Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/2a226d-c72c-4c12-bbba-a4b55a71c228/1/TtiFva0B7nBQnunu1qXuQVvAjRk.roa
File: TtiFva0B7nBQnunu1qXuQVvAjRk.roa (raw, json)
Hash identifier: BCLtQWteuqq7HD+J7kkS4GO2lBhow7GRQ0k6IwJXdnM=
Subject key identifier: 4E:D8:85:BD:AD:01:EE:70:50:9E:E9:EE:D6:A5:EE:41:5B:C0:8D:19
Certificate issuer: /CN=2db616f3ad0363e7269cc2eb58d1bc086cc975f2
Certificate serial: 01942748863954B510C490AB5AE6B5E8C857
Authority key identifier: 2D:B6:16:F3:AD:03:63:E7:26:9C:C2:EB:58:D1:BC:08:6C:C9:75:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LbYW860DY-cmnMLrWNG8CGzJdfI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/2a226d-c72c-4c12-bbba-a4b55a71c228/1/TtiFva0B7nBQnunu1qXuQVvAjRk.roa
Signing time: Thu 02 Jan 2025 13:50:51 +0000
ROA not before: Thu 02 Jan 2025 13:50:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51056
IP address blocks: 109.233.192.0/21 maxlen: 24
185.64.236.0/22 maxlen: 24
2a02:1618::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/2a226d-c72c-4c12-bbba-a4b55a71c228/1/LbYW860DY-cmnMLrWNG8CGzJdfI.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/2a226d-c72c-4c12-bbba-a4b55a71c228/1/LbYW860DY-cmnMLrWNG8CGzJdfI.mft
rsync://rpki.ripe.net/repository/DEFAULT/LbYW860DY-cmnMLrWNG8CGzJdfI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:86:39:54:b5:10:c4:90:ab:5a:e6:b5:e8:c8:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2db616f3ad0363e7269cc2eb58d1bc086cc975f2
Validity
Not Before: Jan 2 13:50:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4ed885bdad01ee70509ee9eed6a5ee415bc08d19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:9c:31:26:06:09:16:41:97:3a:39:20:4c:f3:
a2:03:cb:11:32:17:6c:9c:dd:2e:92:bf:a7:ef:1d:
9d:36:9f:9d:df:f5:0f:bd:b8:db:94:9d:1f:7a:77:
07:dd:e8:50:1b:3f:5d:eb:23:7a:2b:14:7c:dd:9a:
8d:d0:80:71:f1:ac:98:25:0c:d0:92:2e:c3:cc:c8:
4c:cc:5d:d2:a5:db:7d:3a:96:08:58:39:53:a8:e0:
a4:30:f5:12:ae:a7:4b:a2:aa:21:a7:14:15:b8:2c:
4e:78:b1:39:b6:18:c6:25:1e:86:1c:de:04:ad:39:
1b:cf:b2:5f:22:ba:bc:2a:06:88:3f:ee:d9:da:e7:
82:97:7c:1a:7d:10:4a:41:88:db:1b:36:38:61:03:
df:fb:e8:ad:f7:b5:71:d6:be:04:9b:ed:ce:02:14:
b1:ee:b8:96:8f:29:21:5e:e6:7e:27:9d:f9:17:be:
37:16:57:b7:4a:57:0a:01:74:04:3a:82:30:6d:72:
df:69:f1:c8:36:ab:af:ff:64:15:79:a7:7d:c6:fa:
a3:94:a8:ec:40:46:eb:28:de:3c:e7:1c:22:df:96:
b2:39:23:69:e3:d1:2a:e8:cf:ef:40:6f:d9:4c:a0:
b5:b0:86:d7:ad:f3:ca:c2:7e:43:4a:73:fd:96:dd:
25:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:D8:85:BD:AD:01:EE:70:50:9E:E9:EE:D6:A5:EE:41:5B:C0:8D:19
X509v3 Authority Key Identifier:
keyid:2D:B6:16:F3:AD:03:63:E7:26:9C:C2:EB:58:D1:BC:08:6C:C9:75:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LbYW860DY-cmnMLrWNG8CGzJdfI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/2a226d-c72c-4c12-bbba-a4b55a71c228/1/TtiFva0B7nBQnunu1qXuQVvAjRk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/2a226d-c72c-4c12-bbba-a4b55a71c228/1/LbYW860DY-cmnMLrWNG8CGzJdfI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.233.192.0/21
