Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/43Lev2KmmsX2oQjHWOVqR7pGv_o.roa
File: 43Lev2KmmsX2oQjHWOVqR7pGv_o.roa (raw, json)
Hash identifier: X3cJ9btnCgxa0qcBGYYxWGeuURRVSrnur28C/7enAsQ=
Subject key identifier: E3:72:DE:BF:62:A6:9A:C5:F6:A1:08:C7:58:E5:6A:47:BA:46:BF:FA
Certificate issuer: /CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Certificate serial: 01966BD17231EE00013809DB87865B8FF415
Authority key identifier: 93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/43Lev2KmmsX2oQjHWOVqR7pGv_o.roa
Signing time: Fri 25 Apr 2025 07:20:10 +0000
ROA not before: Fri 25 Apr 2025 07:20:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213990
IP address blocks: 195.170.163.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.mft
rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Apr 2025 15:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:6b:d1:72:31:ee:00:01:38:09:db:87:86:5b:8f:f4:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Validity
Not Before: Apr 25 07:20:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e372debf62a69ac5f6a108c758e56a47ba46bffa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:12:d9:e3:49:06:ba:82:b9:0a:85:58:ec:6e:
2b:15:3b:77:d6:85:2e:b1:b3:be:56:a1:21:ee:6e:
de:a3:f3:cd:50:86:40:d2:d4:a1:b9:ae:52:bc:bd:
ec:a4:55:d9:19:2d:b1:a9:0d:52:86:73:6a:af:86:
2a:e0:5e:2a:b5:2b:a5:75:88:d7:fa:7c:f0:13:09:
50:73:20:5a:14:df:f4:b9:b6:7b:ce:d1:32:4a:38:
55:c1:c5:ae:23:c8:96:7e:ef:fa:49:b3:61:19:26:
18:fb:63:f8:66:7f:97:a0:15:fb:8d:88:91:c2:6c:
b1:b4:e8:62:45:12:51:7f:80:64:65:2f:94:db:9d:
73:5b:d9:15:8b:2d:07:46:a5:cf:f5:53:3c:7f:d5:
21:8e:99:8e:5e:6e:5e:ee:21:6c:a0:22:03:af:25:
d2:30:cf:5a:bb:31:3f:ea:d5:24:d0:bc:db:d7:52:
f9:45:82:ce:ce:c6:90:02:bc:1b:6d:43:d8:cc:9f:
5f:5c:81:f2:be:70:7b:c5:5c:57:96:58:fe:10:fa:
71:3b:8e:e4:61:65:16:67:17:af:d3:c1:05:a0:db:
49:7a:1f:28:f4:9f:7e:03:87:c5:ac:f7:51:b5:6a:
66:89:f3:ce:71:6d:05:59:7f:83:f7:09:3d:f6:03:
0a:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:72:DE:BF:62:A6:9A:C5:F6:A1:08:C7:58:E5:6A:47:BA:46:BF:FA
X509v3 Authority Key Identifier:
keyid:93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/43Lev2KmmsX2oQjHWOVqR7pGv_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.170.163.0/24
Signature Algorithm: sha256WithRSAEncryption
60:29:3d:47:e6:e5:c2:76:3e:c7:bb:8d:c1:96:25:fc:68:e8:
04:b8:75:c9:3e:e4:bd:d9:ba:20:b3:1c:43:6c:ee:45:d0:a1:
46:ff:ab:aa:a3:1e:21:49:64:c3:d8:01:a8:c6:88:ee:da:a0:
bd:62:33:da:aa:af:e9:6e:54:09:5e:3d:34:e0:63:ca:5a:71:
61:83:1e:56:e6:94:b4:3c:4b:5c:04:f9:b5:b0:9d:15:93:cb:
fd:69:e7:0b:6e:35:bb:1f:c4:b1:10:91:bd:4d:25:d8:94:82:
73:42:5e:7c:de:1b:0d:8c:66:de:48:ba:2a:1d:24:d3:00:72:
90:37:bb:fd:72:5c:ef:be:a3:bb:36:f2:11:72:98:a3:03:8f:
49:a2:0f:86:b7:8b:ce:c9:5a:d0:88:72:0f:09:57:e3:e9:8a:
1a:bb:c1:5b:20:1d:92:63:8b:9b:0d:5f:56:ea:5b:35:43:29:
0a:23:a7:da:75:55:bc:20:b1:8e:40:e0:93:72:33:4d:0b:3b:
61:91:76:b2:d7:77:3f:19:8b:1e:c0:06:03:3a:69:31:95:6c:
e5:1b:15:31:49:2c:3d:59:39:52:04:c9:03:43:d9:0a:1a:20:
e6:4b:2a:32:04:be:c5:ea:15:ef:0f:88:31:72:89:e8:45:f4:
93:53:c1:18
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZZr0XIx7gABOAnbh4Zbj/QVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjc3ZDdjYjkyNzFjZTM2MTI1NmU5ODMzY2M3YjE0ZmQw
MjNlYmUwHhcNMjUwNDI1MDcyMDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzcyZGViZjYyYTY5YWM1ZjZhMTA4Yzc1OGU1NmE0N2JhNDZiZmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAthLZ40kGuoK5CoVY7G4rFTt31oUu
sbO+VqEh7m7eo/PNUIZA0tShua5SvL3spFXZGS2xqQ1ShnNqr4Yq4F4qtSuldYjX
+nzwEwlQcyBaFN/0ubZ7ztEySjhVwcWuI8iWfu/6SbNhGSYY+2P4Zn+XoBX7jYiR
wmyxtOhiRRJRf4BkZS+U251zW9kViy0HRqXP9VM8f9UhjpmOXm5e7iFsoCIDryXS
MM9auzE/6tUk0Lzb11L5RYLOzsaQArwbbUPYzJ9fXIHyvnB7xVxXllj+EPpxO47k
YWUWZxev08EFoNtJeh8o9J9+A4fFrPdRtWpmifPOcW0FWX+D9wk99gMK6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFONy3r9ipprF9qEIx1jlake6Rr/6MB8GA1UdIwQY
MBaAFJNnfXy5JxzjYSVumDPMexT9Aj6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYt
OTlhY2I5OWNlNzU0LzEvNDNMZXYyS21tc1gyb1FqSFdPVnFSN3BHdl9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYtOTlhY2I5OWNlNzU0
LzEvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw6qjMA0G
CSqGSIb3DQEBCwUAA4IBAQBgKT1H5uXCdj7Hu43BliX8aOgEuHXJPuS92bogsxxD
bO5F0KFG/6uqox4hSWTD2AGoxoju2qC9YjPaqq/pblQJXj004GPKWnFhgx5W5pS0
PEtcBPm1sJ0Vk8v9aecLbjW7H8SxEJG9TSXYlIJzQl583hsNjGbeSLoqHSTTAHKQ
N7v9clzvvqO7NvIRcpijA49Jog+Gt4vOyVrQiHIPCVfj6Yoau8FbIB2SY4ubDV9W
6ls1QykKI6fadVW8ILGOQOCTcjNNCzthkXay13c/GYsewAYDOmkxlWzlGxUxSSw9
WTlSBMkDQ9kKGiDmSyoyBL7F6hXvD4gxconoRfSTU8EY
-----END CERTIFICATE-----
Generated at Mon Apr 28 20:41:33 2025 by rpki-client