Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/d92919-962b-448d-98db-5990ea58e030/1/a5Civ4TQY8vU2rue9PuRjdGc5Mc.roa
File: a5Civ4TQY8vU2rue9PuRjdGc5Mc.roa (raw, json)
Hash identifier: QP4yk7Jx/AL7wrs9Y5ybfTghTEkjk/U3Nsn5OFbBsqk=
Subject key identifier: 6B:90:A2:BF:84:D0:63:CB:D4:DA:BB:9E:F4:FB:91:8D:D1:9C:E4:C7
Certificate issuer: /CN=43c16595966afb0bacf1d7937f245d6a052221a3
Certificate serial: 0194228E16158F831126B236AC37D910460C
Authority key identifier: 43:C1:65:95:96:6A:FB:0B:AC:F1:D7:93:7F:24:5D:6A:05:22:21:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q8FllZZq-wus8deTfyRdagUiIaM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/d92919-962b-448d-98db-5990ea58e030/1/a5Civ4TQY8vU2rue9PuRjdGc5Mc.roa
Signing time: Wed 01 Jan 2025 15:48:44 +0000
ROA not before: Wed 01 Jan 2025 15:48:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60010
IP address blocks: 194.50.196.0/24 maxlen: 24
194.50.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/d92919-962b-448d-98db-5990ea58e030/1/Q8FllZZq-wus8deTfyRdagUiIaM.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/d92919-962b-448d-98db-5990ea58e030/1/Q8FllZZq-wus8deTfyRdagUiIaM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q8FllZZq-wus8deTfyRdagUiIaM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 06:01:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:16:15:8f:83:11:26:b2:36:ac:37:d9:10:46:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43c16595966afb0bacf1d7937f245d6a052221a3
Validity
Not Before: Jan 1 15:48:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6b90a2bf84d063cbd4dabb9ef4fb918dd19ce4c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:b7:53:1f:86:5e:77:e1:a1:66:9c:66:fc:a2:
79:85:4f:09:de:2a:7e:af:99:18:b7:14:62:0d:bb:
d5:bb:8a:ed:c5:53:01:1a:00:9b:c7:91:43:46:bc:
b9:19:fb:93:2b:68:52:fc:34:0e:31:22:64:ec:98:
c6:66:2f:e3:7e:35:e3:6f:ae:0b:08:16:5a:ca:f8:
a8:e2:0a:d4:f4:80:8d:b5:c3:7c:f0:9c:8a:70:0e:
a5:9e:66:4f:15:b7:02:88:71:0c:07:97:2f:3b:b4:
b0:76:d8:c5:eb:65:ef:1c:08:a5:75:e2:e1:bd:2d:
16:48:52:46:87:3e:5e:ee:bb:95:e6:9e:6d:d2:4e:
d4:c7:4e:32:fa:23:de:16:08:1f:e3:56:b0:ad:23:
8a:21:18:a1:3d:b3:61:68:09:f6:e6:ed:ca:d1:dd:
2f:2b:a7:40:15:75:15:92:24:eb:54:e9:d0:d6:92:
b3:2c:aa:bf:5b:c0:2b:7e:77:a1:12:ca:f0:b9:c7:
ef:10:cd:41:ae:cc:6b:b5:3e:6b:fd:8e:9a:af:dc:
2b:33:41:25:73:cd:33:28:3f:48:fb:31:86:d7:f3:
9b:04:7e:fc:70:da:b0:42:e1:72:75:d1:36:40:ff:
ad:bb:10:6d:e8:ca:4f:9b:fb:e4:9b:e9:04:64:c2:
92:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:90:A2:BF:84:D0:63:CB:D4:DA:BB:9E:F4:FB:91:8D:D1:9C:E4:C7
X509v3 Authority Key Identifier:
keyid:43:C1:65:95:96:6A:FB:0B:AC:F1:D7:93:7F:24:5D:6A:05:22:21:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q8FllZZq-wus8deTfyRdagUiIaM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/d92919-962b-448d-98db-5990ea58e030/1/a5Civ4TQY8vU2rue9PuRjdGc5Mc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/d92919-962b-448d-98db-5990ea58e030/1/Q8FllZZq-wus8deTfyRdagUiIaM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.50.196.0/24
194.50.199.0/24
Signature Algorithm: sha256WithRSAEncryption
46:fd:8d:77:3f:bf:51:72:dd:1e:ee:28:7a:4a:38:ef:a0:b5:
76:14:4c:da:05:ab:72:e4:e4:69:d3:5e:1b:92:83:4f:50:87:
ef:47:30:18:73:70:da:b0:0e:11:69:25:73:d8:5d:4f:35:21:
52:97:3b:9b:f6:91:59:f3:68:88:47:ca:b2:40:a4:33:b0:9a:
98:e4:ac:ba:de:a1:8f:1f:45:4e:19:a4:9d:31:06:33:a2:7c:
f7:66:7e:a6:ff:08:38:9c:7b:8b:ae:68:dc:f6:a5:cf:5a:b2:
35:82:9a:88:0b:bd:a7:b8:72:67:d9:7d:70:b8:47:28:b9:6d:
cb:11:95:ba:64:fa:0c:e6:4e:08:aa:0d:1e:51:eb:a9:95:e7:
0a:38:25:95:a0:f5:fa:6a:5d:aa:57:29:2c:5c:4e:37:a3:4f:
86:f5:46:99:78:a1:a0:b6:81:4a:19:29:e9:0d:6b:07:46:03:
30:ec:1e:a7:ec:4d:d3:67:dc:35:0c:8f:df:f0:98:90:e1:56:
74:37:2b:51:8f:89:02:7a:c8:dd:bf:e1:5b:d0:d5:5f:13:54:
d1:c5:70:b3:5b:c8:ce:14:a0:77:46:a5:c6:40:40:a6:93:e0:
ff:ab:5c:e2:65:c9:fa:82:06:9e:0c:f1:42:91:e5:67:bb:64:
4a:d4:16:05
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQijhYVj4MRJrI2rDfZEEYMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzYzE2NTk1OTY2YWZiMGJhY2YxZDc5MzdmMjQ1ZDZhMDUy
MjIxYTMwHhcNMjUwMTAxMTU0ODQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjkwYTJiZjg0ZDA2M2NiZDRkYWJiOWVmNGZiOTE4ZGQxOWNlNGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLdTH4Zed+GhZpxm/KJ5hU8J3ip+
r5kYtxRiDbvVu4rtxVMBGgCbx5FDRry5GfuTK2hS/DQOMSJk7JjGZi/jfjXjb64L
CBZayvio4grU9ICNtcN88JyKcA6lnmZPFbcCiHEMB5cvO7SwdtjF62XvHAildeLh
vS0WSFJGhz5e7ruV5p5t0k7Ux04y+iPeFggf41awrSOKIRihPbNhaAn25u3K0d0v
K6dAFXUVkiTrVOnQ1pKzLKq/W8ArfnehEsrwucfvEM1BrsxrtT5r/Y6ar9wrM0El
c80zKD9I+zGG1/ObBH78cNqwQuFyddE2QP+tuxBt6MpPm/vkm+kEZMKSrQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGuQor+E0GPL1Nq7nvT7kY3RnOTHMB8GA1UdIwQY
MBaAFEPBZZWWavsLrPHXk38kXWoFIiGjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUThGbGxaWnEtd3VzOGRlVGZ5UmRhZ1VpSWFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9kOTI5MTktOTYyYi00NDhkLTk4ZGIt
NTk5MGVhNThlMDMwLzEvYTVDaXY0VFFZOHZVMnJ1ZTlQdVJqZEdjNU1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9kOTI5MTktOTYyYi00NDhkLTk4ZGItNTk5MGVhNThlMDMw
LzEvUThGbGxaWnEtd3VzOGRlVGZ5UmRhZ1VpSWFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwjLEAwQA
wjLHMA0GCSqGSIb3DQEBCwUAA4IBAQBG/Y13P79Rct0e7ih6SjjvoLV2FEzaBaty
5ORp014bkoNPUIfvRzAYc3DasA4RaSVz2F1PNSFSlzub9pFZ82iIR8qyQKQzsJqY
5Ky63qGPH0VOGaSdMQYzonz3Zn6m/wg4nHuLrmjc9qXPWrI1gpqIC72nuHJn2X1w
uEcouW3LEZW6ZPoM5k4Iqg0eUeuplecKOCWVoPX6al2qVyksXE43o0+G9UaZeKGg
toFKGSnpDWsHRgMw7B6n7E3TZ9w1DI/f8JiQ4VZ0NytRj4kCesjdv+Fb0NVfE1TR
xXCzW8jOFKB3RqXGQECmk+D/q1ziZcn6ggaeDPFCkeVnu2RK1BYF
-----END CERTIFICATE-----
Generated at Mon Apr 7 15:51:17 2025 by rpki-client