Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7abca5-77ac-4987-8a2b-52498a7dece9/1/rfglLUnXtW1bLGWSkf5ECHoCphY.roa
File: rfglLUnXtW1bLGWSkf5ECHoCphY.roa (raw, json)
Hash identifier: iNTsnpqxL1z0jo4De4q7TGzAt43nrGIiUj9zY7jQRw8=
Subject key identifier: AD:F8:25:2D:49:D7:B5:6D:5B:2C:65:92:91:FE:44:08:7A:02:A6:16
Certificate issuer: /CN=dae564c7cedddb5f89a1bde677dae889e971f010
Certificate serial: 0194E531E730A5B84B394F0FB571B799673C
Authority key identifier: DA:E5:64:C7:CE:DD:DB:5F:89:A1:BD:E6:77:DA:E8:89:E9:71:F0:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2uVkx87d21-Job3md9roielx8BA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/7abca5-77ac-4987-8a2b-52498a7dece9/1/rfglLUnXtW1bLGWSkf5ECHoCphY.roa
Signing time: Sat 08 Feb 2025 10:54:00 +0000
ROA not before: Sat 08 Feb 2025 10:54:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204471
IP address blocks: 193.194.16.0/22 maxlen: 24
193.194.20.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/7abca5-77ac-4987-8a2b-52498a7dece9/1/2uVkx87d21-Job3md9roielx8BA.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/7abca5-77ac-4987-8a2b-52498a7dece9/1/2uVkx87d21-Job3md9roielx8BA.mft
rsync://rpki.ripe.net/repository/DEFAULT/2uVkx87d21-Job3md9roielx8BA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 22:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:e5:31:e7:30:a5:b8:4b:39:4f:0f:b5:71:b7:99:67:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dae564c7cedddb5f89a1bde677dae889e971f010
Validity
Not Before: Feb 8 10:54:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=adf8252d49d7b56d5b2c659291fe44087a02a616
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:f2:92:7d:00:7b:f1:c1:ae:7f:5d:e2:ac:aa:
a3:2f:f0:a0:26:9e:a0:e4:54:2e:2a:e2:72:cd:38:
1f:3f:68:f5:a2:a6:bc:31:e3:b3:09:42:07:31:76:
43:d8:b1:e4:0d:91:3e:45:93:e1:54:ef:eb:0f:ae:
b4:45:1d:cb:b4:a1:11:77:d6:a2:34:24:25:96:12:
fb:1a:8e:62:d3:7d:25:a1:6d:0d:fa:3b:7e:c7:1d:
db:e0:3c:04:ab:46:bb:74:e7:0e:77:39:93:58:8b:
1c:0e:52:d3:4d:cb:80:bc:5e:0c:af:89:89:25:af:
5e:15:0d:65:e6:6e:b9:fb:4c:6d:1a:16:b9:3d:fb:
34:38:a2:da:78:4f:9a:f1:2f:26:91:bd:4d:15:15:
b5:74:9a:8e:fc:5b:3a:a9:de:82:b2:b9:bb:dd:1d:
8d:5e:cf:3d:fd:84:33:b1:97:a9:01:a4:7b:d0:c9:
ef:11:4c:9c:69:c3:be:7a:5c:6c:ff:66:1d:86:de:
eb:cc:5d:0f:5b:95:7e:57:4b:91:36:3f:18:84:67:
fa:57:cd:a9:2c:8f:db:d2:3d:4d:b9:0b:f0:b4:6b:
f7:5d:39:42:08:c3:e7:a9:6b:a8:15:d0:5c:6d:e9:
9d:87:9e:6c:c1:e6:b0:87:19:a0:5a:8e:e9:07:b7:
b1:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:F8:25:2D:49:D7:B5:6D:5B:2C:65:92:91:FE:44:08:7A:02:A6:16
X509v3 Authority Key Identifier:
