Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/ITP65m-ELAYrIziT1mqhAaKmFKI.roa
File: ITP65m-ELAYrIziT1mqhAaKmFKI.roa (raw, json)
Hash identifier: TA6Lz6SPSkTI7bhEP+cVZ388px4lL7fPEARYK+dRI9A=
Subject key identifier: 21:33:FA:E6:6F:84:2C:06:2B:23:38:93:D6:6A:A1:01:A2:A6:14:A2
Certificate issuer: /CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Certificate serial: 019421440C4BA5E0E9C5C15C2B3E2A2C2EBF
Authority key identifier: 29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/ITP65m-ELAYrIziT1mqhAaKmFKI.roa
Signing time: Wed 01 Jan 2025 09:48:15 +0000
ROA not before: Wed 01 Jan 2025 09:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202861
IP address blocks: 185.107.226.0/23 maxlen: 23
2a05:1500:300::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/KQn__NgaZryYtinUwFeSR2RfD-Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/KQn__NgaZryYtinUwFeSR2RfD-Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:0c:4b:a5:e0:e9:c5:c1:5c:2b:3e:2a:2c:2e:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Validity
Not Before: Jan 1 09:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2133fae66f842c062b233893d66aa101a2a614a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:2f:07:2c:af:fc:96:54:a0:ae:6b:0b:28:aa:
7b:34:7b:72:3c:b7:4d:1a:82:bf:44:d6:be:68:f5:
9a:18:53:26:5e:25:5a:68:d3:55:fb:27:3c:af:8c:
a5:59:dd:fb:ec:eb:48:c7:6b:b1:3d:ef:15:07:2a:
56:7b:40:54:1b:4f:7d:ce:3f:60:58:e2:65:00:3b:
bd:c7:24:8e:55:f1:d2:fd:60:d5:93:55:54:18:eb:
56:a5:17:7c:91:1d:a0:e7:96:ad:36:fd:6e:c0:a1:
c4:30:f4:d8:be:05:9e:91:3b:cf:49:17:82:12:62:
bc:6b:ff:d9:9e:1c:a2:c0:7e:0c:8b:f3:38:86:31:
98:b8:1d:1a:3a:46:20:bd:18:cc:e0:50:c3:0c:3d:
11:7e:32:c9:97:96:82:dd:47:53:be:4e:7e:13:51:
f8:77:2d:fc:61:1e:1a:13:4d:85:b0:f3:af:b0:db:
70:54:40:a5:dd:34:47:2d:9e:5f:35:48:5c:bd:04:
26:23:98:3d:17:a3:6e:81:dd:04:88:7c:8e:68:6d:
83:b8:47:1d:5c:7f:12:3b:6f:28:0e:82:8c:56:1d:
90:a6:2e:4f:89:b9:d2:5c:8c:c5:4a:de:39:30:14:
96:5c:b0:52:89:b9:e7:6e:07:be:61:3f:f4:1e:7e:
89:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:33:FA:E6:6F:84:2C:06:2B:23:38:93:D6:6A:A1:01:A2:A6:14:A2
X509v3 Authority Key Identifier:
keyid:29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/ITP65m-ELAYrIziT1mqhAaKmFKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/KQn__NgaZryYtinUwFeSR2RfD-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.107.226.0/23
IPv6:
2a05:1500:300::/40
Signature Algorithm: sha256WithRSAEncryption
6d:4a:33:3c:88:35:6f:7f:66:bd:b7:2f:bd:15:2d:e9:31:42:
c2:bd:a0:52:b3:db:36:96:12:85:56:94:71:c2:5b:56:fe:1d:
9f:f5:45:9d:7b:a2:98:0c:68:e6:da:e7:62:62:33:f7:54:2b:
23:81:3a:ee:7b:26:e1:a8:5f:97:cf:48:3a:54:d2:9d:e9:e0:
81:27:40:71:42:22:44:82:75:ad:7f:54:2d:cd:b8:66:01:63:
8f:38:51:04:4a:ef:b7:cb:76:e4:dd:06:76:30:16:ce:e4:43:
5d:ee:3d:ec:0b:d2:89:ea:e7:31:f2:73:f5:39:a9:cb:8d:a1:
94:ed:8d:32:82:82:0d:65:38:0e:8b:50:17:f8:91:ae:c1:aa:
83:58:25:66:3e:09:b5:4a:43:67:2d:3f:04:ea:2d:23:6e:db:
2f:b3:ee:23:63:5b:60:49:66:c6:de:5d:b5:f1:4b:3a:b6:fc:
8f:f1:98:c2:8b:b3:5c:85:b8:f6:55:fb:5a:e0:af:ee:54:cf:
b9:f4:30:ab:97:f4:db:ef:e7:3a:38:8c:cf:f5:16:58:93:73:
08:5b:09:7f:e3:7c:8b:35:f3:ee:61:a8:2d:f4:33:74:0d:4e:
7c:55:02:bb:cc:34:f2:99:62:06:4b:86:d0:01:be:be:31:4e:
c4:ac:57:cf
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZQhRAxLpeDpxcFcKz4qLC6/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MDlmZmZjZDgxYTY2YmM5OGI2MjlkNGMwNTc5MjQ3NjQ1
ZjBmZTQwHhcNMjUwMTAxMDk0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTMzZmFlNjZmODQyYzA2MmIyMzM4OTNkNjZhYTEwMWEyYTYxNGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlS8HLK/8llSgrmsLKKp7NHtyPLdN
GoK/RNa+aPWaGFMmXiVaaNNV+yc8r4ylWd377OtIx2uxPe8VBypWe0BUG099zj9g
WOJlADu9xySOVfHS/WDVk1VUGOtWpRd8kR2g55atNv1uwKHEMPTYvgWekTvPSReC
EmK8a//ZnhyiwH4Mi/M4hjGYuB0aOkYgvRjM4FDDDD0RfjLJl5aC3UdTvk5+E1H4
dy38YR4aE02FsPOvsNtwVECl3TRHLZ5fNUhcvQQmI5g9F6Nugd0EiHyOaG2DuEcd
XH8SO28oDoKMVh2Qpi5PibnSXIzFSt45MBSWXLBSibnnbge+YT/0Hn6JYQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFCEz+uZvhCwGKyM4k9ZqoQGiphSiMB8GA1UdIwQY
MBaAFCkJ//zYGma8mLYp1MBXkkdkXw/kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2Qt
ZjJhZTdiYzdlY2M1LzEvSVRQNjVtLUVMQVlySXppVDFtcWhBYUttRktJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2QtZjJhZTdiYzdlY2M1
LzEvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQBuWviMA4E
AgACMAgDBgAqBRUAAzANBgkqhkiG9w0BAQsFAAOCAQEAbUozPIg1b39mvbcvvRUt
6TFCwr2gUrPbNpYShVaUccJbVv4dn/VFnXuimAxo5trnYmIz91QrI4E67nsm4ahf
l89IOlTSnenggSdAcUIiRIJ1rX9ULc24ZgFjjzhRBErvt8t25N0GdjAWzuRDXe49
7AvSiernMfJz9Tmpy42hlO2NMoKCDWU4DotQF/iRrsGqg1glZj4JtUpDZy0/BOot
I27bL7PuI2NbYElmxt5dtfFLOrb8j/GYwouzXIW49lX7WuCv7lTPufQwq5f02+/n
OjiMz/UWWJNzCFsJf+N8izXz7mGoLfQzdA1OfFUCu8w08pliBkuG0AG+vjFOxKxX
zw==
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:19:51 2025 by rpki-client