Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/51mfa4prfZ4aIFenwdh1tef3BD4.roa
File: 51mfa4prfZ4aIFenwdh1tef3BD4.roa (raw, json)
Hash identifier: zRXMU/tcdvXFqHBSwYnaJo/sT01T39ww5SlzgBzMq4I=
Subject key identifier: E7:59:9F:6B:8A:6B:7D:9E:1A:20:57:A7:C1:D8:75:B5:E7:F7:04:3E
Certificate issuer: /CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Certificate serial: 019427B64A0B4708C367F7650C34C2C27CC8
Authority key identifier: BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/51mfa4prfZ4aIFenwdh1tef3BD4.roa
Signing time: Thu 02 Jan 2025 15:50:45 +0000
ROA not before: Thu 02 Jan 2025 15:50:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31100
IP address blocks: 85.93.64.0/24 maxlen: 24
85.93.69.0/24 maxlen: 24
85.93.72.0/24 maxlen: 24
85.93.77.0/24 maxlen: 24
212.40.190.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.mft
rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:4a:0b:47:08:c3:67:f7:65:0c:34:c2:c2:7c:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Validity
Not Before: Jan 2 15:50:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e7599f6b8a6b7d9e1a2057a7c1d875b5e7f7043e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:61:b2:d0:f5:ce:be:d1:2e:94:a6:77:b4:25:
e6:6d:fd:57:42:97:16:87:46:80:e9:b3:cf:6c:9f:
d3:2e:b1:70:11:73:98:e8:b5:3a:9d:98:fe:88:42:
ac:9d:5a:0b:9d:13:d0:c7:36:86:7a:60:15:19:e7:
09:d0:80:f6:1d:c5:a1:1e:45:c9:0a:96:53:b9:9e:
1b:05:88:a8:47:1d:f8:88:7a:91:a2:13:ca:d4:60:
15:55:06:0c:42:5a:53:b9:34:71:56:ab:24:08:32:
3a:cd:44:cb:ad:23:9c:85:9e:c3:ed:7a:be:b5:96:
9d:f1:b0:93:a1:1b:44:4f:d7:7a:d9:b2:d3:fb:ec:
ff:49:95:d9:0e:83:af:26:8b:e2:25:c6:8f:fe:0b:
73:d5:2f:08:a1:1e:6c:2b:4d:03:4e:ad:64:d6:36:
63:8d:65:06:49:23:27:21:55:5b:b3:ca:65:48:39:
ef:c7:e8:9d:68:07:b9:6b:84:4d:74:5b:1e:3b:57:
f7:2b:57:e8:bd:5c:80:1d:1e:2b:1c:17:ca:9a:55:
d9:50:92:98:3e:a7:b7:c8:88:79:d0:19:f5:12:28:
5c:92:de:8c:bf:a3:f9:8e:25:f4:39:82:87:4b:16:
1e:1a:b3:c4:c3:05:f2:3c:4b:1e:cd:ee:c4:ba:76:
e9:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:59:9F:6B:8A:6B:7D:9E:1A:20:57:A7:C1:D8:75:B5:E7:F7:04:3E
X509v3 Authority Key Identifier:
keyid:BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/51mfa4prfZ4aIFenwdh1tef3BD4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.93.64.0/24
85.93.69.0/24
85.93.72.0/24
85.93.77.0/24
212.40.190.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:41:81:75:0c:42:2f:20:a7:4b:bf:72:ad:1f:06:0b:ab:be:
a3:95:cf:42:a2:70:23:4f:16:bb:23:85:74:fa:bd:d3:1d:e1:
2e:01:34:85:51:8b:c5:3e:86:d2:18:19:52:f1:c9:eb:ab:9a:
1a:53:f6:ab:de:a7:8b:83:93:5f:13:49:1c:83:9b:e3:89:5d:
6c:ba:31:94:1d:11:19:63:17:89:7c:74:7b:2c:cd:c4:77:7c:
c6:98:81:f2:2f:ce:61:f6:e0:75:ab:29:1c:06:0c:00:33:7c:
52:d4:f3:08:9a:82:8a:2a:10:ab:32:b2:47:4e:0b:78:4d:db:
47:0d:38:18:d0:9b:b5:47:ab:8d:07:1e:6c:04:c0:a3:90:7f:
ea:e7:b3:3d:8a:ef:41:3a:c0:de:79:70:cc:c3:20:f6:b9:7c:
93:d7:d9:3a:65:d9:92:09:92:c3:f7:26:df:56:56:58:bd:de:
42:d0:aa:c6:c9:31:2d:0d:cf:4d:60:ae:78:e0:79:55:36:2f:
3a:88:2d:d6:9a:bb:43:59:dc:7b:ca:f2:f2:03:f5:1d:bb:06:
92:1f:15:c2:42:55:4c:c3:95:d9:7e:dd:9e:90:98:3f:c2:3a:
eb:49:97:d5:bc:a4:ad:fe:b7:55:cc:8d:52:43:c1:93:5a:f4:
39:f9:4b:6f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQntkoLRwjDZ/dlDDTCwnzIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNmVkMGZiN2IzMjA4MzJhYzE1ODA1MzRjN2IyNjNmMzA0
ZTk4MWIwHhcNMjUwMTAyMTU1MDQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzU5OWY2YjhhNmI3ZDllMWEyMDU3YTdjMWQ4NzViNWU3ZjcwNDNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWGy0PXOvtEulKZ3tCXmbf1XQpcW
h0aA6bPPbJ/TLrFwEXOY6LU6nZj+iEKsnVoLnRPQxzaGemAVGecJ0ID2HcWhHkXJ
CpZTuZ4bBYioRx34iHqRohPK1GAVVQYMQlpTuTRxVqskCDI6zUTLrSOchZ7D7Xq+
tZad8bCToRtET9d62bLT++z/SZXZDoOvJoviJcaP/gtz1S8IoR5sK00DTq1k1jZj
jWUGSSMnIVVbs8plSDnvx+idaAe5a4RNdFseO1f3K1fovVyAHR4rHBfKmlXZUJKY
Pqe3yIh50Bn1Eihckt6Mv6P5jiX0OYKHSxYeGrPEwwXyPEseze7EunbpFQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOdZn2uKa32eGiBXp8HYdbXn9wQ+MB8GA1UdIwQY
MBaAFLpu0Pt7MggyrBWAU0x7Jj8wTpgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQt
MTYxZjM0MjM4N2QxLzEvNTFtZmE0cHJmWjRhSUZlbndkaDF0ZWYzQkQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQtMTYxZjM0MjM4N2Qx
LzEvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVV1AAwQA
VV1FAwQAVV1IAwQAVV1NAwQA1Ci+MA0GCSqGSIb3DQEBCwUAA4IBAQCKQYF1DEIv
IKdLv3KtHwYLq76jlc9ConAjTxa7I4V0+r3THeEuATSFUYvFPobSGBlS8cnrq5oa
U/ar3qeLg5NfE0kcg5vjiV1sujGUHREZYxeJfHR7LM3Ed3zGmIHyL85h9uB1qykc
BgwAM3xS1PMImoKKKhCrMrJHTgt4TdtHDTgY0Ju1R6uNBx5sBMCjkH/q57M9iu9B
OsDeeXDMwyD2uXyT19k6ZdmSCZLD9ybfVlZYvd5C0KrGyTEtDc9NYK544HlVNi86
iC3WmrtDWdx7yvLyA/UduwaSHxXCQlVMw5XZft2ekJg/wjrrSZfVvKSt/rdVzI1S
Q8GTWvQ5+Utv
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:40:52 2025 by rpki-client