Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/97fb36-ea9b-43f4-aad5-06f7290dc44a/1/aXfurIc0y425R07LNYbqG3Kj0ls.roa
File: aXfurIc0y425R07LNYbqG3Kj0ls.roa (raw, json)
Hash identifier: Fo4G/OQhw0U+aibrSU4yWNkHhdgB1l5Zyp+qa99xuIQ=
Subject key identifier: 69:77:EE:AC:87:34:CB:8D:B9:47:4E:CB:35:86:EA:1B:72:A3:D2:5B
Certificate issuer: /CN=4acef45fbb0f26930aeb833cf79fc41e22ca9235
Certificate serial: 0194221F452290948CCEBB8872729F7E32FE
Authority key identifier: 4A:CE:F4:5F:BB:0F:26:93:0A:EB:83:3C:F7:9F:C4:1E:22:CA:92:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ss70X7sPJpMK64M895_EHiLKkjU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/97fb36-ea9b-43f4-aad5-06f7290dc44a/1/aXfurIc0y425R07LNYbqG3Kj0ls.roa
Signing time: Wed 01 Jan 2025 13:47:42 +0000
ROA not before: Wed 01 Jan 2025 13:47:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43754
IP address blocks: 193.111.234.0/24 maxlen: 24
193.134.100.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/97fb36-ea9b-43f4-aad5-06f7290dc44a/1/Ss70X7sPJpMK64M895_EHiLKkjU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/97fb36-ea9b-43f4-aad5-06f7290dc44a/1/Ss70X7sPJpMK64M895_EHiLKkjU.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ss70X7sPJpMK64M895_EHiLKkjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 19:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:45:22:90:94:8c:ce:bb:88:72:72:9f:7e:32:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4acef45fbb0f26930aeb833cf79fc41e22ca9235
Validity
Not Before: Jan 1 13:47:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6977eeac8734cb8db9474ecb3586ea1b72a3d25b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:06:33:26:83:92:b7:15:dc:f8:f6:05:21:5d:
2c:ad:f3:40:ff:ec:30:18:c2:d4:83:47:5a:cb:6c:
38:d9:46:9e:61:d0:5a:4a:fb:6b:0f:eb:8a:eb:fc:
a3:fd:02:44:43:8e:f5:d5:02:9b:1e:1f:05:55:f4:
26:a7:35:31:f4:8f:c9:f6:17:47:c6:fa:f7:6f:77:
17:93:f5:ed:d3:1e:67:f9:3c:41:43:f2:d1:15:c2:
5c:66:47:53:07:22:26:07:72:1d:79:88:89:9a:e0:
ca:a6:95:ee:6d:90:fe:68:ed:e0:bf:a1:5f:e6:76:
e3:31:48:4b:8e:99:2e:85:51:a6:1a:46:07:ee:bc:
2c:9f:15:a1:2f:81:b8:a0:36:43:03:97:9e:54:c9:
c3:2c:83:6f:5b:2d:47:26:e7:46:ae:51:50:57:3b:
71:4d:a2:ef:48:94:51:79:aa:23:6d:8d:c1:22:0f:
b9:cc:f0:c9:ca:3e:26:e6:41:f0:ed:86:3b:bd:e3:
6b:39:9b:1c:17:10:52:9b:03:14:ec:6e:b5:27:85:
44:0d:d8:55:03:a6:0f:06:fc:cb:39:e9:fa:33:9e:
cf:fc:e5:7c:62:bd:71:03:92:3a:ab:16:08:f6:cb:
eb:36:db:6f:69:b6:fc:15:23:a9:9d:4b:ba:9e:eb:
58:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:77:EE:AC:87:34:CB:8D:B9:47:4E:CB:35:86:EA:1B:72:A3:D2:5B
X509v3 Authority Key Identifier:
keyid:4A:CE:F4:5F:BB:0F:26:93:0A:EB:83:3C:F7:9F:C4:1E:22:CA:92:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ss70X7sPJpMK64M895_EHiLKkjU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/97fb36-ea9b-43f4-aad5-06f7290dc44a/1/aXfurIc0y425R07LNYbqG3Kj0ls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/97fb36-ea9b-43f4-aad5-06f7290dc44a/1/Ss70X7sPJpMK64M895_EHiLKkjU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.111.234.0/24
193.134.100.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:48:f6:0a:9d:27:ea:66:6d:a7:86:26:99:02:e3:b4:17:c9:
98:57:27:4f:f1:c1:c6:7b:5e:f4:66:1a:a7:62:8e:55:2a:96:
41:18:2d:07:f9:95:d6:c9:07:7f:d3:53:e6:a1:07:f1:37:84:
6d:79:1a:24:b8:3e:39:7b:98:03:31:08:f0:f3:04:b9:c3:c6:
75:14:21:55:57:61:ee:85:72:22:f6:b5:3f:cf:50:07:aa:c9:
d8:02:90:54:b1:28:fa:5d:63:ae:17:0c:48:a6:ed:8c:cc:f5:
78:88:88:d3:bf:a5:70:89:dc:07:37:90:13:ce:a4:fb:27:f6:
17:d0:3f:78:8f:b6:68:f8:e3:9b:5b:60:30:1f:2d:ab:73:6e:
54:9b:71:bf:d6:db:eb:14:49:ee:e4:11:da:61:1d:ea:6e:91:
83:61:4a:86:ba:6b:98:62:d9:16:64:35:90:a4:e3:89:a2:9c:
62:4e:d2:e0:c6:33:77:c9:f6:af:cc:b8:32:1f:77:01:a2:e6:
d4:c3:f9:fa:85:69:0f:2d:78:b9:a6:42:1d:73:78:20:69:b7:
2b:4f:14:a1:75:04:a2:3a:fa:f8:ed:94:bf:fc:d3:a9:a3:bb:
20:b0:1a:3e:db:c3:e3:26:ab:6b:30:ac:e6:8a:bb:c5:3f:3a:
05:f2:b1:20
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQiH0UikJSMzruIcnKffjL+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhY2VmNDVmYmIwZjI2OTMwYWViODMzY2Y3OWZjNDFlMjJj
YTkyMzUwHhcNMjUwMTAxMTM0NzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTc3ZWVhYzg3MzRjYjhkYjk0NzRlY2IzNTg2ZWExYjcyYTNkMjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxAYzJoOStxXc+PYFIV0srfNA/+ww
GMLUg0day2w42UaeYdBaSvtrD+uK6/yj/QJEQ4711QKbHh8FVfQmpzUx9I/J9hdH
xvr3b3cXk/Xt0x5n+TxBQ/LRFcJcZkdTByImB3IdeYiJmuDKppXubZD+aO3gv6Ff
5nbjMUhLjpkuhVGmGkYH7rwsnxWhL4G4oDZDA5eeVMnDLINvWy1HJudGrlFQVztx
TaLvSJRReaojbY3BIg+5zPDJyj4m5kHw7YY7veNrOZscFxBSmwMU7G61J4VEDdhV
A6YPBvzLOen6M57P/OV8Yr1xA5I6qxYI9svrNttvabb8FSOpnUu6nutY7QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGl37qyHNMuNuUdOyzWG6htyo9JbMB8GA1UdIwQY
MBaAFErO9F+7DyaTCuuDPPefxB4iypI1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3M3MFg3c1BKcE1LNjRNODk1X0VIaUxLa2pVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi85N2ZiMzYtZWE5Yi00M2Y0LWFhZDUt
MDZmNzI5MGRjNDRhLzEvYVhmdXJJYzB5NDI1UjA3TE5ZYnFHM0tqMGxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi85N2ZiMzYtZWE5Yi00M2Y0LWFhZDUtMDZmNzI5MGRjNDRh
LzEvU3M3MFg3c1BKcE1LNjRNODk1X0VIaUxLa2pVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwW/qAwQA
wYZkMA0GCSqGSIb3DQEBCwUAA4IBAQBbSPYKnSfqZm2nhiaZAuO0F8mYVydP8cHG
e170ZhqnYo5VKpZBGC0H+ZXWyQd/01PmoQfxN4RteRokuD45e5gDMQjw8wS5w8Z1
FCFVV2HuhXIi9rU/z1AHqsnYApBUsSj6XWOuFwxIpu2MzPV4iIjTv6VwidwHN5AT
zqT7J/YX0D94j7Zo+OObW2AwHy2rc25Um3G/1tvrFEnu5BHaYR3qbpGDYUqGumuY
YtkWZDWQpOOJopxiTtLgxjN3yfavzLgyH3cBoubUw/n6hWkPLXi5pkIdc3ggabcr
TxShdQSiOvr47ZS//NOpo7sgsBo+28PjJqtrMKzmirvFPzoF8rEg
-----END CERTIFICATE-----
Generated at Thu Apr 10 04:44:19 2025 by rpki-client