Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/85f02e-f1ac-44fb-92eb-f05aa229d638/1/aZdqJ17S5RRkzSS1Tb7Ov8io9M8.roa
File: aZdqJ17S5RRkzSS1Tb7Ov8io9M8.roa (raw, json)
Hash identifier: BfeCDfUov6DgJhwmZIrlwm+bQcrqsV+1Qg81n9OEaL8=
Subject key identifier: 69:97:6A:27:5E:D2:E5:14:64:CD:24:B5:4D:BE:CE:BF:C8:A8:F4:CF
Certificate issuer: /CN=d2622fdec8fadfca58e7575c29f10e73ae775715
Certificate serial: 019427B60852D034AAB05E97E2A73D4279FC
Authority key identifier: D2:62:2F:DE:C8:FA:DF:CA:58:E7:57:5C:29:F1:0E:73:AE:77:57:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0mIv3sj638pY51dcKfEOc653VxU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/85f02e-f1ac-44fb-92eb-f05aa229d638/1/aZdqJ17S5RRkzSS1Tb7Ov8io9M8.roa
Signing time: Thu 02 Jan 2025 15:50:28 +0000
ROA not before: Thu 02 Jan 2025 15:50:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31287
IP address blocks: 85.187.192.0/21 maxlen: 21
151.237.41.204/32 maxlen: 32
151.237.80.0/22 maxlen: 22
151.237.84.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/85f02e-f1ac-44fb-92eb-f05aa229d638/1/0mIv3sj638pY51dcKfEOc653VxU.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/85f02e-f1ac-44fb-92eb-f05aa229d638/1/0mIv3sj638pY51dcKfEOc653VxU.mft
rsync://rpki.ripe.net/repository/DEFAULT/0mIv3sj638pY51dcKfEOc653VxU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:08:52:d0:34:aa:b0:5e:97:e2:a7:3d:42:79:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2622fdec8fadfca58e7575c29f10e73ae775715
Validity
Not Before: Jan 2 15:50:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69976a275ed2e51464cd24b54dbecebfc8a8f4cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:fe:41:00:a9:c2:b7:01:49:e5:6a:68:ce:4a:
d0:9f:71:c2:04:01:30:cf:1d:b6:fd:43:c8:2f:f0:
c3:99:ae:26:89:02:37:ec:06:63:7f:67:a3:c3:ea:
e6:1a:bf:33:3a:19:df:be:57:f4:b9:5d:bb:50:bc:
26:58:a3:91:90:45:75:22:13:3a:e5:1b:15:8e:9c:
a9:6c:3f:af:75:7b:d4:b7:63:88:c3:f2:1a:e1:17:
fe:3f:ff:b6:32:36:13:60:5b:26:f7:39:13:7f:00:
d2:66:d3:a1:79:11:23:e8:1a:20:0f:49:c9:26:ae:
fd:dc:a8:a9:c0:a7:3f:c8:db:e6:ae:3a:82:4f:90:
b5:80:61:a8:50:ca:84:0f:fd:c1:51:f0:0b:67:fb:
a2:f7:9c:8e:08:63:3e:82:a3:4b:3c:23:5a:52:69:
e1:2a:57:d4:27:57:b1:91:f1:8f:66:b2:75:fc:a4:
34:0f:cc:03:d3:b7:e6:a8:7c:1d:56:a8:40:3c:c0:
01:27:b4:1c:12:b7:60:94:ce:43:6e:36:73:6f:1d:
b1:28:48:4a:90:c0:95:e1:cf:2e:33:08:9c:1b:4f:
e8:32:b5:c8:08:6f:e4:0b:40:37:94:20:cb:0b:2b:
75:57:ef:a4:17:47:b6:e1:0e:98:f0:20:7a:81:e2:
b0:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:97:6A:27:5E:D2:E5:14:64:CD:24:B5:4D:BE:CE:BF:C8:A8:F4:CF
X509v3 Authority Key Identifier:
keyid:D2:62:2F:DE:C8:FA:DF:CA:58:E7:57:5C:29:F1:0E:73:AE:77:57:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0mIv3sj638pY51dcKfEOc653VxU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/85f02e-f1ac-44fb-92eb-f05aa229d638/1/aZdqJ17S5RRkzSS1Tb7Ov8io9M8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/85f02e-f1ac-44fb-92eb-f05aa229d638/1/0mIv3sj638pY51dcKfEOc653VxU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.187.192.0/21
