Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/iyXEZLPTvQZGB7JlA08fIx42APM.roa
File: iyXEZLPTvQZGB7JlA08fIx42APM.roa (raw, json)
Hash identifier: m2lSKMzTmPpQ92wJ50iZbM3YMPJEh5hhfuRN69m7pJM=
Subject key identifier: 8B:25:C4:64:B3:D3:BD:06:46:07:B2:65:03:4F:1F:23:1E:36:00:F3
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 019427B5699CEB6E7136C98D590B5D5EB54B
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/iyXEZLPTvQZGB7JlA08fIx42APM.roa
Signing time: Thu 02 Jan 2025 15:49:47 +0000
ROA not before: Thu 02 Jan 2025 15:49:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199785
IP address blocks: 194.28.224.0/24 maxlen: 24
194.28.225.0/24 maxlen: 24
194.28.226.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft
rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:69:9c:eb:6e:71:36:c9:8d:59:0b:5d:5e:b5:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Jan 2 15:49:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8b25c464b3d3bd064607b265034f1f231e3600f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:7a:70:bc:54:f9:9f:20:f6:8e:0a:98:89:b0:
16:fd:2f:5c:97:2d:b7:67:f7:e3:a6:b2:a5:fe:58:
2e:0e:a7:71:f7:a6:14:26:f7:89:28:9e:00:d6:2f:
38:2e:93:df:f9:ec:45:1c:2a:4f:f1:28:9a:32:44:
9c:58:5e:a9:38:a1:21:02:92:6f:61:f6:4e:d5:17:
3e:ab:90:39:66:c0:e9:fa:f4:8b:96:0f:b5:ad:0c:
1c:d0:73:65:23:19:ca:aa:47:91:96:9a:3f:b7:23:
b1:93:90:96:15:97:7a:62:96:5f:66:d2:06:c5:ee:
25:05:3b:71:d2:a3:95:28:2d:23:63:53:f7:87:03:
45:3c:b5:75:a2:c1:70:d6:c0:d8:e6:7a:d3:ec:53:
ad:63:75:07:95:0d:30:22:dd:5e:57:82:1d:b0:7a:
97:c1:76:c6:9d:b8:4d:22:ca:fa:6c:90:d7:68:f8:
b4:84:8d:36:0e:52:75:d8:13:91:bb:77:27:56:2c:
56:b1:51:29:bd:c8:83:02:cc:e0:99:28:7a:e0:83:
fa:bc:88:20:bd:34:4e:a0:c9:66:27:1a:d5:db:f8:
a3:35:e1:90:d1:04:ec:cd:48:79:fd:64:26:e4:6d:
11:74:4d:c7:35:6d:77:64:c4:61:15:2b:e7:15:fc:
6d:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:25:C4:64:B3:D3:BD:06:46:07:B2:65:03:4F:1F:23:1E:36:00:F3
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/iyXEZLPTvQZGB7JlA08fIx42APM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.28.224.0-194.28.226.255
Signature Algorithm: sha256WithRSAEncryption
a9:fe:6d:75:20:1f:11:af:88:b3:ce:3d:4b:0d:17:73:c0:e1:
56:34:52:06:7f:6a:27:ca:7f:06:a9:81:80:a7:6a:0b:b8:53:
87:82:51:b9:d2:dd:32:fb:e8:5c:db:dc:44:17:65:ee:fd:73:
88:40:2a:6b:38:60:be:b9:34:2f:a1:93:97:7f:03:fb:2b:6f:
c5:cf:72:c2:60:ec:10:c3:e4:b7:f4:9e:20:fb:b1:e6:87:52:
d7:85:d8:98:91:bd:d9:ec:c3:2b:60:1f:b8:d1:72:62:7c:f5:
57:4d:0d:11:28:6f:ae:c2:ef:71:7c:df:0e:d8:34:92:95:5f:
7f:08:09:db:37:26:d0:75:97:7f:47:be:0f:17:08:73:c5:3c:
dd:08:60:97:42:f6:76:09:43:e4:84:73:1c:31:97:73:ae:26:
e6:22:d4:df:de:a9:44:ca:19:0f:38:0a:1a:a0:0c:eb:14:af:
51:de:e4:d5:65:01:80:35:57:d0:57:9c:ab:c4:79:4a:ac:8c:
18:e0:80:42:e1:8f:e0:02:cc:4a:08:35:63:fa:33:59:9b:92:
d2:2a:e3:21:cd:c0:f4:f2:4e:b1:8d:e3:ca:28:c8:28:6e:e0:
11:ba:c0:df:a0:bb:51:1a:9a:d4:49:94:da:e3:14:a3:c0:a6:
2f:39:a0:e8
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQntWmc625xNsmNWQtdXrVLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjUwMTAyMTU0OTQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjI1YzQ2NGIzZDNiZDA2NDYwN2IyNjUwMzRmMWYyMzFlMzYwMGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0XpwvFT5nyD2jgqYibAW/S9cly23
Z/fjprKl/lguDqdx96YUJveJKJ4A1i84LpPf+exFHCpP8SiaMkScWF6pOKEhApJv
YfZO1Rc+q5A5ZsDp+vSLlg+1rQwc0HNlIxnKqkeRlpo/tyOxk5CWFZd6YpZfZtIG
xe4lBTtx0qOVKC0jY1P3hwNFPLV1osFw1sDY5nrT7FOtY3UHlQ0wIt1eV4IdsHqX
wXbGnbhNIsr6bJDXaPi0hI02DlJ12BORu3cnVixWsVEpvciDAszgmSh64IP6vIgg
vTROoMlmJxrV2/ijNeGQ0QTszUh5/WQm5G0RdE3HNW13ZMRhFSvnFfxtNwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFIslxGSz070GRgeyZQNPHyMeNgDzMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvaXlYRVpMUFR2UVpHQjdKbEEwOGZJeDQyQVBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAXCHOAD
BADCHOIwDQYJKoZIhvcNAQELBQADggEBAKn+bXUgHxGviLPOPUsNF3PA4VY0UgZ/
aifKfwapgYCnagu4U4eCUbnS3TL76Fzb3EQXZe79c4hAKms4YL65NC+hk5d/A/sr
b8XPcsJg7BDD5Lf0niD7seaHUteF2JiRvdnswytgH7jRcmJ89VdNDREob67C73F8
3w7YNJKVX38ICds3JtB1l39Hvg8XCHPFPN0IYJdC9nYJQ+SEcxwxl3OuJuYi1N/e
qUTKGQ84ChqgDOsUr1He5NVlAYA1V9BXnKvEeUqsjBjggELhj+ACzEoINWP6M1mb
ktIq4yHNwPTyTrGN48ooyChu4BG6wN+gu1EamtRJlNrjFKPApi85oOg=
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:36:56 2025 by rpki-client