Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/cT-m8k4SDtvWHlQKpD65GuRYzTQ.roa
File: cT-m8k4SDtvWHlQKpD65GuRYzTQ.roa (raw, json)
Hash identifier: r6RkMNZjMfYtE9PPmCf0mAK1eFJX+kttY3BaDf/aAME=
Subject key identifier: 71:3F:A6:F2:4E:12:0E:DB:D6:1E:54:0A:A4:3E:B9:1A:E4:58:CD:34
Certificate issuer: /CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Certificate serial: 019421440CD41E95860EF807DBEE2612A2AA
Authority key identifier: 29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/cT-m8k4SDtvWHlQKpD65GuRYzTQ.roa
Signing time: Wed 01 Jan 2025 09:48:15 +0000
ROA not before: Wed 01 Jan 2025 09:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205631
IP address blocks: 185.95.30.0/24 maxlen: 24
2a05:1500:400::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/KQn__NgaZryYtinUwFeSR2RfD-Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/KQn__NgaZryYtinUwFeSR2RfD-Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 06:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:0c:d4:1e:95:86:0e:f8:07:db:ee:26:12:a2:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Validity
Not Before: Jan 1 09:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=713fa6f24e120edbd61e540aa43eb91ae458cd34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:39:20:8a:49:3c:e0:37:8c:62:e7:bd:5f:16:
ea:b8:43:78:dc:a2:03:f1:52:bf:1a:33:da:f3:38:
37:17:50:7f:a6:fa:10:55:e9:e9:83:be:fd:be:bd:
93:20:66:fb:fb:f3:89:b0:4f:05:32:4a:ac:b5:3a:
a6:21:e7:47:49:7e:37:71:25:e8:12:d4:bf:2d:29:
87:5a:0d:87:d5:90:3f:05:96:30:79:4b:e7:b7:ed:
25:09:62:a5:a5:80:ce:8f:5d:01:93:3e:f1:54:5b:
ce:37:7a:60:cb:a9:5f:d2:a3:6b:b8:4f:a9:81:11:
3b:c7:bd:9e:15:ad:c7:fe:51:29:ab:7e:60:b8:7d:
32:8b:ed:f4:e7:37:b9:4e:e1:d0:dc:24:e7:ff:6b:
28:07:53:96:fa:61:2f:8d:2c:ff:86:0b:78:26:ab:
89:2c:c2:c8:3d:de:47:e9:9a:d6:a1:16:88:10:d3:
78:3d:7c:21:c5:2c:01:48:48:b5:a3:c6:c9:6c:4b:
db:c7:50:67:ef:80:6d:de:bb:90:36:ec:2d:4b:ff:
0b:b0:f9:98:9b:2d:47:52:fc:68:3a:c1:d9:8c:66:
b3:d6:9a:1c:a4:e3:8a:a9:79:6d:23:c6:6b:a7:ed:
a8:cf:78:47:9e:4c:75:e1:41:c1:a1:a4:9f:bc:de:
6d:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:3F:A6:F2:4E:12:0E:DB:D6:1E:54:0A:A4:3E:B9:1A:E4:58:CD:34
X509v3 Authority Key Identifier:
keyid:29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/cT-m8k4SDtvWHlQKpD65GuRYzTQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/KQn__NgaZryYtinUwFeSR2RfD-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.95.30.0/24
