Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/c69c75-8391-4d93-b378-3fa15a33f429/1/okg73byO9ZwK73bf1nHKxWy9BQc.roa
File: okg73byO9ZwK73bf1nHKxWy9BQc.roa (raw, json)
Hash identifier: UhLrY21oOL3tD3JEsUSjif+xKx57LK0Vj7G+Yv+lBBQ=
Subject key identifier: A2:48:3B:DD:BC:8E:F5:9C:0A:EF:76:DF:D6:71:CA:C5:6C:BD:05:07
Certificate issuer: /CN=ea83e30f2d6fce75a666a2d0b636b46ec998a1cb
Certificate serial: 0196A487E09ABC7DCAA7CEA058C483BA5CD4
Authority key identifier: EA:83:E3:0F:2D:6F:CE:75:A6:66:A2:D0:B6:36:B4:6E:C9:98:A1:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6oPjDy1vznWmZqLQtja0bsmYocs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/c69c75-8391-4d93-b378-3fa15a33f429/1/okg73byO9ZwK73bf1nHKxWy9BQc.roa
Signing time: Tue 06 May 2025 07:38:10 +0000
ROA not before: Tue 06 May 2025 07:38:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51679
IP address blocks: 193.24.36.0/24 maxlen: 24
193.25.194.0/24 maxlen: 24
193.25.196.0/24 maxlen: 24
193.25.223.0/24 maxlen: 24
212.46.50.0/24 maxlen: 24
2a12:c40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/c69c75-8391-4d93-b378-3fa15a33f429/1/6oPjDy1vznWmZqLQtja0bsmYocs.crl
rsync://rpki.ripe.net/repository/DEFAULT/08/c69c75-8391-4d93-b378-3fa15a33f429/1/6oPjDy1vznWmZqLQtja0bsmYocs.mft
rsync://rpki.ripe.net/repository/DEFAULT/6oPjDy1vznWmZqLQtja0bsmYocs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 12 May 2025 07:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a4:87:e0:9a:bc:7d:ca:a7:ce:a0:58:c4:83:ba:5c:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ea83e30f2d6fce75a666a2d0b636b46ec998a1cb
Validity
Not Before: May 6 07:38:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a2483bddbc8ef59c0aef76dfd671cac56cbd0507
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:61:9b:d4:75:f4:dc:9f:f5:1c:9c:11:30:3c:
20:da:25:50:0d:39:6a:dc:37:8d:a1:27:35:73:3b:
a1:59:d0:09:a9:44:61:2d:8e:82:99:1b:19:79:3d:
e6:32:9d:b6:c2:c7:fa:23:d0:d6:c4:ae:e1:28:72:
52:fc:1b:82:f2:90:1b:3e:1f:7d:a5:3b:f0:22:b2:
f1:25:00:9c:64:4a:48:ce:25:1d:b8:bc:23:95:20:
72:8d:df:f3:3c:6a:ff:9a:b5:f1:cb:98:bc:18:7a:
1b:da:7c:96:cb:fc:c0:30:91:64:ab:12:5a:de:2e:
7d:c7:12:30:2b:f4:fe:d2:dd:9d:02:16:a6:87:f3:
8c:07:e7:4c:88:34:ed:06:d1:8c:10:cc:ab:cc:19:
14:7c:69:50:70:c5:ac:ef:49:d2:0b:33:36:3b:0c:
54:38:01:cb:29:71:66:72:7a:2d:41:aa:0d:72:99:
88:c3:f0:29:20:ef:2d:2f:79:d5:9d:a7:58:40:fb:
7d:53:a3:b9:5a:02:2e:a5:ca:25:6d:59:55:58:4d:
fc:7b:d6:f8:7a:5a:c5:2e:8d:3a:de:fb:cc:72:9e:
49:00:61:99:46:ae:93:d5:2b:74:b9:b5:ec:ad:e1:
2f:9f:bc:fa:1e:cb:6f:51:fd:71:08:4a:7f:97:17:
88:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:48:3B:DD:BC:8E:F5:9C:0A:EF:76:DF:D6:71:CA:C5:6C:BD:05:07
X509v3 Authority Key Identifier:
keyid:EA:83:E3:0F:2D:6F:CE:75:A6:66:A2:D0:B6:36:B4:6E:C9:98:A1:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6oPjDy1vznWmZqLQtja0bsmYocs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/c69c75-8391-4d93-b378-3fa15a33f429/1/okg73byO9ZwK73bf1nHKxWy9BQc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/c69c75-8391-4d93-b378-3fa15a33f429/1/6oPjDy1vznWmZqLQtja0bsmYocs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.24.36.0/24
193.25.194.0/24
193.25.196.0/24
193.25.223.0/24
212.46.50.0/24
IPv6:
2a12:c40::/29
Signature Algorithm: sha256WithRSAEncryption
8e:c7:32:cd:77:a3:43:d4:e5:84:f6:18:6f:10:cc:1c:e5:a5:
4a:46:74:a8:e6:3e:f4:26:84:36:ee:49:d8:b4:0f:b9:70:a6:
9d:4b:c9:39:d8:83:eb:32:ef:e3:f1:b5:07:8d:84:aa:5c:97:
09:71:af:d1:70:fe:44:83:15:3b:f5:54:e7:0b:a8:09:3d:6f:
ed:f9:7d:1a:5a:d7:d8:63:c1:fa:72:86:29:8f:6f:74:8a:3b:
58:56:a4:59:30:87:c5:2f:a9:05:a2:7f:33:d7:2a:b4:97:cf:
f8:e3:7a:0c:f3:38:2f:90:2b:02:08:06:f2:f1:68:0a:1e:ef:
20:5f:d7:97:0b:dc:4d:29:db:c6:97:ac:f5:eb:56:98:7f:7b:
d2:35:cc:be:8c:bc:3f:bd:7c:3b:a4:96:60:9c:4f:e8:08:6f:
27:06:a9:e2:c0:15:d5:20:a2:e1:5a:3b:06:42:80:d8:96:66:
e3:11:42:19:e2:ae:39:79:7f:c9:66:61:42:88:55:9c:9e:af:
85:a9:5c:d2:71:61:bb:d7:3a:a9:27:27:cd:6e:fb:8f:e9:ee:
5e:b3:aa:9b:80:db:ba:76:1b:16:ce:42:6d:ad:6c:13:93:05:
e6:72:6f:f1:f8:fe:52:5e:7a:13:09:cf:24:9e:a4:f6:dc:39:
ad:93:c5:d7
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZakh+CavH3Kp86gWMSDulzUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhODNlMzBmMmQ2ZmNlNzVhNjY2YTJkMGI2MzZiNDZlYzk5
OGExY2IwHhcNMjUwNTA2MDczODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjQ4M2JkZGJjOGVmNTljMGFlZjc2ZGZkNjcxY2FjNTZjYmQwNTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjmGb1HX03J/1HJwRMDwg2iVQDTlq
3DeNoSc1czuhWdAJqURhLY6CmRsZeT3mMp22wsf6I9DWxK7hKHJS/BuC8pAbPh99
pTvwIrLxJQCcZEpIziUduLwjlSByjd/zPGr/mrXxy5i8GHob2nyWy/zAMJFkqxJa
3i59xxIwK/T+0t2dAhamh/OMB+dMiDTtBtGMEMyrzBkUfGlQcMWs70nSCzM2OwxU
OAHLKXFmcnotQaoNcpmIw/ApIO8tL3nVnadYQPt9U6O5WgIupcolbVlVWE38e9b4
elrFLo063vvMcp5JAGGZRq6T1St0ubXsreEvn7z6HstvUf1xCEp/lxeIqwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFKJIO928jvWcCu9239ZxysVsvQUHMB8GA1UdIwQY
MBaAFOqD4w8tb851pmai0LY2tG7JmKHLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNm9QakR5MXZ6bldtWnFMUXRqYTBic21Zb2NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9jNjljNzUtODM5MS00ZDkzLWIzNzgt
M2ZhMTVhMzNmNDI5LzEvb2tnNzNieU85WndLNzNiZjFuSEt4V3k5QlFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9jNjljNzUtODM5MS00ZDkzLWIzNzgtM2ZhMTVhMzNmNDI5
LzEvNm9QakR5MXZ6bldtWnFMUXRqYTBic21Zb2NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAwRgkAwQA
wRnCAwQAwRnEAwQAwRnfAwQA1C4yMA0EAgACMAcDBQMqEgxAMA0GCSqGSIb3DQEB
CwUAA4IBAQCOxzLNd6ND1OWE9hhvEMwc5aVKRnSo5j70JoQ27knYtA+5cKadS8k5
2IPrMu/j8bUHjYSqXJcJca/RcP5EgxU79VTnC6gJPW/t+X0aWtfYY8H6coYpj290
ijtYVqRZMIfFL6kFon8z1yq0l8/443oM8zgvkCsCCAby8WgKHu8gX9eXC9xNKdvG
l6z161aYf3vSNcy+jLw/vXw7pJZgnE/oCG8nBqniwBXVIKLhWjsGQoDYlmbjEUIZ
4q45eX/JZmFCiFWcnq+FqVzScWG71zqpJyfNbvuP6e5es6qbgNu6dhsWzkJtrWwT
kwXmcm/x+P5SXnoTCc8knqT23Dmtk8XX
-----END CERTIFICATE-----
Generated at Sun May 11 15:40:44 2025 by rpki-client