Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/a94780-1bf3-467a-9369-e98ff33f697c/1/cOp1cqfBELUzDJ5OCVCcFEeZSnw.roa
File: cOp1cqfBELUzDJ5OCVCcFEeZSnw.roa (raw, json)
Hash identifier: TeUirEuTA43EYVzOUWEt62Nw9bA/6GjvRc1N3Wwsl64=
Subject key identifier: 70:EA:75:72:A7:C1:10:B5:33:0C:9E:4E:09:50:9C:14:47:99:4A:7C
Certificate issuer: /CN=fa6df53c9fd2c5fc74f1db71834d7e46a76e91d7
Certificate serial: 019424B3D735DFE7F3BF1B41CCD0A6E64200
Authority key identifier: FA:6D:F5:3C:9F:D2:C5:FC:74:F1:DB:71:83:4D:7E:46:A7:6E:91:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-m31PJ_Sxfx08dtxg01-Rqdukdc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/a94780-1bf3-467a-9369-e98ff33f697c/1/cOp1cqfBELUzDJ5OCVCcFEeZSnw.roa
Signing time: Thu 02 Jan 2025 01:49:13 +0000
ROA not before: Thu 02 Jan 2025 01:49:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210647
IP address blocks: 193.222.254.0/24 maxlen: 24
2a11:a5c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e3/a94780-1bf3-467a-9369-e98ff33f697c/1/1-m31PJ_Sxfx08dtxg01-Rqdukdc.crl
rsync://rpki.ripe.net/repository/DEFAULT/e3/a94780-1bf3-467a-9369-e98ff33f697c/1/1-m31PJ_Sxfx08dtxg01-Rqdukdc.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-m31PJ_Sxfx08dtxg01-Rqdukdc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 20 Apr 2025 16:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:d7:35:df:e7:f3:bf:1b:41:cc:d0:a6:e6:42:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa6df53c9fd2c5fc74f1db71834d7e46a76e91d7
Validity
Not Before: Jan 2 01:49:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=70ea7572a7c110b5330c9e4e09509c1447994a7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:c6:f5:cc:ac:e0:1e:3f:61:ca:80:5e:f3:1e:
9f:a8:10:4b:e4:fa:28:70:7d:29:30:41:4c:d6:13:
02:d0:8d:2e:a3:33:ac:3c:98:08:f5:c9:ea:e3:47:
f9:1e:87:bf:bc:92:66:c6:c0:9e:45:63:9c:84:8a:
13:c4:72:27:ca:a3:a9:de:45:f9:46:ee:6d:20:e8:
31:8b:68:bd:29:b9:39:62:94:d3:43:2b:77:82:9a:
98:ef:f6:2b:7d:90:9f:16:66:a5:b0:f3:60:46:6c:
d1:cb:c0:28:e3:28:29:55:d1:3f:67:f2:1b:92:8f:
d3:c1:0a:a6:25:ba:6a:f3:a1:1e:fe:51:09:be:7f:
b0:6c:6d:f1:fe:1f:a3:f4:ae:4e:11:f4:d8:5b:4b:
d4:1f:c9:b1:64:4d:47:e0:da:9a:98:da:16:61:c3:
98:38:b8:c4:b0:35:b7:2f:55:8f:d4:98:a1:aa:db:
18:bb:14:6a:d3:57:aa:16:b7:72:1f:90:84:aa:31:
51:b6:07:26:a5:5c:18:fd:9f:cf:06:e4:ff:aa:a2:
16:e7:a0:14:2f:84:a6:4c:67:38:75:56:c2:cf:e8:
3b:9d:40:3c:69:8f:e5:33:1e:37:36:a3:cb:d3:b5:
d1:86:dc:c5:47:48:8f:16:8d:d0:fc:2b:df:93:5f:
f6:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:EA:75:72:A7:C1:10:B5:33:0C:9E:4E:09:50:9C:14:47:99:4A:7C
X509v3 Authority Key Identifier:
