Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/a66566-7e32-4976-86ec-2165136c9d9a/1/bPbl9DKxYJUxR3ZUVzukhGWYurM.roa
File: bPbl9DKxYJUxR3ZUVzukhGWYurM.roa (raw, json)
Hash identifier: FAnYMWhXeH8TjI8m2ivn5nzVc0hLKvZ4QbjQQh/aekU=
Subject key identifier: 6C:F6:E5:F4:32:B1:60:95:31:47:76:54:57:3B:A4:84:65:98:BA:B3
Certificate issuer: /CN=dc422c24147ec79fa906464ab143fd47e3beb3a1
Certificate serial: 01942067D02BEDD1B5BAD03AB4BD6909714A
Authority key identifier: DC:42:2C:24:14:7E:C7:9F:A9:06:46:4A:B1:43:FD:47:E3:BE:B3:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3EIsJBR-x5-pBkZKsUP9R-O-s6E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/a66566-7e32-4976-86ec-2165136c9d9a/1/bPbl9DKxYJUxR3ZUVzukhGWYurM.roa
Signing time: Wed 01 Jan 2025 05:47:41 +0000
ROA not before: Wed 01 Jan 2025 05:47:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15576
IP address blocks: 193.47.103.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/a66566-7e32-4976-86ec-2165136c9d9a/1/3EIsJBR-x5-pBkZKsUP9R-O-s6E.crl
rsync://rpki.ripe.net/repository/DEFAULT/ee/a66566-7e32-4976-86ec-2165136c9d9a/1/3EIsJBR-x5-pBkZKsUP9R-O-s6E.mft
rsync://rpki.ripe.net/repository/DEFAULT/3EIsJBR-x5-pBkZKsUP9R-O-s6E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 15 Apr 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:d0:2b:ed:d1:b5:ba:d0:3a:b4:bd:69:09:71:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc422c24147ec79fa906464ab143fd47e3beb3a1
Validity
Not Before: Jan 1 05:47:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6cf6e5f432b1609531477654573ba4846598bab3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:b5:c1:e2:e9:8a:2b:d7:de:52:cd:dc:26:29:
45:ae:3a:54:e1:2b:6f:fe:6d:f5:a6:58:46:da:44:
34:28:e4:dd:dc:82:9a:24:c4:fd:d6:ea:b8:d0:d4:
9f:26:70:2e:29:6a:e7:59:37:58:a4:81:93:73:d1:
87:f7:c6:ca:78:b6:92:bc:0e:5f:01:29:0c:1f:6e:
ef:bc:40:d3:e3:18:45:39:dc:db:5e:7e:91:3d:04:
c7:0c:b4:b2:67:9e:39:11:a6:3f:70:a0:11:2c:0d:
de:c4:d6:69:65:a3:83:c5:4a:99:4e:d8:3d:d9:ae:
61:b1:82:54:c5:7a:b2:88:c0:57:ea:e9:45:92:1b:
08:5a:68:a2:aa:b6:a3:15:db:ce:05:87:e7:a2:e5:
02:e0:3d:32:ae:18:7e:b1:4a:e2:c8:6d:d8:e2:36:
e0:63:d9:79:67:90:eb:c1:7a:0f:85:a0:d6:ee:17:
b5:f6:1c:2d:21:6b:58:3d:eb:ec:84:ab:8e:fe:6c:
8f:18:a9:da:7c:27:ff:c1:c2:95:0a:08:f3:cc:5d:
2d:42:7e:aa:2a:be:73:a6:e6:1d:d6:69:a0:3a:66:
a5:6d:d2:ae:88:56:26:90:65:08:11:77:31:d2:e3:
30:2e:c2:7d:42:6f:74:df:a4:eb:28:69:69:20:0c:
c2:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:F6:E5:F4:32:B1:60:95:31:47:76:54:57:3B:A4:84:65:98:BA:B3
X509v3 Authority Key Identifier:
keyid:DC:42:2C:24:14:7E:C7:9F:A9:06:46:4A:B1:43:FD:47:E3:BE:B3:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3EIsJBR-x5-pBkZKsUP9R-O-s6E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/a66566-7e32-4976-86ec-2165136c9d9a/1/bPbl9DKxYJUxR3ZUVzukhGWYurM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/a66566-7e32-4976-86ec-2165136c9d9a/1/3EIsJBR-x5-pBkZKsUP9R-O-s6E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.47.103.0/24
Signature Algorithm: sha256WithRSAEncryption
69:51:59:2f:e7:e1:a0:96:f0:f7:22:d5:5d:f6:91:0d:6f:0f:
65:b0:97:80:66:cc:47:db:3c:41:90:21:ef:f9:2c:53:e1:9b:
85:7f:da:1e:ab:22:c4:54:10:35:4a:f9:4a:a0:ee:20:e1:7e:
c7:82:55:2d:e1:e2:09:80:83:e9:e7:c9:73:c4:03:c5:26:30:
43:66:ee:31:0e:ba:14:22:4e:c8:e1:1d:8e:46:f2:97:13:66:
b7:4d:12:52:b3:d7:d1:ea:b5:75:f2:0b:aa:37:86:c4:cd:3d:
fc:0c:04:f5:9b:6e:38:07:92:bf:68:a5:f4:7f:10:93:43:9f:
17:94:e5:bd:05:ee:3c:32:7c:5a:42:59:57:10:92:98:c5:1b:
75:7a:54:dd:bd:7b:6b:da:82:9b:23:80:f4:30:3f:cb:2d:d2:
2b:6f:a2:ca:b5:7d:6e:18:65:18:6c:78:a7:74:1e:6d:24:7b:
53:3e:54:8e:e4:bc:98:7f:60:c7:14:4f:8c:6e:d5:a6:44:db:
e4:5d:d2:e7:7d:ab:d3:57:f5:fb:71:62:c9:18:a2:ae:df:47:
85:45:2b:58:a3:43:58:d8:ee:9b:4c:9f:53:eb:fe:12:c8:a9:
85:37:47:6a:0b:e8:87:e2:69:8a:ab:a0:e2:0a:8b:29:18:2b:
d2:b7:fb:6a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgZ9Ar7dG1utA6tL1pCXFKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNDIyYzI0MTQ3ZWM3OWZhOTA2NDY0YWIxNDNmZDQ3ZTNi
ZWIzYTEwHhcNMjUwMTAxMDU0NzQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2Y2ZTVmNDMyYjE2MDk1MzE0Nzc2NTQ1NzNiYTQ4NDY1OThiYWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA37XB4umKK9feUs3cJilFrjpU4Stv
/m31plhG2kQ0KOTd3IKaJMT91uq40NSfJnAuKWrnWTdYpIGTc9GH98bKeLaSvA5f
ASkMH27vvEDT4xhFOdzbXn6RPQTHDLSyZ545EaY/cKARLA3exNZpZaODxUqZTtg9
2a5hsYJUxXqyiMBX6ulFkhsIWmiiqrajFdvOBYfnouUC4D0yrhh+sUriyG3Y4jbg
Y9l5Z5DrwXoPhaDW7he19hwtIWtYPevshKuO/myPGKnafCf/wcKVCgjzzF0tQn6q
Kr5zpuYd1mmgOmalbdKuiFYmkGUIEXcx0uMwLsJ9Qm9036TrKGlpIAzCxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGz25fQysWCVMUd2VFc7pIRlmLqzMB8GA1UdIwQY
MBaAFNxCLCQUfsefqQZGSrFD/UfjvrOhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0VJc0pCUi14NS1wQmtaS3NVUDlSLU8tczZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9hNjY1NjYtN2UzMi00OTc2LTg2ZWMt
MjE2NTEzNmM5ZDlhLzEvYlBibDlES3hZSlV4UjNaVVZ6dWtoR1dZdXJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9hNjY1NjYtN2UzMi00OTc2LTg2ZWMtMjE2NTEzNmM5ZDlh
LzEvM0VJc0pCUi14NS1wQmtaS3NVUDlSLU8tczZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwS9nMA0G
CSqGSIb3DQEBCwUAA4IBAQBpUVkv5+GglvD3ItVd9pENbw9lsJeAZsxH2zxBkCHv
+SxT4ZuFf9oeqyLEVBA1SvlKoO4g4X7HglUt4eIJgIPp58lzxAPFJjBDZu4xDroU
Ik7I4R2ORvKXE2a3TRJSs9fR6rV18guqN4bEzT38DAT1m244B5K/aKX0fxCTQ58X
lOW9Be48MnxaQllXEJKYxRt1elTdvXtr2oKbI4D0MD/LLdIrb6LKtX1uGGUYbHin
dB5tJHtTPlSO5LyYf2DHFE+MbtWmRNvkXdLnfavTV/X7cWLJGKKu30eFRStYo0NY
2O6bTJ9T6/4SyKmFN0dqC+iH4mmKq6DiCospGCvSt/tq
-----END CERTIFICATE-----
Generated at Tue Apr 15 10:02:38 2025 by rpki-client