Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/f449b3-d8a8-493e-9bd7-e88465c46186/1/4nK8mBu8KH58Djeo3td_0Crw3KY.roa
File: 4nK8mBu8KH58Djeo3td_0Crw3KY.roa (raw, json)
Hash identifier: zQgvuYZT7k7Pe+7tNXcpWarsNSwzQ+DP9gqFroEYWW0=
Subject key identifier: E2:72:BC:98:1B:BC:28:7E:7C:0E:37:A8:DE:D7:7F:D0:2A:F0:DC:A6
Certificate issuer: /CN=c27358682df3df8bdc7024507f92ecfc5ae097bb
Certificate serial: 019422FC2CBD5439A4B39AE2D1FC9B8ECFBE
Authority key identifier: C2:73:58:68:2D:F3:DF:8B:DC:70:24:50:7F:92:EC:FC:5A:E0:97:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wnNYaC3z34vccCRQf5Ls_Frgl7s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/f449b3-d8a8-493e-9bd7-e88465c46186/1/4nK8mBu8KH58Djeo3td_0Crw3KY.roa
Signing time: Wed 01 Jan 2025 17:48:59 +0000
ROA not before: Wed 01 Jan 2025 17:48:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47886
IP address blocks: 213.193.209.0/24 maxlen: 24
213.193.212.0/24 maxlen: 24
213.193.232.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/f449b3-d8a8-493e-9bd7-e88465c46186/1/wnNYaC3z34vccCRQf5Ls_Frgl7s.crl
rsync://rpki.ripe.net/repository/DEFAULT/2e/f449b3-d8a8-493e-9bd7-e88465c46186/1/wnNYaC3z34vccCRQf5Ls_Frgl7s.mft
rsync://rpki.ripe.net/repository/DEFAULT/wnNYaC3z34vccCRQf5Ls_Frgl7s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 15 Apr 2025 11:01:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:2c:bd:54:39:a4:b3:9a:e2:d1:fc:9b:8e:cf:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c27358682df3df8bdc7024507f92ecfc5ae097bb
Validity
Not Before: Jan 1 17:48:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e272bc981bbc287e7c0e37a8ded77fd02af0dca6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:b4:f7:cf:e9:a3:57:52:9c:04:3d:69:7a:5d:
99:da:bf:61:f5:60:bf:86:13:b1:d3:b6:cf:45:d8:
7a:ec:87:20:ff:4c:57:65:96:22:d2:dd:9a:48:f6:
aa:7a:ad:18:2d:ea:3a:59:48:08:47:9f:18:63:dc:
4a:ca:3a:bd:d3:92:d5:59:83:3e:68:cd:95:ba:2f:
bc:a0:14:f0:11:ba:2c:10:69:de:45:4e:97:ca:48:
57:6c:84:d9:e0:f2:11:42:69:4d:ab:78:55:3f:fe:
4d:be:25:9d:c1:54:e2:af:a4:01:a4:e6:0d:77:81:
27:51:38:aa:70:36:a2:b3:58:b9:b6:36:48:0c:dc:
fd:cf:b7:a0:4f:be:14:6d:18:4d:26:15:db:21:c2:
27:ba:0d:24:d2:ed:e8:ac:88:ef:8b:89:82:40:a8:
20:71:7e:75:15:c4:15:b9:4c:68:ce:47:88:36:a3:
9a:da:8b:1d:54:ff:87:00:d0:39:e4:19:12:8d:ea:
3b:5b:79:04:80:83:39:93:f7:d4:be:cb:19:ee:8c:
0f:35:81:01:5d:e3:19:c7:81:4a:45:9e:56:a3:1b:
26:ad:1a:c1:1a:e8:ce:0d:cf:44:f8:fe:5d:86:cd:
37:48:99:ea:fa:90:55:0c:e7:a5:53:d8:5e:3d:ed:
ae:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:72:BC:98:1B:BC:28:7E:7C:0E:37:A8:DE:D7:7F:D0:2A:F0:DC:A6
X509v3 Authority Key Identifier:
keyid:C2:73:58:68:2D:F3:DF:8B:DC:70:24:50:7F:92:EC:FC:5A:E0:97:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wnNYaC3z34vccCRQf5Ls_Frgl7s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/f449b3-d8a8-493e-9bd7-e88465c46186/1/4nK8mBu8KH58Djeo3td_0Crw3KY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/f449b3-d8a8-493e-9bd7-e88465c46186/1/wnNYaC3z34vccCRQf5Ls_Frgl7s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.193.209.0/24
213.193.212.0/24
213.193.232.0/24
Signature Algorithm: sha256WithRSAEncryption
75:52:49:a0:02:5f:a0:d6:5c:34:60:d9:0b:e1:d8:9c:8e:e4:
5b:a4:b9:b6:5f:c2:80:49:f3:7f:89:49:9f:56:be:e8:d9:1c:
0e:76:e0:3a:9b:d5:b2:db:c3:cb:42:b6:51:b5:47:7b:2a:21:
ac:71:1b:bb:38:ef:29:0d:50:7b:30:23:f8:87:70:10:b7:35:
d1:db:0f:d8:10:41:9e:a9:9a:cf:fb:91:72:53:0d:57:5d:1f:
9e:7c:b8:a1:ab:f9:9e:e4:61:d4:58:79:4b:00:6e:6e:5e:00:
e9:7c:5b:3a:a0:09:24:c0:65:2f:1a:d1:50:a9:fd:ee:d6:af:
99:cb:ac:76:db:a1:ce:17:a4:0b:81:48:20:d2:a1:77:be:d9:
3a:e1:81:43:ba:da:59:05:75:8f:30:a3:70:72:2a:a8:08:62:
9b:03:02:2d:67:25:b0:6c:14:a1:7e:c4:0a:a9:76:e3:7b:17:
be:8d:93:21:be:0b:6d:df:80:31:a0:fe:6e:11:3f:b2:05:12:
89:27:98:3e:41:d7:e7:2e:1a:57:52:af:73:0d:05:51:1c:ca:
11:e4:28:4c:6e:c3:8d:59:5b:22:fe:0c:bb:a9:b0:7e:04:19:
ad:5f:46:26:d4:6b:66:4b:17:f7:4b:43:50:9e:89:4e:0e:de:
e5:ca:92:eb
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQi/Cy9VDmks5ri0fybjs++MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzM1ODY4MmRmM2RmOGJkYzcwMjQ1MDdmOTJlY2ZjNWFl
MDk3YmIwHhcNMjUwMTAxMTc0ODU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjcyYmM5ODFiYmMyODdlN2MwZTM3YThkZWQ3N2ZkMDJhZjBkY2E2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7T3z+mjV1KcBD1pel2Z2r9h9WC/
hhOx07bPRdh67Icg/0xXZZYi0t2aSPaqeq0YLeo6WUgIR58YY9xKyjq905LVWYM+
aM2Vui+8oBTwEbosEGneRU6XykhXbITZ4PIRQmlNq3hVP/5NviWdwVTir6QBpOYN
d4EnUTiqcDais1i5tjZIDNz9z7egT74UbRhNJhXbIcInug0k0u3orIjvi4mCQKgg
cX51FcQVuUxozkeINqOa2osdVP+HANA55BkSjeo7W3kEgIM5k/fUvssZ7owPNYEB
XeMZx4FKRZ5WoxsmrRrBGujODc9E+P5dhs03SJnq+pBVDOelU9hePe2uXwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOJyvJgbvCh+fA43qN7Xf9Aq8NymMB8GA1UdIwQY
MBaAFMJzWGgt89+L3HAkUH+S7Pxa4Je7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25OWWFDM3ozNHZjY0NSUWY1THNfRnJnbDdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9mNDQ5YjMtZDhhOC00OTNlLTliZDct
ZTg4NDY1YzQ2MTg2LzEvNG5LOG1CdThLSDU4RGplbzN0ZF8wQ3J3M0tZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9mNDQ5YjMtZDhhOC00OTNlLTliZDctZTg4NDY1YzQ2MTg2
LzEvd25OWWFDM3ozNHZjY0NSUWY1THNfRnJnbDdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQA1cHRAwQA
1cHUAwQA1cHoMA0GCSqGSIb3DQEBCwUAA4IBAQB1UkmgAl+g1lw0YNkL4dicjuRb
pLm2X8KASfN/iUmfVr7o2RwOduA6m9Wy28PLQrZRtUd7KiGscRu7OO8pDVB7MCP4
h3AQtzXR2w/YEEGeqZrP+5FyUw1XXR+efLihq/me5GHUWHlLAG5uXgDpfFs6oAkk
wGUvGtFQqf3u1q+Zy6x226HOF6QLgUgg0qF3vtk64YFDutpZBXWPMKNwciqoCGKb
AwItZyWwbBShfsQKqXbjexe+jZMhvgtt34AxoP5uET+yBRKJJ5g+QdfnLhpXUq9z
DQVRHMoR5ChMbsONWVsi/gy7qbB+BBmtX0Ym1GtmSxf3S0NQnolODt7lypLr
-----END CERTIFICATE-----
Generated at Mon Apr 14 22:05:26 2025 by rpki-client