Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/tLpYmjiy2-hs1MM_Lyatf45ocKg.roa
File: tLpYmjiy2-hs1MM_Lyatf45ocKg.roa (raw, json)
Hash identifier: /IX/rjwA4xnIpYI7Xf4mBV5PcdOdUpUQwLhk+QGjMLQ=
Subject key identifier: B4:BA:58:9A:38:B2:DB:E8:6C:D4:C3:3F:2F:26:AD:7F:8E:68:70:A8
Certificate issuer: /CN=4444c7c3ad34b6977fa18a2237ca306b9bee08e0
Certificate serial: 01954C2DB9B3AA2FA7518C12A1328EFB7F56
Authority key identifier: 44:44:C7:C3:AD:34:B6:97:7F:A1:8A:22:37:CA:30:6B:9B:EE:08:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RETHw600tpd_oYoiN8owa5vuCOA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/tLpYmjiy2-hs1MM_Lyatf45ocKg.roa
Signing time: Fri 28 Feb 2025 10:50:19 +0000
ROA not before: Fri 28 Feb 2025 10:50:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50130
IP address blocks: 31.129.224.0/22 maxlen: 22
31.129.224.0/23 maxlen: 23
31.129.224.0/24 maxlen: 24
31.129.225.0/24 maxlen: 24
31.129.226.0/23 maxlen: 23
31.129.226.0/24 maxlen: 24
31.129.227.0/24 maxlen: 24
31.129.228.0/23 maxlen: 23
31.129.228.0/24 maxlen: 24
31.129.229.0/24 maxlen: 24
31.129.234.0/24 maxlen: 24
31.129.240.0/23 maxlen: 23
31.129.242.0/23 maxlen: 23
31.129.252.0/22 maxlen: 22
31.129.252.0/23 maxlen: 23
31.129.252.0/24 maxlen: 24
31.129.253.0/24 maxlen: 24
31.129.254.0/23 maxlen: 23
31.129.254.0/24 maxlen: 24
31.129.255.0/24 maxlen: 24
213.5.192.0/24 maxlen: 24
213.5.193.0/24 maxlen: 24
213.5.194.0/24 maxlen: 24
213.5.195.0/24 maxlen: 24
213.5.196.0/22 maxlen: 22
213.5.196.0/23 maxlen: 23
213.5.196.0/24 maxlen: 24
213.5.198.0/23 maxlen: 23
213.5.198.0/24 maxlen: 24
213.5.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/RETHw600tpd_oYoiN8owa5vuCOA.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/RETHw600tpd_oYoiN8owa5vuCOA.mft
rsync://rpki.ripe.net/repository/DEFAULT/RETHw600tpd_oYoiN8owa5vuCOA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 13 Mar 2025 21:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:4c:2d:b9:b3:aa:2f:a7:51:8c:12:a1:32:8e:fb:7f:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4444c7c3ad34b6977fa18a2237ca306b9bee08e0
Validity
Not Before: Feb 28 10:50:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b4ba589a38b2dbe86cd4c33f2f26ad7f8e6870a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:21:d9:dd:87:4e:15:80:24:77:16:5e:83:dd:
73:c4:7f:16:4d:3d:a2:45:2f:87:f5:b1:6f:da:90:
4b:33:f1:26:56:c9:c0:b7:2d:57:83:66:f2:af:a7:
44:ab:3a:f1:0b:8b:24:a7:1b:e0:e5:0d:02:15:26:
bb:b0:a2:6c:8a:eb:1b:77:9a:7b:8b:84:04:65:26:
6b:54:5c:b6:c4:8b:a3:2f:6a:81:f4:76:43:79:72:
94:08:8a:22:80:08:17:f3:ff:16:15:96:0d:3f:8b:
ae:e5:6e:37:ef:2d:44:7c:c6:0f:d0:49:fe:e9:ec:
76:f5:e0:13:81:7c:ea:64:3e:f8:98:fa:5b:e7:ec:
6a:6b:53:e4:95:26:44:a9:3d:d0:b8:77:00:f8:82:
fd:e2:78:7a:c4:21:50:22:8f:cb:48:a1:c7:0b:b0:
eb:a1:5c:7a:13:80:52:d1:d3:64:62:ee:c0:a6:71:
4a:7e:ed:79:73:03:1d:98:71:05:9d:f1:74:b0:ac:
a4:0e:5c:30:25:b2:4b:33:e4:7b:7b:88:6f:fe:ad:
d3:ba:df:3c:7a:6e:3c:13:de:12:6c:be:78:d5:66:
3b:00:bc:1a:0c:be:f0:dd:1f:2b:59:e6:ba:c4:13:
cf:28:19:f8:ee:d4:54:c4:c5:43:30:a6:72:2d:cb:
07:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:BA:58:9A:38:B2:DB:E8:6C:D4:C3:3F:2F:26:AD:7F:8E:68:70:A8