keyid:FA:6D:F5:3C:9F:D2:C5:FC:74:F1:DB:71:83:4D:7E:46:A7:6E:91:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-m31PJ_Sxfx08dtxg01-Rqdukdc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/a94780-1bf3-467a-9369-e98ff33f697c/1/cOp1cqfBELUzDJ5OCVCcFEeZSnw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/a94780-1bf3-467a-9369-e98ff33f697c/1/1-m31PJ_Sxfx08dtxg01-Rqdukdc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.222.254.0/24
IPv6:
2a11:a5c0::/29
Signature Algorithm: sha256WithRSAEncryption
9f:3f:61:e0:36:d6:a1:b3:cc:dc:d6:e1:91:33:9b:df:e9:a3:
0b:50:29:2a:4d:6f:4a:21:4e:99:5b:b7:ec:f3:eb:5c:0a:07:
5c:c6:1a:7c:c6:da:ce:eb:69:ad:39:59:0d:60:85:03:a8:17:
3d:be:58:ff:f5:6e:ae:22:ac:48:ce:88:45:ae:51:3d:f8:e3:
cc:7a:43:33:cd:f8:ae:84:2e:59:0f:22:76:07:65:4d:01:39:
60:05:81:b3:34:eb:60:dc:03:c2:d6:92:8f:7f:00:9c:fc:47:
e9:26:7b:5e:ae:ae:ee:ff:29:98:b4:ad:ea:4d:1e:4d:1c:79:
52:db:84:6f:69:ab:31:af:66:47:80:83:06:bc:fc:c5:ea:b2:
a5:60:1d:08:18:ea:fd:57:74:b6:30:0f:68:00:30:5a:3f:09:
cc:e6:33:59:6f:d4:61:5f:b1:49:ce:e1:5f:7a:0c:17:fd:b4:
86:3a:99:5e:1c:2f:d3:63:2a:ec:45:06:19:e2:95:5f:fb:6c:
e0:26:ad:35:f3:e5:bb:ef:bf:28:3d:b2:c4:61:55:f5:18:14:
fa:d2:4b:1e:62:99:36:f9:c3:b9:5d:6d:96:cd:36:5e:bc:f3:
07:17:11:32:a3:01:42:7c:1a:22:c8:6a:dd:2c:aa:39:c3:7c:
23:70:a2:f5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQks9c13+fzvxtBzNCm5kIAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhNmRmNTNjOWZkMmM1ZmM3NGYxZGI3MTgzNGQ3ZTQ2YTc2
ZTkxZDcwHhcNMjUwMTAyMDE0OTEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGVhNzU3MmE3YzExMGI1MzMwYzllNGUwOTUwOWMxNDQ3OTk0YTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzcb1zKzgHj9hyoBe8x6fqBBL5Poo
cH0pMEFM1hMC0I0uozOsPJgI9cnq40f5Hoe/vJJmxsCeRWOchIoTxHInyqOp3kX5
Ru5tIOgxi2i9Kbk5YpTTQyt3gpqY7/YrfZCfFmalsPNgRmzRy8Ao4ygpVdE/Z/Ib
ko/TwQqmJbpq86Ee/lEJvn+wbG3x/h+j9K5OEfTYW0vUH8mxZE1H4NqamNoWYcOY
OLjEsDW3L1WP1JihqtsYuxRq01eqFrdyH5CEqjFRtgcmpVwY/Z/PBuT/qqIW56AU
L4SmTGc4dVbCz+g7nUA8aY/lMx43NqPL07XRhtzFR0iPFo3Q/Cvfk1/2TQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHDqdXKnwRC1MwyeTglQnBRHmUp8MB8GA1UdIwQY
MBaAFPpt9Tyf0sX8dPHbcYNNfkanbpHXMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1tMzFQSl9TeGZ4MDhkdHhnMDEtUnFkdWtkYy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTMvYTk0NzgwLTFiZjMtNDY3YS05MzY5
LWU5OGZmMzNmNjk3Yy8xL2NPcDFjcWZCRUxVekRKNU9DVkNjRkVlWlNudy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTMvYTk0NzgwLTFiZjMtNDY3YS05MzY5LWU5OGZmMzNmNjk3
Yy8xLzEtbTMxUEpfU3hmeDA4ZHR4ZzAxLVJxZHVrZGMuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBADB3v4w
DQQCAAIwBwMFAyoRpcAwDQYJKoZIhvcNAQELBQADggEBAJ8/YeA21qGzzNzW4ZEz
m9/powtQKSpNb0ohTplbt+zz61wKB1zGGnzG2s7raa05WQ1ghQOoFz2+WP/1bq4i
rEjOiEWuUT3448x6QzPN+K6ELlkPInYHZU0BOWAFgbM062DcA8LWko9/AJz8R+km
e16uru7/KZi0repNHk0ceVLbhG9pqzGvZkeAgwa8/MXqsqVgHQgY6v1XdLYwD2gA
MFo/CczmM1lv1GFfsUnO4V96DBf9tIY6mV4cL9NjKuxFBhnilV/7bOAmrTXz5bvv
vyg9ssRhVfUYFPrSSx5imTb5w7ldbZbNNl688wcXETKjAUJ8GiLIat0sqjnDfCNw
ovU=
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:13:38 2025 by rpki-client