Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/d1faa9-b5a3-4d49-868a-7c7bf27175c5/1/RxvxoSUMcjsvgAPic2794mkbMvs.roa
File: RxvxoSUMcjsvgAPic2794mkbMvs.roa (raw, json)
Hash identifier: kycmfx+NN1YYypIjT5JTo0s/Jx/l1lb8yLyPLCC/DTI=
Subject key identifier: 47:1B:F1:A1:25:0C:72:3B:2F:80:03:E2:73:6E:FD:E2:69:1B:32:FB
Certificate issuer: /CN=ac9e2efcdc213ac5b1b0879d922a178b850f451f
Certificate serial: 0194266A213DC3A9D9FE779F963FDA250117
Authority key identifier: AC:9E:2E:FC:DC:21:3A:C5:B1:B0:87:9D:92:2A:17:8B:85:0F:45:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rJ4u_NwhOsWxsIedkioXi4UPRR8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/d1faa9-b5a3-4d49-868a-7c7bf27175c5/1/RxvxoSUMcjsvgAPic2794mkbMvs.roa
Signing time: Thu 02 Jan 2025 09:47:57 +0000
ROA not before: Thu 02 Jan 2025 09:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24763
IP address blocks: 193.56.124.0/24 maxlen: 24
193.56.131.0/24 maxlen: 24
2a00:4f40:fffe::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/d1faa9-b5a3-4d49-868a-7c7bf27175c5/1/rJ4u_NwhOsWxsIedkioXi4UPRR8.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/d1faa9-b5a3-4d49-868a-7c7bf27175c5/1/rJ4u_NwhOsWxsIedkioXi4UPRR8.mft
rsync://rpki.ripe.net/repository/DEFAULT/rJ4u_NwhOsWxsIedkioXi4UPRR8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6a:21:3d:c3:a9:d9:fe:77:9f:96:3f:da:25:01:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac9e2efcdc213ac5b1b0879d922a178b850f451f
Validity
Not Before: Jan 2 09:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=471bf1a1250c723b2f8003e2736efde2691b32fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:3d:1e:12:a9:88:8e:65:22:03:8d:1c:6e:e4:
d6:83:73:6e:ac:fe:a0:29:09:56:3c:ea:89:61:6a:
de:41:17:89:6a:d4:ab:31:5a:ab:52:6d:b8:b8:44:
c1:b2:17:4d:1e:62:62:d3:ba:c8:3f:82:83:3f:8c:
9b:c9:a8:ff:8a:4e:cc:8d:78:6e:1f:c8:de:82:77:
d2:c1:30:f8:09:18:eb:ee:02:35:12:8c:d4:73:7d:
75:bd:45:0c:81:dc:7b:90:2a:4a:c1:3b:08:e3:9d:
52:99:07:8e:8f:be:3d:d3:c6:77:cb:e3:29:4c:9f:
9b:ce:e4:10:87:b9:87:ba:f0:5d:f6:fd:50:01:a2:
7a:e0:96:3a:30:d6:18:4a:61:72:df:69:74:31:88:
cd:08:77:bf:fb:40:da:de:cd:bf:33:76:46:f4:8b:
09:6c:cd:29:5e:6a:78:f6:ef:e5:b9:9d:3f:33:12:
f7:d6:ee:3d:ee:57:e8:76:87:42:18:21:94:eb:35:
b1:df:2f:e2:13:50:f6:4a:2f:21:cf:20:6e:8d:80:
c6:3d:2e:e2:01:cb:53:c3:4e:24:33:b8:0f:2c:51:
be:0c:a6:17:90:0f:b5:0b:ea:8b:b4:de:e3:d1:0d:
25:d7:3d:e2:54:2e:e4:7b:eb:7e:72:ec:f9:24:ba:
c5:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:1B:F1:A1:25:0C:72:3B:2F:80:03:E2:73:6E:FD:E2:69:1B:32:FB
X509v3 Authority Key Identifier:
keyid:AC:9E:2E:FC:DC:21:3A:C5:B1:B0:87:9D:92:2A:17:8B:85:0F:45:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rJ4u_NwhOsWxsIedkioXi4UPRR8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/d1faa9-b5a3-4d49-868a-7c7bf27175c5/1/RxvxoSUMcjsvgAPic2794mkbMvs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/d1faa9-b5a3-4d49-868a-7c7bf27175c5/1/rJ4u_NwhOsWxsIedkioXi4UPRR8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.56.124.0/24
