4vjH3dPZliRBeAZT4NRRq/0IMLKsXu0f8=
Subject key identifier: 05:E3:88:24:B7:7C:FC:C2:17:50:6B:9F:5D:39:F0:FD:83:EC:26:0B
Certificate issuer: /CN=b60b574f03d988155f44ba2cb07bc7dfb457cf0f
Certificate serial: 01941F8C31BD956F91B286DA27A5E103C248
Authority key identifier: B6:0B:57:4F:03:D9:88:15:5F:44:BA:2C:B0:7B:C7:DF:B4:57:CF:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tgtXTwPZiBVfRLossHvH37RXzw8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/d95b2c-1e02-4e4e-8438-bbcae0df1f2f/1/BeOIJLd8_MIXUGufXTnw_YPsJgs.roa
Signing time: Wed 01 Jan 2025 01:47:48 +0000
ROA not before: Wed 01 Jan 2025 01:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44018
IP address blocks: 193.104.146.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/d95b2c-1e02-4e4e-8438-bbcae0df1f2f/1/tgtXTwPZiBVfRLossHvH37RXzw8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d8/d95b2c-1e02-4e4e-8438-bbcae0df1f2f/1/tgtXTwPZiBVfRLossHvH37RXzw8.mft
rsync://rpki.ripe.net/repository/DEFAULT/tgtXTwPZiBVfRLossHvH37RXzw8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Mar 2025 10:02:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:31:bd:95:6f:91:b2:86:da:27:a5:e1:03:c2:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b60b574f03d988155f44ba2cb07bc7dfb457cf0f
Validity
Not Before: Jan 1 01:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=05e38824b77cfcc217506b9f5d39f0fd83ec260b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:48:61:ec:a2:4d:63:58:01:2b:53:26:9c:07:
21:1e:0d:7d:11:50:37:ea:49:4b:4c:68:64:71:14:
42:30:61:91:1e:3c:25:b2:fb:2e:5d:ee:e8:20:5a:
34:88:ad:c3:52:ba:71:ea:02:f3:84:b3:9f:d2:f5:
ad:76:42:51:f3:11:dc:0e:f6:c6:58:20:a6:a9:aa:
6c:19:1a:94:7f:bb:33:4f:a7:a7:ac:bc:b4:8b:36:
83:c2:23:fa:7b:12:4f:80:cd:c1:b9:b4:17:de:82:
0e:7f:7f:96:a3:46:f2:1c:e6:f6:7f:3f:b7:ea:1f:
36:df:2a:7b:de:ef:3e:fa:5b:97:f3:85:5d:2a:77:
0e:f3:a8:41:02:70:5c:66:f7:df:14:d1:ea:95:50:
2d:a3:98:7e:c0:bc:6e:22:18:d6:a5:47:41:88:1b:
bd:4f:4d:e6:15:69:a3:b6:2f:b6:b0:8a:ee:da:f5:
e9:6d:d6:50:03:41:8c:be:a3:2e:ef:41:57:8e:b4:
bc:4d:4a:ac:a3:a2:61:7a:ca:dd:dc:39:ee:a0:da:
f2:70:3b:78:28:ed:66:09:44:48:7a:03:f1:5f:3b:
0e:eb:0f:d2:fb:79:21:84:39:44:81:12:38:3c:cc:
df:f7:e0:ad:1a:ca:b3:65:7f:db:a2:a2:1a:bc:7a:
72:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:E3:88:24:B7:7C:FC:C2:17:50:6B:9F:5D:39:F0:FD:83:EC:26:0B
X509v3 Authority Key Identifier:
keyid:B6:0B:57:4F:03:D9:88:15:5F:44:BA:2C:B0:7B:C7:DF:B4:57:CF:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tgtXTwPZiBVfRLossHvH37RXzw8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/d95b2c-1e02-4e4e-8438-bbcae0df1f2f/1/BeOIJLd8_MIXUGufXTnw_YPsJgs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/d95b2c-1e02-4e4e-8438-bbcae0df1f2f/1/tgtXTwPZiBVfRLossHvH37RXzw8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.104.146.0/24
