Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/7d8900-be76-40e2-8c99-70f943eac4db/1/fCZrKI-6j3JypnfEm5_gs1n5dFw.roa
File: fCZrKI-6j3JypnfEm5_gs1n5dFw.roa (raw, json)
Hash identifier: iZ/p7v8ZHeoQxTyUiH1KnvRb3hj8zk8sCV0wmzxeW2k=
Subject key identifier: 7C:26:6B:28:8F:BA:8F:72:72:A6:77:C4:9B:9F:E0:B3:59:F9:74:5C
Certificate issuer: /CN=89693344638acb0536582fab089876578ef6bc56
Certificate serial: 019427473CDFA700F7FAE06C1978F60644F0
Authority key identifier: 89:69:33:44:63:8A:CB:05:36:58:2F:AB:08:98:76:57:8E:F6:BC:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iWkzRGOKywU2WC-rCJh2V472vFY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/7d8900-be76-40e2-8c99-70f943eac4db/1/fCZrKI-6j3JypnfEm5_gs1n5dFw.roa
Signing time: Thu 02 Jan 2025 13:49:27 +0000
ROA not before: Thu 02 Jan 2025 13:49:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48890
IP address blocks: 193.23.142.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/7d8900-be76-40e2-8c99-70f943eac4db/1/iWkzRGOKywU2WC-rCJh2V472vFY.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/7d8900-be76-40e2-8c99-70f943eac4db/1/iWkzRGOKywU2WC-rCJh2V472vFY.mft
rsync://rpki.ripe.net/repository/DEFAULT/iWkzRGOKywU2WC-rCJh2V472vFY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:3c:df:a7:00:f7:fa:e0:6c:19:78:f6:06:44:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89693344638acb0536582fab089876578ef6bc56
Validity
Not Before: Jan 2 13:49:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7c266b288fba8f7272a677c49b9fe0b359f9745c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:6d:98:27:ee:9b:6a:44:18:30:6d:c7:5e:e6:
1c:67:37:8b:82:20:45:22:76:28:17:67:2e:d4:c4:
ec:b3:38:1c:fd:85:63:b6:5a:3b:22:f5:be:91:83:
51:95:07:dd:e7:f1:3f:f3:d6:97:5d:82:47:ba:17:
3d:ba:05:20:7e:e1:11:b3:61:4b:0f:dc:3e:10:6b:
c2:43:04:cf:be:5d:6f:8d:74:19:dc:3c:39:70:7f:
60:bc:33:8a:ea:ea:94:78:8a:ff:91:64:ce:51:f1:
69:ad:60:7d:67:15:69:b2:3f:21:2a:44:8d:f1:24:
74:88:c8:b3:0b:e4:36:31:6f:4b:07:84:5f:68:ac:
a0:e0:c0:4f:bd:ee:bf:9e:e2:f4:c7:b7:c5:eb:ba:
06:3e:dc:46:41:28:53:75:e0:63:77:96:63:b9:05:
f0:41:b9:95:1d:14:66:31:45:02:2a:23:6b:a0:56:
00:c2:9a:69:72:f0:90:e1:cf:bf:8f:5c:4b:77:27:
51:4c:5e:3f:61:fe:33:8e:b3:b4:de:8a:c4:e5:e1:
56:89:36:10:ed:e8:21:bb:40:ea:bc:a1:11:a4:24:
fe:e6:fa:6b:e3:f2:53:d1:fe:de:cf:d1:d3:85:bf:
ad:9e:b5:89:4f:74:58:e7:ca:81:df:db:01:8f:81:
71:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:26:6B:28:8F:BA:8F:72:72:A6:77:C4:9B:9F:E0:B3:59:F9:74:5C
X509v3 Authority Key Identifier:
keyid:89:69:33:44:63:8A:CB:05:36:58:2F:AB:08:98:76:57:8E:F6:BC:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iWkzRGOKywU2WC-rCJh2V472vFY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/7d8900-be76-40e2-8c99-70f943eac4db/1/fCZrKI-6j3JypnfEm5_gs1n5dFw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/7d8900-be76-40e2-8c99-70f943eac4db/1/iWkzRGOKywU2WC-rCJh2V472vFY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.23.142.0/24
