Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/rXRu8y7KH4eVt4pi-qQsVwCZo7M.roa
File: rXRu8y7KH4eVt4pi-qQsVwCZo7M.roa (raw, json)
Hash identifier: 6N6EBAkXmbWw8Eh8oVfwa8d3Gv0mmlAZg/yQWNpcYV4=
Subject key identifier: AD:74:6E:F3:2E:CA:1F:87:95:B7:8A:62:FA:A4:2C:57:00:99:A3:B3
Certificate issuer: /CN=3ee770f47fd903925d80ac58e05e076f3baa110b
Certificate serial: 019686E891375F6AA2134CC93A23FF3F3A2D
Authority key identifier: 3E:E7:70:F4:7F:D9:03:92:5D:80:AC:58:E0:5E:07:6F:3B:AA:11:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/rXRu8y7KH4eVt4pi-qQsVwCZo7M.roa
Signing time: Wed 30 Apr 2025 13:35:10 +0000
ROA not before: Wed 30 Apr 2025 13:35:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 136501
IP address blocks: 194.31.167.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Jun 2025 07:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:86:e8:91:37:5f:6a:a2:13:4c:c9:3a:23:ff:3f:3a:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ee770f47fd903925d80ac58e05e076f3baa110b
Validity
Not Before: Apr 30 13:35:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ad746ef32eca1f8795b78a62faa42c570099a3b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:6a:58:4f:74:eb:29:1e:fe:1b:a9:d8:3e:41:
a1:08:3a:07:34:dc:24:9c:d1:30:bd:0d:a4:87:6d:
50:5d:44:2e:28:63:6f:18:11:8b:0a:c9:cd:f2:a5:
89:16:10:00:ce:fb:b2:b8:81:2c:34:03:45:b2:6c:
ff:54:3d:a1:24:0b:cf:51:f8:d8:ff:d4:35:3c:1d:
fe:d8:09:84:55:6c:df:0d:75:58:5c:22:3e:0e:be:
69:ea:ae:d1:cd:6b:12:d5:c0:02:8c:f1:1c:09:3d:
89:65:b3:4e:cf:72:00:15:9a:9f:f9:fa:d1:ee:3f:
69:ca:b4:29:06:f5:7e:9e:96:8e:13:c9:5d:a5:47:
0d:3a:79:59:3d:b2:ca:43:d5:ef:37:fc:15:e8:c2:
c5:39:4b:30:fa:d2:cd:fe:db:d8:c5:b2:4f:10:b1:
2d:32:ed:59:ee:40:01:53:72:d3:e1:86:2a:c1:e2:
43:00:34:4d:3f:e3:69:09:e7:ab:6f:98:e8:53:22:
f1:e6:9a:39:f9:8b:19:d5:b8:83:eb:07:b6:cf:17:
bb:96:c1:fc:87:7b:e2:87:fe:04:4f:40:0e:30:4c:
7d:8f:81:3f:84:32:3a:01:d2:12:23:ce:69:9c:57:
c8:3d:3e:6c:52:fb:33:e6:81:7a:41:ee:ed:c6:2e:
f1:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:74:6E:F3:2E:CA:1F:87:95:B7:8A:62:FA:A4:2C:57:00:99:A3:B3
X509v3 Authority Key Identifier:
keyid:3E:E7:70:F4:7F:D9:03:92:5D:80:AC:58:E0:5E:07:6F:3B:AA:11:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/rXRu8y7KH4eVt4pi-qQsVwCZo7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.31.167.0/24
Signature Algorithm: sha256WithRSAEncryption
69:b3:1c:27:84:f1:a1:be:da:67:8f:a2:06:c1:6f:21:75:3f:
1a:d2:4e:cf:6d:ab:65:d9:58:b6:d8:7b:f5:b2:5d:7b:d3:8b:
75:8f:d6:9c:f3:5b:60:86:dd:c7:5a:e8:11:00:3c:68:40:ba:
60:2d:f4:a6:37:9f:c6:a6:aa:3a:a7:36:c2:20:32:7a:86:87:
38:58:41:af:9f:22:27:b9:62:eb:3a:9c:a2:c0:92:52:d6:40:
d0:67:a7:79:f7:29:93:59:66:3d:72:f3:26:1a:a3:8d:41:f8:
85:cb:37:5b:9d:82:41:9e:a7:d2:64:b6:fa:ab:7e:fc:d0:44:
57:74:36:c8:3c:e3:36:fb:13:66:79:e4:01:de:7a:07:77:d8:
7e:e7:74:35:d6:1e:ad:33:9f:c7:26:5f:1c:2e:13:45:75:a6:
45:97:fb:ed:13:2e:8c:e2:04:59:82:dc:53:24:6e:f3:0a:3e:
d5:0e:f5:45:85:d4:38:fd:fe:dc:99:50:db:b3:51:a8:fe:e2:
dd:6f:48:48:ef:c4:6c:9b:d6:b1:74:9d:57:ec:75:99:72:67:
b5:75:8f:8a:f1:4e:76:c1:54:9e:cf:68:9b:3e:43:2e:ce:54:
d4:56:9a:00:89:87:a8:55:4b:2e:7e:6c:35:ec:8a:59:b1:3c:
c8:42:16:2c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZaG6JE3X2qiE0zJOiP/PzotMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZTc3MGY0N2ZkOTAzOTI1ZDgwYWM1OGUwNWUwNzZmM2Jh
YTExMGIwHhcNMjUwNDMwMTMzNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDc0NmVmMzJlY2ExZjg3OTViNzhhNjJmYWE0MmM1NzAwOTlhM2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz2pYT3TrKR7+G6nYPkGhCDoHNNwk
nNEwvQ2kh21QXUQuKGNvGBGLCsnN8qWJFhAAzvuyuIEsNANFsmz/VD2hJAvPUfjY
/9Q1PB3+2AmEVWzfDXVYXCI+Dr5p6q7RzWsS1cACjPEcCT2JZbNOz3IAFZqf+frR
7j9pyrQpBvV+npaOE8ldpUcNOnlZPbLKQ9XvN/wV6MLFOUsw+tLN/tvYxbJPELEt
Mu1Z7kABU3LT4YYqweJDADRNP+NpCeerb5joUyLx5po5+YsZ1biD6we2zxe7lsH8
h3vih/4ET0AOMEx9j4E/hDI6AdISI85pnFfIPT5sUvsz5oF6Qe7txi7xHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK10bvMuyh+HlbeKYvqkLFcAmaOzMB8GA1UdIwQY
MBaAFD7ncPR/2QOSXYCsWOBeB287qhELMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHVkdzlIX1pBNUpkZ0t4WTRGNEhienVxRVFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi80MzQzNDQtMzIzZS00OGY4LWFkZTIt
NjI0ZjgzNjgyMTY5LzEvclhSdTh5N0tINGVWdDRwaS1xUXNWd0NabzdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi80MzQzNDQtMzIzZS00OGY4LWFkZTItNjI0ZjgzNjgyMTY5
LzEvUHVkdzlIX1pBNUpkZ0t4WTRGNEhienVxRVFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwh+nMA0G
CSqGSIb3DQEBCwUAA4IBAQBpsxwnhPGhvtpnj6IGwW8hdT8a0k7Pbatl2Vi22Hv1
sl1704t1j9ac81tght3HWugRADxoQLpgLfSmN5/Gpqo6pzbCIDJ6hoc4WEGvnyIn
uWLrOpyiwJJS1kDQZ6d59ymTWWY9cvMmGqONQfiFyzdbnYJBnqfSZLb6q3780ERX
dDbIPOM2+xNmeeQB3noHd9h+53Q11h6tM5/HJl8cLhNFdaZFl/vtEy6M4gRZgtxT
JG7zCj7VDvVFhdQ4/f7cmVDbs1Go/uLdb0hI78Rsm9axdJ1X7HWZcme1dY+K8U52
wVSez2ibPkMuzlTUVpoAiYeoVUsufmw17IpZsTzIQhYs
-----END CERTIFICATE-----
Generated at Wed Jun 4 12:05:52 2025 by rpki-client