Signature Algorithm: sha256WithRSAEncryption
13:4d:4a:2c:0f:33:9b:02:c1:57:5b:b5:ec:92:5c:71:d3:c3:
51:9c:e0:45:29:fa:05:c5:29:da:94:2b:02:4c:71:87:52:da:
41:0e:3a:4e:3c:cb:1e:7b:ee:48:ae:16:d0:a5:d3:cc:2d:0c:
50:d2:aa:0b:d2:7b:ec:83:5e:72:78:60:58:c4:2d:83:9f:02:
39:32:58:b9:f8:ae:ab:d0:9c:61:1a:13:ae:ac:2e:14:ba:05:
36:33:40:7d:8c:7f:85:25:61:b2:c5:2a:cf:21:b7:da:70:0b:
b1:a8:e0:6e:15:51:fc:90:be:85:2f:4a:3b:02:e9:75:7d:4e:
d5:f1:d2:c3:da:0f:65:a0:6c:c9:64:ee:6b:59:65:b8:5b:cd:
de:0a:8a:56:bf:91:3e:da:f9:dd:ca:0b:10:3e:25:be:87:a5:
4e:2d:d3:2e:94:c9:00:8f:02:c4:0c:f1:77:28:08:2a:b2:ac:
44:bb:81:f3:d5:dd:f7:a2:a9:ce:9d:4e:9f:a0:5d:34:a7:2f:
ce:14:f6:00:6e:ac:b2:09:f8:a9:92:4a:0b:12:06:2c:57:fd:
35:4c:48:d4:7f:f0:1a:07:ce:2f:dc:58:06:a3:1c:3d:30:3e:
47:53:15:2a:31:6e:fa:fc:ae:46:c8:10:f5:48:ce:d2:8f:b2:
11:44:2c:77
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjDG9lW+RsobaJ6XhA8JIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2MGI1NzRmMDNkOTg4MTU1ZjQ0YmEyY2IwN2JjN2RmYjQ1
N2NmMGYwHhcNMjUwMTAxMDE0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWUzODgyNGI3N2NmY2MyMTc1MDZiOWY1ZDM5ZjBmZDgzZWMyNjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAokhh7KJNY1gBK1MmnAchHg19EVA3
6klLTGhkcRRCMGGRHjwlsvsuXe7oIFo0iK3DUrpx6gLzhLOf0vWtdkJR8xHcDvbG
WCCmqapsGRqUf7szT6enrLy0izaDwiP6exJPgM3BubQX3oIOf3+Wo0byHOb2fz+3
6h823yp73u8++luX84VdKncO86hBAnBcZvffFNHqlVAto5h+wLxuIhjWpUdBiBu9
T03mFWmjti+2sIru2vXpbdZQA0GMvqMu70FXjrS8TUqso6Jhesrd3DnuoNrycDt4
KO1mCURIegPxXzsO6w/S+3khhDlEgRI4PMzf9+CtGsqzZX/boqIavHpy/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAXjiCS3fPzCF1Brn1058P2D7CYLMB8GA1UdIwQY
MBaAFLYLV08D2YgVX0S6LLB7x9+0V88PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGd0WFR3UFppQlZmUkxvc3NIdkgzN1JYenc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC9kOTViMmMtMWUwMi00ZTRlLTg0Mzgt
YmJjYWUwZGYxZjJmLzEvQmVPSUpMZDhfTUlYVUd1ZlhUbndfWVBzSmdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC9kOTViMmMtMWUwMi00ZTRlLTg0MzgtYmJjYWUwZGYxZjJm
LzEvdGd0WFR3UFppQlZmUkxvc3NIdkgzN1JYenc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwWiSMA0G
CSqGSIb3DQEBCwUAA4IBAQATTUosDzObAsFXW7Xsklxx08NRnOBFKfoFxSnalCsC
THGHUtpBDjpOPMsee+5IrhbQpdPMLQxQ0qoL0nvsg15yeGBYxC2DnwI5Mli5+K6r
0JxhGhOurC4UugU2M0B9jH+FJWGyxSrPIbfacAuxqOBuFVH8kL6FL0o7Aul1fU7V
8dLD2g9loGzJZO5rWWW4W83eCopWv5E+2vndygsQPiW+h6VOLdMulMkAjwLEDPF3
KAgqsqxEu4Hz1d33oqnOnU6foF00py/OFPYAbqyyCfipkkoLEgYsV/01TEjUf/Aa
B84v3FgGoxw9MD5HUxUqMW76/K5GyBD1SM7Sj7IRRCx3
-----END CERTIFICATE-----
Generated at Tue Mar 11 19:43:40 2025 by rpki-client