Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/c212a2-37e9-4ad6-bbe6-835a5842b94c/1/TgyKwJa2KkbDi0Hpkc1sfLVSKbY.roa
File: TgyKwJa2KkbDi0Hpkc1sfLVSKbY.roa (raw, json)
Hash identifier: PBkxa8WbS+Zs7wyVcsYo6bQBjySTnxQqvA/GU7hJEfs=
Subject key identifier: 4E:0C:8A:C0:96:B6:2A:46:C3:8B:41:E9:91:CD:6C:7C:B5:52:29:B6
Certificate issuer: /CN=bb4731884ba0f573fa618b6e7ad503a12c965af3
Certificate serial: 019420D5A8ACEF29FA694B1FC1F7BC6525AF
Authority key identifier: BB:47:31:88:4B:A0:F5:73:FA:61:8B:6E:7A:D5:03:A1:2C:96:5A:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u0cxiEug9XP6YYtuetUDoSyWWvM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/c212a2-37e9-4ad6-bbe6-835a5842b94c/1/TgyKwJa2KkbDi0Hpkc1sfLVSKbY.roa
Signing time: Wed 01 Jan 2025 07:47:40 +0000
ROA not before: Wed 01 Jan 2025 07:47:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1299
IP address blocks: 185.248.28.0/22 maxlen: 24
195.189.245.0/24 maxlen: 24
2a0d:dd80::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/c212a2-37e9-4ad6-bbe6-835a5842b94c/1/u0cxiEug9XP6YYtuetUDoSyWWvM.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/c212a2-37e9-4ad6-bbe6-835a5842b94c/1/u0cxiEug9XP6YYtuetUDoSyWWvM.mft
rsync://rpki.ripe.net/repository/DEFAULT/u0cxiEug9XP6YYtuetUDoSyWWvM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 19:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:a8:ac:ef:29:fa:69:4b:1f:c1:f7:bc:65:25:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb4731884ba0f573fa618b6e7ad503a12c965af3
Validity
Not Before: Jan 1 07:47:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4e0c8ac096b62a46c38b41e991cd6c7cb55229b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:66:ef:a5:76:f9:07:1e:d7:d9:7e:57:a9:35:
4b:80:34:8a:44:19:eb:32:4a:16:17:97:8f:71:e7:
3f:d8:e1:51:d2:26:c0:33:90:b3:c7:c6:8c:6c:a4:
71:cf:c4:2d:45:6a:d8:34:fc:2f:90:64:bd:b4:83:
35:0e:7a:d6:7d:14:b8:c4:9a:cb:32:f4:46:73:65:
25:c9:0c:cf:b9:fa:bb:30:98:47:3b:71:2a:35:11:
5c:b0:03:f6:9b:f8:91:f7:77:97:c1:0d:b3:99:d4:
ed:c8:86:3c:6b:f3:15:d9:36:c0:96:bb:ed:52:fa:
86:c4:4f:e0:70:cc:33:fd:f1:23:2c:5c:b4:42:b5:
87:5e:78:5f:d4:13:1a:96:38:08:f1:09:28:af:46:
cf:c2:c1:c2:f8:82:a5:35:82:a7:89:85:f0:a4:14:
7f:a6:da:bd:c3:42:3c:7a:aa:17:6f:52:51:ca:26:
bd:ee:ac:53:06:c7:ae:23:64:f2:75:78:8a:3b:0c:
bd:7f:24:52:ec:1f:4a:f9:bc:f2:d5:b9:92:68:02:
94:70:d1:38:0b:42:87:9f:60:d4:d1:f1:5f:2f:55:
6f:b4:51:59:fb:7d:72:f6:4d:19:fa:d7:cc:1b:bb:
75:af:f1:1d:50:bb:3d:81:37:3b:51:01:13:5c:37:
97:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:0C:8A:C0:96:B6:2A:46:C3:8B:41:E9:91:CD:6C:7C:B5:52:29:B6
X509v3 Authority Key Identifier:
keyid:BB:47:31:88:4B:A0:F5:73:FA:61:8B:6E:7A:D5:03:A1:2C:96:5A:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u0cxiEug9XP6YYtuetUDoSyWWvM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/c212a2-37e9-4ad6-bbe6-835a5842b94c/1/TgyKwJa2KkbDi0Hpkc1sfLVSKbY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/c212a2-37e9-4ad6-bbe6-835a5842b94c/1/u0cxiEug9XP6YYtuetUDoSyWWvM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.248.28.0/22
195.189.245.0/24
IPv6:
2a0d:dd80::/29
Signature Algorithm: sha256WithRSAEncryption
8a:fc:b6:66:fc:2f:57:ff:52:07:cc:ba:14:6d:e3:b2:50:37:
ce:55:ee:dc:a7:46:85:dd:43:42:79:bb:63:6c:66:d6:e5:16:
e2:f0:7b:98:b5:f5:ab:81:fb:27:dd:a9:00:bc:c9:11:48:1a:
f8:50:38:05:b8:41:66:2e:74:f0:06:d1:18:01:93:38:dd:34:
48:84:52:27:f7:f2:fe:94:a1:21:e1:c2:0d:e8:9f:4f:b0:2d:
e7:1d:ad:70:8f:c2:fa:53:97:15:97:ed:11:bb:4f:37:03:6d:
70:d0:1c:7c:d0:2b:6a:09:8c:41:44:82:13:bb:43:09:50:87:
9b:c0:0d:e3:8b:65:f3:04:cb:dd:78:aa:a3:70:52:ce:b5:7b:
65:16:cd:95:2e:1a:a8:2b:7f:1e:33:cb:81:83:dc:ac:81:07:
7f:00:3e:81:ac:49:5d:48:d9:85:cd:ce:8e:d7:36:47:50:c4:
9c:4d:c2:67:7b:6e:0f:d9:2e:bf:d4:b9:8b:f7:a7:7a:d5:ed:
17:d4:0f:a5:28:6c:ab:95:ae:b2:6c:0c:18:f1:a7:51:a2:68:
13:38:44:0f:bc:26:32:94:01:e9:f3:3c:59:df:b4:cf:bf:7d:
22:cf:38:3f:19:64:e4:6f:fa:1a:3e:c8:a5:a9:b7:28:56:10:
c6:8c:f1:ce
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQg1ais7yn6aUsfwfe8ZSWvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiNDczMTg4NGJhMGY1NzNmYTYxOGI2ZTdhZDUwM2ExMmM5
NjVhZjMwHhcNMjUwMTAxMDc0NzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTBjOGFjMDk2YjYyYTQ2YzM4YjQxZTk5MWNkNmM3Y2I1NTIyOWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt2bvpXb5Bx7X2X5XqTVLgDSKRBnr
MkoWF5ePcec/2OFR0ibAM5Czx8aMbKRxz8QtRWrYNPwvkGS9tIM1DnrWfRS4xJrL
MvRGc2UlyQzPufq7MJhHO3EqNRFcsAP2m/iR93eXwQ2zmdTtyIY8a/MV2TbAlrvt
UvqGxE/gcMwz/fEjLFy0QrWHXnhf1BMaljgI8Qkor0bPwsHC+IKlNYKniYXwpBR/
ptq9w0I8eqoXb1JRyia97qxTBseuI2TydXiKOwy9fyRS7B9K+bzy1bmSaAKUcNE4
C0KHn2DU0fFfL1VvtFFZ+31y9k0Z+tfMG7t1r/EdULs9gTc7UQETXDeX+QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFE4MisCWtipGw4tB6ZHNbHy1Uim2MB8GA1UdIwQY
MBaAFLtHMYhLoPVz+mGLbnrVA6EsllrzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTBjeGlFdWc5WFA2WVl0dWV0VURvU3lXV3ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9jMjEyYTItMzdlOS00YWQ2LWJiZTYt
ODM1YTU4NDJiOTRjLzEvVGd5S3dKYTJLa2JEaTBIcGtjMXNmTFZTS2JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9jMjEyYTItMzdlOS00YWQ2LWJiZTYtODM1YTU4NDJiOTRj
LzEvdTBjeGlFdWc5WFA2WVl0dWV0VURvU3lXV3ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCufgcAwQA
w731MA0EAgACMAcDBQMqDd2AMA0GCSqGSIb3DQEBCwUAA4IBAQCK/LZm/C9X/1IH
zLoUbeOyUDfOVe7cp0aF3UNCebtjbGbW5Rbi8HuYtfWrgfsn3akAvMkRSBr4UDgF
uEFmLnTwBtEYAZM43TRIhFIn9/L+lKEh4cIN6J9PsC3nHa1wj8L6U5cVl+0Ru083
A21w0Bx80CtqCYxBRIITu0MJUIebwA3ji2XzBMvdeKqjcFLOtXtlFs2VLhqoK38e
M8uBg9ysgQd/AD6BrEldSNmFzc6O1zZHUMScTcJne24P2S6/1LmL96d61e0X1A+l
KGyrla6ybAwY8adRomgTOEQPvCYylAHp8zxZ37TPv30izzg/GWTkb/oaPsilqbco
VhDGjPHO
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:51:43 2025 by rpki-client