Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/e2666e-69e1-437e-a021-2926bbc16796/1/Dyuv8Z__vkGHwwVg87zPgkG7J-4.roa
File: Dyuv8Z__vkGHwwVg87zPgkG7J-4.roa (raw, json)
Hash identifier: ilCGUeVqOl6irP7EZ7ynRXvcKUKAauHP7YFg6+r0+3k=
Subject key identifier: 0F:2B:AF:F1:9F:FF:BE:41:87:C3:05:60:F3:BC:CF:82:41:BB:27:EE
Certificate issuer: /CN=f3b5a8c0095825e13f46bdb370b7fdca9b9f8a52
Certificate serial: 019662CB191EDBB1525BFD71DFA128C055A8
Authority key identifier: F3:B5:A8:C0:09:58:25:E1:3F:46:BD:B3:70:B7:FD:CA:9B:9F:8A:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/87WowAlYJeE_Rr2zcLf9ypufilI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/e2666e-69e1-437e-a021-2926bbc16796/1/Dyuv8Z__vkGHwwVg87zPgkG7J-4.roa
Signing time: Wed 23 Apr 2025 13:16:39 +0000
ROA not before: Wed 23 Apr 2025 13:16:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211540
IP address blocks: 195.242.204.0/23 maxlen: 24
2a14:6d40::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/e2666e-69e1-437e-a021-2926bbc16796/1/87WowAlYJeE_Rr2zcLf9ypufilI.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/e2666e-69e1-437e-a021-2926bbc16796/1/87WowAlYJeE_Rr2zcLf9ypufilI.mft
rsync://rpki.ripe.net/repository/DEFAULT/87WowAlYJeE_Rr2zcLf9ypufilI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 03 May 2025 13:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:62:cb:19:1e:db:b1:52:5b:fd:71:df:a1:28:c0:55:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f3b5a8c0095825e13f46bdb370b7fdca9b9f8a52
Validity
Not Before: Apr 23 13:16:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0f2baff19fffbe4187c30560f3bccf8241bb27ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:75:f4:e8:ac:6b:b8:cc:3e:42:de:ab:44:05:
71:8c:6e:76:a3:69:ba:da:51:71:a2:37:a4:da:e5:
78:a4:8d:c8:3e:07:05:a6:d4:72:57:bd:22:85:d8:
6d:df:0d:a0:9f:b7:32:60:1b:41:7c:87:25:c3:3e:
64:bd:a0:82:e9:47:53:29:ff:c8:15:be:8a:4c:aa:
f5:9b:5e:f6:6e:fa:25:1c:91:a8:b8:c8:ff:59:c3:
62:83:c6:6e:1b:95:00:ea:fd:cc:08:f6:16:01:01:
e0:a6:3a:6b:56:96:d1:42:c6:11:26:7d:10:5b:7f:
f1:db:24:a7:e9:f2:d5:ac:8a:37:dc:0a:11:c6:84:
f1:20:fa:9f:5a:b3:bc:cc:98:ea:ed:81:88:98:88:
3e:95:a6:43:a8:8e:71:e0:71:eb:a5:b6:e5:f5:a1:
4d:27:7d:19:dc:02:18:8e:63:0b:0d:36:11:51:77:
7c:fb:5d:6a:19:40:ab:f4:94:e3:5c:ef:83:aa:4f:
fc:1a:8f:24:90:b5:7d:d7:a4:5e:b1:ec:1f:5b:31:
74:93:ff:98:2f:6d:be:19:a4:a3:98:b0:72:2e:84:
3b:2e:d1:31:5b:ba:48:fe:78:4c:67:5d:19:fe:56:
57:4d:a2:e7:fe:84:17:62:dc:89:96:5a:67:3e:01:
97:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:2B:AF:F1:9F:FF:BE:41:87:C3:05:60:F3:BC:CF:82:41:BB:27:EE
X509v3 Authority Key Identifier:
keyid:F3:B5:A8:C0:09:58:25:E1:3F:46:BD:B3:70:B7:FD:CA:9B:9F:8A:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/87WowAlYJeE_Rr2zcLf9ypufilI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/e2666e-69e1-437e-a021-2926bbc16796/1/Dyuv8Z__vkGHwwVg87zPgkG7J-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/e2666e-69e1-437e-a021-2926bbc16796/1/87WowAlYJeE_Rr2zcLf9ypufilI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.242.204.0/23
IPv6:
2a14:6d40::/29
Signature Algorithm: sha256WithRSAEncryption
0a:df:b8:79:82:45:3d:38:27:d6:21:c5:2f:54:98:47:c0:d0:
b1:90:f4:4a:b0:58:3e:ab:c9:1e:57:1f:3f:31:c4:e4:44:ea:
ef:d2:55:99:96:d3:57:8b:0c:4f:0a:74:6f:f1:02:5b:86:59:
b0:01:40:46:35:fa:55:49:38:db:ee:b1:41:c3:c3:47:3a:8e:
80:bc:24:e4:c9:94:fd:76:7a:4d:34:1b:ed:ee:f1:d7:5b:6e:
e3:21:a7:6e:fa:db:7c:8f:b7:69:bb:aa:66:0f:d4:bf:9e:e3:
cf:1f:87:d8:6f:82:a7:4c:64:65:f8:51:79:df:4a:b3:41:fe:
7a:1e:83:50:3a:e2:5f:9f:0f:ca:01:56:43:19:ba:d1:aa:d1:
29:cf:21:fb:b7:c5:9a:37:47:71:a7:5d:cd:6c:c8:55:74:54:
41:5a:48:8b:15:35:b3:ac:1a:4d:df:5f:12:fa:32:02:c8:5d:
a7:56:1a:58:3e:e2:ab:0c:fa:34:b0:fd:a9:da:56:8a:6c:af:
24:2c:f6:d5:4b:70:c3:ab:9b:2f:f8:63:55:02:6e:a6:4a:aa:
48:62:7a:fc:e1:e5:60:89:33:f5:1e:1e:c5:d6:8f:c5:aa:fc:
5f:5d:68:85:a3:d8:9d:8f:f7:bf:60:1d:13:b4:2e:e1:07:5d:
f8:96:3b:cb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZZiyxke27FSW/1x36EowFWoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzYjVhOGMwMDk1ODI1ZTEzZjQ2YmRiMzcwYjdmZGNhOWI5
ZjhhNTIwHhcNMjUwNDIzMTMxNjM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjJiYWZmMTlmZmZiZTQxODdjMzA1NjBmM2JjY2Y4MjQxYmIyN2VlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnX06KxruMw+Qt6rRAVxjG52o2m6
2lFxojek2uV4pI3IPgcFptRyV70ihdht3w2gn7cyYBtBfIclwz5kvaCC6UdTKf/I
Fb6KTKr1m172bvolHJGouMj/WcNig8ZuG5UA6v3MCPYWAQHgpjprVpbRQsYRJn0Q
W3/x2ySn6fLVrIo33AoRxoTxIPqfWrO8zJjq7YGImIg+laZDqI5x4HHrpbbl9aFN
J30Z3AIYjmMLDTYRUXd8+11qGUCr9JTjXO+Dqk/8Go8kkLV916ResewfWzF0k/+Y
L22+GaSjmLByLoQ7LtExW7pI/nhMZ10Z/lZXTaLn/oQXYtyJllpnPgGXBwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFA8rr/Gf/75Bh8MFYPO8z4JBuyfuMB8GA1UdIwQY
MBaAFPO1qMAJWCXhP0a9s3C3/cqbn4pSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODdXb3dBbFlKZUVfUnIyemNMZjl5cHVmaWxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9lMjY2NmUtNjllMS00MzdlLWEwMjEt
MjkyNmJiYzE2Nzk2LzEvRHl1djhaX192a0dId3dWZzg3elBna0c3Si00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi9lMjY2NmUtNjllMS00MzdlLWEwMjEtMjkyNmJiYzE2Nzk2
LzEvODdXb3dBbFlKZUVfUnIyemNMZjl5cHVmaWxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBw/LMMA0E
AgACMAcDBQMqFG1AMA0GCSqGSIb3DQEBCwUAA4IBAQAK37h5gkU9OCfWIcUvVJhH
wNCxkPRKsFg+q8keVx8/McTkROrv0lWZltNXiwxPCnRv8QJbhlmwAUBGNfpVSTjb
7rFBw8NHOo6AvCTkyZT9dnpNNBvt7vHXW27jIadu+tt8j7dpu6pmD9S/nuPPH4fY
b4KnTGRl+FF530qzQf56HoNQOuJfnw/KAVZDGbrRqtEpzyH7t8WaN0dxp13NbMhV
dFRBWkiLFTWzrBpN318S+jICyF2nVhpYPuKrDPo0sP2p2laKbK8kLPbVS3DDq5sv
+GNVAm6mSqpIYnr84eVgiTP1Hh7F1o/FqvxfXWiFo9idj/e/YB0TtC7hB134ljvL
-----END CERTIFICATE-----
Generated at Fri May 2 22:21:56 2025 by rpki-client