Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/8c1323-afcc-4b44-9881-06308a44856d/1/i_35ud5OERiEDAx-BasHnsgHc48.roa
File: i_35ud5OERiEDAx-BasHnsgHc48.roa (raw, json)
Hash identifier: mSZd0LC2OMh83YslBHZYulpSTQBAbQlb9kFIbiISICE=
Subject key identifier: 8B:FD:F9:B9:DE:4E:11:18:84:0C:0C:7E:05:AB:07:9E:C8:07:73:8F
Certificate issuer: /CN=2cb035707202d4013a4479be5112d7fa227b7275
Certificate serial: 019421441528961C334470167E01D29CA88D
Authority key identifier: 2C:B0:35:70:72:02:D4:01:3A:44:79:BE:51:12:D7:FA:22:7B:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LLA1cHIC1AE6RHm-URLX-iJ7cnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/8c1323-afcc-4b44-9881-06308a44856d/1/i_35ud5OERiEDAx-BasHnsgHc48.roa
Signing time: Wed 01 Jan 2025 09:48:17 +0000
ROA not before: Wed 01 Jan 2025 09:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200020
IP address blocks: 194.62.129.0/24 maxlen: 24
194.62.131.0/24 maxlen: 24
2001:67c:608::/48 maxlen: 48
2a0d:8c40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/8c1323-afcc-4b44-9881-06308a44856d/1/LLA1cHIC1AE6RHm-URLX-iJ7cnU.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/8c1323-afcc-4b44-9881-06308a44856d/1/LLA1cHIC1AE6RHm-URLX-iJ7cnU.mft
rsync://rpki.ripe.net/repository/DEFAULT/LLA1cHIC1AE6RHm-URLX-iJ7cnU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 15:01:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:15:28:96:1c:33:44:70:16:7e:01:d2:9c:a8:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2cb035707202d4013a4479be5112d7fa227b7275
Validity
Not Before: Jan 1 09:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8bfdf9b9de4e1118840c0c7e05ab079ec807738f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:33:e4:8a:a1:a3:e9:c1:53:71:2d:c1:ae:57:
b8:c4:85:b5:52:98:09:c1:e2:26:88:09:2f:e1:80:
56:a0:17:01:7c:1d:4f:7d:f7:37:84:00:21:46:c7:
5d:32:5f:bd:ee:2e:30:c2:0c:28:10:4e:06:1c:a7:
d4:21:c4:f4:56:22:93:51:c9:47:49:84:a9:ef:2f:
fc:57:03:e5:09:eb:00:80:50:c0:00:2d:11:b2:44:
3f:9f:0f:2c:02:72:6b:ad:6a:0c:14:62:52:5f:0e:
5d:02:1c:36:47:22:8c:de:7a:1e:c0:2c:19:0e:a9:
47:da:ec:14:77:00:d2:f3:d8:fb:88:ab:e7:dd:27:
8c:2a:34:15:7e:57:b1:17:9e:c1:61:79:39:94:00:
b5:db:e0:d0:1d:b3:73:81:a0:67:31:9d:1f:83:86:
51:d9:03:3a:93:bc:83:40:ec:89:56:14:56:81:6c:
07:7d:db:24:69:6e:5a:f6:22:87:8e:5c:cb:51:76:
59:75:42:be:08:21:66:70:e5:50:9c:0f:2a:9e:5e:
a9:4d:3b:c5:10:37:50:8b:f9:4f:40:e1:fe:fd:ef:
e6:2c:63:5f:8d:a6:be:6c:c6:05:d3:ec:a5:27:48:
01:a4:52:00:c6:d2:5c:d6:cf:cd:f9:23:a3:88:db:
8f:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:FD:F9:B9:DE:4E:11:18:84:0C:0C:7E:05:AB:07:9E:C8:07:73:8F
X509v3 Authority Key Identifier:
keyid:2C:B0:35:70:72:02:D4:01:3A:44:79:BE:51:12:D7:FA:22:7B:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LLA1cHIC1AE6RHm-URLX-iJ7cnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/8c1323-afcc-4b44-9881-06308a44856d/1/i_35ud5OERiEDAx-BasHnsgHc48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/8c1323-afcc-4b44-9881-06308a44856d/1/LLA1cHIC1AE6RHm-URLX-iJ7cnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.62.129.0/24
194.62.131.0/24
IPv6:
2001:67c:608::/48
2a0d:8c40::/29
Signature Algorithm: sha256WithRSAEncryption
a0:6d:db:26:c5:17:b3:98:3c:33:50:86:be:d9:f1:d9:ce:29:
c8:2f:63:63:5e:6b:59:2d:0f:8f:89:54:4c:82:75:d2:53:ac:
a2:c0:d9:f4:63:c5:2f:18:db:a1:1b:52:3a:6d:f1:24:df:8f:
c2:43:ca:c8:c6:c5:6e:77:9e:b8:e4:dd:4f:47:40:ad:9b:0d:
48:77:37:bd:84:68:bd:e6:9f:5b:d8:c4:ee:9d:e3:eb:f2:20:
0e:4f:2f:87:3d:58:11:d1:ed:2e:7d:b0:d1:fd:e8:c8:33:9c:
38:5f:00:a7:91:d6:22:f2:b0:c6:d2:dd:e6:35:cc:8c:f3:8e:
44:ed:50:1c:ae:bb:3e:43:c8:77:ca:e8:e8:09:cf:5e:82:80:
fc:2b:c4:f5:dd:1d:a0:45:bc:5e:0d:2e:01:1f:ed:45:fa:83:
63:97:16:b4:ec:63:6b:66:b4:df:2c:7a:db:07:b6:0c:28:7e:
7f:0e:08:d8:e8:db:93:ac:c8:a4:84:b0:7c:84:20:d8:1e:0b:
f5:26:9f:34:90:4d:e1:af:79:58:56:68:5d:41:7a:c1:a1:db:
4a:98:71:43:5c:5f:53:7e:9e:ed:1f:79:2c:db:58:f3:a3:cb:
e5:07:3b:b0:f6:f7:ca:67:b9:e5:8d:09:0a:7d:62:77:65:49:
2e:c0:16:ca
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQhRBUolhwzRHAWfgHSnKiNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjYjAzNTcwNzIwMmQ0MDEzYTQ0NzliZTUxMTJkN2ZhMjI3
YjcyNzUwHhcNMjUwMTAxMDk0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmZkZjliOWRlNGUxMTE4ODQwYzBjN2UwNWFiMDc5ZWM4MDc3MzhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApjPkiqGj6cFTcS3Brle4xIW1UpgJ
weImiAkv4YBWoBcBfB1Pffc3hAAhRsddMl+97i4wwgwoEE4GHKfUIcT0ViKTUclH
SYSp7y/8VwPlCesAgFDAAC0RskQ/nw8sAnJrrWoMFGJSXw5dAhw2RyKM3noewCwZ
DqlH2uwUdwDS89j7iKvn3SeMKjQVflexF57BYXk5lAC12+DQHbNzgaBnMZ0fg4ZR
2QM6k7yDQOyJVhRWgWwHfdskaW5a9iKHjlzLUXZZdUK+CCFmcOVQnA8qnl6pTTvF
EDdQi/lPQOH+/e/mLGNfjaa+bMYF0+ylJ0gBpFIAxtJc1s/N+SOjiNuP7QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFIv9+bneThEYhAwMfgWrB57IB3OPMB8GA1UdIwQY
MBaAFCywNXByAtQBOkR5vlES1/oie3J1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTExBMWNISUMxQUU2UkhtLVVSTFgtaUo3Y25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS84YzEzMjMtYWZjYy00YjQ0LTk4ODEt
MDYzMDhhNDQ4NTZkLzEvaV8zNXVkNU9FUmlFREF4LUJhc0huc2dIYzQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS84YzEzMjMtYWZjYy00YjQ0LTk4ODEtMDYzMDhhNDQ4NTZk
LzEvTExBMWNISUMxQUU2UkhtLVVSTFgtaUo3Y25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQAwj6BAwQA
wj6DMBYEAgACMBADBwAgAQZ8BggDBQMqDYxAMA0GCSqGSIb3DQEBCwUAA4IBAQCg
bdsmxRezmDwzUIa+2fHZzinIL2NjXmtZLQ+PiVRMgnXSU6yiwNn0Y8UvGNuhG1I6
bfEk34/CQ8rIxsVud5645N1PR0Ctmw1Idze9hGi95p9b2MTunePr8iAOTy+HPVgR
0e0ufbDR/ejIM5w4XwCnkdYi8rDG0t3mNcyM845E7VAcrrs+Q8h3yujoCc9egoD8
K8T13R2gRbxeDS4BH+1F+oNjlxa07GNrZrTfLHrbB7YMKH5/DgjY6NuTrMikhLB8
hCDYHgv1Jp80kE3hr3lYVmhdQXrBodtKmHFDXF9Tfp7tH3ks21jzo8vlBzuw9vfK
Z7nljQkKfWJ3ZUkuwBbK
-----END CERTIFICATE-----
Generated at Sun Apr 6 23:59:09 2025 by rpki-client