185.64.236.0/22
IPv6:
2a02:1618::/32
Signature Algorithm: sha256WithRSAEncryption
61:5f:ee:34:ee:02:57:c4:7c:b0:ef:f7:66:05:f6:50:4f:fb:
c6:05:13:6c:a5:15:57:c4:6e:6d:57:50:70:38:eb:a8:2d:6f:
f2:03:88:91:bc:f4:9f:92:67:c9:e1:76:15:c1:e0:2a:93:7f:
87:3e:44:b0:d2:8a:e1:8c:d7:d8:0e:7d:9d:ea:b3:b1:16:69:
5f:22:c0:7c:2b:2b:ad:5a:c5:6a:41:b0:14:49:36:6f:9c:30:
d9:d0:63:10:bf:3c:11:d9:28:0b:97:4b:59:f7:7c:cb:2c:80:
6f:1a:a1:c1:d1:ba:81:42:2e:c8:bb:f5:08:95:92:ff:bb:56:
42:76:e7:e2:b2:8f:e1:c3:7d:80:3c:51:bc:17:e4:89:fa:de:
64:4b:ed:93:20:e8:d4:9c:c3:b1:5c:08:fd:3e:6a:7d:c1:e2:
a2:07:1c:8e:b6:f5:cc:ec:1c:81:f9:5f:39:48:00:89:13:f2:
65:43:56:82:b4:96:38:bd:5f:a5:ba:32:e2:50:1c:25:3d:4f:
8e:dd:c9:28:c8:55:f2:f1:d1:4d:e7:24:3e:72:9d:cf:e1:3a:
2e:a7:25:ae:40:eb:6e:bb:24:b7:79:99:d8:53:64:bf:65:d8:
d2:2f:31:c0:9d:45:19:f4:5f:e7:df:5c:d2:d0:3e:5c:aa:56:
bb:42:f8:a2
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQnSIY5VLUQxJCrWua16MhXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkYjYxNmYzYWQwMzYzZTcyNjljYzJlYjU4ZDFiYzA4NmNj
OTc1ZjIwHhcNMjUwMTAyMTM1MDUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWQ4ODViZGFkMDFlZTcwNTA5ZWU5ZWVkNmE1ZWU0MTViYzA4ZDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ZwxJgYJFkGXOjkgTPOiA8sRMhds
nN0ukr+n7x2dNp+d3/UPvbjblJ0fencH3ehQGz9d6yN6KxR83ZqN0IBx8ayYJQzQ
ki7DzMhMzF3Spdt9OpYIWDlTqOCkMPUSrqdLoqohpxQVuCxOeLE5thjGJR6GHN4E
rTkbz7JfIrq8KgaIP+7Z2ueCl3wafRBKQYjbGzY4YQPf++it97Vx1r4Em+3OAhSx
7riWjykhXuZ+J535F743Fle3SlcKAXQEOoIwbXLfafHINquv/2QVead9xvqjlKjs
QEbrKN485xwi35ayOSNp49Eq6M/vQG/ZTKC1sIbXrfPKwn5DSnP9lt0lGQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFE7Yhb2tAe5wUJ7p7tal7kFbwI0ZMB8GA1UdIwQY
MBaAFC22FvOtA2PnJpzC61jRvAhsyXXyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGJZVzg2MERZLWNtbk1McldORzhDR3pKZGZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8yYTIyNmQtYzcyYy00YzEyLWJiYmEt
YTRiNTVhNzFjMjI4LzEvVHRpRnZhMEI3bkJRbnVudTFxWHVRVnZBalJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi8yYTIyNmQtYzcyYy00YzEyLWJiYmEtYTRiNTVhNzFjMjI4
LzEvTGJZVzg2MERZLWNtbk1McldORzhDR3pKZGZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDbenAAwQC
uUDsMA0EAgACMAcDBQAqAhYYMA0GCSqGSIb3DQEBCwUAA4IBAQBhX+407gJXxHyw
7/dmBfZQT/vGBRNspRVXxG5tV1BwOOuoLW/yA4iRvPSfkmfJ4XYVweAqk3+HPkSw
0orhjNfYDn2d6rOxFmlfIsB8KyutWsVqQbAUSTZvnDDZ0GMQvzwR2SgLl0tZ93zL
LIBvGqHB0bqBQi7Iu/UIlZL/u1ZCdufiso/hw32APFG8F+SJ+t5kS+2TIOjUnMOx
XAj9Pmp9weKiBxyOtvXM7ByB+V85SACJE/JlQ1aCtJY4vV+lujLiUBwlPU+O3cko
yFXy8dFN5yQ+cp3P4ToupyWuQOtuuyS3eZnYU2S/ZdjSLzHAnUUZ9F/n31zS0D5c
qla7Qvii
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:05:56 2025 by rpki-client