Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/c3a85d-9d0b-4562-9238-46ee0cd7fcba/1/dZ8FONS7KKnXtPOWC1aUQDIHQr4.roa
File: dZ8FONS7KKnXtPOWC1aUQDIHQr4.roa (raw, json)
Hash identifier: eYi/BgNAuN/BBQLuz4zrndBhjJKwJ84q4OAoqSVG8XI=
Subject key identifier: 75:9F:05:38:D4:BB:28:A9:D7:B4:F3:96:0B:56:94:40:32:07:42:BE
Certificate issuer: /CN=4eca105ce4af6c21cd429e992d06ea7d06d8a56d
Certificate serial: 0194252171939373A3D53CA4F1CC5D202849
Authority key identifier: 4E:CA:10:5C:E4:AF:6C:21:CD:42:9E:99:2D:06:EA:7D:06:D8:A5:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TsoQXOSvbCHNQp6ZLQbqfQbYpW0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/c3a85d-9d0b-4562-9238-46ee0cd7fcba/1/dZ8FONS7KKnXtPOWC1aUQDIHQr4.roa
Signing time: Thu 02 Jan 2025 03:48:56 +0000
ROA not before: Thu 02 Jan 2025 03:48:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12301
IP address blocks: 81.94.240.0/20 maxlen: 20
185.119.180.0/22 maxlen: 22
2a01:9b80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/c3a85d-9d0b-4562-9238-46ee0cd7fcba/1/TsoQXOSvbCHNQp6ZLQbqfQbYpW0.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/c3a85d-9d0b-4562-9238-46ee0cd7fcba/1/TsoQXOSvbCHNQp6ZLQbqfQbYpW0.mft
rsync://rpki.ripe.net/repository/DEFAULT/TsoQXOSvbCHNQp6ZLQbqfQbYpW0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 18:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:71:93:93:73:a3:d5:3c:a4:f1:cc:5d:20:28:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4eca105ce4af6c21cd429e992d06ea7d06d8a56d
Validity
Not Before: Jan 2 03:48:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=759f0538d4bb28a9d7b4f3960b569440320742be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:e2:69:2a:b9:ac:7a:ac:c7:ea:3e:d1:b8:03:
83:af:d1:6f:f1:08:f9:a4:6c:5e:e2:f8:2e:22:34:
85:27:a1:87:44:58:76:6e:df:84:d0:71:55:02:1f:
4e:1a:a8:cc:62:cb:07:77:e2:36:4b:31:0c:ac:3b:
d2:21:11:c2:d1:56:51:c5:c7:a7:2e:fc:85:97:ed:
d0:df:92:44:51:7e:18:de:43:1b:06:bd:96:3a:57:
75:ee:fd:51:c3:dd:a2:75:34:dc:d5:05:c9:37:13:
31:50:a9:c3:51:41:18:04:dc:0a:93:6c:a6:e3:06:
7b:68:1e:a6:64:76:e2:a4:e9:29:77:5a:6c:3f:08:
a3:30:d4:57:74:44:fa:82:c7:11:bd:83:2e:8a:d7:
de:25:46:21:a8:13:73:cf:45:4b:1d:da:1a:bb:a6:
fc:a1:5f:4f:b2:90:ca:20:cf:cf:7b:fb:91:f4:4f:
d3:51:c5:0c:c4:40:9f:49:1e:87:17:34:78:31:5b:
94:b6:6c:6f:1e:75:1c:f1:d7:ca:5b:81:c7:aa:ab:
52:90:6b:0a:f2:2c:55:ce:b3:98:4c:fc:9d:f2:96:
41:23:ac:4e:2e:e9:d3:1b:78:c9:c7:41:af:45:72:
af:3d:90:d0:da:ca:68:e8:27:8b:d8:23:e5:3f:c5:
31:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:9F:05:38:D4:BB:28:A9:D7:B4:F3:96:0B:56:94:40:32:07:42:BE
X509v3 Authority Key Identifier:
keyid:4E:CA:10:5C:E4:AF:6C:21:CD:42:9E:99:2D:06:EA:7D:06:D8:A5:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TsoQXOSvbCHNQp6ZLQbqfQbYpW0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/c3a85d-9d0b-4562-9238-46ee0cd7fcba/1/dZ8FONS7KKnXtPOWC1aUQDIHQr4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/c3a85d-9d0b-4562-9238-46ee0cd7fcba/1/TsoQXOSvbCHNQp6ZLQbqfQbYpW0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.94.240.0/20
185.119.180.0/22
IPv6:
2a01:9b80::/32
Signature Algorithm: sha256WithRSAEncryption
8f:e4:3d:18:0d:bc:e0:ca:b5:fd:e9:21:01:f6:c6:99:d0:2d:
05:8d:f3:77:99:9c:bd:4a:bd:4c:45:b4:e7:b1:3f:54:ca:48:
a4:b2:d0:df:a4:d7:87:6b:32:03:58:b1:bf:8e:f6:7a:bb:ac:
9f:ec:48:93:ed:2a:f8:05:3f:97:66:82:0b:58:3f:88:39:4f:
d8:c7:99:bb:80:1c:dc:dd:9c:c3:cd:2f:64:98:bc:50:f1:e0:
c3:83:3f:f2:a0:ae:ce:75:83:0c:fc:37:51:7a:3a:82:ad:90:
e2:d5:dc:72:df:fe:db:de:70:40:a8:8c:55:12:9c:4b:6a:a2:
87:85:07:b6:77:59:eb:df:13:c0:d3:fe:54:37:43:41:d1:18:
96:4a:0f:9e:1b:e4:0d:c1:77:c6:e2:61:1c:b5:83:0e:41:bd:
f0:98:ab:ed:1f:81:43:29:5f:16:78:69:5d:41:e8:e1:eb:88:
53:cd:b0:30:42:66:bc:34:b5:a3:3b:5c:20:b3:2a:a7:9c:bb:
45:43:5c:8d:39:d9:28:fd:41:00:61:5e:bb:a3:50:07:c6:0d:
a5:d3:23:52:b3:71:5c:e1:6f:7d:84:83:11:d9:a6:64:59:d8:
fa:6b:6e:60:c2:d7:c8:53:5e:8d:95:eb:2e:ab:5b:4c:f8:f1:
2c:dc:00:ac
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQlIXGTk3Oj1Tyk8cxdIChJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlY2ExMDVjZTRhZjZjMjFjZDQyOWU5OTJkMDZlYTdkMDZk
OGE1NmQwHhcNMjUwMTAyMDM0ODU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTlmMDUzOGQ0YmIyOGE5ZDdiNGYzOTYwYjU2OTQ0MDMyMDc0MmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApeJpKrmseqzH6j7RuAODr9Fv8Qj5
pGxe4vguIjSFJ6GHRFh2bt+E0HFVAh9OGqjMYssHd+I2SzEMrDvSIRHC0VZRxcen
LvyFl+3Q35JEUX4Y3kMbBr2WOld17v1Rw92idTTc1QXJNxMxUKnDUUEYBNwKk2ym
4wZ7aB6mZHbipOkpd1psPwijMNRXdET6gscRvYMuitfeJUYhqBNzz0VLHdoau6b8
oV9PspDKIM/Pe/uR9E/TUcUMxECfSR6HFzR4MVuUtmxvHnUc8dfKW4HHqqtSkGsK
8ixVzrOYTPyd8pZBI6xOLunTG3jJx0GvRXKvPZDQ2spo6CeL2CPlP8UxYQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHWfBTjUuyip17TzlgtWlEAyB0K+MB8GA1UdIwQY
MBaAFE7KEFzkr2whzUKemS0G6n0G2KVtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHNvUVhPU3ZiQ0hOUXA2WkxRYnFmUWJZcFcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9jM2E4NWQtOWQwYi00NTYyLTkyMzgt
NDZlZTBjZDdmY2JhLzEvZFo4Rk9OUzdLS25YdFBPV0MxYVVRRElIUXI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9jM2E4NWQtOWQwYi00NTYyLTkyMzgtNDZlZTBjZDdmY2Jh
LzEvVHNvUVhPU3ZiQ0hOUXA2WkxRYnFmUWJZcFcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEUV7wAwQC
uXe0MA0EAgACMAcDBQAqAZuAMA0GCSqGSIb3DQEBCwUAA4IBAQCP5D0YDbzgyrX9
6SEB9saZ0C0FjfN3mZy9Sr1MRbTnsT9UykikstDfpNeHazIDWLG/jvZ6u6yf7EiT
7Sr4BT+XZoILWD+IOU/Yx5m7gBzc3ZzDzS9kmLxQ8eDDgz/yoK7OdYMM/DdRejqC
rZDi1dxy3/7b3nBAqIxVEpxLaqKHhQe2d1nr3xPA0/5UN0NB0RiWSg+eG+QNwXfG
4mEctYMOQb3wmKvtH4FDKV8WeGldQejh64hTzbAwQma8NLWjO1wgsyqnnLtFQ1yN
Odko/UEAYV67o1AHxg2l0yNSs3Fc4W99hIMR2aZkWdj6a25gwtfIU16Nlesuq1tM
+PEs3ACs
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:22:43 2025 by rpki-client