Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6e51cb-517f-4cb1-a3a0-d721bd2e9d53/1/ViACi2znHcxjvEoTWJabRySlSug.roa
File: ViACi2znHcxjvEoTWJabRySlSug.roa (raw, json)
Hash identifier: /lKDXYbMBEGiN9zYRBMEKiyvRO0eOc45ePzpVSUQyuU=
Subject key identifier: 56:20:02:8B:6C:E7:1D:CC:63:BC:4A:13:58:96:9B:47:24:A5:4A:E8
Certificate issuer: /CN=d22f3bd0bae603ab790602a96bbbc42b5322e88f
Certificate serial: 01942143FFBDC413A95C8F8A0706A47813F4
Authority key identifier: D2:2F:3B:D0:BA:E6:03:AB:79:06:02:A9:6B:BB:C4:2B:53:22:E8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0i870LrmA6t5BgKpa7vEK1Mi6I8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/6e51cb-517f-4cb1-a3a0-d721bd2e9d53/1/ViACi2znHcxjvEoTWJabRySlSug.roa
Signing time: Wed 01 Jan 2025 09:48:11 +0000
ROA not before: Wed 01 Jan 2025 09:48:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396982
IP address blocks: 194.38.4.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/6e51cb-517f-4cb1-a3a0-d721bd2e9d53/1/0i870LrmA6t5BgKpa7vEK1Mi6I8.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/6e51cb-517f-4cb1-a3a0-d721bd2e9d53/1/0i870LrmA6t5BgKpa7vEK1Mi6I8.mft
rsync://rpki.ripe.net/repository/DEFAULT/0i870LrmA6t5BgKpa7vEK1Mi6I8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 08:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:ff:bd:c4:13:a9:5c:8f:8a:07:06:a4:78:13:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d22f3bd0bae603ab790602a96bbbc42b5322e88f
Validity
Not Before: Jan 1 09:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5620028b6ce71dcc63bc4a1358969b4724a54ae8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:1f:b4:db:0e:f9:c1:ff:49:6f:c8:8f:73:66:
7b:4b:7b:a5:40:bc:54:75:f0:ab:c7:78:59:8d:d1:
50:d1:8a:2c:50:7b:67:cd:1f:6e:da:49:f3:60:07:
dc:b3:69:0c:aa:8d:c1:87:1b:4f:35:59:83:5d:48:
d1:c8:44:ad:23:41:ef:aa:f3:2b:6f:51:49:41:74:
ed:69:58:72:64:ec:26:6f:85:fd:bb:d8:19:c3:fc:
23:4c:d6:75:20:eb:b6:ce:95:ad:01:7b:b9:61:f0:
2c:fe:7a:82:09:97:1f:51:52:49:5e:83:99:fe:8d:
09:47:6c:16:be:b9:3c:ef:21:a5:6f:57:20:85:aa:
d6:05:3f:eb:53:a5:cd:5e:a5:40:17:15:47:4c:99:
c7:28:42:5f:d3:e6:df:b8:62:c8:84:dd:72:cc:c6:
63:6b:fd:ff:a0:82:fa:dd:5e:04:17:06:66:49:82:
54:d9:79:2c:48:64:27:b4:74:d2:38:f3:6c:61:24:
9b:78:6d:c5:65:73:48:2e:92:dc:20:ea:40:e1:68:
ac:6e:60:2c:db:8e:83:02:b6:96:89:66:a5:6e:a8:
0c:6f:af:c5:10:d4:fc:82:1a:6b:d4:12:dd:d7:27:
c5:e1:65:5c:d2:41:19:fc:fa:ea:03:43:5e:d4:6f:
c2:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:20:02:8B:6C:E7:1D:CC:63:BC:4A:13:58:96:9B:47:24:A5:4A:E8
X509v3 Authority Key Identifier:
keyid:D2:2F:3B:D0:BA:E6:03:AB:79:06:02:A9:6B:BB:C4:2B:53:22:E8:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0i870LrmA6t5BgKpa7vEK1Mi6I8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6e51cb-517f-4cb1-a3a0-d721bd2e9d53/1/ViACi2znHcxjvEoTWJabRySlSug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6e51cb-517f-4cb1-a3a0-d721bd2e9d53/1/0i870LrmA6t5BgKpa7vEK1Mi6I8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.38.4.0/22
Signature Algorithm: sha256WithRSAEncryption
7a:ff:4c:b5:3c:26:89:2a:64:26:9d:3e:fa:db:72:39:79:71:
1a:20:0f:79:3f:87:11:21:10:13:fa:f6:34:05:cf:a6:b3:1d:
0e:23:aa:a0:61:d8:6c:d0:ad:3b:7c:4f:17:18:8b:79:12:67:
c7:c5:e5:2d:b7:ec:7e:38:fc:93:a9:30:6b:81:26:9d:f9:1f:
94:6b:f7:6e:a0:e5:19:6d:8b:07:0c:14:b4:b8:c9:3d:33:cb:
d5:5e:7f:2d:ce:3c:c5:fd:0a:fb:9f:c6:6d:65:1b:d7:ae:ce:
d7:98:ec:4e:8a:b2:e0:bc:7e:6d:b9:98:98:d3:66:91:73:7a:
e8:64:58:9a:4e:bc:d8:1c:31:28:01:e6:85:e0:7f:e4:75:98:
5f:19:25:d0:ba:99:66:50:f0:1b:2d:3e:65:ea:28:81:83:22:
4b:37:c2:47:e8:12:de:6c:90:05:a0:eb:22:d6:e9:17:cd:ea:
d6:b5:fd:08:f9:55:70:aa:19:11:da:f3:1b:53:85:65:f2:7b:
22:b8:8d:f5:d8:ac:0f:cc:b6:0a:bb:18:46:1b:19:54:31:e7:
80:f2:26:0e:c2:9a:73:b5:07:e6:5f:90:38:47:e2:dc:78:a6:
88:78:92:11:de:73:b0:4c:0e:95:94:ac:3a:e8:25:71:ba:9f:
b6:66:5d:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhQ/+9xBOpXI+KBwakeBP0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMmYzYmQwYmFlNjAzYWI3OTA2MDJhOTZiYmJjNDJiNTMy
MmU4OGYwHhcNMjUwMTAxMDk0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjIwMDI4YjZjZTcxZGNjNjNiYzRhMTM1ODk2OWI0NzI0YTU0YWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6x+02w75wf9Jb8iPc2Z7S3ulQLxU
dfCrx3hZjdFQ0YosUHtnzR9u2knzYAfcs2kMqo3BhxtPNVmDXUjRyEStI0HvqvMr
b1FJQXTtaVhyZOwmb4X9u9gZw/wjTNZ1IOu2zpWtAXu5YfAs/nqCCZcfUVJJXoOZ
/o0JR2wWvrk87yGlb1cgharWBT/rU6XNXqVAFxVHTJnHKEJf0+bfuGLIhN1yzMZj
a/3/oIL63V4EFwZmSYJU2XksSGQntHTSOPNsYSSbeG3FZXNILpLcIOpA4WisbmAs
246DAraWiWalbqgMb6/FENT8ghpr1BLd1yfF4WVc0kEZ/PrqA0Ne1G/CUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFYgAots5x3MY7xKE1iWm0ckpUroMB8GA1UdIwQY
MBaAFNIvO9C65gOreQYCqWu7xCtTIuiPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGk4NzBMcm1BNnQ1QmdLcGE3dkVLMU1pNkk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82ZTUxY2ItNTE3Zi00Y2IxLWEzYTAt
ZDcyMWJkMmU5ZDUzLzEvVmlBQ2kyem5IY3hqdkVvVFdKYWJSeVNsU3VnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS82ZTUxY2ItNTE3Zi00Y2IxLWEzYTAtZDcyMWJkMmU5ZDUz
LzEvMGk4NzBMcm1BNnQ1QmdLcGE3dkVLMU1pNkk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwiYEMA0G
CSqGSIb3DQEBCwUAA4IBAQB6/0y1PCaJKmQmnT7623I5eXEaIA95P4cRIRAT+vY0
Bc+msx0OI6qgYdhs0K07fE8XGIt5EmfHxeUtt+x+OPyTqTBrgSad+R+Ua/duoOUZ
bYsHDBS0uMk9M8vVXn8tzjzF/Qr7n8ZtZRvXrs7XmOxOirLgvH5tuZiY02aRc3ro
ZFiaTrzYHDEoAeaF4H/kdZhfGSXQuplmUPAbLT5l6iiBgyJLN8JH6BLebJAFoOsi
1ukXzerWtf0I+VVwqhkR2vMbU4Vl8nsiuI312KwPzLYKuxhGGxlUMeeA8iYOwppz
tQfmX5A4R+LceKaIeJIR3nOwTA6VlKw66CVxup+2Zl0J
-----END CERTIFICATE-----
Generated at Tue Apr 8 14:34:30 2025 by rpki-client