151.237.41.204/32
151.237.80.0/21
Signature Algorithm: sha256WithRSAEncryption
9e:9a:a4:86:35:0a:af:ea:2c:c8:f2:d5:17:05:eb:21:56:57:
d1:d9:5b:c9:ea:f7:8e:b0:97:29:5d:62:b8:09:72:ee:2c:e0:
9c:dd:65:b2:1b:b2:eb:69:e0:ed:35:16:99:bd:38:c6:b8:00:
aa:ef:10:05:d1:66:5b:74:11:00:72:c2:4b:4a:a0:56:57:0e:
ee:e9:7a:54:8e:33:9b:3c:a8:0c:5f:c5:0c:9f:27:87:af:bb:
b2:79:8b:2b:e3:79:f5:36:22:f9:83:35:86:f7:4c:e3:16:9d:
95:38:03:10:4c:7a:0f:e3:0b:e7:70:b0:cb:dc:33:11:3b:2b:
7d:cc:cd:9d:f9:fd:cd:e6:10:8b:59:52:b3:9c:9f:eb:ed:55:
5b:0f:7c:47:29:35:50:c8:e4:ba:07:ad:c2:2e:f3:b4:0e:ee:
60:34:25:9e:21:e3:2a:6d:49:c0:e8:68:7f:53:1f:c3:6d:a3:
3a:f6:4b:2c:fb:69:16:cf:10:ed:9d:e8:76:e6:7e:64:b2:80:
ff:d6:06:d6:2b:4b:cd:29:96:ae:28:b6:5f:4d:98:33:ac:06:
a2:c4:5d:df:77:8c:66:a1:53:f2:ba:c2:27:78:19:49:bb:30:
9e:de:54:0b:07:4c:90:4f:f5:5d:7a:92:06:af:0f:8d:1e:28:
19:6f:b9:4a
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZQntghS0DSqsF6X4qc9Qnn8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNjIyZmRlYzhmYWRmY2E1OGU3NTc1YzI5ZjEwZTczYWU3
NzU3MTUwHhcNMjUwMTAyMTU1MDI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTk3NmEyNzVlZDJlNTE0NjRjZDI0YjU0ZGJlY2ViZmM4YThmNGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4v5BAKnCtwFJ5WpozkrQn3HCBAEw
zx22/UPIL/DDma4miQI37AZjf2ejw+rmGr8zOhnfvlf0uV27ULwmWKORkEV1IhM6
5RsVjpypbD+vdXvUt2OIw/Ia4Rf+P/+2MjYTYFsm9zkTfwDSZtOheREj6BogD0nJ
Jq793KipwKc/yNvmrjqCT5C1gGGoUMqED/3BUfALZ/ui95yOCGM+gqNLPCNaUmnh
KlfUJ1exkfGPZrJ1/KQ0D8wD07fmqHwdVqhAPMABJ7QcErdglM5DbjZzbx2xKEhK
kMCV4c8uMwicG0/oMrXICG/kC0A3lCDLCyt1V++kF0e24Q6Y8CB6geKw6wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFGmXaide0uUUZM0ktU2+zr/IqPTPMB8GA1UdIwQY
MBaAFNJiL97I+t/KWOdXXCnxDnOud1cVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMG1JdjNzajYzOHBZNTFkY0tmRU9jNjUzVnhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS84NWYwMmUtZjFhYy00NGZiLTkyZWIt
ZjA1YWEyMjlkNjM4LzEvYVpkcUoxN1M1UlJrelNTMVRiN092OGlvOU04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS84NWYwMmUtZjFhYy00NGZiLTkyZWItZjA1YWEyMjlkNjM4
LzEvMG1JdjNzajYzOHBZNTFkY0tmRU9jNjUzVnhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAATATAwQDVbvAAwUA
l+0pzAMEA5ftUDANBgkqhkiG9w0BAQsFAAOCAQEAnpqkhjUKr+osyPLVFwXrIVZX
0dlbyer3jrCXKV1iuAly7izgnN1lshuy62ng7TUWmb04xrgAqu8QBdFmW3QRAHLC
S0qgVlcO7ul6VI4zmzyoDF/FDJ8nh6+7snmLK+N59TYi+YM1hvdM4xadlTgDEEx6
D+ML53Cwy9wzETsrfczNnfn9zeYQi1lSs5yf6+1VWw98Ryk1UMjkugetwi7ztA7u
YDQlniHjKm1JwOhof1Mfw22jOvZLLPtpFs8Q7Z3oduZ+ZLKA/9YG1itLzSmWrii2
X02YM6wGosRd33eMZqFT8rrCJ3gZSbswnt5UCwdMkE/1XXqSBq8PjR4oGW+5Sg==
-----END CERTIFICATE-----
Generated at Sat Apr 12 05:46:23 2025 by rpki-client