Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/e95e79-2702-40e0-9b8a-e7717b287066/1/R1gidcfPTDL9l_CbPS671EyX5iY.roa
File: R1gidcfPTDL9l_CbPS671EyX5iY.roa (raw, json)
Hash identifier: c4a4L7/lsOBY0SjW+Je19dj12ru5NWUKEP164tb+S4Q=
Subject key identifier: 47:58:22:75:C7:CF:4C:32:FD:97:F0:9B:3D:2E:BB:D4:4C:97:E6:26
Certificate issuer: /CN=c2ce0814167eaa8189fd84d390270eadf29482cb
Certificate serial: 0194214430B5818C7D6777FA2E55DFE73C0A
Authority key identifier: C2:CE:08:14:16:7E:AA:81:89:FD:84:D3:90:27:0E:AD:F2:94:82:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ws4IFBZ-qoGJ_YTTkCcOrfKUgss.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/e95e79-2702-40e0-9b8a-e7717b287066/1/R1gidcfPTDL9l_CbPS671EyX5iY.roa
Signing time: Wed 01 Jan 2025 09:48:24 +0000
ROA not before: Wed 01 Jan 2025 09:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210220
IP address blocks: 178.218.244.0/22 maxlen: 22
193.162.101.0/24 maxlen: 24
2a0d:bfc0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/e95e79-2702-40e0-9b8a-e7717b287066/1/ws4IFBZ-qoGJ_YTTkCcOrfKUgss.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/e95e79-2702-40e0-9b8a-e7717b287066/1/ws4IFBZ-qoGJ_YTTkCcOrfKUgss.mft
rsync://rpki.ripe.net/repository/DEFAULT/ws4IFBZ-qoGJ_YTTkCcOrfKUgss.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Mar 2025 03:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:30:b5:81:8c:7d:67:77:fa:2e:55:df:e7:3c:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2ce0814167eaa8189fd84d390270eadf29482cb
Validity
Not Before: Jan 1 09:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=47582275c7cf4c32fd97f09b3d2ebbd44c97e626
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:74:b4:bc:8a:cb:6b:4f:54:e5:d4:f3:ce:4c:
4a:71:30:6d:0f:26:3e:0f:70:7d:94:31:96:aa:43:
94:b3:6a:10:86:24:48:80:7b:75:29:5e:d9:82:50:
62:47:35:4a:75:db:bb:16:3f:cf:4a:99:24:17:b3:
3e:e9:b2:05:60:71:94:b5:a4:9b:85:45:45:ea:b5:
7f:bf:27:93:54:99:6e:e7:88:45:25:50:ec:03:09:
bc:30:94:dc:31:2c:5b:82:69:9a:9c:c7:d7:d5:9e:
82:45:4a:23:f6:79:13:78:fd:24:86:48:ef:d2:6d:
19:9c:fe:da:0e:f7:9d:f4:65:1d:52:b5:93:56:cd:
c4:be:98:9d:2f:d4:da:52:ec:38:78:fd:96:bf:b9:
84:e9:de:b3:6c:f2:0f:80:9a:7e:5d:82:ee:7a:b1:
44:7b:9c:0c:ca:0d:84:1e:4f:46:7e:84:b0:9f:9d:
ef:2e:96:ab:14:62:2a:85:e1:a7:24:62:6c:f6:8e:
38:d8:b0:f4:5c:28:4b:46:54:3c:73:99:f3:e4:d6:
c7:e1:15:a5:bd:77:9f:60:ad:ae:08:55:25:56:19:
62:19:03:e7:f6:49:98:29:56:2b:fc:79:3b:ba:48:
1a:54:dc:a2:d2:42:16:f1:28:34:6f:48:ac:1e:37:
87:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:58:22:75:C7:CF:4C:32:FD:97:F0:9B:3D:2E:BB:D4:4C:97:E6:26
X509v3 Authority Key Identifier:
keyid:C2:CE:08:14:16:7E:AA:81:89:FD:84:D3:90:27:0E:AD:F2:94:82:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ws4IFBZ-qoGJ_YTTkCcOrfKUgss.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e95e79-2702-40e0-9b8a-e7717b287066/1/R1gidcfPTDL9l_CbPS671EyX5iY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e95e79-2702-40e0-9b8a-e7717b287066/1/ws4IFBZ-qoGJ_YTTkCcOrfKUgss.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.218.244.0/22
193.162.101.0/24
IPv6:
2a0d:bfc0::/32
Signature Algorithm: sha256WithRSAEncryption
4f:d3:a1:85:aa:5b:41:47:7c:e7:18:63:f2:fc:dd:87:2c:c4:
4e:bf:80:b2:90:7a:3a:17:c5:d9:c6:12:a6:fa:19:c0:f9:58:
d6:92:a3:3e:52:44:e2:33:f6:53:26:7d:fd:be:b9:8f:f8:56:
89:c5:ca:3a:78:9e:98:e8:6f:d7:46:49:d1:5f:32:cc:9e:3f:
33:98:9c:3f:04:d2:b3:71:77:15:03:bf:bf:15:2f:c5:15:14:
ce:d4:b8:79:43:da:70:86:22:6f:48:31:44:3d:7a:a1:90:95:
db:17:ec:f4:c4:b3:bd:99:6e:18:db:dd:15:13:5f:dd:ae:5d:
27:10:2d:b1:25:2f:ea:2c:02:c4:ef:49:56:2b:59:6f:3d:bf:
d9:c4:25:1e:4f:7a:ee:d8:4a:2a:6b:6e:b9:ef:e4:a0:07:f6:
d0:45:b9:03:6f:c0:36:66:4b:7f:34:1f:81:54:66:6c:2f:df:
fa:29:68:94:fd:c3:5b:90:b6:2f:40:08:93:5b:74:b7:ba:35:
87:a4:fd:02:e2:a1:6d:21:d9:df:78:34:df:ef:67:fa:3a:6a:
0a:7d:2d:72:06:ce:70:da:b9:21:29:77:fa:26:74:e4:f6:65:
5a:43:45:1b:f8:8f:aa:40:7b:97:7b:70:68:10:54:eb:c8:a1:
e6:1f:d4:3f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQhRDC1gYx9Z3f6LlXf5zwKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyY2UwODE0MTY3ZWFhODE4OWZkODRkMzkwMjcwZWFkZjI5
NDgyY2IwHhcNMjUwMTAxMDk0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzU4MjI3NWM3Y2Y0YzMyZmQ5N2YwOWIzZDJlYmJkNDRjOTdlNjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAznS0vIrLa09U5dTzzkxKcTBtDyY+
D3B9lDGWqkOUs2oQhiRIgHt1KV7ZglBiRzVKddu7Fj/PSpkkF7M+6bIFYHGUtaSb
hUVF6rV/vyeTVJlu54hFJVDsAwm8MJTcMSxbgmmanMfX1Z6CRUoj9nkTeP0khkjv
0m0ZnP7aDved9GUdUrWTVs3EvpidL9TaUuw4eP2Wv7mE6d6zbPIPgJp+XYLuerFE
e5wMyg2EHk9GfoSwn53vLparFGIqheGnJGJs9o442LD0XChLRlQ8c5nz5NbH4RWl
vXefYK2uCFUlVhliGQPn9kmYKVYr/Hk7ukgaVNyi0kIW8Sg0b0isHjeHxQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEdYInXHz0wy/Zfwmz0uu9RMl+YmMB8GA1UdIwQY
MBaAFMLOCBQWfqqBif2E05AnDq3ylILLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3M0SUZCWi1xb0dKX1lUVGtDY09yZktVZ3NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9lOTVlNzktMjcwMi00MGUwLTliOGEt
ZTc3MTdiMjg3MDY2LzEvUjFnaWRjZlBUREw5bF9DYlBTNjcxRXlYNWlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9lOTVlNzktMjcwMi00MGUwLTliOGEtZTc3MTdiMjg3MDY2
LzEvd3M0SUZCWi1xb0dKX1lUVGtDY09yZktVZ3NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCstr0AwQA
waJlMA0EAgACMAcDBQAqDb/AMA0GCSqGSIb3DQEBCwUAA4IBAQBP06GFqltBR3zn
GGPy/N2HLMROv4CykHo6F8XZxhKm+hnA+VjWkqM+UkTiM/ZTJn39vrmP+FaJxco6
eJ6Y6G/XRknRXzLMnj8zmJw/BNKzcXcVA7+/FS/FFRTO1Lh5Q9pwhiJvSDFEPXqh
kJXbF+z0xLO9mW4Y290VE1/drl0nEC2xJS/qLALE70lWK1lvPb/ZxCUeT3ru2Eoq
a2657+SgB/bQRbkDb8A2Zkt/NB+BVGZsL9/6KWiU/cNbkLYvQAiTW3S3ujWHpP0C
4qFtIdnfeDTf72f6OmoKfS1yBs5w2rkhKXf6JnTk9mVaQ0Ub+I+qQHuXe3BoEFTr
yKHmH9Q/
-----END CERTIFICATE-----
Generated at Fri Mar 14 12:09:55 2025 by rpki-client