Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/rtkk5gT-jAJhBoaE_BQPXocOEfU.roa
File: rtkk5gT-jAJhBoaE_BQPXocOEfU.roa (raw, json)
Hash identifier: v/MP7pEa6ZGIvq0Wu6Fpus/nOHl8IEXjbt8QwhltqFU=
Subject key identifier: AE:D9:24:E6:04:FE:8C:02:61:06:86:84:FC:14:0F:5E:87:0E:11:F5
Certificate issuer: /CN=d31dd1a514d3a7e3dfdb8bfb75d7d24ed98d479f
Certificate serial: 01942143FA975F7B08AEA46171B9E7ACED5B
Authority key identifier: D3:1D:D1:A5:14:D3:A7:E3:DF:DB:8B:FB:75:D7:D2:4E:D9:8D:47:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0x3RpRTTp-Pf24v7ddfSTtmNR58.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/rtkk5gT-jAJhBoaE_BQPXocOEfU.roa
Signing time: Wed 01 Jan 2025 09:48:10 +0000
ROA not before: Wed 01 Jan 2025 09:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8360
IP address blocks: 193.58.218.0/23 maxlen: 23
193.58.220.0/23 maxlen: 23
193.58.220.0/24 maxlen: 24
193.194.8.0/23 maxlen: 23
193.194.10.0/24 maxlen: 24
193.194.11.0/24 maxlen: 24
194.127.21.0/24 maxlen: 24
194.127.30.0/24 maxlen: 24
194.127.31.0/24 maxlen: 24
194.127.68.0/24 maxlen: 24
194.127.69.0/24 maxlen: 24
194.127.70.0/24 maxlen: 24
194.127.71.0/24 maxlen: 24
194.127.72.0/24 maxlen: 24
194.127.73.0/24 maxlen: 24
194.127.74.0/24 maxlen: 24
194.127.75.0/24 maxlen: 24
194.127.77.0/24 maxlen: 24
194.127.78.0/24 maxlen: 24
194.127.79.0/24 maxlen: 24
194.127.80.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/0x3RpRTTp-Pf24v7ddfSTtmNR58.crl
rsync://rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/0x3RpRTTp-Pf24v7ddfSTtmNR58.mft
rsync://rpki.ripe.net/repository/DEFAULT/0x3RpRTTp-Pf24v7ddfSTtmNR58.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:fa:97:5f:7b:08:ae:a4:61:71:b9:e7:ac:ed:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d31dd1a514d3a7e3dfdb8bfb75d7d24ed98d479f
Validity
Not Before: Jan 1 09:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aed924e604fe8c0261068684fc140f5e870e11f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:02:40:e1:39:4d:02:1e:b6:23:a6:af:86:6d:
1c:74:b2:f0:7e:6a:5a:84:9a:77:90:43:ad:11:8f:
8c:cc:31:76:f3:14:6b:9e:bb:3e:90:be:20:70:99:
f2:6d:b8:62:29:04:48:cc:7b:cc:2a:2b:92:58:64:
bc:0e:7f:71:9f:dd:70:ce:bf:5d:c1:d5:99:08:bf:
1b:ef:88:c0:df:a5:26:5f:e7:b4:51:fc:e4:a5:83:
7c:97:e8:58:c2:5b:65:c8:89:57:98:5a:ae:e0:ca:
be:fa:e3:34:7f:2a:71:cb:a1:b1:75:59:ef:6b:9b:
1a:32:e2:5e:3f:90:4d:13:f8:ef:d1:6d:8a:22:b6:
a3:dc:2d:45:9b:1d:1b:d1:9b:75:72:5e:1e:64:1f:
db:a4:d7:4c:80:fd:33:29:be:68:45:9d:bf:b0:5f:
a2:8f:a5:4e:ee:ca:ef:5a:89:7e:1a:98:93:0d:ab:
26:30:26:04:5c:a7:e6:ee:53:2a:31:90:e3:1f:4c:
2e:47:1d:34:ba:20:c1:15:85:47:cb:2f:a4:76:70:
c9:ca:90:fd:2a:5d:29:eb:13:e2:c3:5b:24:e7:e4:
6d:90:ba:ff:17:2d:e9:d2:a3:d6:04:28:e6:c9:f6:
96:eb:19:a1:f9:b0:27:c1:58:db:0d:3b:fa:84:f5:
be:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:D9:24:E6:04:FE:8C:02:61:06:86:84:FC:14:0F:5E:87:0E:11:F5
X509v3 Authority Key Identifier:
keyid:D3:1D:D1:A5:14:D3:A7:E3:DF:DB:8B:FB:75:D7:D2:4E:D9:8D:47:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0x3RpRTTp-Pf24v7ddfSTtmNR58.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/rtkk5gT-jAJhBoaE_BQPXocOEfU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/0x3RpRTTp-Pf24v7ddfSTtmNR58.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.58.218.0-193.58.221.255
193.194.8.0/22
194.127.21.0/24
194.127.30.0/23
194.127.68.0-194.127.75.255
194.127.77.0-194.127.80.255
Signature Algorithm: sha256WithRSAEncryption
58:ac:63:80:99:c7:45:75:a7:96:59:c2:d7:b2:78:c5:a9:fd:
49:21:00:ab:79:ee:6b:d6:76:2a:6e:c2:5d:47:f8:4b:99:57:
25:9f:f2:bb:e9:a1:65:c0:ff:1a:fa:86:e0:a1:59:e4:39:d4:
92:6e:1b:19:0f:39:a0:07:9e:2d:26:76:19:5a:11:6a:bc:45:
4f:15:fc:82:24:39:65:ad:84:11:3a:49:6d:70:0d:11:50:6c:
9d:88:9b:69:54:47:30:fa:de:8e:91:2c:71:ee:50:ea:2e:ed:
0c:ce:70:47:d5:b5:19:c2:32:db:f4:2c:a4:18:a6:50:37:dd:
9b:5e:65:7e:df:a8:4b:b6:63:dd:b6:7e:59:14:2d:43:ca:76:
70:b2:f1:81:c6:62:0e:e9:86:34:e3:12:9e:ab:59:c3:96:2e:
b7:3e:d1:e7:4b:63:a3:3b:9f:61:73:98:78:b1:cf:61:4a:b6:
9e:16:b8:09:2d:1f:5d:bd:d2:ad:3b:71:cc:38:64:4b:03:23:
83:b9:8e:8f:fa:5c:67:5d:99:14:7e:a8:2b:75:cf:d2:d9:3d:
94:e6:84:ea:d5:0c:e5:58:81:f5:ac:bf:a0:85:ae:99:e1:76:
62:d1:9d:df:46:3a:6e:0d:13:2d:41:a0:dd:65:da:df:86:21:
37:05:60:6f
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZQhQ/qXX3sIrqRhcbnnrO1bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzMWRkMWE1MTRkM2E3ZTNkZmRiOGJmYjc1ZDdkMjRlZDk4
ZDQ3OWYwHhcNMjUwMTAxMDk0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWQ5MjRlNjA0ZmU4YzAyNjEwNjg2ODRmYzE0MGY1ZTg3MGUxMWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxQJA4TlNAh62I6avhm0cdLLwfmpa
hJp3kEOtEY+MzDF28xRrnrs+kL4gcJnybbhiKQRIzHvMKiuSWGS8Dn9xn91wzr9d
wdWZCL8b74jA36UmX+e0UfzkpYN8l+hYwltlyIlXmFqu4Mq++uM0fypxy6GxdVnv
a5saMuJeP5BNE/jv0W2KIraj3C1Fmx0b0Zt1cl4eZB/bpNdMgP0zKb5oRZ2/sF+i
j6VO7srvWol+GpiTDasmMCYEXKfm7lMqMZDjH0wuRx00uiDBFYVHyy+kdnDJypD9
Kl0p6xPiw1sk5+RtkLr/Fy3p0qPWBCjmyfaW6xmh+bAnwVjbDTv6hPW+gwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFK7ZJOYE/owCYQaGhPwUD16HDhH1MB8GA1UdIwQY
MBaAFNMd0aUU06fj39uL+3XX0k7ZjUefMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHgzUnBSVFRwLVBmMjR2N2RkZlNUdG1OUjU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9mMjQ3OGYtYzUwMy00MmMyLTk0YjIt
YjE2NmFlMmVmMjg3LzEvcnRrazVnVC1qQUpoQm9hRV9CUVBYb2NPRWZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9mMjQ3OGYtYzUwMy00MmMyLTk0YjItYjE2NmFlMmVmMjg3
LzEvMHgzUnBSVFRwLVBmMjR2N2RkZlNUdG1OUjU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8MAwDBAHBOtoD
BAHBOtwDBALBwggDBADCfxUDBAHCfx4wDAMEAsJ/RAMEAsJ/SDAMAwQAwn9NAwQA
wn9QMA0GCSqGSIb3DQEBCwUAA4IBAQBYrGOAmcdFdaeWWcLXsnjFqf1JIQCree5r
1nYqbsJdR/hLmVcln/K76aFlwP8a+obgoVnkOdSSbhsZDzmgB54tJnYZWhFqvEVP
FfyCJDllrYQROkltcA0RUGydiJtpVEcw+t6OkSxx7lDqLu0MznBH1bUZwjLb9Cyk
GKZQN92bXmV+36hLtmPdtn5ZFC1DynZwsvGBxmIO6YY04xKeq1nDli63PtHnS2Oj
O59hc5h4sc9hSraeFrgJLR9dvdKtO3HMOGRLAyODuY6P+lxnXZkUfqgrdc/S2T2U
5oTq1QzlWIH1rL+gha6Z4XZi0Z3fRjpuDRMtQaDdZdrfhiE3BWBv
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:54:59 2025 by rpki-client