Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/rnTo30gsWuwO_dLuWbTrVdIJXbI.roa
File: rnTo30gsWuwO_dLuWbTrVdIJXbI.roa (raw, json)
Hash identifier: O1AUE4D5gDEKUTAOAFWoLQ4wie/BT4867JZodngFFPY=
Subject key identifier: AE:74:E8:DF:48:2C:5A:EC:0E:FD:D2:EE:59:B4:EB:55:D2:09:5D:B2
Certificate issuer: /CN=4d5a2921fbeb8a448e7ae1ec5a11b8ab898d22fd
Certificate serial: 0194258F5091F270CF5854701B9CA92A33C4
Authority key identifier: 4D:5A:29:21:FB:EB:8A:44:8E:7A:E1:EC:5A:11:B8:AB:89:8D:22:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TVopIfvrikSOeuHsWhG4q4mNIv0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/rnTo30gsWuwO_dLuWbTrVdIJXbI.roa
Signing time: Thu 02 Jan 2025 05:48:56 +0000
ROA not before: Thu 02 Jan 2025 05:48:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214319
IP address blocks: 212.119.25.0/24 maxlen: 24
213.198.78.0/24 maxlen: 24
213.198.91.0/24 maxlen: 24
2001:728:1010:300::/56 maxlen: 56
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/TVopIfvrikSOeuHsWhG4q4mNIv0.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/TVopIfvrikSOeuHsWhG4q4mNIv0.mft
rsync://rpki.ripe.net/repository/DEFAULT/TVopIfvrikSOeuHsWhG4q4mNIv0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Mar 2025 03:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:50:91:f2:70:cf:58:54:70:1b:9c:a9:2a:33:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d5a2921fbeb8a448e7ae1ec5a11b8ab898d22fd
Validity
Not Before: Jan 2 05:48:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ae74e8df482c5aec0efdd2ee59b4eb55d2095db2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:12:05:d6:35:3e:e5:e5:34:d7:aa:e0:1d:48:
2a:c8:e2:ce:ed:b2:ae:81:39:43:11:80:9a:68:44:
43:8e:f7:ec:8b:bf:4b:49:f5:83:a8:35:0c:4f:1c:
1e:e7:96:8c:b4:53:0f:09:f9:47:ad:25:8f:25:18:
06:b3:00:a4:d0:92:30:70:55:c1:13:1c:29:0a:89:
72:c1:69:8a:b5:28:4a:97:43:25:43:85:c6:a9:69:
67:73:51:da:44:06:65:e0:26:af:79:99:f3:9d:65:
5b:a3:7d:de:77:1d:62:10:57:f0:a0:e8:01:9d:ee:
8a:c1:66:6f:39:8c:22:8c:58:aa:cb:4d:7c:4f:c3:
b3:c6:bf:45:35:89:87:3e:65:53:16:4f:b4:82:4e:
e4:77:73:ec:d3:33:b4:36:08:24:72:58:6e:eb:50:
be:9f:3c:98:09:0c:f8:45:5b:71:59:c9:8b:f4:80:
5e:92:f4:a2:93:28:53:20:36:7f:9e:7f:81:4a:93:
4b:9f:64:d3:6c:01:07:0f:b3:8f:ad:04:21:c9:d8:
45:df:74:1c:e4:9b:47:22:69:38:bd:1e:17:4f:ed:
34:68:80:40:c7:7f:88:e9:1c:63:a7:33:37:10:09:
fa:9a:1c:79:c0:95:14:99:90:d8:94:15:1c:af:db:
03:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:74:E8:DF:48:2C:5A:EC:0E:FD:D2:EE:59:B4:EB:55:D2:09:5D:B2
X509v3 Authority Key Identifier:
keyid:4D:5A:29:21:FB:EB:8A:44:8E:7A:E1:EC:5A:11:B8:AB:89:8D:22:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TVopIfvrikSOeuHsWhG4q4mNIv0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/rnTo30gsWuwO_dLuWbTrVdIJXbI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/TVopIfvrikSOeuHsWhG4q4mNIv0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.119.25.0/24
