Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/b1393d-cca8-4a97-81aa-643a4159ab46/1/a2opnLjAdetXY_1JtX6e5k1djAk.roa
File: a2opnLjAdetXY_1JtX6e5k1djAk.roa (raw, json)
Hash identifier: JHmWYExOHBSKedqf+sSdese/XJZ0oxQzlwRK0J1GOlU=
Subject key identifier: 6B:6A:29:9C:B8:C0:75:EB:57:63:FD:49:B5:7E:9E:E6:4D:5D:8C:09
Certificate issuer: /CN=01d1a1353f7f8b505fc98750e86787f4e046432e
Certificate serial: 019445FCBE14239A36EBE4353080769B6F71
Authority key identifier: 01:D1:A1:35:3F:7F:8B:50:5F:C9:87:50:E8:67:87:F4:E0:46:43:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AdGhNT9_i1BfyYdQ6GeH9OBGQy4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/b1393d-cca8-4a97-81aa-643a4159ab46/1/a2opnLjAdetXY_1JtX6e5k1djAk.roa
Signing time: Wed 08 Jan 2025 12:56:19 +0000
ROA not before: Wed 08 Jan 2025 12:56:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8638
IP address blocks: 87.123.208.0/22 maxlen: 22
89.27.161.0/24 maxlen: 24
89.247.220.0/24 maxlen: 24
2001:1438:f000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/b1393d-cca8-4a97-81aa-643a4159ab46/1/AdGhNT9_i1BfyYdQ6GeH9OBGQy4.crl
rsync://rpki.ripe.net/repository/DEFAULT/1b/b1393d-cca8-4a97-81aa-643a4159ab46/1/AdGhNT9_i1BfyYdQ6GeH9OBGQy4.mft
rsync://rpki.ripe.net/repository/DEFAULT/AdGhNT9_i1BfyYdQ6GeH9OBGQy4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 21 Feb 2025 08:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:45:fc:be:14:23:9a:36:eb:e4:35:30:80:76:9b:6f:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01d1a1353f7f8b505fc98750e86787f4e046432e
Validity
Not Before: Jan 8 12:56:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6b6a299cb8c075eb5763fd49b57e9ee64d5d8c09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:c1:a6:11:20:35:06:7d:a9:63:a0:5f:10:fd:
4f:46:5e:a2:c3:15:12:f5:a8:74:92:a8:1f:cc:5f:
49:48:b0:e4:03:65:b9:b1:78:d8:57:92:e2:2e:34:
2e:b3:5d:c7:78:94:8e:d0:59:55:a5:b1:80:df:b1:
8a:ba:b1:08:d7:f8:bf:31:88:1a:cd:d3:89:b7:3c:
0c:db:f5:dc:bd:aa:31:71:2d:bd:61:87:65:ab:0f:
5e:df:81:78:9e:2c:24:6b:d5:f4:09:7a:3a:5e:ea:
a8:7f:3f:00:15:00:bd:bb:13:b6:41:67:53:e6:8e:
ee:f6:62:54:19:d2:57:62:3f:64:19:01:e8:6c:5d:
5d:74:f3:96:4f:2f:8c:0f:e9:38:da:93:eb:1b:12:
b2:4c:bd:c0:47:5f:6d:3f:7e:43:bf:b7:ff:f6:6f:
ee:2e:cf:6b:66:cf:c8:22:62:ee:9f:10:51:0e:8c:
71:0e:f3:0a:1e:73:50:c0:50:05:27:be:d7:19:43:
51:8d:5c:f7:9a:51:79:c0:30:b1:8b:a3:85:96:e7:
27:ff:c1:5a:bf:a5:49:a1:9a:b5:e9:5b:ea:39:04:
63:56:6e:70:22:0d:02:e8:0c:91:06:70:9f:b6:a7:
82:e4:2d:3c:35:04:c7:92:ad:71:31:b9:4f:d1:8a:
d6:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:6A:29:9C:B8:C0:75:EB:57:63:FD:49:B5:7E:9E:E6:4D:5D:8C:09
X509v3 Authority Key Identifier:
keyid:01:D1:A1:35:3F:7F:8B:50:5F:C9:87:50:E8:67:87:F4:E0:46:43:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AdGhNT9_i1BfyYdQ6GeH9OBGQy4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/b1393d-cca8-4a97-81aa-643a4159ab46/1/a2opnLjAdetXY_1JtX6e5k1djAk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/b1393d-cca8-4a97-81aa-643a4159ab46/1/AdGhNT9_i1BfyYdQ6GeH9OBGQy4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.123.208.0/22
89.27.161.0/24
89.247.220.0/24
IPv6:
2001:1438:f000::/36
Signature Algorithm: sha256WithRSAEncryption
6f:80:0e:1f:8d:92:f6:5b:1f:a8:60:4c:54:49:01:5e:a1:f8:
ec:63:38:8b:3c:9b:a9:c4:82:66:02:dd:00:69:77:2d:a2:a7:
28:40:cc:4c:77:ee:8c:04:e6:32:b5:dd:5c:2d:f6:5c:41:dd:
a9:0a:02:91:ef:de:21:c8:e0:31:39:fe:c6:35:5a:38:25:52:
4d:58:f6:bb:2f:5e:26:6b:4e:87:10:ac:73:e1:a7:48:2c:04:
e7:b5:73:75:e3:16:a8:99:20:5c:8e:8f:7d:e7:ca:72:c3:45:
91:d8:59:2a:8a:9a:e3:dd:c2:6b:59:ac:30:54:d4:37:16:b8:
4d:0b:a2:b1:3a:c9:ef:b7:73:6d:70:c8:ec:f7:99:ff:f3:90:
0c:36:0c:fc:e7:bf:8b:bf:3a:ab:2d:1a:3d:fa:03:6e:e8:d0:
a6:65:3a:fb:81:e3:12:ff:b6:99:cd:5a:e6:35:04:4b:a5:60:
46:63:b4:4a:25:d1:09:59:ed:e5:15:52:d5:c1:3c:9e:99:ee:
ce:05:d3:99:93:e8:2b:03:2b:6d:36:41:d6:bd:86:d3:34:1d:
80:bc:fe:50:2e:30:93:92:5d:5a:23:2a:b6:c4:72:7e:65:17:
10:87:71:a0:fd:ff:f7:62:0c:b1:dd:dd:7b:71:9e:ae:83:58:
6c:b8:60:06
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZRF/L4UI5o26+Q1MIB2m29xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxZDFhMTM1M2Y3ZjhiNTA1ZmM5ODc1MGU4Njc4N2Y0ZTA0
NjQzMmUwHhcNMjUwMTA4MTI1NjE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjZhMjk5Y2I4YzA3NWViNTc2M2ZkNDliNTdlOWVlNjRkNWQ4YzA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8MGmESA1Bn2pY6BfEP1PRl6iwxUS
9ah0kqgfzF9JSLDkA2W5sXjYV5LiLjQus13HeJSO0FlVpbGA37GKurEI1/i/MYga
zdOJtzwM2/XcvaoxcS29YYdlqw9e34F4niwka9X0CXo6Xuqofz8AFQC9uxO2QWdT
5o7u9mJUGdJXYj9kGQHobF1ddPOWTy+MD+k42pPrGxKyTL3AR19tP35Dv7f/9m/u
Ls9rZs/IImLunxBRDoxxDvMKHnNQwFAFJ77XGUNRjVz3mlF5wDCxi6OFlucn/8Fa
v6VJoZq16VvqOQRjVm5wIg0C6AyRBnCftqeC5C08NQTHkq1xMblP0YrWPQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFGtqKZy4wHXrV2P9SbV+nuZNXYwJMB8GA1UdIwQY
MBaAFAHRoTU/f4tQX8mHUOhnh/TgRkMuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWRHaE5UOV9pMUJmeVlkUTZHZUg5T0JHUXk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi9iMTM5M2QtY2NhOC00YTk3LTgxYWEt
NjQzYTQxNTlhYjQ2LzEvYTJvcG5MakFkZXRYWV8xSnRYNmU1azFkakFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi9iMTM5M2QtY2NhOC00YTk3LTgxYWEtNjQzYTQxNTlhYjQ2
LzEvQWRHaE5UOV9pMUJmeVlkUTZHZUg5T0JHUXk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAYBAIAATASAwQCV3vQAwQA
WRuhAwQAWffcMA4EAgACMAgDBgQgARQ48DANBgkqhkiG9w0BAQsFAAOCAQEAb4AO
H42S9lsfqGBMVEkBXqH47GM4izybqcSCZgLdAGl3LaKnKEDMTHfujATmMrXdXC32
XEHdqQoCke/eIcjgMTn+xjVaOCVSTVj2uy9eJmtOhxCsc+GnSCwE57VzdeMWqJkg
XI6PfefKcsNFkdhZKoqa493Ca1msMFTUNxa4TQuisTrJ77dzbXDI7PeZ//OQDDYM
/Oe/i786qy0aPfoDbujQpmU6+4HjEv+2mc1a5jUES6VgRmO0SiXRCVnt5RVS1cE8
npnuzgXTmZPoKwMrbTZB1r2G0zQdgLz+UC4wk5JdWiMqtsRyfmUXEIdxoP3/92IM
sd3de3GeroNYbLhgBg==
-----END CERTIFICATE-----
Generated at Thu Feb 20 15:11:27 2025 by rpki-client