keyid:DA:E5:64:C7:CE:DD:DB:5F:89:A1:BD:E6:77:DA:E8:89:E9:71:F0:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2uVkx87d21-Job3md9roielx8BA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7abca5-77ac-4987-8a2b-52498a7dece9/1/rfglLUnXtW1bLGWSkf5ECHoCphY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7abca5-77ac-4987-8a2b-52498a7dece9/1/2uVkx87d21-Job3md9roielx8BA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.194.16.0-193.194.20.255
Signature Algorithm: sha256WithRSAEncryption
2d:d7:3c:3b:82:64:00:c1:8f:31:6f:b8:08:2a:3f:f2:47:e1:
9a:7f:64:b9:eb:5d:fd:1f:a3:6d:3a:8e:a8:02:4e:d0:1d:fa:
c1:e0:c9:b0:e9:3b:2d:53:97:e0:1a:8c:2f:54:ae:61:40:fa:
c7:52:6a:38:ba:3f:2b:ee:64:df:ae:e4:96:d8:a0:f0:d5:c3:
a8:4d:8e:ac:82:d6:25:e9:37:26:03:32:3c:ad:7a:02:b8:31:
32:c5:24:07:20:fd:72:67:e4:f0:30:2b:09:be:90:ee:11:b5:
d8:b2:d7:8e:34:8b:be:b2:41:d0:62:05:ee:c1:90:f9:14:51:
8a:67:ea:b9:d3:d4:03:d1:a6:52:63:53:1b:58:99:96:40:09:
83:cb:67:ef:7c:eb:12:ad:b3:4e:12:f9:98:8e:38:5a:d3:7a:
5d:04:8a:94:56:ee:8c:78:3a:3f:c1:0e:5a:a3:b4:48:a6:71:
06:08:62:97:78:a5:d8:00:c5:5d:6e:dc:21:ee:b1:95:b6:5e:
de:82:69:4e:8b:e4:6b:8d:1f:32:5c:0b:52:fb:6d:ec:53:ee:
c7:4d:5f:3a:cf:6e:60:8e:e2:93:b9:06:3b:0c:d3:27:af:ca:
11:5a:18:c9:37:56:6a:8d:4f:36:e0:e4:1f:ac:64:b5:fe:fe:
8c:17:25:e4
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZTlMecwpbhLOU8PtXG3mWc8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhZTU2NGM3Y2VkZGRiNWY4OWExYmRlNjc3ZGFlODg5ZTk3
MWYwMTAwHhcNMjUwMjA4MTA1NDAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGY4MjUyZDQ5ZDdiNTZkNWIyYzY1OTI5MWZlNDQwODdhMDJhNjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxPKSfQB78cGuf13irKqjL/CgJp6g
5FQuKuJyzTgfP2j1oqa8MeOzCUIHMXZD2LHkDZE+RZPhVO/rD660RR3LtKERd9ai
NCQllhL7Go5i030loW0N+jt+xx3b4DwEq0a7dOcOdzmTWIscDlLTTcuAvF4Mr4mJ
Ja9eFQ1l5m65+0xtGha5Pfs0OKLaeE+a8S8mkb1NFRW1dJqO/Fs6qd6Csrm73R2N
Xs89/YQzsZepAaR70MnvEUycacO+elxs/2Ydht7rzF0PW5V+V0uRNj8YhGf6V82p
LI/b0j1NuQvwtGv3XTlCCMPnqWuoFdBcbemdh55sweawhxmgWo7pB7exjwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFK34JS1J17VtWyxlkpH+RAh6AqYWMB8GA1UdIwQY
MBaAFNrlZMfO3dtfiaG95nfa6InpcfAQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnVWa3g4N2QyMS1Kb2IzbWQ5cm9pZWx4OEJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi83YWJjYTUtNzdhYy00OTg3LThhMmIt
NTI0OThhN2RlY2U5LzEvcmZnbExVblh0VzFiTEdXU2tmNUVDSG9DcGhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi83YWJjYTUtNzdhYy00OTg3LThhMmItNTI0OThhN2RlY2U5
LzEvMnVWa3g4N2QyMS1Kb2IzbWQ5cm9pZWx4OEJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBATBwhAD
BADBwhQwDQYJKoZIhvcNAQELBQADggEBAC3XPDuCZADBjzFvuAgqP/JH4Zp/ZLnr
Xf0fo206jqgCTtAd+sHgybDpOy1Tl+AajC9UrmFA+sdSaji6PyvuZN+u5JbYoPDV
w6hNjqyC1iXpNyYDMjytegK4MTLFJAcg/XJn5PAwKwm+kO4Rtdiy1440i76yQdBi
Be7BkPkUUYpn6rnT1APRplJjUxtYmZZACYPLZ+986xKts04S+ZiOOFrTel0EipRW
7ox4Oj/BDlqjtEimcQYIYpd4pdgAxV1u3CHusZW2Xt6CaU6L5GuNHzJcC1L7bexT
7sdNXzrPbmCO4pO5BjsM0yevyhFaGMk3VmqNTzbg5B+sZLX+/owXJeQ=
-----END CERTIFICATE-----
Generated at Sun Apr 6 06:01:23 2025 by rpki-client