Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/dec12c-5f18-48ab-b006-422bb43753be/1/L4roRdlkRFF_L_7wYpfaNa1dLaA.roa
File: L4roRdlkRFF_L_7wYpfaNa1dLaA.roa (raw, json)
Hash identifier: KuAnzPBgxp55/NCR6oySR+pQEyeN2HDAB6NF7tBzr6I=
Subject key identifier: 2F:8A:E8:45:D9:64:44:51:7F:2F:FE:F0:62:97:DA:35:AD:5D:2D:A0
Certificate issuer: /CN=d90155c51ff2394da784a384aa717c76e3032c24
Certificate serial: 01942143D836E58235EBC4642544B248AE70
Authority key identifier: D9:01:55:C5:1F:F2:39:4D:A7:84:A3:84:AA:71:7C:76:E3:03:2C:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2QFVxR_yOU2nhKOEqnF8duMDLCQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/dec12c-5f18-48ab-b006-422bb43753be/1/L4roRdlkRFF_L_7wYpfaNa1dLaA.roa
Signing time: Wed 01 Jan 2025 09:48:01 +0000
ROA not before: Wed 01 Jan 2025 09:48:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210967
IP address blocks: 213.217.30.0/24 maxlen: 24
2a11:1b00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/dec12c-5f18-48ab-b006-422bb43753be/1/2QFVxR_yOU2nhKOEqnF8duMDLCQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/dec12c-5f18-48ab-b006-422bb43753be/1/2QFVxR_yOU2nhKOEqnF8duMDLCQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/2QFVxR_yOU2nhKOEqnF8duMDLCQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 21:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:d8:36:e5:82:35:eb:c4:64:25:44:b2:48:ae:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d90155c51ff2394da784a384aa717c76e3032c24
Validity
Not Before: Jan 1 09:48:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2f8ae845d96444517f2ffef06297da35ad5d2da0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:da:ce:70:ed:8f:6a:5b:22:2f:01:3f:ed:84:
6a:72:4c:c1:ea:ad:cd:d4:3f:86:db:0b:55:c1:4f:
e7:32:e1:ea:f6:80:ab:b7:4c:4e:9d:93:00:b8:e1:
d6:01:98:8e:3c:13:42:b4:f9:75:31:03:c3:3e:8e:
d6:bd:e6:38:0e:ce:38:3a:0e:e8:5e:ae:8d:d6:2a:
81:64:92:85:a3:fc:13:35:7d:0b:e9:60:14:4d:e8:
42:00:94:91:2e:1a:26:3a:f7:cb:88:e1:4d:da:99:
1a:55:3e:cd:65:30:81:1f:db:f7:a6:1c:48:83:37:
63:aa:8a:51:c1:56:1d:72:55:56:43:60:d4:da:31:
28:55:c2:02:3b:d6:87:ae:3e:d4:6b:89:74:da:87:
34:75:59:64:f4:22:a1:00:ad:d9:35:39:98:b5:c0:
7b:e2:a2:88:4b:de:a8:04:14:2b:32:6c:c3:40:65:
18:e2:34:8c:5a:e0:49:a0:32:34:60:0c:06:a8:95:
2a:33:c3:7b:46:e5:e6:4d:9b:be:e8:b4:ba:e8:b9:
e7:4b:9f:74:b2:d0:ba:5f:2a:f4:b9:92:7a:81:92:
28:80:c6:93:6f:4f:b1:d4:5e:b0:a9:f1:8e:96:58:
f2:a1:92:86:90:0f:b1:c3:eb:11:ae:ce:4a:81:22:
6b:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:8A:E8:45:D9:64:44:51:7F:2F:FE:F0:62:97:DA:35:AD:5D:2D:A0
X509v3 Authority Key Identifier:
