Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/ECqrLMrFfD90pszf7knR2cpQyh0.roa
File: ECqrLMrFfD90pszf7knR2cpQyh0.roa (raw, json)
Hash identifier: Q3DUlwJygjUeoWaRH5s8fB7GS7FOmUc/yzv3gDOfLYQ=
Subject key identifier: 10:2A:AB:2C:CA:C5:7C:3F:74:A6:CC:DF:EE:49:D1:D9:CA:50:CA:1D
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 01942826799B9CBDB644DF0697E59F85B6E9
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/ECqrLMrFfD90pszf7knR2cpQyh0.roa
Signing time: Thu 02 Jan 2025 17:53:17 +0000
ROA not before: Thu 02 Jan 2025 17:53:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 397086
IP address blocks: 89.249.197.0/24 maxlen: 24
89.249.198.0/24 maxlen: 24
212.42.201.0/24 maxlen: 24
212.42.204.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.mft
rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 11:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:79:9b:9c:bd:b6:44:df:06:97:e5:9f:85:b6:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Jan 2 17:53:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=102aab2ccac57c3f74a6ccdfee49d1d9ca50ca1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:d5:f7:f3:e9:fb:69:7c:22:7c:83:f8:87:ce:
6c:ca:61:a1:8f:80:93:7f:67:73:54:33:98:3e:54:
f6:ad:0b:b1:78:22:8e:45:8d:16:59:3e:b4:2f:13:
ef:25:d1:97:20:bb:70:dc:cf:fd:29:a0:a0:67:72:
a3:5e:da:db:a8:8f:f2:c4:87:8a:5b:51:33:93:88:
9d:93:8e:b5:0d:62:8e:45:2d:ec:26:21:df:e2:17:
2d:39:8f:ff:47:20:6c:bd:89:b1:7e:79:e8:78:03:
aa:82:f9:63:e4:d5:73:84:9b:7b:0a:5e:67:84:eb:
92:bf:a8:1e:f6:2d:0b:22:7c:6b:c9:7a:f1:4c:b4:
49:18:16:44:0f:1b:64:d6:b2:1c:04:25:1c:f5:5e:
ee:9c:a3:89:2b:e6:b8:e9:e6:a4:d9:93:6c:82:2f:
b4:e6:69:e5:53:82:94:9e:19:12:b0:50:bd:74:0f:
d2:dc:c3:ea:b2:5c:0a:3b:b5:5a:6a:8e:3b:41:8f:
24:41:a2:1a:f8:29:0d:3d:ef:c8:87:65:65:a4:79:
95:98:99:84:40:3f:ed:42:50:f6:32:f4:e7:ff:9d:
ef:56:2c:20:54:0e:98:81:9a:4a:e9:fa:24:8b:aa:
24:a3:2a:41:38:2d:43:1c:d6:cb:e1:ef:6c:3a:e4:
05:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:2A:AB:2C:CA:C5:7C:3F:74:A6:CC:DF:EE:49:D1:D9:CA:50:CA:1D
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/ECqrLMrFfD90pszf7knR2cpQyh0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.197.0-89.249.198.255
212.42.201.0/24
212.42.204.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:cb:2e:79:74:f4:85:86:2b:02:3a:66:d2:5c:9a:e1:35:52:
97:15:e4:e8:59:68:c8:49:8e:d4:5f:64:01:e4:dd:63:7a:7f:
d2:36:38:b1:a7:2c:8c:0a:2a:63:84:73:9c:e0:1b:25:3f:de:
1e:3a:17:29:e0:94:bb:6a:dc:bf:60:11:4f:30:9f:0b:ef:73:
24:7d:32:28:c6:fb:cf:45:10:b1:ee:93:ce:82:41:ae:97:13:
83:43:4a:e7:98:e8:33:49:66:30:af:fd:ea:10:60:67:68:12:
e7:2c:8c:0b:09:5c:8a:44:9c:ff:b1:2d:7e:9d:7e:1b:0d:07:
17:a1:d5:68:6c:9f:b1:37:92:86:90:73:ff:5c:f7:13:82:51:
42:9f:2f:1c:03:c4:f3:8a:6d:2f:37:5e:3a:9c:b4:ad:8c:1f:
24:88:95:03:f8:93:bf:6e:ca:18:69:ab:64:f2:8c:79:5b:4e:
10:97:6c:1d:88:e8:97:22:62:d0:81:d6:40:35:3a:0f:74:0e:
64:d1:7b:4e:5a:44:96:5a:51:2f:2a:a6:af:43:d1:3e:19:e4:
dc:a0:a9:67:a1:a2:8d:7d:a1:43:95:fa:4a:08:85:8b:a3:44:
8f:64:45:bb:47:b8:0d:0f:ba:b0:45:e4:14:c2:17:da:72:07:
c6:da:47:9c
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQoJnmbnL22RN8Gl+WfhbbpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjUwMTAyMTc1MzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDJhYWIyY2NhYzU3YzNmNzRhNmNjZGZlZTQ5ZDFkOWNhNTBjYTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA39X38+n7aXwifIP4h85symGhj4CT
f2dzVDOYPlT2rQuxeCKORY0WWT60LxPvJdGXILtw3M/9KaCgZ3KjXtrbqI/yxIeK
W1Ezk4idk461DWKORS3sJiHf4hctOY//RyBsvYmxfnnoeAOqgvlj5NVzhJt7Cl5n
hOuSv6ge9i0LInxryXrxTLRJGBZEDxtk1rIcBCUc9V7unKOJK+a46eak2ZNsgi+0
5mnlU4KUnhkSsFC9dA/S3MPqslwKO7Vaao47QY8kQaIa+CkNPe/Ih2VlpHmVmJmE
QD/tQlD2MvTn/53vViwgVA6YgZpK6foki6okoypBOC1DHNbL4e9sOuQFJQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFBAqqyzKxXw/dKbM3+5J0dnKUModMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvRUNxckxNckZmRDkwcHN6ZjdrblIyY3BReWgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABZ+cUD
BABZ+cYDBADUKskDBADUKswwDQYJKoZIhvcNAQELBQADggEBAD3LLnl09IWGKwI6
ZtJcmuE1UpcV5OhZaMhJjtRfZAHk3WN6f9I2OLGnLIwKKmOEc5zgGyU/3h46Fyng
lLtq3L9gEU8wnwvvcyR9MijG+89FELHuk86CQa6XE4NDSueY6DNJZjCv/eoQYGdo
EucsjAsJXIpEnP+xLX6dfhsNBxeh1Whsn7E3koaQc/9c9xOCUUKfLxwDxPOKbS83
XjqctK2MHySIlQP4k79uyhhpq2TyjHlbThCXbB2I6JciYtCB1kA1Og90DmTRe05a
RJZaUS8qpq9D0T4Z5NygqWehoo19oUOV+koIhYujRI9kRbtHuA0PurBF5BTCF9py
B8baR5w=
-----END CERTIFICATE-----
Generated at Wed Feb 5 19:13:19 2025 by rpki-client