Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/2f6dd0-b76f-47d5-a4ab-32feeb566ee6/1/OREDNoQ0vwPI3XM_zRsW3yzoE_A.roa
File: OREDNoQ0vwPI3XM_zRsW3yzoE_A.roa (raw, json)
Hash identifier: 1cT3zKRDrAQDDxV5Rq7SD/mINGk0AiyR89E6Ur7LkVA=
Subject key identifier: 39:11:03:36:84:34:BF:03:C8:DD:73:3F:CD:1B:16:DF:2C:E8:13:F0
Certificate issuer: /CN=21e86ff9973c93abe6398f031966c29d75a3ba86
Certificate serial: 019420D65D49D1E821391C24A98924DCFECB
Authority key identifier: 21:E8:6F:F9:97:3C:93:AB:E6:39:8F:03:19:66:C2:9D:75:A3:BA:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Iehv-Zc8k6vmOY8DGWbCnXWjuoY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/2f6dd0-b76f-47d5-a4ab-32feeb566ee6/1/OREDNoQ0vwPI3XM_zRsW3yzoE_A.roa
Signing time: Wed 01 Jan 2025 07:48:26 +0000
ROA not before: Wed 01 Jan 2025 07:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14413
IP address blocks: 144.2.0.0/19 maxlen: 24
144.2.176.0/20 maxlen: 24
144.2.192.0/19 maxlen: 24
185.63.144.0/22 maxlen: 24
2a04:f540::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/2f6dd0-b76f-47d5-a4ab-32feeb566ee6/1/Iehv-Zc8k6vmOY8DGWbCnXWjuoY.crl
rsync://rpki.ripe.net/repository/DEFAULT/52/2f6dd0-b76f-47d5-a4ab-32feeb566ee6/1/Iehv-Zc8k6vmOY8DGWbCnXWjuoY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Iehv-Zc8k6vmOY8DGWbCnXWjuoY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 19:01:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:5d:49:d1:e8:21:39:1c:24:a9:89:24:dc:fe:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21e86ff9973c93abe6398f031966c29d75a3ba86
Validity
Not Before: Jan 1 07:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=391103368434bf03c8dd733fcd1b16df2ce813f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:5b:50:6a:96:68:81:89:26:8a:29:4e:53:af:
d9:b8:74:70:8f:ea:a6:40:61:7e:c9:1b:ed:a9:d9:
6b:63:18:8f:49:a5:02:81:fc:31:fa:97:32:d9:c3:
3e:de:cf:a3:ea:88:4b:2d:e6:8c:fb:c8:77:02:9a:
9c:ec:c3:d6:3c:22:08:9f:5c:d8:7b:18:8e:ce:31:
38:c8:32:15:a7:da:00:4b:1d:f4:2a:0c:b6:17:ec:
76:9a:51:a8:65:00:bb:6e:a2:36:74:f5:36:17:41:
8b:a7:84:06:76:89:1f:f2:c0:e3:03:cc:1c:dd:fa:
57:b5:ac:46:40:e3:fd:8a:54:d8:d0:5f:97:70:f7:
df:e4:e5:b3:9c:14:f8:40:0c:98:c2:99:7e:c0:0e:
ec:11:6f:32:66:4f:72:ac:d6:93:8f:bb:35:41:9d:
f9:c5:dd:dd:7c:36:37:e9:9e:09:09:42:e7:35:4b:
88:f0:89:70:4f:8b:4e:95:f4:1f:10:23:f7:53:b9:
b0:62:7d:2b:3f:7b:39:56:02:b7:4d:ac:20:aa:e4:
7a:56:b0:f1:9a:d7:2b:9b:3d:1a:aa:ff:dc:6a:10:
d7:a5:93:c5:33:f2:e1:d0:07:94:9f:c1:8e:22:90:
73:fa:a0:7e:9d:74:78:ce:29:e2:fc:03:46:84:77:
76:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:11:03:36:84:34:BF:03:C8:DD:73:3F:CD:1B:16:DF:2C:E8:13:F0
X509v3 Authority Key Identifier:
keyid:21:E8:6F:F9:97:3C:93:AB:E6:39:8F:03:19:66:C2:9D:75:A3:BA:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iehv-Zc8k6vmOY8DGWbCnXWjuoY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/2f6dd0-b76f-47d5-a4ab-32feeb566ee6/1/OREDNoQ0vwPI3XM_zRsW3yzoE_A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/2f6dd0-b76f-47d5-a4ab-32feeb566ee6/1/Iehv-Zc8k6vmOY8DGWbCnXWjuoY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.2.0.0/19
144.2.176.0-144.2.223.255
185.63.144.0/22
IPv6:
2a04:f540::/29
Signature Algorithm: sha256WithRSAEncryption
45:11:5f:2c:25:3f:d2:67:8e:1a:67:7a:03:3a:e9:b6:f9:b9:
72:d7:2c:98:d4:36:28:23:53:b7:a0:4d:97:50:4c:6d:65:2d:
5e:1e:dc:bf:c3:25:7d:81:2f:66:af:64:78:75:f0:41:7b:aa:
dc:f4:26:d9:2c:e7:1c:c8:88:3a:61:d2:2a:31:7e:6a:cf:1d:
d8:da:a5:51:a7:da:a5:09:09:4c:bb:e7:22:94:77:da:ae:e8:
f6:df:f9:18:11:83:3f:45:53:de:4c:ef:cb:48:1e:7a:9e:bf:
42:cb:a3:7c:a0:53:9e:06:af:39:94:87:57:8e:e9:c0:a7:e4:
c0:b1:f0:6b:2a:c6:0a:3e:e6:00:5b:05:78:97:25:75:4b:ef:
c8:80:dd:ee:ad:02:42:9e:10:42:25:4f:bf:fa:0c:4a:29:e7:
0c:28:81:8f:68:2a:13:99:5b:60:57:47:7b:8f:a1:c1:a6:3e:
b4:a5:46:1b:c7:e3:63:2c:5f:e5:5a:4d:7a:56:2a:01:99:d3:
c1:4e:10:6c:3a:20:67:41:3e:7c:f6:11:f8:a0:ad:2d:26:d5:
5e:77:a7:34:14:15:51:6e:6a:ae:f8:5b:75:b2:08:28:46:da:
a5:05:d7:81:56:a6:fe:21:77:99:2c:c4:12:cf:a5:fd:bf:41:
05:2e:40:82
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZQg1l1J0eghORwkqYkk3P7LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxZTg2ZmY5OTczYzkzYWJlNjM5OGYwMzE5NjZjMjlkNzVh
M2JhODYwHhcNMjUwMTAxMDc0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTExMDMzNjg0MzRiZjAzYzhkZDczM2ZjZDFiMTZkZjJjZTgxM2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1tQapZogYkmiilOU6/ZuHRwj+qm
QGF+yRvtqdlrYxiPSaUCgfwx+pcy2cM+3s+j6ohLLeaM+8h3Apqc7MPWPCIIn1zY
exiOzjE4yDIVp9oASx30Kgy2F+x2mlGoZQC7bqI2dPU2F0GLp4QGdokf8sDjA8wc
3fpXtaxGQOP9ilTY0F+XcPff5OWznBT4QAyYwpl+wA7sEW8yZk9yrNaTj7s1QZ35
xd3dfDY36Z4JCULnNUuI8IlwT4tOlfQfECP3U7mwYn0rP3s5VgK3TawgquR6VrDx
mtcrmz0aqv/cahDXpZPFM/Lh0AeUn8GOIpBz+qB+nXR4zini/ANGhHd2kwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFDkRAzaENL8DyN1zP80bFt8s6BPwMB8GA1UdIwQY
MBaAFCHob/mXPJOr5jmPAxlmwp11o7qGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWVodi1aYzhrNnZtT1k4REdXYkNuWFdqdW9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8yZjZkZDAtYjc2Zi00N2Q1LWE0YWIt
MzJmZWViNTY2ZWU2LzEvT1JFRE5vUTB2d1BJM1hNX3pSc1czeXpvRV9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8yZjZkZDAtYjc2Zi00N2Q1LWE0YWItMzJmZWViNTY2ZWU2
LzEvSWVodi1aYzhrNnZtT1k4REdXYkNuWFdqdW9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQFkAIAMAwD
BASQArADBAWQAsADBAK5P5AwDQQCAAIwBwMFAyoE9UAwDQYJKoZIhvcNAQELBQAD
ggEBAEURXywlP9JnjhpnegM66bb5uXLXLJjUNigjU7egTZdQTG1lLV4e3L/DJX2B
L2avZHh18EF7qtz0Jtks5xzIiDph0ioxfmrPHdjapVGn2qUJCUy75yKUd9qu6Pbf
+RgRgz9FU95M78tIHnqev0LLo3ygU54GrzmUh1eO6cCn5MCx8Gsqxgo+5gBbBXiX
JXVL78iA3e6tAkKeEEIlT7/6DEop5wwogY9oKhOZW2BXR3uPocGmPrSlRhvH42Ms
X+VaTXpWKgGZ08FOEGw6IGdBPnz2EfigrS0m1V53pzQUFVFuaq74W3WyCChG2qUF
14FWpv4hd5ksxBLPpf2/QQUuQII=
-----END CERTIFICATE-----
Generated at Sun Apr 6 03:34:02 2025 by rpki-client