X509v3 Authority Key Identifier:
keyid:44:44:C7:C3:AD:34:B6:97:7F:A1:8A:22:37:CA:30:6B:9B:EE:08:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RETHw600tpd_oYoiN8owa5vuCOA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/tLpYmjiy2-hs1MM_Lyatf45ocKg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/RETHw600tpd_oYoiN8owa5vuCOA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.129.224.0-31.129.229.255
31.129.234.0/24
31.129.240.0/22
31.129.252.0/22
213.5.192.0/21
Signature Algorithm: sha256WithRSAEncryption
2d:58:92:2b:cd:08:90:d7:bb:2f:1d:4b:0a:65:b9:6b:7b:29:
35:a5:d5:99:30:c5:f8:fa:74:0f:6f:c8:23:b9:b9:aa:86:f6:
72:95:3f:66:12:4a:49:ee:44:f4:70:fb:d6:d0:4d:c0:74:9d:
43:5e:da:88:60:00:b6:b6:05:74:8e:ab:45:02:be:4e:0c:96:
e9:53:0b:7a:1d:eb:25:34:79:16:d3:10:d6:c4:29:7b:cc:09:
32:03:ec:bb:81:65:64:22:33:98:4a:4a:f8:a3:d8:40:85:47:
81:3a:92:6e:31:45:ab:ab:66:1c:30:6e:3d:5a:55:29:d9:1e:
2d:54:0e:a4:dc:02:c8:b3:e7:08:20:d2:0c:d8:0d:09:ce:a4:
91:13:ca:ce:4c:a9:24:01:a3:c7:c2:65:dc:0e:c3:92:26:07:
9d:32:c1:67:c3:c1:f7:b8:d8:03:9e:1c:8f:6d:59:1a:85:5a:
6c:56:fa:d2:e4:4d:c6:86:bc:45:69:30:52:1b:a8:af:86:9f:
ce:2d:fb:3b:1e:87:d9:56:cf:86:02:47:83:9d:1d:ad:aa:92:
84:dd:e1:4d:47:4b:4d:9d:69:1b:be:07:22:d4:ee:a4:1a:b2:
50:a6:e3:15:62:0a:db:52:94:91:eb:d3:92:d2:67:3b:f9:3d:
6c:f2:84:8b
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZVMLbmzqi+nUYwSoTKO+39WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NDRjN2MzYWQzNGI2OTc3ZmExOGEyMjM3Y2EzMDZiOWJl
ZTA4ZTAwHhcNMjUwMjI4MTA1MDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGJhNTg5YTM4YjJkYmU4NmNkNGMzM2YyZjI2YWQ3ZjhlNjg3MGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSHZ3YdOFYAkdxZeg91zxH8WTT2i
RS+H9bFv2pBLM/EmVsnAty1Xg2byr6dEqzrxC4skpxvg5Q0CFSa7sKJsiusbd5p7
i4QEZSZrVFy2xIujL2qB9HZDeXKUCIoigAgX8/8WFZYNP4uu5W437y1EfMYP0En+
6ex29eATgXzqZD74mPpb5+xqa1PklSZEqT3QuHcA+IL94nh6xCFQIo/LSKHHC7Dr
oVx6E4BS0dNkYu7ApnFKfu15cwMdmHEFnfF0sKykDlwwJbJLM+R7e4hv/q3Tut88
em48E94SbL541WY7ALwaDL7w3R8rWea6xBPPKBn47tRUxMVDMKZyLcsHEwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFLS6WJo4stvobNTDPy8mrX+OaHCoMB8GA1UdIwQY
MBaAFEREx8OtNLaXf6GKIjfKMGub7gjgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkVUSHc2MDB0cGRfb1lvaU44b3dhNXZ1Q09BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9jOWM5ZmMtNTg2NC00MTRlLWFlMmEt
ODYzYzliM2QzMmIwLzEvdExwWW1qaXkyLWhzMU1NX0x5YXRmNDVvY0tnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9jOWM5ZmMtNTg2NC00MTRlLWFlMmEtODYzYzliM2QzMmIw
LzEvUkVUSHc2MDB0cGRfb1lvaU44b3dhNXZ1Q09BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBAUfgeAD
BAEfgeQDBAAfgeoDBAIfgfADBAIfgfwDBAPVBcAwDQYJKoZIhvcNAQELBQADggEB
AC1YkivNCJDXuy8dSwpluWt7KTWl1Zkwxfj6dA9vyCO5uaqG9nKVP2YSSknuRPRw
+9bQTcB0nUNe2ohgALa2BXSOq0UCvk4MlulTC3od6yU0eRbTENbEKXvMCTID7LuB
ZWQiM5hKSvij2ECFR4E6km4xRaurZhwwbj1aVSnZHi1UDqTcAsiz5wgg0gzYDQnO
pJETys5MqSQBo8fCZdwOw5ImB50ywWfDwfe42AOeHI9tWRqFWmxW+tLkTcaGvEVp
MFIbqK+Gn84t+zseh9lWz4YCR4OdHa2qkoTd4U1HS02daRu+ByLU7qQaslCm4xVi
CttSlJHr05LSZzv5PWzyhIs=
-----END CERTIFICATE-----
Generated at Thu Mar 13 07:53:15 2025 by rpki-client