Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/rVq_rgyYfxisfZosLTEYOK8012I.roa
File: rVq_rgyYfxisfZosLTEYOK8012I.roa (raw, json)
Hash identifier: qfUc/8CPVfgW5D79b9lNR+Fs0Ehkxd+q6+C5E566Dkg=
Subject key identifier: AD:5A:BF:AE:0C:98:7F:18:AC:7D:9A:2C:2D:31:18:38:AF:34:D7:62
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 01959025C7DD4049A24772BF78495BE4E188
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/rVq_rgyYfxisfZosLTEYOK8012I.roa
Signing time: Thu 13 Mar 2025 15:35:49 +0000
ROA not before: Thu 13 Mar 2025 15:35:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199478
IP address blocks: 213.170.248.0/24 maxlen: 24
213.170.249.0/24 maxlen: 24
213.170.250.0/24 maxlen: 24
213.170.251.0/24 maxlen: 24
213.170.252.0/24 maxlen: 24
213.170.253.0/24 maxlen: 24
213.170.254.0/24 maxlen: 24
213.170.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.mft
rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:90:25:c7:dd:40:49:a2:47:72:bf:78:49:5b:e4:e1:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Mar 13 15:35:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ad5abfae0c987f18ac7d9a2c2d311838af34d762
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:1c:a1:81:e2:e3:94:bd:94:01:8b:cd:8c:de:
09:78:16:6a:76:0c:b5:5e:fb:34:88:2c:90:ef:e3:
f0:59:de:13:14:f5:2c:f1:37:a7:ae:04:93:28:4e:
51:6f:9d:83:e0:54:44:ba:a8:fe:02:76:9a:eb:98:
b5:13:ac:59:18:5d:17:f7:3a:bb:c6:fd:75:f0:f5:
85:d7:3c:52:7e:80:b9:b0:51:cc:4d:21:de:14:83:
05:6e:2e:69:07:20:8e:eb:60:e5:bc:77:3b:67:d2:
c3:58:12:15:78:42:64:49:9e:17:3d:b1:19:8e:0d:
dc:ce:bf:ff:0d:30:46:25:6c:62:88:6b:64:60:5a:
6a:e5:02:45:fc:e3:ca:de:05:ce:13:f2:87:b4:e8:
55:ca:3f:c8:ae:98:b8:99:44:9f:ec:c2:f7:c0:40:
56:0f:1c:c5:f5:76:2e:b7:7f:3c:7e:33:c3:2d:92:
6a:71:fc:c6:86:7b:09:6e:1c:15:70:9f:e1:d2:c2:
f6:a1:6b:9a:fc:af:63:ea:0a:96:92:ae:2d:e1:09:
22:e5:63:b5:cf:dd:fb:52:53:66:98:e3:bf:65:aa:
de:9a:56:ca:03:bf:d8:7a:9b:c9:88:31:71:8a:13:
33:35:20:eb:9c:b7:6f:60:55:b1:78:78:11:c5:91:
9f:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:5A:BF:AE:0C:98:7F:18:AC:7D:9A:2C:2D:31:18:38:AF:34:D7:62
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/rVq_rgyYfxisfZosLTEYOK8012I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.170.248.0/21
Signature Algorithm: sha256WithRSAEncryption
05:16:92:8f:16:e6:5a:ff:46:82:3a:0a:d8:c3:24:38:6c:05:
35:ee:d8:c7:7a:20:ad:20:68:f1:b8:49:52:4c:e0:fd:7e:04:
83:ae:29:2e:33:ef:a3:9b:12:f0:ea:f6:25:58:f8:ee:81:22:
a4:a6:ab:7c:bc:bc:21:2d:8e:6f:cd:6e:de:f1:6f:95:77:fe:
03:fd:8d:2f:93:a4:a9:f6:bf:3e:da:54:42:d6:21:1f:33:f0:
62:5c:d5:cc:fb:55:80:08:27:cf:07:1a:10:83:72:81:7f:a0:
ae:7f:ab:6c:f0:ed:71:0f:dd:ab:fa:0f:cc:48:13:52:c0:d6:
f5:69:aa:8b:65:b6:3f:c4:a3:33:7f:0f:b3:9e:b6:17:08:af:
ac:0a:48:7e:d8:a2:55:6e:12:33:8f:9d:a0:b9:95:ad:34:56:
ea:8a:b0:c0:c6:a7:c5:8e:32:d0:55:98:ab:1f:1d:1b:10:30:
8b:f5:73:db:e5:34:4a:44:eb:97:31:38:8e:a3:24:0e:c5:16:
52:d6:68:9a:6c:95:29:ed:24:b7:91:14:8b:40:3c:5f:d5:61:
e0:73:65:c2:de:96:63:4c:3a:3e:4f:06:c1:88:af:ef:74:90:
4a:45:22:c1:ba:63:28:a3:7b:42:4a:e9:5b:8a:a7:c8:c2:e3:
c7:28:32:6a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZWQJcfdQEmiR3K/eElb5OGIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjUwMzEzMTUzNTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDVhYmZhZTBjOTg3ZjE4YWM3ZDlhMmMyZDMxMTgzOGFmMzRkNzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvhyhgeLjlL2UAYvNjN4JeBZqdgy1
Xvs0iCyQ7+PwWd4TFPUs8TenrgSTKE5Rb52D4FREuqj+Anaa65i1E6xZGF0X9zq7
xv118PWF1zxSfoC5sFHMTSHeFIMFbi5pByCO62DlvHc7Z9LDWBIVeEJkSZ4XPbEZ
jg3czr//DTBGJWxiiGtkYFpq5QJF/OPK3gXOE/KHtOhVyj/Irpi4mUSf7ML3wEBW
DxzF9XYut388fjPDLZJqcfzGhnsJbhwVcJ/h0sL2oWua/K9j6gqWkq4t4Qki5WO1
z937UlNmmOO/ZaremlbKA7/YepvJiDFxihMzNSDrnLdvYFWxeHgRxZGfVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK1av64MmH8YrH2aLC0xGDivNNdiMB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvclZxX3JneVlmeGlzZlpvc0xURVlPSzgwMTJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD1ar4MA0G
CSqGSIb3DQEBCwUAA4IBAQAFFpKPFuZa/0aCOgrYwyQ4bAU17tjHeiCtIGjxuElS
TOD9fgSDrikuM++jmxLw6vYlWPjugSKkpqt8vLwhLY5vzW7e8W+Vd/4D/Y0vk6Sp
9r8+2lRC1iEfM/BiXNXM+1WACCfPBxoQg3KBf6Cuf6ts8O1xD92r+g/MSBNSwNb1
aaqLZbY/xKMzfw+znrYXCK+sCkh+2KJVbhIzj52guZWtNFbqirDAxqfFjjLQVZir
Hx0bEDCL9XPb5TRKROuXMTiOoyQOxRZS1miabJUp7SS3kRSLQDxf1WHgc2XC3pZj
TDo+TwbBiK/vdJBKRSLBumMoo3tCSulbiqfIwuPHKDJq
-----END CERTIFICATE-----
Generated at Fri Apr 18 16:15:57 2025 by rpki-client