Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/09239a-4f88-409b-a781-75330d4ce86e/1/4FCKqar0XtnEKUi3gFfvOiKskUg.roa
File: 4FCKqar0XtnEKUi3gFfvOiKskUg.roa (raw, json)
Hash identifier: n0va6MokXLOyx5Mouds6xLFs3obz/ZHN/b5YuHxhU6k=
Subject key identifier: E0:50:8A:A9:AA:F4:5E:D9:C4:29:48:B7:80:57:EF:3A:22:AC:91:48
Certificate issuer: /CN=75af4e2c34780f3d9f51e80a53bac3be6f325943
Certificate serial: 019424B36951458256401D135AE00CE76AB3
Authority key identifier: 75:AF:4E:2C:34:78:0F:3D:9F:51:E8:0A:53:BA:C3:BE:6F:32:59:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/da9OLDR4Dz2fUegKU7rDvm8yWUM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/09239a-4f88-409b-a781-75330d4ce86e/1/4FCKqar0XtnEKUi3gFfvOiKskUg.roa
Signing time: Thu 02 Jan 2025 01:48:45 +0000
ROA not before: Thu 02 Jan 2025 01:48:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210553
IP address blocks: 193.3.185.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/09239a-4f88-409b-a781-75330d4ce86e/1/da9OLDR4Dz2fUegKU7rDvm8yWUM.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/09239a-4f88-409b-a781-75330d4ce86e/1/da9OLDR4Dz2fUegKU7rDvm8yWUM.mft
rsync://rpki.ripe.net/repository/DEFAULT/da9OLDR4Dz2fUegKU7rDvm8yWUM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Feb 2025 07:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:69:51:45:82:56:40:1d:13:5a:e0:0c:e7:6a:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75af4e2c34780f3d9f51e80a53bac3be6f325943
Validity
Not Before: Jan 2 01:48:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e0508aa9aaf45ed9c42948b78057ef3a22ac9148
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:e1:09:60:35:cd:83:34:75:b9:10:ed:3d:80:
8c:18:e5:b9:ad:0d:ed:84:25:bc:4e:03:e8:ae:d7:
ea:ba:a2:33:af:cf:84:da:fe:0f:8d:1f:7b:9f:16:
ed:2f:79:33:20:d7:c2:84:1d:d2:0b:3e:76:5e:a2:
44:7f:64:0c:e1:0a:7a:b4:4e:19:6c:ae:9c:9d:15:
bf:53:0e:6d:fb:de:53:14:51:bc:c5:b9:ca:2e:64:
36:69:c1:b4:3a:76:6a:7d:c7:59:6f:2c:a0:ea:c2:
4b:9d:14:72:08:f8:54:dd:39:d3:2c:1b:3c:88:19:
75:59:ec:3f:96:18:1a:89:6f:24:e3:39:64:5e:b6:
54:b7:f1:f3:81:84:7e:a2:0b:35:b1:f6:30:c8:0c:
9f:fc:c3:00:80:02:e6:f0:a1:9d:a2:1a:20:9c:84:
42:06:2e:5f:b5:e6:ae:44:2e:05:4c:84:c4:dc:64:
ea:3a:28:d3:fe:9e:97:ef:9d:46:7a:af:60:e3:22:
08:fa:96:44:1c:63:5a:75:5d:c6:4b:b8:e8:5f:9f:
42:06:c4:dd:2a:73:b8:09:0b:a6:5a:f7:1a:1f:b1:
cf:a8:c4:57:4b:81:60:44:16:5c:99:fe:41:aa:cb:
65:87:b3:a2:4d:87:a7:b1:ed:0f:ef:59:17:1f:49:
ba:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:50:8A:A9:AA:F4:5E:D9:C4:29:48:B7:80:57:EF:3A:22:AC:91:48
X509v3 Authority Key Identifier:
keyid:75:AF:4E:2C:34:78:0F:3D:9F:51:E8:0A:53:BA:C3:BE:6F:32:59:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/da9OLDR4Dz2fUegKU7rDvm8yWUM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/09239a-4f88-409b-a781-75330d4ce86e/1/4FCKqar0XtnEKUi3gFfvOiKskUg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/09239a-4f88-409b-a781-75330d4ce86e/1/da9OLDR4Dz2fUegKU7rDvm8yWUM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.3.185.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:45:4c:53:90:b7:c5:b2:07:a0:a0:09:1f:4b:c7:2a:ad:25:
c9:d8:3a:7a:ae:4b:6d:34:fe:da:8a:f2:c1:4f:ec:9e:f3:ed:
59:d8:b0:21:14:18:be:2f:5b:64:79:bf:b8:b4:3b:69:42:8f:
ff:c9:ed:2c:1a:1b:fd:32:c4:f8:e4:4b:ee:a3:1e:ae:98:0b:
79:cd:01:73:b4:f6:44:56:cc:2a:a4:ad:19:50:66:64:ac:a5:
03:ab:b7:11:f8:9a:35:63:4c:0e:b1:d9:73:14:a9:c2:b6:87:
f4:fd:3d:f5:1c:af:77:1c:7b:b6:41:ac:4d:a8:b4:2a:b3:2f:
1c:42:db:d3:01:a9:ec:d8:97:b4:40:82:f8:ff:b7:27:57:61:
42:6f:fa:a6:77:b4:dd:38:26:d4:e5:30:4c:69:a9:0d:c7:80:
2d:6b:a7:26:ed:c8:80:fe:b0:c2:f5:47:3e:53:e2:fc:72:19:
c3:6c:47:84:9f:ac:1d:c3:a5:47:ea:62:05:e9:ae:e4:2e:7f:
10:66:e1:c7:7b:d2:51:14:28:9f:10:9a:e1:6e:bd:9b:5e:81:
b4:73:e1:26:90:8d:2f:3b:91:bf:a8:99:b4:be:4b:08:9d:93:
54:98:dd:4d:c6:e9:49:26:91:d2:d0:9b:94:22:2a:70:5e:dd:
94:9e:3e:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQks2lRRYJWQB0TWuAM52qzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1YWY0ZTJjMzQ3ODBmM2Q5ZjUxZTgwYTUzYmFjM2JlNmYz
MjU5NDMwHhcNMjUwMTAyMDE0ODQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDUwOGFhOWFhZjQ1ZWQ5YzQyOTQ4Yjc4MDU3ZWYzYTIyYWM5MTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmeEJYDXNgzR1uRDtPYCMGOW5rQ3t
hCW8TgPortfquqIzr8+E2v4PjR97nxbtL3kzINfChB3SCz52XqJEf2QM4Qp6tE4Z
bK6cnRW/Uw5t+95TFFG8xbnKLmQ2acG0OnZqfcdZbyyg6sJLnRRyCPhU3TnTLBs8
iBl1Wew/lhgaiW8k4zlkXrZUt/HzgYR+ogs1sfYwyAyf/MMAgALm8KGdohognIRC
Bi5fteauRC4FTITE3GTqOijT/p6X751Geq9g4yII+pZEHGNadV3GS7joX59CBsTd
KnO4CQumWvcaH7HPqMRXS4FgRBZcmf5Bqstlh7OiTYense0P71kXH0m6JQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOBQiqmq9F7ZxClIt4BX7zoirJFIMB8GA1UdIwQY
MBaAFHWvTiw0eA89n1HoClO6w75vMllDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGE5T0xEUjREejJmVWVnS1U3ckR2bTh5V1VNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8wOTIzOWEtNGY4OC00MDliLWE3ODEt
NzUzMzBkNGNlODZlLzEvNEZDS3FhcjBYdG5FS1VpM2dGZnZPaUtza1VnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC8wOTIzOWEtNGY4OC00MDliLWE3ODEtNzUzMzBkNGNlODZl
LzEvZGE5T0xEUjREejJmVWVnS1U3ckR2bTh5V1VNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwQO5MA0G
CSqGSIb3DQEBCwUAA4IBAQCyRUxTkLfFsgegoAkfS8cqrSXJ2Dp6rkttNP7aivLB
T+ye8+1Z2LAhFBi+L1tkeb+4tDtpQo//ye0sGhv9MsT45Evuox6umAt5zQFztPZE
VswqpK0ZUGZkrKUDq7cR+Jo1Y0wOsdlzFKnCtof0/T31HK93HHu2QaxNqLQqsy8c
QtvTAans2Je0QIL4/7cnV2FCb/qmd7TdOCbU5TBMaakNx4Ata6cm7ciA/rDC9Uc+
U+L8chnDbEeEn6wdw6VH6mIF6a7kLn8QZuHHe9JRFCifEJrhbr2bXoG0c+EmkI0v
O5G/qJm0vksInZNUmN1NxulJJpHS0JuUIipwXt2Unj7l
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:55:54 2025 by rpki-client