Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/6de7ff-321e-4b47-b3c5-6db086c00f6a/1/kFOw0UjGI7qti8qa1uAUEOsP1Y0.roa
File: kFOw0UjGI7qti8qa1uAUEOsP1Y0.roa (raw, json)
Hash identifier: 3Ka4QMk7D3J6EIhtUeiuaJXa58kFmA+7bZN+m672Gvo=
Subject key identifier: 90:53:B0:D1:48:C6:23:BA:AD:8B:CA:9A:D6:E0:14:10:EB:0F:D5:8D
Certificate issuer: /CN=8d34fab9aa33eb55d9854237bd0d2252792132e6
Certificate serial: 019465CA68D5D79C24AE3C7274224A49288E
Authority key identifier: 8D:34:FA:B9:AA:33:EB:55:D9:85:42:37:BD:0D:22:52:79:21:32:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jTT6uaoz61XZhUI3vQ0iUnkhMuY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/6de7ff-321e-4b47-b3c5-6db086c00f6a/1/kFOw0UjGI7qti8qa1uAUEOsP1Y0.roa
Signing time: Tue 14 Jan 2025 17:09:11 +0000
ROA not before: Tue 14 Jan 2025 17:09:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19905
IP address blocks: 193.176.4.0/24 maxlen: 24
193.176.44.0/24 maxlen: 24
193.176.62.0/24 maxlen: 24
193.176.147.0/24 maxlen: 24
2a0f:90c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/6de7ff-321e-4b47-b3c5-6db086c00f6a/1/jTT6uaoz61XZhUI3vQ0iUnkhMuY.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/6de7ff-321e-4b47-b3c5-6db086c00f6a/1/jTT6uaoz61XZhUI3vQ0iUnkhMuY.mft
rsync://rpki.ripe.net/repository/DEFAULT/jTT6uaoz61XZhUI3vQ0iUnkhMuY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:65:ca:68:d5:d7:9c:24:ae:3c:72:74:22:4a:49:28:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d34fab9aa33eb55d9854237bd0d2252792132e6
Validity
Not Before: Jan 14 17:09:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9053b0d148c623baad8bca9ad6e01410eb0fd58d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:68:a5:27:c7:1f:bc:d8:bc:c3:85:b4:f9:d4:
18:79:50:09:c0:05:c0:39:c5:10:88:34:df:16:3b:
01:84:fd:89:e2:b2:d3:13:d6:43:d8:85:46:dc:c4:
00:7b:14:1f:62:77:b7:b4:76:da:67:af:67:1a:6a:
60:3c:51:02:88:8e:71:4e:85:c5:e2:0f:8e:d3:c2:
eb:b6:87:a4:65:78:0a:fb:6e:5b:9c:05:86:9a:ec:
b3:e6:3e:94:41:78:ce:42:98:d9:c4:d6:83:b8:28:
7c:c3:78:ae:3b:4a:25:32:e4:59:c3:20:14:06:8e:
a8:7f:ff:eb:c3:bf:77:16:07:7e:72:15:c0:53:46:
aa:ec:8b:00:f9:33:fc:f6:1c:d7:da:a9:cd:e3:4c:
19:8e:85:88:8f:2a:d0:17:e3:5d:f5:43:cf:10:df:
a5:2b:3d:6f:9e:3c:fc:cd:3e:cc:65:d9:4b:3b:09:
7c:d5:6f:9c:d0:cf:93:ea:d3:3a:01:31:60:ab:cb:
3b:f1:56:03:14:d5:3d:5d:c7:9e:34:f0:9f:25:22:
98:23:6e:1b:76:a4:8c:f0:28:f5:03:5a:9c:da:df:
88:07:29:d0:d1:85:49:fc:28:05:4a:1a:2b:83:a6:
2e:eb:b5:e9:ea:02:c7:94:a4:3e:ef:1c:1f:4a:97:
f0:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:53:B0:D1:48:C6:23:BA:AD:8B:CA:9A:D6:E0:14:10:EB:0F:D5:8D
X509v3 Authority Key Identifier:
keyid:8D:34:FA:B9:AA:33:EB:55:D9:85:42:37:BD:0D:22:52:79:21:32:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jTT6uaoz61XZhUI3vQ0iUnkhMuY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/6de7ff-321e-4b47-b3c5-6db086c00f6a/1/kFOw0UjGI7qti8qa1uAUEOsP1Y0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/6de7ff-321e-4b47-b3c5-6db086c00f6a/1/jTT6uaoz61XZhUI3vQ0iUnkhMuY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.176.4.0/24
