Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/3887e4-b598-45e3-8d85-2210ed9d0861/1/tQOCxRT0aCE_1_qk1kC7RdCFOSc.roa
File: tQOCxRT0aCE_1_qk1kC7RdCFOSc.roa (raw, json)
Hash identifier: n1WxYWjnXTsr8gKXroY5cgEaMb8X/+3xuLpCg/Qcbnk=
Subject key identifier: B5:03:82:C5:14:F4:68:21:3F:D7:FA:A4:D6:40:BB:45:D0:85:39:27
Certificate issuer: /CN=b68f8f32514a183e977a3c7df36473d56260c4a4
Certificate serial: 019420D5E267E342B29CAAD547E6E42B653B
Authority key identifier: B6:8F:8F:32:51:4A:18:3E:97:7A:3C:7D:F3:64:73:D5:62:60:C4:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/to-PMlFKGD6Xejx982Rz1WJgxKQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/3887e4-b598-45e3-8d85-2210ed9d0861/1/tQOCxRT0aCE_1_qk1kC7RdCFOSc.roa
Signing time: Wed 01 Jan 2025 07:47:55 +0000
ROA not before: Wed 01 Jan 2025 07:47:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1759
IP address blocks: 193.142.26.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/3887e4-b598-45e3-8d85-2210ed9d0861/1/to-PMlFKGD6Xejx982Rz1WJgxKQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/ea/3887e4-b598-45e3-8d85-2210ed9d0861/1/to-PMlFKGD6Xejx982Rz1WJgxKQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/to-PMlFKGD6Xejx982Rz1WJgxKQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 04:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:e2:67:e3:42:b2:9c:aa:d5:47:e6:e4:2b:65:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b68f8f32514a183e977a3c7df36473d56260c4a4
Validity
Not Before: Jan 1 07:47:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b50382c514f468213fd7faa4d640bb45d0853927
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:6b:f1:93:c5:77:4b:ad:f5:db:8a:7f:f0:f6:
73:99:bd:bc:f4:d3:ed:b0:1f:53:b9:2f:38:20:28:
41:bc:c5:37:80:37:eb:a6:d6:ec:7e:ae:8a:74:71:
34:72:94:5b:51:cc:bb:ee:cc:10:ca:74:d2:91:55:
1b:69:23:08:26:72:e3:c5:46:22:fe:80:f7:c0:a2:
2e:21:f4:7a:b5:d9:ad:92:08:53:dc:3f:bd:69:dc:
96:d9:ca:9c:b6:24:b2:dc:dd:b8:c4:34:35:3c:e6:
e1:8b:d4:21:cf:f1:83:02:b3:cb:74:33:79:12:84:
6e:54:5c:b8:f6:52:e1:bd:85:02:94:48:6b:82:ef:
23:4c:9b:b9:2e:b6:9a:1d:e2:15:33:05:a1:eb:4d:
e5:d5:e2:48:19:6d:5c:09:b8:a6:52:30:4f:b6:82:
24:44:e5:13:33:02:a3:c3:11:28:71:1b:a3:7c:11:
ab:32:b6:11:8e:c4:71:33:c2:26:59:5d:1a:28:7c:
b1:81:0d:2f:08:bf:18:19:06:2d:9e:e3:0c:f0:d2:
dc:cc:25:ed:1d:f1:db:b6:01:a0:a4:01:e1:aa:64:
9b:7a:63:50:b5:08:60:52:e5:58:d9:29:47:0e:f8:
17:51:5d:ea:6b:48:9c:f9:cb:8f:fe:ff:2d:d4:9f:
e0:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:03:82:C5:14:F4:68:21:3F:D7:FA:A4:D6:40:BB:45:D0:85:39:27
X509v3 Authority Key Identifier:
