Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/bec335-5ee0-4c4d-bda7-7e6d12c3736f/1/kWjhD15-ZoWva0lEp7OiEph-8ds.roa
File: kWjhD15-ZoWva0lEp7OiEph-8ds.roa (raw, json)
Hash identifier: Wxf7YJjEdXTZXm4jCO3HEdDpnmTwoG36OiWMBmcqP2o=
Subject key identifier: 91:68:E1:0F:5E:7E:66:85:AF:6B:49:44:A7:B3:A2:12:98:7E:F1:DB
Certificate issuer: /CN=1abe5eecb23af569aa701a7ab16cf7ac1f90f960
Certificate serial: 01968C45DB12FE291223BE6B5CD8D887F143
Authority key identifier: 1A:BE:5E:EC:B2:3A:F5:69:AA:70:1A:7A:B1:6C:F7:AC:1F:90:F9:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gr5e7LI69WmqcBp6sWz3rB-Q-WA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/bec335-5ee0-4c4d-bda7-7e6d12c3736f/1/kWjhD15-ZoWva0lEp7OiEph-8ds.roa
Signing time: Thu 01 May 2025 14:35:10 +0000
ROA not before: Thu 01 May 2025 14:35:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50989
IP address blocks: 193.104.214.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/bec335-5ee0-4c4d-bda7-7e6d12c3736f/1/Gr5e7LI69WmqcBp6sWz3rB-Q-WA.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/bec335-5ee0-4c4d-bda7-7e6d12c3736f/1/Gr5e7LI69WmqcBp6sWz3rB-Q-WA.mft
rsync://rpki.ripe.net/repository/DEFAULT/Gr5e7LI69WmqcBp6sWz3rB-Q-WA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 13 May 2025 11:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:8c:45:db:12:fe:29:12:23:be:6b:5c:d8:d8:87:f1:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1abe5eecb23af569aa701a7ab16cf7ac1f90f960
Validity
Not Before: May 1 14:35:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9168e10f5e7e6685af6b4944a7b3a212987ef1db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:7e:83:37:08:4f:c6:91:33:99:fa:a5:ea:e2:
72:f6:8f:93:05:d8:87:17:c9:4b:31:c0:af:60:f8:
11:c1:00:26:ef:22:64:2d:f1:ae:78:aa:65:f8:b7:
f7:d5:48:9d:0f:86:f9:6a:b1:5a:9c:39:f8:4c:03:
be:4d:d8:42:9d:9e:bc:9e:e9:a1:0b:5e:a0:7f:a8:
60:77:d9:f9:37:7b:c2:ff:6e:bb:53:dd:0b:06:20:
db:20:56:a9:8c:c9:b8:78:e1:be:96:a4:57:e9:91:
24:5a:c5:b1:c6:ec:8c:43:30:f2:82:37:81:aa:92:
ff:79:ee:9d:fd:0f:69:b2:d1:11:d5:57:d3:c4:3b:
7b:ba:59:59:5d:7d:67:d1:21:4b:c5:10:c6:31:1b:
95:49:d0:23:fa:59:e8:54:d9:88:ec:c5:e5:c6:25:
8b:aa:72:11:e3:19:33:16:21:93:2f:0e:e2:3d:8c:
08:cc:0c:7c:5b:ef:e2:ae:f9:4e:22:64:aa:f2:1d:
76:da:29:22:b7:d9:45:8e:27:40:80:5e:01:1c:40:
32:a2:64:97:ae:44:46:51:6a:bf:4d:db:9d:7b:71:
05:7d:89:81:78:db:8d:3e:b7:e8:7a:e0:99:05:6d:
3b:01:49:62:7e:11:40:4e:c1:ac:1e:53:31:7c:0b:
01:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:68:E1:0F:5E:7E:66:85:AF:6B:49:44:A7:B3:A2:12:98:7E:F1:DB
X509v3 Authority Key Identifier:
keyid:1A:BE:5E:EC:B2:3A:F5:69:AA:70:1A:7A:B1:6C:F7:AC:1F:90:F9:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gr5e7LI69WmqcBp6sWz3rB-Q-WA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/bec335-5ee0-4c4d-bda7-7e6d12c3736f/1/kWjhD15-ZoWva0lEp7OiEph-8ds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/bec335-5ee0-4c4d-bda7-7e6d12c3736f/1/Gr5e7LI69WmqcBp6sWz3rB-Q-WA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.104.214.0/24
Signature Algorithm: sha256WithRSAEncryption
27:91:6e:e9:3e:23:09:8d:21:5f:fa:ac:1a:f3:7b:22:f9:9b:
89:50:28:a5:2a:7c:8c:c5:e4:9f:04:24:e3:54:18:84:8a:e6:
35:64:b1:58:d6:d4:92:0f:3b:70:6a:51:3a:2d:e8:8f:2b:44:
03:fe:9d:0b:4a:14:fc:d1:2c:a5:40:97:2c:8b:ed:fe:c8:65:
3a:6d:0c:35:f8:b7:94:d8:a2:64:a7:6d:2a:73:f9:d5:55:39:
b4:e1:91:07:45:e0:db:ed:78:e4:86:6c:af:2b:5c:9e:df:71:
38:f9:ca:e2:f6:50:2c:35:ce:9a:9f:cd:80:f8:1d:83:52:21:
fd:d0:38:75:3a:10:ce:56:68:8a:d3:8a:53:94:42:73:5a:e5:
24:29:1c:cc:1a:88:5f:e5:09:32:1e:c2:13:fd:08:f5:ed:d6:
48:64:45:6f:f5:eb:03:19:2a:1f:66:59:20:e0:67:7b:e4:22:
ce:ac:7c:b7:98:4e:da:ba:d8:eb:78:68:4e:ad:38:05:f7:4c:
8e:ef:ea:93:f6:ea:11:1e:5d:8f:dd:24:54:fb:1c:45:9f:a2:
4e:0f:ff:24:a3:65:e9:63:27:dd:c4:7a:2c:72:f8:93:61:d1:
b5:1b:66:01:bc:ca:e2:e2:3f:4a:31:18:5c:f5:80:c5:66:18:
d4:7d:30:9e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZaMRdsS/ikSI75rXNjYh/FDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhYmU1ZWVjYjIzYWY1NjlhYTcwMWE3YWIxNmNmN2FjMWY5
MGY5NjAwHhcNMjUwNTAxMTQzNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTY4ZTEwZjVlN2U2Njg1YWY2YjQ5NDRhN2IzYTIxMjk4N2VmMWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuH6DNwhPxpEzmfql6uJy9o+TBdiH
F8lLMcCvYPgRwQAm7yJkLfGueKpl+Lf31UidD4b5arFanDn4TAO+TdhCnZ68numh
C16gf6hgd9n5N3vC/267U90LBiDbIFapjMm4eOG+lqRX6ZEkWsWxxuyMQzDygjeB
qpL/ee6d/Q9pstER1VfTxDt7ullZXX1n0SFLxRDGMRuVSdAj+lnoVNmI7MXlxiWL
qnIR4xkzFiGTLw7iPYwIzAx8W+/irvlOImSq8h122ikit9lFjidAgF4BHEAyomSX
rkRGUWq/Tdude3EFfYmBeNuNPrfoeuCZBW07AUlifhFATsGsHlMxfAsB4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJFo4Q9efmaFr2tJRKezohKYfvHbMB8GA1UdIwQY
MBaAFBq+XuyyOvVpqnAaerFs96wfkPlgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3I1ZTdMSTY5V21xY0JwNnNXejNyQi1RLVdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9iZWMzMzUtNWVlMC00YzRkLWJkYTct
N2U2ZDEyYzM3MzZmLzEva1dqaEQxNS1ab1d2YTBsRXA3T2lFcGgtOGRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9iZWMzMzUtNWVlMC00YzRkLWJkYTctN2U2ZDEyYzM3MzZm
LzEvR3I1ZTdMSTY5V21xY0JwNnNXejNyQi1RLVdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwWjWMA0G
CSqGSIb3DQEBCwUAA4IBAQAnkW7pPiMJjSFf+qwa83si+ZuJUCilKnyMxeSfBCTj
VBiEiuY1ZLFY1tSSDztwalE6LeiPK0QD/p0LShT80SylQJcsi+3+yGU6bQw1+LeU
2KJkp20qc/nVVTm04ZEHReDb7XjkhmyvK1ye33E4+cri9lAsNc6an82A+B2DUiH9
0Dh1OhDOVmiK04pTlEJzWuUkKRzMGohf5QkyHsIT/Qj17dZIZEVv9esDGSofZlkg
4Gd75CLOrHy3mE7autjreGhOrTgF90yO7+qT9uoRHl2P3SRU+xxFn6JOD/8ko2Xp
YyfdxHoscviTYdG1G2YBvMri4j9KMRhc9YDFZhjUfTCe
-----END CERTIFICATE-----
Generated at Mon May 12 16:10:52 2025 by rpki-client