keyid:D9:01:55:C5:1F:F2:39:4D:A7:84:A3:84:AA:71:7C:76:E3:03:2C:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2QFVxR_yOU2nhKOEqnF8duMDLCQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/dec12c-5f18-48ab-b006-422bb43753be/1/L4roRdlkRFF_L_7wYpfaNa1dLaA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/dec12c-5f18-48ab-b006-422bb43753be/1/2QFVxR_yOU2nhKOEqnF8duMDLCQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.217.30.0/24
IPv6:
2a11:1b00::/29
Signature Algorithm: sha256WithRSAEncryption
0e:9d:9c:10:d8:db:55:8e:ec:ef:61:e5:b5:32:10:d0:4c:5d:
1c:d8:98:34:cd:1e:27:ef:cd:60:c8:43:2c:77:ae:5a:b8:85:
35:f6:09:e1:ae:15:86:5c:5f:70:41:0d:46:1a:c0:4f:d6:1a:
51:cc:cc:8c:bf:6e:86:fb:36:7b:52:46:69:45:b0:fb:84:6a:
02:a6:ec:30:dc:9e:a8:11:ba:db:eb:50:26:05:84:46:2b:8f:
49:14:c5:bc:9f:f9:a9:b9:f0:60:a6:fd:f1:83:3d:9d:03:7a:
54:c3:ff:d3:4c:a3:27:ec:f8:ba:08:fd:46:20:81:a3:3f:d2:
12:15:68:ee:cb:95:a8:bb:c0:1d:32:2f:78:be:09:11:cf:93:
86:19:58:a7:0d:ff:74:dc:b4:63:06:01:4b:ab:3c:d7:72:75:
45:39:7c:7a:6e:16:81:c3:dd:9f:21:8d:4d:48:a6:a0:ea:56:
b3:b2:0a:f0:c5:86:a4:2e:fb:80:7c:86:1d:7d:79:7c:34:cf:
83:b4:4d:48:94:41:11:f8:7d:28:c3:9d:63:56:d5:82:9a:be:
4e:8d:43:e4:50:e6:c4:20:46:6d:af:46:36:00:e7:24:f7:c3:
3f:f9:25:bb:ee:09:31:80:a9:be:ff:a0:d9:51:63:5a:3b:0e:
e0:c0:e1:72
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQhQ9g25YI168RkJUSySK5wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5MDE1NWM1MWZmMjM5NGRhNzg0YTM4NGFhNzE3Yzc2ZTMw
MzJjMjQwHhcNMjUwMTAxMDk0ODAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjhhZTg0NWQ5NjQ0NDUxN2YyZmZlZjA2Mjk3ZGEzNWFkNWQyZGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA39rOcO2PalsiLwE/7YRqckzB6q3N
1D+G2wtVwU/nMuHq9oCrt0xOnZMAuOHWAZiOPBNCtPl1MQPDPo7WveY4Ds44Og7o
Xq6N1iqBZJKFo/wTNX0L6WAUTehCAJSRLhomOvfLiOFN2pkaVT7NZTCBH9v3phxI
gzdjqopRwVYdclVWQ2DU2jEoVcICO9aHrj7Ua4l02oc0dVlk9CKhAK3ZNTmYtcB7
4qKIS96oBBQrMmzDQGUY4jSMWuBJoDI0YAwGqJUqM8N7RuXmTZu+6LS66LnnS590
stC6Xyr0uZJ6gZIogMaTb0+x1F6wqfGOlljyoZKGkA+xw+sRrs5KgSJrpwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFC+K6EXZZERRfy/+8GKX2jWtXS2gMB8GA1UdIwQY
MBaAFNkBVcUf8jlNp4SjhKpxfHbjAywkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlFGVnhSX3lPVTJuaEtPRXFuRjhkdU1ETENRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9kZWMxMmMtNWYxOC00OGFiLWIwMDYt
NDIyYmI0Mzc1M2JlLzEvTDRyb1JkbGtSRkZfTF83d1lwZmFOYTFkTGFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9kZWMxMmMtNWYxOC00OGFiLWIwMDYtNDIyYmI0Mzc1M2Jl
LzEvMlFGVnhSX3lPVTJuaEtPRXFuRjhkdU1ETENRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQA1dkeMA0E
AgACMAcDBQMqERsAMA0GCSqGSIb3DQEBCwUAA4IBAQAOnZwQ2NtVjuzvYeW1MhDQ
TF0c2Jg0zR4n781gyEMsd65auIU19gnhrhWGXF9wQQ1GGsBP1hpRzMyMv26G+zZ7
UkZpRbD7hGoCpuww3J6oEbrb61AmBYRGK49JFMW8n/mpufBgpv3xgz2dA3pUw//T
TKMn7Pi6CP1GIIGjP9ISFWjuy5Wou8AdMi94vgkRz5OGGVinDf903LRjBgFLqzzX
cnVFOXx6bhaBw92fIY1NSKag6lazsgrwxYakLvuAfIYdfXl8NM+DtE1IlEER+H0o
w51jVtWCmr5OjUPkUObEIEZtr0Y2AOck98M/+SW77gkxgKm+/6DZUWNaOw7gwOFy
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:42:22 2025 by rpki-client