Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/eSudxwkpcTknJU7vwyteJgUtQGc.roa
File: eSudxwkpcTknJU7vwyteJgUtQGc.roa (raw, json)
Hash identifier: ZzhxBDUnBapswtWe988zfQYp/U0mQsrKaedlFLWfPNE=
Subject key identifier: 79:2B:9D:C7:09:29:71:39:27:25:4E:EF:C3:2B:5E:26:05:2D:40:67
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 01963D73F222C57F3852A1F51B5A8F94377E
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/eSudxwkpcTknJU7vwyteJgUtQGc.roa
Signing time: Wed 16 Apr 2025 07:15:30 +0000
ROA not before: Wed 16 Apr 2025 07:15:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21859
IP address blocks: 89.251.20.0/24 maxlen: 24
91.200.221.0/24 maxlen: 24
109.122.42.0/24 maxlen: 24
109.122.44.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.mft
rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 10:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3d:73:f2:22:c5:7f:38:52:a1:f5:1b:5a:8f:94:37:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Apr 16 07:15:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=792b9dc70929713927254eefc32b5e26052d4067
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:67:38:ad:ac:30:a5:cf:80:b3:81:12:73:0d:
2b:da:94:d0:69:5b:e4:d1:96:a9:57:3d:23:8d:ef:
e9:69:b7:d5:ce:55:47:79:60:f6:83:7b:20:52:1b:
12:b6:9d:f6:30:b7:38:2a:e6:8c:64:4c:ea:f8:29:
ec:3f:1e:03:27:71:fb:fd:da:76:0e:a1:ac:56:1a:
c7:68:b3:a9:c7:8c:56:d3:7c:66:9b:32:4e:3c:50:
0e:53:56:06:de:4a:e3:bf:23:a9:67:e8:5c:49:9c:
65:e9:96:76:86:d8:08:a6:8b:0a:37:07:30:5e:d0:
d8:c7:88:d3:74:d9:f2:c5:1b:d4:62:98:4b:ab:d4:
a1:cc:06:d4:e0:2a:c6:57:22:73:34:1c:cb:1d:71:
73:b4:92:a7:ae:05:7c:7c:10:01:1e:cb:38:48:bd:
c8:2c:5f:a6:bd:a1:82:c4:d1:a8:6e:28:0e:ee:37:
95:fb:48:5b:59:e3:b4:3f:f9:6d:24:71:42:eb:d2:
89:11:90:01:d2:36:05:0f:24:27:45:27:56:23:96:
c5:30:ef:d6:96:04:8b:8b:98:31:7a:1c:a0:b3:c4:
2a:68:d4:b1:37:99:ef:83:62:90:a6:7e:a2:9b:a8:
bf:9d:92:ae:cb:77:bd:3b:f5:fb:59:01:57:bb:29:
73:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:2B:9D:C7:09:29:71:39:27:25:4E:EF:C3:2B:5E:26:05:2D:40:67
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/eSudxwkpcTknJU7vwyteJgUtQGc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.20.0/24
91.200.221.0/24
109.122.42.0/24
109.122.44.0/24
Signature Algorithm: sha256WithRSAEncryption
60:fb:d5:12:1d:c1:52:e9:d1:0e:81:36:4a:09:a9:a0:56:23:
78:c6:b8:38:a3:60:e7:d9:01:6d:1e:98:7a:60:db:f8:5b:48:
ee:87:fc:5c:4a:5d:9c:92:f2:97:e1:59:87:b6:66:06:f5:1e:
43:ae:dd:fe:75:ef:e5:ba:e1:0b:32:e5:a2:e1:4c:41:34:bb:
d3:fc:c3:27:73:de:e4:dc:d9:ae:16:b8:de:9f:3e:87:12:1a:
98:7d:d7:f8:b0:75:c8:35:bf:9d:fb:11:40:34:37:e6:a3:81:
5c:ae:57:df:28:35:91:d0:ee:5e:58:04:77:85:0e:97:24:7f:
e9:69:bc:72:8e:08:fe:85:b3:a0:dc:d5:cf:7d:b2:e0:cf:33:
ba:84:e0:44:a2:c6:c4:61:4b:72:42:dd:d8:fe:66:ec:14:43:
c5:eb:8b:3c:45:bb:fa:e2:8e:b0:4e:f0:da:06:8f:fc:55:ab:
9f:ba:12:f8:45:45:4e:e9:93:0f:6b:59:3e:0b:aa:b9:56:93:
a2:22:ee:28:39:de:e0:76:d3:32:e5:b6:72:c3:90:73:54:4d:
43:7d:8a:c7:8b:28:3f:05:6e:94:89:8d:bf:7c:40:be:3e:ee:
16:ab:69:12:99:0f:a8:98:22:89:bc:26:43:3d:cd:04:15:1c:
85:81:6b:42
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZY9c/IixX84UqH1G1qPlDd+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjUwNDE2MDcxNTMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTJiOWRjNzA5Mjk3MTM5MjcyNTRlZWZjMzJiNWUyNjA1MmQ0MDY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyGc4rawwpc+As4EScw0r2pTQaVvk
0ZapVz0jje/pabfVzlVHeWD2g3sgUhsStp32MLc4KuaMZEzq+CnsPx4DJ3H7/dp2
DqGsVhrHaLOpx4xW03xmmzJOPFAOU1YG3krjvyOpZ+hcSZxl6ZZ2htgIposKNwcw
XtDYx4jTdNnyxRvUYphLq9ShzAbU4CrGVyJzNBzLHXFztJKnrgV8fBABHss4SL3I
LF+mvaGCxNGobigO7jeV+0hbWeO0P/ltJHFC69KJEZAB0jYFDyQnRSdWI5bFMO/W
lgSLi5gxehygs8QqaNSxN5nvg2KQpn6im6i/nZKuy3e9O/X7WQFXuylz5QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHkrnccJKXE5JyVO78MrXiYFLUBnMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvZVN1ZHh3a3BjVGtuSlU3dnd5dGVKZ1V0UUdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWfsUAwQA
W8jdAwQAbXoqAwQAbXosMA0GCSqGSIb3DQEBCwUAA4IBAQBg+9USHcFS6dEOgTZK
CamgViN4xrg4o2Dn2QFtHph6YNv4W0juh/xcSl2ckvKX4VmHtmYG9R5Drt3+de/l
uuELMuWi4UxBNLvT/MMnc97k3NmuFrjenz6HEhqYfdf4sHXINb+d+xFANDfmo4Fc
rlffKDWR0O5eWAR3hQ6XJH/pabxyjgj+hbOg3NXPfbLgzzO6hOBEosbEYUtyQt3Y
/mbsFEPF64s8Rbv64o6wTvDaBo/8VaufuhL4RUVO6ZMPa1k+C6q5VpOiIu4oOd7g
dtMy5bZyw5BzVE1DfYrHiyg/BW6UiY2/fEC+Pu4Wq2kSmQ+omCKJvCZDPc0EFRyF
gWtC
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:22:53 2025 by rpki-client