IPv6:
2a05:1500:400::/40
Signature Algorithm: sha256WithRSAEncryption
82:d3:d5:51:9e:19:6c:a0:5e:7b:1e:8a:e8:5c:5a:e8:90:b0:
05:5c:24:b0:3c:ff:9c:fd:38:33:0c:ff:b8:fa:9c:61:d2:03:
dd:eb:07:0b:28:e7:fa:0d:24:f2:66:fa:de:e2:43:b7:ea:43:
a1:78:55:c7:3a:5d:88:28:df:3a:89:59:15:57:08:b2:3e:9b:
3a:9d:44:16:af:fb:91:fa:48:af:bf:4d:2c:9b:24:0c:97:58:
a6:5b:c7:a3:f2:cf:63:47:03:5a:71:b5:fb:50:54:54:a7:bf:
ed:d4:05:3f:41:66:47:d6:33:51:17:01:9a:9a:16:d6:4a:6f:
c3:88:80:c9:8d:f6:77:ab:0f:af:ce:ba:77:24:f7:52:a9:e1:
e1:d9:2f:a3:cc:72:f9:96:32:72:09:df:b5:69:07:d3:ae:88:
2f:ea:80:6f:47:85:e3:de:7c:f4:92:de:25:08:c2:a7:ac:af:
bc:3c:0d:d9:0f:65:07:01:19:e1:19:c2:bd:6f:78:2b:fc:bb:
59:17:3b:95:9e:ed:d0:7c:3e:a7:6e:e5:aa:5e:c7:a6:87:7c:
60:14:40:c7:5b:0a:b1:f8:9f:99:5a:84:e0:59:18:dc:41:f3:
9a:d8:30:63:cf:3e:2e:71:3f:51:8a:df:c7:9e:4a:45:d8:06:
57:55:02:9d
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZQhRAzUHpWGDvgH2+4mEqKqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MDlmZmZjZDgxYTY2YmM5OGI2MjlkNGMwNTc5MjQ3NjQ1
ZjBmZTQwHhcNMjUwMTAxMDk0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTNmYTZmMjRlMTIwZWRiZDYxZTU0MGFhNDNlYjkxYWU0NThjZDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjkgikk84DeMYue9XxbquEN43KID
8VK/GjPa8zg3F1B/pvoQVenpg779vr2TIGb7+/OJsE8FMkqstTqmIedHSX43cSXo
EtS/LSmHWg2H1ZA/BZYweUvnt+0lCWKlpYDOj10Bkz7xVFvON3pgy6lf0qNruE+p
gRE7x72eFa3H/lEpq35guH0yi+305ze5TuHQ3CTn/2soB1OW+mEvjSz/hgt4JquJ
LMLIPd5H6ZrWoRaIENN4PXwhxSwBSEi1o8bJbEvbx1Bn74Bt3ruQNuwtS/8LsPmY
my1HUvxoOsHZjGaz1pocpOOKqXltI8Zrp+2oz3hHnkx14UHBoaSfvN5tHQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFHE/pvJOEg7b1h5UCqQ+uRrkWM00MB8GA1UdIwQY
MBaAFCkJ//zYGma8mLYp1MBXkkdkXw/kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2Qt
ZjJhZTdiYzdlY2M1LzEvY1QtbThrNFNEdHZXSGxRS3BENjVHdVJZelRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2QtZjJhZTdiYzdlY2M1
LzEvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAuV8eMA4E
AgACMAgDBgAqBRUABDANBgkqhkiG9w0BAQsFAAOCAQEAgtPVUZ4ZbKBeex6K6Fxa
6JCwBVwksDz/nP04Mwz/uPqcYdID3esHCyjn+g0k8mb63uJDt+pDoXhVxzpdiCjf
OolZFVcIsj6bOp1EFq/7kfpIr79NLJskDJdYplvHo/LPY0cDWnG1+1BUVKe/7dQF
P0FmR9YzURcBmpoW1kpvw4iAyY32d6sPr866dyT3Uqnh4dkvo8xy+ZYycgnftWkH
066IL+qAb0eF49589JLeJQjCp6yvvDwN2Q9lBwEZ4RnCvW94K/y7WRc7lZ7t0Hw+
p27lql7Hpod8YBRAx1sKsfifmVqE4FkY3EHzmtgwY88+LnE/UYrfx55KRdgGV1UC
nQ==
-----END CERTIFICATE-----
Generated at Sun Apr 6 15:10:26 2025 by rpki-client