Signature Algorithm: sha256WithRSAEncryption
71:b2:09:6c:3a:dd:b7:3c:08:b8:c1:a2:cd:b1:4c:97:4f:33:
46:01:b9:78:e8:5f:d1:37:ce:dd:66:e8:c5:81:11:4b:37:06:
e2:4c:1a:2e:de:ff:47:74:8b:25:ab:9c:41:d8:3e:5b:1b:28:
8d:88:e6:19:1f:bc:f6:5c:13:59:e3:51:cd:a9:96:27:60:d2:
1f:2e:2d:74:bd:d7:9e:21:f1:bd:35:55:3b:87:4f:08:88:de:
88:83:2f:8c:9f:5a:d1:7f:a9:14:f5:68:9d:ac:8e:52:70:62:
41:bc:84:ce:c4:04:3d:3e:7e:98:77:97:24:a5:db:94:11:16:
f2:4c:b4:00:1f:e0:8b:52:bb:1f:33:1b:06:55:c0:ed:eb:5b:
b2:38:5c:26:45:53:42:f1:a5:f4:5f:3f:87:a8:87:75:7e:1b:
d8:82:31:88:a9:b9:fa:c6:dd:af:9b:05:57:8d:83:3a:51:09:
bd:2a:57:b9:8c:9d:d6:5a:73:b5:94:f0:0f:b8:dc:cb:f5:bd:
07:15:71:cb:66:4e:4a:3e:07:e9:9c:c4:9a:01:dd:3d:77:a8:
99:7d:9a:62:ad:b1:7a:ea:e7:c7:3a:0c:21:3c:26:79:e4:ac:
d4:71:a4:f2:82:67:78:08:0e:75:32:e5:29:fd:b8:c7:75:91:
75:66:ed:e9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnRzzfpwD3+uBsGXj2BkTwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5NjkzMzQ0NjM4YWNiMDUzNjU4MmZhYjA4OTg3NjU3OGVm
NmJjNTYwHhcNMjUwMTAyMTM0OTI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzI2NmIyODhmYmE4ZjcyNzJhNjc3YzQ5YjlmZTBiMzU5Zjk3NDVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA022YJ+6bakQYMG3HXuYcZzeLgiBF
InYoF2cu1MTsszgc/YVjtlo7IvW+kYNRlQfd5/E/89aXXYJHuhc9ugUgfuERs2FL
D9w+EGvCQwTPvl1vjXQZ3Dw5cH9gvDOK6uqUeIr/kWTOUfFprWB9ZxVpsj8hKkSN
8SR0iMizC+Q2MW9LB4RfaKyg4MBPve6/nuL0x7fF67oGPtxGQShTdeBjd5ZjuQXw
QbmVHRRmMUUCKiNroFYAwpppcvCQ4c+/j1xLdydRTF4/Yf4zjrO03orE5eFWiTYQ
7eghu0DqvKERpCT+5vpr4/JT0f7ez9HThb+tnrWJT3RY58qB39sBj4FxZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHwmayiPuo9ycqZ3xJuf4LNZ+XRcMB8GA1UdIwQY
MBaAFIlpM0RjissFNlgvqwiYdleO9rxWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVdrelJHT0t5d1UyV0MtckNKaDJWNDcydkZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi83ZDg5MDAtYmU3Ni00MGUyLThjOTkt
NzBmOTQzZWFjNGRiLzEvZkNacktJLTZqM0p5cG5mRW01X2dzMW41ZEZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi83ZDg5MDAtYmU3Ni00MGUyLThjOTktNzBmOTQzZWFjNGRi
LzEvaVdrelJHT0t5d1UyV0MtckNKaDJWNDcydkZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwReOMA0G
CSqGSIb3DQEBCwUAA4IBAQBxsglsOt23PAi4waLNsUyXTzNGAbl46F/RN87dZujF
gRFLNwbiTBou3v9HdIslq5xB2D5bGyiNiOYZH7z2XBNZ41HNqZYnYNIfLi10vdee
IfG9NVU7h08IiN6Igy+Mn1rRf6kU9WidrI5ScGJBvITOxAQ9Pn6Yd5ckpduUERby
TLQAH+CLUrsfMxsGVcDt61uyOFwmRVNC8aX0Xz+HqId1fhvYgjGIqbn6xt2vmwVX
jYM6UQm9Kle5jJ3WWnO1lPAPuNzL9b0HFXHLZk5KPgfpnMSaAd09d6iZfZpirbF6
6ufHOgwhPCZ55KzUcaTygmd4CA51MuUp/bjHdZF1Zu3p
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:57:35 2025 by rpki-client