213.198.78.0/24
213.198.91.0/24
IPv6:
2001:728:1010:300::/56
Signature Algorithm: sha256WithRSAEncryption
4a:e5:3c:c4:e3:77:29:65:9c:43:b6:7a:e2:a0:0f:2f:1a:f7:
e7:05:e6:e8:c0:db:0a:78:1b:e9:cd:40:e6:bc:e0:2a:04:db:
75:cb:46:d1:f1:40:7f:d3:df:8d:fa:6a:00:90:8f:a9:e0:35:
f5:87:ee:ae:3d:a6:7c:9e:57:3f:27:79:06:84:9c:f0:cf:d6:
0e:92:a8:3f:f0:29:81:9b:6e:46:c5:c4:d0:eb:0a:f6:ef:52:
ad:b1:51:73:07:11:7f:20:71:0d:75:4d:0e:3f:e4:34:ea:e8:
58:5c:84:47:02:6e:b1:29:85:fd:06:e6:2a:60:2d:63:3b:2a:
2f:b0:c7:44:49:87:cb:4f:50:5d:2d:bc:a1:22:5d:2d:b4:8d:
2f:30:d7:16:98:14:03:0d:e9:7e:fd:c0:c0:4f:c5:83:8b:05:
8d:62:67:3b:23:67:92:39:9f:4e:9b:0b:0a:62:c1:c8:be:65:
c4:15:d8:85:64:ab:00:f4:f5:b9:30:47:c9:ed:7c:e6:b8:fe:
78:92:88:be:2f:ce:ca:4a:43:0d:d2:9a:82:e2:34:a1:f4:4d:
c1:1e:1e:35:fc:44:6e:00:d6:fb:3a:41:da:4c:e6:4e:77:50:
ba:9d:64:c7:d8:39:a9:7f:31:d3:d7:f0:5c:e6:a9:d5:65:ee:
65:b0:4a:11
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQlj1CR8nDPWFRwG5ypKjPEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkNWEyOTIxZmJlYjhhNDQ4ZTdhZTFlYzVhMTFiOGFiODk4
ZDIyZmQwHhcNMjUwMTAyMDU0ODU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTc0ZThkZjQ4MmM1YWVjMGVmZGQyZWU1OWI0ZWI1NWQyMDk1ZGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBIF1jU+5eU016rgHUgqyOLO7bKu
gTlDEYCaaERDjvfsi79LSfWDqDUMTxwe55aMtFMPCflHrSWPJRgGswCk0JIwcFXB
ExwpColywWmKtShKl0MlQ4XGqWlnc1HaRAZl4CaveZnznWVbo33edx1iEFfwoOgB
ne6KwWZvOYwijFiqy018T8Ozxr9FNYmHPmVTFk+0gk7kd3Ps0zO0Nggkclhu61C+
nzyYCQz4RVtxWcmL9IBekvSikyhTIDZ/nn+BSpNLn2TTbAEHD7OPrQQhydhF33Qc
5JtHImk4vR4XT+00aIBAx3+I6RxjpzM3EAn6mhx5wJUUmZDYlBUcr9sDwwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFK506N9ILFrsDv3S7lm061XSCV2yMB8GA1UdIwQY
MBaAFE1aKSH764pEjnrh7FoRuKuJjSL9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFZvcElmdnJpa1NPZXVIc1doRzRxNG1OSXYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9lZThiOTgtNzI0MC00YjYyLWFjYzUt
NzgwYTI1Y2QwZGQ5LzEvcm5UbzMwZ3NXdXdPX2RMdVdiVHJWZElKWGJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9lZThiOTgtNzI0MC00YjYyLWFjYzUtNzgwYTI1Y2QwZGQ5
LzEvVFZvcElmdnJpa1NPZXVIc1doRzRxNG1OSXYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAYBAIAATASAwQA1HcZAwQA
1cZOAwQA1cZbMBAEAgACMAoDCAAgAQcoEBADMA0GCSqGSIb3DQEBCwUAA4IBAQBK
5TzE43cpZZxDtnrioA8vGvfnBebowNsKeBvpzUDmvOAqBNt1y0bR8UB/09+N+moA
kI+p4DX1h+6uPaZ8nlc/J3kGhJzwz9YOkqg/8CmBm25GxcTQ6wr271KtsVFzBxF/
IHENdU0OP+Q06uhYXIRHAm6xKYX9BuYqYC1jOyovsMdESYfLT1BdLbyhIl0ttI0v
MNcWmBQDDel+/cDAT8WDiwWNYmc7I2eSOZ9OmwsKYsHIvmXEFdiFZKsA9PW5MEfJ
7XzmuP54koi+L87KSkMN0pqC4jSh9E3BHh41/ERuANb7OkHaTOZOd1C6nWTH2Dmp
fzHT1/Bc5qnVZe5lsEoR
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:50:46 2025 by rpki-client