keyid:B6:8F:8F:32:51:4A:18:3E:97:7A:3C:7D:F3:64:73:D5:62:60:C4:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/to-PMlFKGD6Xejx982Rz1WJgxKQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/3887e4-b598-45e3-8d85-2210ed9d0861/1/tQOCxRT0aCE_1_qk1kC7RdCFOSc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/3887e4-b598-45e3-8d85-2210ed9d0861/1/to-PMlFKGD6Xejx982Rz1WJgxKQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.142.26.0/24
Signature Algorithm: sha256WithRSAEncryption
53:77:40:5f:87:f0:8d:12:35:2f:29:59:4e:55:18:e6:2c:70:
df:95:76:28:47:25:52:3e:8b:a9:60:c2:f3:db:4d:a2:e3:c1:
b4:99:47:d8:43:fb:47:fc:05:1e:94:c6:68:9d:7a:14:0e:01:
4c:02:3b:cd:93:c3:10:56:b6:88:00:60:69:0a:be:0c:ca:a4:
24:4c:88:c2:7d:4f:46:01:e4:2d:a2:99:e9:65:96:0a:ac:be:
db:fd:8e:ba:8c:f8:20:5a:bd:d2:f2:82:a6:41:99:df:35:d6:
81:6e:ac:2d:67:56:b9:fa:86:ef:e4:aa:97:53:80:39:b1:ab:
37:00:25:07:10:22:ad:46:16:b9:9a:8e:ad:41:a8:c7:57:47:
51:b4:1b:81:f3:9a:26:f0:16:07:eb:21:75:07:56:12:86:97:
82:d5:bf:8c:e9:93:8f:58:81:52:40:9e:73:8b:74:02:6f:4b:
cd:27:ee:25:9a:af:20:fe:e5:77:f3:a4:6e:f0:a6:8a:79:7c:
ed:b5:67:80:14:88:cb:36:d0:40:36:bf:7a:50:5a:5e:da:b4:
32:d6:8a:d4:6d:cf:c9:c7:0c:4d:23:92:d2:15:9d:fc:7c:21:
24:86:11:57:8a:6b:03:a1:b4:e6:5c:10:84:ab:3e:ae:ad:85:
77:40:94:cd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1eJn40KynKrVR+bkK2U7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2OGY4ZjMyNTE0YTE4M2U5NzdhM2M3ZGYzNjQ3M2Q1NjI2
MGM0YTQwHhcNMjUwMTAxMDc0NzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTAzODJjNTE0ZjQ2ODIxM2ZkN2ZhYTRkNjQwYmI0NWQwODUzOTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzGvxk8V3S63124p/8PZzmb289NPt
sB9TuS84IChBvMU3gDfrptbsfq6KdHE0cpRbUcy77swQynTSkVUbaSMIJnLjxUYi
/oD3wKIuIfR6tdmtkghT3D+9adyW2cqctiSy3N24xDQ1PObhi9Qhz/GDArPLdDN5
EoRuVFy49lLhvYUClEhrgu8jTJu5LraaHeIVMwWh603l1eJIGW1cCbimUjBPtoIk
ROUTMwKjwxEocRujfBGrMrYRjsRxM8ImWV0aKHyxgQ0vCL8YGQYtnuMM8NLczCXt
HfHbtgGgpAHhqmSbemNQtQhgUuVY2SlHDvgXUV3qa0ic+cuP/v8t1J/gvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLUDgsUU9GghP9f6pNZAu0XQhTknMB8GA1UdIwQY
MBaAFLaPjzJRShg+l3o8ffNkc9ViYMSkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdG8tUE1sRktHRDZYZWp4OTgyUnoxV0pneEtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8zODg3ZTQtYjU5OC00NWUzLThkODUt
MjIxMGVkOWQwODYxLzEvdFFPQ3hSVDBhQ0VfMV9xazFrQzdSZENGT1NjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8zODg3ZTQtYjU5OC00NWUzLThkODUtMjIxMGVkOWQwODYx
LzEvdG8tUE1sRktHRDZYZWp4OTgyUnoxV0pneEtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwY4aMA0G
CSqGSIb3DQEBCwUAA4IBAQBTd0Bfh/CNEjUvKVlOVRjmLHDflXYoRyVSPoupYMLz
202i48G0mUfYQ/tH/AUelMZonXoUDgFMAjvNk8MQVraIAGBpCr4MyqQkTIjCfU9G
AeQtopnpZZYKrL7b/Y66jPggWr3S8oKmQZnfNdaBbqwtZ1a5+obv5KqXU4A5sas3
ACUHECKtRha5mo6tQajHV0dRtBuB85om8BYH6yF1B1YShpeC1b+M6ZOPWIFSQJ5z
i3QCb0vNJ+4lmq8g/uV386Ru8KaKeXzttWeAFIjLNtBANr96UFpe2rQy1orUbc/J
xwxNI5LSFZ38fCEkhhFXimsDobTmXBCEqz6urYV3QJTN
-----END CERTIFICATE-----
Generated at Tue Apr 15 12:36:11 2025 by rpki-client