Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/b1ca51-75dd-41c9-9484-2bc1ae3dbdbe/1/1R1JwYUhzre5tVusLNcgvNdeib8.roa
File: 1R1JwYUhzre5tVusLNcgvNdeib8.roa (raw, json)
Hash identifier: X7vjIUI1jCkzMROnRUlPtAL6sP2kfkpfxX03eNmr1AU=
Subject key identifier: D5:1D:49:C1:85:21:CE:B7:B9:B5:5B:AC:2C:D7:20:BC:D7:5E:89:BF
Certificate issuer: /CN=f58e0c3b9333cb6fd4139e455a5abbafd569532a
Certificate serial: 019687F2FB70F9452E2B2C915373BCA5F59E
Authority key identifier: F5:8E:0C:3B:93:33:CB:6F:D4:13:9E:45:5A:5A:BB:AF:D5:69:53:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9Y4MO5Mzy2_UE55FWlq7r9VpUyo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/b1ca51-75dd-41c9-9484-2bc1ae3dbdbe/1/1R1JwYUhzre5tVusLNcgvNdeib8.roa
Signing time: Wed 30 Apr 2025 18:26:10 +0000
ROA not before: Wed 30 Apr 2025 18:26:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 193.143.17.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/b1ca51-75dd-41c9-9484-2bc1ae3dbdbe/1/9Y4MO5Mzy2_UE55FWlq7r9VpUyo.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/b1ca51-75dd-41c9-9484-2bc1ae3dbdbe/1/9Y4MO5Mzy2_UE55FWlq7r9VpUyo.mft
rsync://rpki.ripe.net/repository/DEFAULT/9Y4MO5Mzy2_UE55FWlq7r9VpUyo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 05 May 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:87:f2:fb:70:f9:45:2e:2b:2c:91:53:73:bc:a5:f5:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f58e0c3b9333cb6fd4139e455a5abbafd569532a
Validity
Not Before: Apr 30 18:26:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d51d49c18521ceb7b9b55bac2cd720bcd75e89bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:13:ff:15:8f:43:dc:09:a5:ff:7d:55:6c:66:
e5:ca:a5:82:cc:1b:18:ce:5e:5e:ce:e4:34:c0:98:
97:97:2b:7f:de:82:94:21:60:f3:58:c1:f7:a4:33:
55:5d:12:42:02:9b:d2:d3:63:7f:0a:0e:05:81:cd:
6c:da:80:b1:d8:5e:11:1d:93:37:ac:0a:cf:70:20:
1a:77:6c:b9:2d:30:9c:92:71:41:5f:74:5f:91:d0:
af:a4:d6:56:c4:ae:76:83:44:ec:19:50:ae:16:aa:
60:a6:f3:9e:5b:7b:4e:bd:fe:64:bb:87:d4:88:f0:
b2:df:57:98:33:77:b1:a1:3f:72:94:7f:c9:0e:3d:
35:a9:a5:8e:ba:be:be:07:9a:c4:9c:29:58:43:1c:
98:0c:ee:90:6b:30:eb:63:4b:52:13:76:80:38:6b:
9c:8f:c1:6c:a8:8c:a6:5d:38:5b:d7:c3:74:f7:4f:
d1:4c:89:bb:f5:54:5c:43:87:84:1d:c7:fe:e8:46:
7f:38:44:42:a2:1f:8c:9f:55:1e:0e:4f:c3:97:e9:
e1:23:c7:b7:a4:4b:a2:70:42:0e:ab:c7:ef:0e:14:
fc:eb:a0:68:b1:80:6e:74:45:ca:53:2d:33:f3:d9:
5f:a2:9f:97:a2:ed:fb:d0:ee:28:a9:1f:27:42:c9:
13:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:1D:49:C1:85:21:CE:B7:B9:B5:5B:AC:2C:D7:20:BC:D7:5E:89:BF
X509v3 Authority Key Identifier:
keyid:F5:8E:0C:3B:93:33:CB:6F:D4:13:9E:45:5A:5A:BB:AF:D5:69:53:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9Y4MO5Mzy2_UE55FWlq7r9VpUyo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/b1ca51-75dd-41c9-9484-2bc1ae3dbdbe/1/1R1JwYUhzre5tVusLNcgvNdeib8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/b1ca51-75dd-41c9-9484-2bc1ae3dbdbe/1/9Y4MO5Mzy2_UE55FWlq7r9VpUyo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.143.17.0/24
Signature Algorithm: sha256WithRSAEncryption
65:bb:90:25:8a:e5:b8:35:c5:5d:9f:b9:10:6e:97:b7:bb:03:
88:8c:06:4d:1d:c3:f8:9c:85:b5:8e:ed:8c:f1:35:3a:8b:fd:
13:96:d8:5d:01:79:15:47:bb:9c:76:15:e9:3f:e4:a8:3a:fd:
3f:16:e8:62:6c:e8:c6:92:8f:aa:f1:21:89:65:3e:d8:31:89:
1f:17:ae:4a:1e:5e:ef:a8:ff:4b:76:52:1c:fc:b0:8e:b5:5d:
b0:b8:2d:b2:d5:53:0b:94:80:62:d0:66:2b:c5:0e:ca:57:10:
a2:23:42:26:c0:5e:a1:5e:1a:bd:37:00:83:e7:a8:e1:b5:eb:
62:bd:b0:11:c8:90:23:43:80:fd:21:7a:98:4e:2b:93:08:c0:
f9:ca:e0:13:2c:5d:ab:62:7a:81:a5:ef:be:b8:56:91:2e:df:
85:d1:77:df:1e:db:41:ed:f3:75:af:1e:5f:65:ab:f2:15:f7:
d9:47:3d:7a:2f:a9:5e:36:d6:e1:79:8d:67:99:43:d7:58:46:
45:56:97:c2:78:27:6f:ce:8c:98:32:62:da:6f:8c:fc:47:f0:
c1:63:69:95:6a:ad:47:d2:53:2b:56:d7:8d:39:36:99:3c:d3:
33:ec:e1:af:61:dd:d8:6b:c5:d5:b6:1c:59:ee:44:25:8b:1d:
73:cc:c7:b3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZaH8vtw+UUuKyyRU3O8pfWeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1OGUwYzNiOTMzM2NiNmZkNDEzOWU0NTVhNWFiYmFmZDU2
OTUzMmEwHhcNMjUwNDMwMTgyNjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTFkNDljMTg1MjFjZWI3YjliNTViYWMyY2Q3MjBiY2Q3NWU4OWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixP/FY9D3Aml/31VbGblyqWCzBsY
zl5ezuQ0wJiXlyt/3oKUIWDzWMH3pDNVXRJCApvS02N/Cg4Fgc1s2oCx2F4RHZM3
rArPcCAad2y5LTCcknFBX3RfkdCvpNZWxK52g0TsGVCuFqpgpvOeW3tOvf5ku4fU
iPCy31eYM3exoT9ylH/JDj01qaWOur6+B5rEnClYQxyYDO6QazDrY0tSE3aAOGuc
j8FsqIymXThb18N090/RTIm79VRcQ4eEHcf+6EZ/OERCoh+Mn1UeDk/Dl+nhI8e3
pEuicEIOq8fvDhT866BosYBudEXKUy0z89lfop+Xou370O4oqR8nQskTIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNUdScGFIc63ubVbrCzXILzXXom/MB8GA1UdIwQY
MBaAFPWODDuTM8tv1BOeRVpau6/VaVMqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVk0TU81TXp5Ml9VRTU1RldscTdyOVZwVXlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9iMWNhNTEtNzVkZC00MWM5LTk0ODQt
MmJjMWFlM2RiZGJlLzEvMVIxSndZVWh6cmU1dFZ1c0xOY2d2TmRlaWI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9iMWNhNTEtNzVkZC00MWM5LTk0ODQtMmJjMWFlM2RiZGJl
LzEvOVk0TU81TXp5Ml9VRTU1RldscTdyOVZwVXlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwY8RMA0G
CSqGSIb3DQEBCwUAA4IBAQBlu5AliuW4NcVdn7kQbpe3uwOIjAZNHcP4nIW1ju2M
8TU6i/0TlthdAXkVR7ucdhXpP+SoOv0/FuhibOjGko+q8SGJZT7YMYkfF65KHl7v
qP9LdlIc/LCOtV2wuC2y1VMLlIBi0GYrxQ7KVxCiI0ImwF6hXhq9NwCD56jhteti
vbARyJAjQ4D9IXqYTiuTCMD5yuATLF2rYnqBpe++uFaRLt+F0XffHttB7fN1rx5f
ZavyFffZRz16L6leNtbheY1nmUPXWEZFVpfCeCdvzoyYMmLab4z8R/DBY2mVaq1H
0lMrVteNOTaZPNMz7OGvYd3Ya8XVthxZ7kQlix1zzMez
-----END CERTIFICATE-----
Generated at Sun May 4 11:03:21 2025 by rpki-client