Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/ICJFcNTwvBoTxR73h6RFC09rjcE.roa
File: ICJFcNTwvBoTxR73h6RFC09rjcE.roa (raw, json)
Hash identifier: xTLqPPxBhdwsAxy9x/9cuJE08DZBHQ351Kx0d+iQE1E=
Subject key identifier: 20:22:45:70:D4:F0:BC:1A:13:C5:1E:F7:87:A4:45:0B:4F:6B:8D:C1
Certificate issuer: /CN=c105adc5c4262dff6b3f3e606830c7f971d766ce
Certificate serial: 01941F8C86CC0F257781234A3878A6645F47
Authority key identifier: C1:05:AD:C5:C4:26:2D:FF:6B:3F:3E:60:68:30:C7:F9:71:D7:66:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wQWtxcQmLf9rPz5gaDDH-XHXZs4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/ICJFcNTwvBoTxR73h6RFC09rjcE.roa
Signing time: Wed 01 Jan 2025 01:48:10 +0000
ROA not before: Wed 01 Jan 2025 01:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209748
IP address blocks: 195.123.122.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/wQWtxcQmLf9rPz5gaDDH-XHXZs4.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/wQWtxcQmLf9rPz5gaDDH-XHXZs4.mft
rsync://rpki.ripe.net/repository/DEFAULT/wQWtxcQmLf9rPz5gaDDH-XHXZs4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:86:cc:0f:25:77:81:23:4a:38:78:a6:64:5f:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c105adc5c4262dff6b3f3e606830c7f971d766ce
Validity
Not Before: Jan 1 01:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=20224570d4f0bc1a13c51ef787a4450b4f6b8dc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:5e:4e:1c:75:23:4c:3c:7a:16:11:a6:bf:0a:
25:09:f5:11:23:7e:4e:6f:cf:ac:81:29:3f:95:c4:
09:32:c2:18:33:00:0f:02:1e:90:21:f7:22:fa:ae:
7c:c6:64:15:33:e0:18:5c:2d:b2:71:5e:8e:fe:1c:
e1:70:bf:0d:ec:8f:e1:4c:89:1a:94:41:9a:4a:3a:
ac:cf:fe:a6:39:46:7a:86:c4:2d:53:99:87:7b:fb:
ed:ae:42:3f:60:a7:47:55:9f:7d:c8:0d:b0:be:d5:
96:0d:52:1d:a1:fb:72:de:56:df:2c:c9:70:6a:49:
3b:f0:d5:62:7c:96:fc:53:ec:38:68:ed:18:b8:fb:
38:c3:29:ca:a0:d5:ca:21:90:6d:30:95:15:60:82:
d4:dc:98:5d:9c:55:2c:96:89:b7:61:f8:3e:1d:bd:
ab:e2:13:9e:19:ff:7a:c4:de:10:40:e9:0a:90:fb:
98:ea:a0:db:01:70:7f:a3:1f:16:a9:e4:ae:19:6e:
bf:cd:90:05:93:79:53:09:74:54:b6:26:a6:73:7c:
0f:fd:55:a7:3e:7f:31:8a:4d:43:71:df:b7:7d:a3:
5b:35:f1:5d:d4:1b:e3:82:1c:05:d7:e3:73:50:56:
90:63:ab:02:77:3e:e1:8a:ff:b0:78:21:00:6b:be:
b1:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:22:45:70:D4:F0:BC:1A:13:C5:1E:F7:87:A4:45:0B:4F:6B:8D:C1
X509v3 Authority Key Identifier:
keyid:C1:05:AD:C5:C4:26:2D:FF:6B:3F:3E:60:68:30:C7:F9:71:D7:66:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wQWtxcQmLf9rPz5gaDDH-XHXZs4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/ICJFcNTwvBoTxR73h6RFC09rjcE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/wQWtxcQmLf9rPz5gaDDH-XHXZs4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.123.122.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:bb:02:c8:1a:7e:69:7c:01:85:67:35:76:2f:25:88:51:95:
e6:2f:10:53:97:0a:e7:46:9b:f2:51:05:13:13:9e:44:49:49:
09:6c:bc:24:c3:90:c3:3d:9d:04:5a:1c:41:78:f5:fe:0d:7b:
85:1c:d2:ee:17:d7:99:f8:00:06:0e:62:da:a0:4d:0d:56:d0:
9c:d7:23:29:df:5e:ec:44:d1:36:c3:94:66:a3:0f:23:47:41:
fe:22:61:82:fb:87:e0:34:a5:39:24:61:36:85:79:0e:75:bf:
f0:35:7f:de:1e:57:76:87:28:e7:35:91:fb:0c:5f:99:6e:69:
4f:3d:af:50:05:1b:b5:be:07:5c:99:0e:2e:08:0c:8e:28:79:
12:9d:6e:0d:51:bc:6d:2c:ac:69:c9:26:ec:4b:62:c5:91:94:
e7:bb:d4:af:47:13:9c:5a:61:be:d1:fd:f0:90:79:e3:ec:e9:
e4:24:0a:64:53:6a:6a:49:85:40:c0:be:d3:43:77:56:7c:52:
2f:18:66:63:90:41:87:c7:b7:98:6a:f8:fa:6f:e0:f2:da:d7:
8b:ed:37:d8:49:98:7b:95:51:62:d4:28:f1:ad:3c:9a:a4:50:
94:ec:83:6e:a2:3e:1f:c9:7c:40:0b:93:60:9b:48:e8:01:cc:
20:be:88:7a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjIbMDyV3gSNKOHimZF9HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxMDVhZGM1YzQyNjJkZmY2YjNmM2U2MDY4MzBjN2Y5NzFk
NzY2Y2UwHhcNMjUwMTAxMDE0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDIyNDU3MGQ0ZjBiYzFhMTNjNTFlZjc4N2E0NDUwYjRmNmI4ZGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvV5OHHUjTDx6FhGmvwolCfURI35O
b8+sgSk/lcQJMsIYMwAPAh6QIfci+q58xmQVM+AYXC2ycV6O/hzhcL8N7I/hTIka
lEGaSjqsz/6mOUZ6hsQtU5mHe/vtrkI/YKdHVZ99yA2wvtWWDVIdofty3lbfLMlw
akk78NVifJb8U+w4aO0YuPs4wynKoNXKIZBtMJUVYILU3JhdnFUslom3Yfg+Hb2r
4hOeGf96xN4QQOkKkPuY6qDbAXB/ox8WqeSuGW6/zZAFk3lTCXRUtiamc3wP/VWn
Pn8xik1Dcd+3faNbNfFd1BvjghwF1+NzUFaQY6sCdz7hiv+weCEAa76xewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCAiRXDU8LwaE8Ue94ekRQtPa43BMB8GA1UdIwQY
MBaAFMEFrcXEJi3/az8+YGgwx/lx12bOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1FXdHhjUW1MZjlyUHo1Z2FEREgtWEhYWnM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9jNDkxNzItZjhkYS00MTI4LTg2ODkt
NTE1ODQ1ZTZjMzE3LzEvSUNKRmNOVHd2Qm9UeFI3M2g2UkZDMDlyamNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9jNDkxNzItZjhkYS00MTI4LTg2ODktNTE1ODQ1ZTZjMzE3
LzEvd1FXdHhjUW1MZjlyUHo1Z2FEREgtWEhYWnM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw3t6MA0G
CSqGSIb3DQEBCwUAA4IBAQBeuwLIGn5pfAGFZzV2LyWIUZXmLxBTlwrnRpvyUQUT
E55ESUkJbLwkw5DDPZ0EWhxBePX+DXuFHNLuF9eZ+AAGDmLaoE0NVtCc1yMp317s
RNE2w5Rmow8jR0H+ImGC+4fgNKU5JGE2hXkOdb/wNX/eHld2hyjnNZH7DF+ZbmlP
Pa9QBRu1vgdcmQ4uCAyOKHkSnW4NUbxtLKxpySbsS2LFkZTnu9SvRxOcWmG+0f3w
kHnj7OnkJApkU2pqSYVAwL7TQ3dWfFIvGGZjkEGHx7eYavj6b+Dy2teL7TfYSZh7
lVFi1CjxrTyapFCU7INuoj4fyXxAC5Ngm0joAcwgvoh6
-----END CERTIFICATE-----
Generated at Sat Apr 19 02:41:59 2025 by rpki-client