193.176.44.0/24
193.176.62.0/24
193.176.147.0/24
IPv6:
2a0f:90c0::/29
Signature Algorithm: sha256WithRSAEncryption
51:ff:55:12:44:c2:a7:95:f7:50:a1:83:09:41:48:0a:2a:69:
69:d3:1b:34:4e:82:5d:78:16:ea:8d:45:c3:6d:fa:68:7b:10:
6e:d7:40:6d:a0:62:59:b4:ea:9c:05:f5:73:71:4f:8b:24:b3:
96:ca:b9:38:b2:87:28:a7:82:a0:c0:1e:d3:cf:17:6b:ea:b3:
91:c2:72:20:b1:11:50:69:44:96:b7:41:1c:16:3a:93:ce:67:
9c:e3:8f:18:c2:80:e6:e9:99:53:50:c0:17:31:e5:b6:fc:49:
df:45:f7:c6:38:e4:66:83:60:6c:bb:93:52:c3:ad:7c:9f:6d:
4b:27:1c:76:fc:11:f2:3d:ed:e9:88:e5:f3:41:99:41:12:bb:
be:b5:6a:8b:7f:9b:75:d8:76:2e:a5:8b:fa:5f:08:95:c1:3f:
e2:40:c0:33:2e:0e:5e:93:89:89:fd:72:43:97:d7:08:06:c5:
a0:42:88:ae:c8:26:ff:ef:b7:8e:00:d1:5c:2f:67:d7:90:de:
1f:fa:95:f4:08:3d:38:d1:14:8c:0d:6e:23:43:95:7f:42:b6:
35:86:d0:91:7e:f3:49:cc:31:df:62:97:09:d6:3a:43:2d:5a:
94:89:82:cd:ca:8b:fb:0b:01:f7:e1:ae:f6:a6:11:27:f2:c8:
d7:15:28:ba
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZRlymjV15wkrjxydCJKSSiOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMzRmYWI5YWEzM2ViNTVkOTg1NDIzN2JkMGQyMjUyNzky
MTMyZTYwHhcNMjUwMTE0MTcwOTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDUzYjBkMTQ4YzYyM2JhYWQ4YmNhOWFkNmUwMTQxMGViMGZkNThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmilJ8cfvNi8w4W0+dQYeVAJwAXA
OcUQiDTfFjsBhP2J4rLTE9ZD2IVG3MQAexQfYne3tHbaZ69nGmpgPFECiI5xToXF
4g+O08LrtoekZXgK+25bnAWGmuyz5j6UQXjOQpjZxNaDuCh8w3iuO0olMuRZwyAU
Bo6of//rw793Fgd+chXAU0aq7IsA+TP89hzX2qnN40wZjoWIjyrQF+Nd9UPPEN+l
Kz1vnjz8zT7MZdlLOwl81W+c0M+T6tM6ATFgq8s78VYDFNU9XceeNPCfJSKYI24b
dqSM8Cj1A1qc2t+IBynQ0YVJ/CgFShorg6Yu67Xp6gLHlKQ+7xwfSpfwDQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFJBTsNFIxiO6rYvKmtbgFBDrD9WNMB8GA1UdIwQY
MBaAFI00+rmqM+tV2YVCN70NIlJ5ITLmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalRUNnVhb3o2MVhaaFVJM3ZRMGlVbmtoTXVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC82ZGU3ZmYtMzIxZS00YjQ3LWIzYzUt
NmRiMDg2YzAwZjZhLzEva0ZPdzBVakdJN3F0aThxYTF1QVVFT3NQMVkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC82ZGU3ZmYtMzIxZS00YjQ3LWIzYzUtNmRiMDg2YzAwZjZh
LzEvalRUNnVhb3o2MVhaaFVJM3ZRMGlVbmtoTXVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAwbAEAwQA
wbAsAwQAwbA+AwQAwbCTMA0EAgACMAcDBQMqD5DAMA0GCSqGSIb3DQEBCwUAA4IB
AQBR/1USRMKnlfdQoYMJQUgKKmlp0xs0ToJdeBbqjUXDbfpoexBu10BtoGJZtOqc
BfVzcU+LJLOWyrk4socop4KgwB7Tzxdr6rORwnIgsRFQaUSWt0EcFjqTzmec448Y
woDm6ZlTUMAXMeW2/EnfRffGOORmg2Bsu5NSw618n21LJxx2/BHyPe3piOXzQZlB
Eru+tWqLf5t12HYupYv6XwiVwT/iQMAzLg5ek4mJ/XJDl9cIBsWgQoiuyCb/77eO
ANFcL2fXkN4f+pX0CD040RSMDW4jQ5V/QrY1htCRfvNJzDHfYpcJ1jpDLVqUiYLN
yov7CwH34a72phEn8sjXFSi6
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:39:58 2025 by rpki-client