Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/d-tNM422qlrKx_Bg691zR8b_xY8.roa
File: d-tNM422qlrKx_Bg691zR8b_xY8.roa (raw, json)
Hash identifier: nqA/fzLR267iH9kdXVkbvGhV0S3f/nOrrPRs3ap5q2Y=
Subject key identifier: 77:EB:4D:33:8D:B6:AA:5A:CA:C7:F0:60:EB:DD:73:47:C6:FF:C5:8F
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 0194D55860CB387D66ACE0A59173B1BC536C
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/d-tNM422qlrKx_Bg691zR8b_xY8.roa
Signing time: Wed 05 Feb 2025 09:02:06 +0000
ROA not before: Wed 05 Feb 2025 09:02:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 85.239.146.0/24 maxlen: 24
85.239.147.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.mft
rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 13:01:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d5:58:60:cb:38:7d:66:ac:e0:a5:91:73:b1:bc:53:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Feb 5 09:02:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=77eb4d338db6aa5acac7f060ebdd7347c6ffc58f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:6f:e9:6c:1f:b8:82:48:30:4c:c5:c4:50:a5:
be:b5:ef:c6:f3:98:4d:fa:8f:e6:0c:de:fd:36:26:
02:9d:8d:e1:57:e9:d2:8e:06:bb:ff:54:36:11:4d:
b7:42:ad:1e:fc:c1:ba:d3:aa:86:71:33:a1:ba:2d:
0a:ef:79:0e:66:38:b0:47:74:27:30:7f:eb:cc:99:
03:cc:6f:21:f5:8c:18:6d:8e:49:d4:96:47:79:5d:
b2:fd:5d:c9:ee:0a:bd:38:3f:b9:b1:d7:a4:cd:7e:
db:98:8a:9f:8f:02:d8:3d:7e:70:24:46:81:34:2a:
93:cb:7c:44:ff:76:1c:61:be:b8:cd:ea:2b:b8:e1:
e0:e1:c6:2c:da:36:3a:fd:21:32:e5:eb:3b:49:71:
1f:a0:83:cc:76:47:7b:bc:e9:e9:33:f7:1b:e5:12:
d3:3e:a7:65:28:15:c4:7a:f2:c0:b0:e6:56:f2:55:
08:39:2e:24:b1:f1:c8:55:8b:83:d1:25:13:6f:bb:
b4:65:96:29:57:2f:47:08:47:6e:39:13:bd:55:4d:
96:5a:dc:5e:f5:53:30:c2:9c:3f:2f:55:15:a7:e3:
d0:47:dc:2b:d9:03:59:62:df:71:ac:7a:0a:1a:65:
b1:24:10:6b:b9:cb:b0:03:bd:92:5b:2d:d2:1f:24:
34:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:EB:4D:33:8D:B6:AA:5A:CA:C7:F0:60:EB:DD:73:47:C6:FF:C5:8F
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/d-tNM422qlrKx_Bg691zR8b_xY8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.146.0/23
Signature Algorithm: sha256WithRSAEncryption
5f:f5:98:2d:bc:e5:bb:c9:2f:61:61:13:6a:a2:7d:29:c3:f0:
93:1d:f1:c2:57:52:03:08:3b:7d:44:99:7d:77:3a:05:53:fb:
a1:e6:1f:ec:ea:5d:f1:38:65:6a:79:a2:19:8e:9b:97:01:22:
3f:3d:3d:99:58:4c:ba:02:e9:5c:9c:27:0b:d4:9e:39:b7:60:
31:4d:39:28:e3:bd:3d:63:d4:58:53:9c:6b:91:65:78:5c:24:
1a:ff:dc:65:3b:8d:15:25:f3:b6:8d:bf:58:8d:e0:23:96:fc:
b2:6c:ea:13:e8:32:6e:f1:57:55:dd:ef:b2:f9:bb:09:da:37:
3b:a4:be:d7:cd:8d:51:ab:fd:a1:a9:5e:40:a7:ea:d6:3e:e7:
f1:55:73:fb:ee:f9:74:19:2c:ac:72:55:4e:c5:29:ae:4d:65:
d7:93:f4:50:32:99:21:4b:e1:fb:32:d7:90:87:3e:e1:d4:f5:
8e:e9:21:8c:24:50:94:8c:d5:47:6b:0e:fa:1c:69:33:6f:bb:
f9:08:f8:1d:d9:2b:78:ea:15:8f:82:97:cd:60:d0:e9:74:b2:
9e:96:9a:b8:03:78:52:2a:fa:41:fa:e9:0c:d4:9a:51:b6:d3:
c0:31:76:7a:e1:d6:38:93:d3:18:c2:0b:2f:22:8f:31:45:6e:
64:d9:ba:96
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZTVWGDLOH1mrOClkXOxvFNsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy
ODRkMGYwHhcNMjUwMjA1MDkwMjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2ViNGQzMzhkYjZhYTVhY2FjN2YwNjBlYmRkNzM0N2M2ZmZjNThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsG/pbB+4gkgwTMXEUKW+te/G85hN
+o/mDN79NiYCnY3hV+nSjga7/1Q2EU23Qq0e/MG606qGcTOhui0K73kOZjiwR3Qn
MH/rzJkDzG8h9YwYbY5J1JZHeV2y/V3J7gq9OD+5sdekzX7bmIqfjwLYPX5wJEaB
NCqTy3xE/3YcYb64zeoruOHg4cYs2jY6/SEy5es7SXEfoIPMdkd7vOnpM/cb5RLT
PqdlKBXEevLAsOZW8lUIOS4ksfHIVYuD0SUTb7u0ZZYpVy9HCEduORO9VU2WWtxe
9VMwwpw/L1UVp+PQR9wr2QNZYt9xrHoKGmWxJBBrucuwA72SWy3SHyQ0nQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHfrTTONtqpaysfwYOvdc0fG/8WPMB8GA1UdIwQY
MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt
NGY1N2Q5Y2Y1Y2FhLzEvZC10Tk00MjJxbHJLeF9CZzY5MXpSOGJfeFk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3ZjgtNGY1N2Q5Y2Y1Y2Fh
LzEvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBVe+SMA0G
CSqGSIb3DQEBCwUAA4IBAQBf9ZgtvOW7yS9hYRNqon0pw/CTHfHCV1IDCDt9RJl9
dzoFU/uh5h/s6l3xOGVqeaIZjpuXASI/PT2ZWEy6AulcnCcL1J45t2AxTTko4709
Y9RYU5xrkWV4XCQa/9xlO40VJfO2jb9YjeAjlvyybOoT6DJu8VdV3e+y+bsJ2jc7
pL7XzY1Rq/2hqV5Ap+rWPufxVXP77vl0GSysclVOxSmuTWXXk/RQMpkhS+H7MteQ
hz7h1PWO6SGMJFCUjNVHaw76HGkzb7v5CPgd2St46hWPgpfNYNDpdLKelpq4A3hS
KvpB+ukM1JpRttPAMXZ64dY4k9MYwgsvIo8xRW5k2bqW
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:29 2025 by rpki-client