Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/bff48f-0a30-478d-b2db-ad4a1da393a1/1/AyMTRTSNhqKy20C0SEK--C7gNJ4.roa
File: AyMTRTSNhqKy20C0SEK--C7gNJ4.roa (raw, json)
Hash identifier: /rFc3n1MX+dvr9KRftoBZVejlv7vWIrjtjmHQ1QhM24=
Subject key identifier: 03:23:13:45:34:8D:86:A2:B2:DB:40:B4:48:42:BE:F8:2E:E0:34:9E
Certificate issuer: /CN=0c7887582d83d3f087682af8780a324a353ce782
Certificate serial: 0194ADDC0AC510A7E6E76A488538368AD286
Authority key identifier: 0C:78:87:58:2D:83:D3:F0:87:68:2A:F8:78:0A:32:4A:35:3C:E7:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DHiHWC2D0_CHaCr4eAoySjU854I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/bff48f-0a30-478d-b2db-ad4a1da393a1/1/AyMTRTSNhqKy20C0SEK--C7gNJ4.roa
Signing time: Tue 28 Jan 2025 17:01:06 +0000
ROA not before: Tue 28 Jan 2025 17:01:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13251
IP address blocks: 213.179.64.0/24 maxlen: 24
213.179.65.0/24 maxlen: 24
213.179.66.0/24 maxlen: 24
213.179.67.0/24 maxlen: 24
213.179.68.0/24 maxlen: 24
213.179.69.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/bff48f-0a30-478d-b2db-ad4a1da393a1/1/DHiHWC2D0_CHaCr4eAoySjU854I.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/bff48f-0a30-478d-b2db-ad4a1da393a1/1/DHiHWC2D0_CHaCr4eAoySjU854I.mft
rsync://rpki.ripe.net/repository/DEFAULT/DHiHWC2D0_CHaCr4eAoySjU854I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ad:dc:0a:c5:10:a7:e6:e7:6a:48:85:38:36:8a:d2:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c7887582d83d3f087682af8780a324a353ce782
Validity
Not Before: Jan 28 17:01:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=03231345348d86a2b2db40b44842bef82ee0349e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:59:58:1b:06:42:a5:79:45:34:44:13:37:6f:
d2:66:bc:4e:92:98:42:32:e1:34:89:18:e2:10:c3:
0a:a8:f3:fe:64:3b:39:cd:bb:a8:dc:e0:55:c5:cf:
24:03:c0:4f:19:7f:2d:1e:26:84:0d:0e:65:2a:e5:
b6:39:18:32:61:4b:ac:04:ec:d9:93:a2:11:93:ac:
f7:de:43:b9:44:ba:d5:c0:24:d2:91:fc:8c:42:25:
30:a0:47:34:07:d0:bc:ef:f2:3b:21:dd:af:f7:e7:
9d:38:46:a5:8f:e9:ba:f0:71:05:56:0c:c6:14:ad:
aa:8d:40:fc:47:6f:71:39:c4:8e:ce:2a:bb:bb:eb:
12:c4:3f:7a:c2:7e:25:4b:c7:a2:07:35:e3:70:40:
df:f1:a2:40:df:d8:8f:6c:48:da:71:f4:c1:5e:6c:
1f:b2:2c:ae:4f:85:da:f2:43:ea:a0:65:30:17:42:
1f:37:79:1d:3c:ab:89:ac:f1:dc:3d:fb:2c:1a:29:
3d:f1:13:e8:93:7b:10:bb:6e:d0:e0:92:b8:6d:09:
b5:4a:1f:8b:52:bf:c2:21:a5:66:f7:00:0e:c1:b8:
e6:51:f8:50:2e:8b:55:52:e7:e3:7b:f1:3a:83:3a:
66:49:7b:e4:02:ba:68:78:19:a7:07:8d:d7:10:3f:
15:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:23:13:45:34:8D:86:A2:B2:DB:40:B4:48:42:BE:F8:2E:E0:34:9E
X509v3 Authority Key Identifier:
keyid:0C:78:87:58:2D:83:D3:F0:87:68:2A:F8:78:0A:32:4A:35:3C:E7:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DHiHWC2D0_CHaCr4eAoySjU854I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/bff48f-0a30-478d-b2db-ad4a1da393a1/1/AyMTRTSNhqKy20C0SEK--C7gNJ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/bff48f-0a30-478d-b2db-ad4a1da393a1/1/DHiHWC2D0_CHaCr4eAoySjU854I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.179.64.0-213.179.69.255
Signature Algorithm: sha256WithRSAEncryption
9f:b1:67:42:cb:8d:12:f4:be:8c:c8:8b:00:69:3c:ec:c3:bd:
cf:8c:04:6e:56:29:e7:77:82:2c:80:f9:14:37:0e:ce:7c:39:
19:fb:03:14:89:4a:fc:ab:f3:a3:28:a0:0b:8c:ea:5a:b7:3d:
b0:80:9a:5d:2e:35:fc:8f:2d:7a:a8:ab:a3:73:f7:1f:43:cd:
62:15:17:ee:66:b7:81:02:24:4f:26:92:55:cf:be:03:42:77:
69:19:52:62:8f:c7:65:69:27:02:f8:da:4c:9a:aa:d7:d8:8c:
40:3b:f7:40:39:46:7b:6f:33:c1:d8:2d:ee:61:6f:4b:57:ed:
7e:42:f7:c6:56:3f:58:ab:6e:9d:23:f7:c0:a7:d2:e6:28:b0:
38:28:5d:00:da:7b:f4:68:5a:e6:4b:ee:20:b6:a3:9b:d4:a7:
b5:7f:05:fc:dc:4d:f4:ec:39:30:b5:0e:51:4e:68:fb:58:24:
ee:d0:03:89:91:2d:5f:2b:e8:e4:d0:56:7e:2d:fd:e3:bd:13:
cd:05:f4:85:f5:12:8c:8a:5b:b0:5d:2e:38:41:3d:31:2d:62:
f5:79:81:37:51:12:86:ac:2f:e5:d6:45:ac:7c:43:40:06:db:
88:7a:78:17:6d:4a:31:35:73:bd:e3:08:eb:02:e2:10:21:57:
3c:a4:d5:b8
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZSt3ArFEKfm52pIhTg2itKGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNzg4NzU4MmQ4M2QzZjA4NzY4MmFmODc4MGEzMjRhMzUz
Y2U3ODIwHhcNMjUwMTI4MTcwMTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzIzMTM0NTM0OGQ4NmEyYjJkYjQwYjQ0ODQyYmVmODJlZTAzNDllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvllYGwZCpXlFNEQTN2/SZrxOkphC
MuE0iRjiEMMKqPP+ZDs5zbuo3OBVxc8kA8BPGX8tHiaEDQ5lKuW2ORgyYUusBOzZ
k6IRk6z33kO5RLrVwCTSkfyMQiUwoEc0B9C87/I7Id2v9+edOEalj+m68HEFVgzG
FK2qjUD8R29xOcSOziq7u+sSxD96wn4lS8eiBzXjcEDf8aJA39iPbEjacfTBXmwf
siyuT4Xa8kPqoGUwF0IfN3kdPKuJrPHcPfssGik98RPok3sQu27Q4JK4bQm1Sh+L
Ur/CIaVm9wAOwbjmUfhQLotVUufje/E6gzpmSXvkArpoeBmnB43XED8VpQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFAMjE0U0jYaisttAtEhCvvgu4DSeMB8GA1UdIwQY
MBaAFAx4h1gtg9Pwh2gq+HgKMko1POeCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREhpSFdDMkQwX0NIYUNyNGVBb3lTalU4NTRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9iZmY0OGYtMGEzMC00NzhkLWIyZGIt
YWQ0YTFkYTM5M2ExLzEvQXlNVFJUU05ocUt5MjBDMFNFSy0tQzdnTko0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9iZmY0OGYtMGEzMC00NzhkLWIyZGItYWQ0YTFkYTM5M2Ex
LzEvREhpSFdDMkQwX0NIYUNyNGVBb3lTalU4NTRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAbVs0AD
BAHVs0QwDQYJKoZIhvcNAQELBQADggEBAJ+xZ0LLjRL0vozIiwBpPOzDvc+MBG5W
Ked3giyA+RQ3Ds58ORn7AxSJSvyr86MooAuM6lq3PbCAml0uNfyPLXqoq6Nz9x9D
zWIVF+5mt4ECJE8mklXPvgNCd2kZUmKPx2VpJwL42kyaqtfYjEA790A5RntvM8HY
Le5hb0tX7X5C98ZWP1irbp0j98Cn0uYosDgoXQDae/RoWuZL7iC2o5vUp7V/Bfzc
TfTsOTC1DlFOaPtYJO7QA4mRLV8r6OTQVn4t/eO9E80F9IX1EoyKW7BdLjhBPTEt
YvV5gTdREoasL+XWRax8Q0AG24h6eBdtSjE1c73jCOsC4hAhVzyk1bg=
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:53:31 2025 by rpki-client