193.56.131.0/24
IPv6:
2a00:4f40:fffe::/48
Signature Algorithm: sha256WithRSAEncryption
7a:e7:d4:e6:8b:f4:79:73:35:2e:91:4f:93:3d:e1:4b:ab:18:
73:e6:dd:a3:fd:52:fc:ee:87:1a:ad:5b:42:38:0b:fd:57:ad:
0d:6d:66:0e:d3:8b:24:84:b6:20:75:08:f7:b5:8d:9d:44:94:
83:89:1b:8c:45:b8:3c:b9:da:22:52:62:44:9a:23:b9:37:23:
b4:25:c3:74:1b:a2:43:3d:0e:90:0f:f7:71:22:f5:6e:31:46:
05:90:08:26:ed:b6:35:2f:1e:93:29:e9:08:b2:c1:50:87:c9:
7f:85:c6:d6:c8:25:36:1a:bd:a5:0e:b3:00:97:ee:76:2d:8b:
da:92:ad:58:07:8b:6a:1d:9b:f0:00:6a:ac:a0:bf:ac:b0:0d:
c0:a0:4a:95:0a:e0:88:63:b8:b6:4d:ad:0b:81:c2:88:a5:3f:
c2:35:32:9d:3d:95:fa:7e:7e:fc:db:69:00:3b:46:a2:e6:28:
de:ed:60:28:24:23:31:d0:6f:a0:21:e2:59:19:c6:c2:bf:a2:
8b:78:b7:52:f0:bf:63:3a:57:b5:76:4c:f5:59:77:ab:53:d0:
73:53:c1:57:e4:92:6a:44:bc:2d:51:74:fa:32:13:30:df:e6:
39:77:27:ac:a3:01:83:9e:ca:43:7b:c2:e8:f9:7b:d7:0a:ec:
58:ce:79:70
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQmaiE9w6nZ/neflj/aJQEXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjOWUyZWZjZGMyMTNhYzViMWIwODc5ZDkyMmExNzhiODUw
ZjQ1MWYwHhcNMjUwMTAyMDk0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzFiZjFhMTI1MGM3MjNiMmY4MDAzZTI3MzZlZmRlMjY5MWIzMmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsD0eEqmIjmUiA40cbuTWg3NurP6g
KQlWPOqJYWreQReJatSrMVqrUm24uETBshdNHmJi07rIP4KDP4ybyaj/ik7MjXhu
H8jegnfSwTD4CRjr7gI1EozUc311vUUMgdx7kCpKwTsI451SmQeOj74908Z3y+Mp
TJ+bzuQQh7mHuvBd9v1QAaJ64JY6MNYYSmFy32l0MYjNCHe/+0Da3s2/M3ZG9IsJ
bM0pXmp49u/luZ0/MxL31u497lfododCGCGU6zWx3y/iE1D2Si8hzyBujYDGPS7i
ActTw04kM7gPLFG+DKYXkA+1C+qLtN7j0Q0l1z3iVC7ke+t+cuz5JLrFaQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFEcb8aElDHI7L4AD4nNu/eJpGzL7MB8GA1UdIwQY
MBaAFKyeLvzcITrFsbCHnZIqF4uFD0UfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcko0dV9Od2hPc1d4c0llZGtpb1hpNFVQUlI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9kMWZhYTktYjVhMy00ZDQ5LTg2OGEt
N2M3YmYyNzE3NWM1LzEvUnh2eG9TVU1janN2Z0FQaWMyNzk0bWtiTXZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9kMWZhYTktYjVhMy00ZDQ5LTg2OGEtN2M3YmYyNzE3NWM1
LzEvcko0dV9Od2hPc1d4c0llZGtpb1hpNFVQUlI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAwTh8AwQA
wTiDMA8EAgACMAkDBwAqAE9A//4wDQYJKoZIhvcNAQELBQADggEBAHrn1OaL9Hlz
NS6RT5M94UurGHPm3aP9UvzuhxqtW0I4C/1XrQ1tZg7TiySEtiB1CPe1jZ1ElIOJ
G4xFuDy52iJSYkSaI7k3I7Qlw3QbokM9DpAP93Ei9W4xRgWQCCbttjUvHpMp6Qiy
wVCHyX+FxtbIJTYavaUOswCX7nYti9qSrVgHi2odm/AAaqygv6ywDcCgSpUK4Ihj
uLZNrQuBwoilP8I1Mp09lfp+fvzbaQA7RqLmKN7tYCgkIzHQb6Ah4lkZxsK/oot4
t1Lwv2M6V7V2TPVZd6tT0HNTwVfkkmpEvC1RdPoyEzDf5jl3J6yjAYOeykN7wuj5
e9cK7FjOeXA=
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:53:08 2025 by rpki-client